From eb842815498f5926828b49c48fffce22fc9586a2 Mon Sep 17 00:00:00 2001 From: Sven Gothel Date: Fri, 21 Jun 2013 03:45:07 +0200 Subject: Security: Tighten DynamicLinker*, NativeLibrary and DynamicLibraryBundle access (2) - Completes 23341a2df2d2ea36784a16fa1db8bc7385351a12 - Replace 'DynamicLinker' interface w/ well documented one - All DynamicLinker methods are now considered secure, i.e.: - open/lookup and close utilize reference counting on handle via a hash map. - lookupSymbol(..) and close(..) impl. validate the passed library handle whether it's retrieved via open*. This is the fast path, not that expensive. - lookupSymbolGlobal(..) performs Check acccess of 'new RuntimePermission("loadLibrary.*")' if SecurityManager is installed. This is the slow path. - DynamicLibraryBundleInfo now reflects the security requirements, i.e. whether priviledged access is needed. --- .../jogamp/common/os/WindowsDynamicLinkerImpl.java | 37 +++++++++++++--------- 1 file changed, 22 insertions(+), 15 deletions(-) (limited to 'src/java/jogamp/common/os/WindowsDynamicLinkerImpl.java') diff --git a/src/java/jogamp/common/os/WindowsDynamicLinkerImpl.java b/src/java/jogamp/common/os/WindowsDynamicLinkerImpl.java index b95f204..adb2492 100644 --- a/src/java/jogamp/common/os/WindowsDynamicLinkerImpl.java +++ b/src/java/jogamp/common/os/WindowsDynamicLinkerImpl.java @@ -27,10 +27,9 @@ */ package jogamp.common.os; -import com.jogamp.common.os.DynamicLinker; import com.jogamp.common.util.SecurityUtil; -public final class WindowsDynamicLinkerImpl implements DynamicLinker { +public final class WindowsDynamicLinkerImpl extends DynamicLinkerImpl { /** Interface to C language function:
BOOL FreeLibrary(HANDLE hLibModule); */ private static native int FreeLibrary(long hLibModule); @@ -44,7 +43,6 @@ public final class WindowsDynamicLinkerImpl implements DynamicLinker { /** Interface to C language function:
HANDLE LoadLibraryW(LPCWSTR lpLibFileName); */ private static native long LoadLibraryW(java.lang.String lpLibFileName); - @Override public final long openLibraryLocal(String libraryName, boolean debug) throws SecurityException { // How does that work under Windows ? @@ -55,8 +53,10 @@ public final class WindowsDynamicLinkerImpl implements DynamicLinker { @Override public final long openLibraryGlobal(String libraryName, boolean debug) throws SecurityException { SecurityUtil.checkLinkPermission(libraryName); - long handle = LoadLibraryW(libraryName); - if(0==handle && debug) { + final long handle = LoadLibraryW(libraryName); + if( 0 != handle ) { + incrLibRefCount(handle, libraryName); + } else if ( DEBUG || debug ) { int err = GetLastError(); System.err.println("LoadLibraryW \""+libraryName+"\" failed, error code: 0x"+Integer.toHexString(err)+", "+err); } @@ -64,7 +64,20 @@ public final class WindowsDynamicLinkerImpl implements DynamicLinker { } @Override - public final long lookupSymbol(long libraryHandle, String symbolName) { + public final long lookupSymbolGlobal(String symbolName) throws SecurityException { + SecurityUtil.checkAllLinkPermission(); + if(DEBUG_LOOKUP) { + System.err.println("lookupSymbolGlobal: Not supported on Windows"); + } + // allow DynamicLibraryBundle to continue w/ local libs + return 0; + } + + @Override + public final long lookupSymbol(long libraryHandle, String symbolName) throws IllegalArgumentException { + if( null == getLibRef( libraryHandle ) ) { + throw new IllegalArgumentException("Library handle 0x"+Long.toHexString(libraryHandle)+" unknown."); + } String _symbolName = symbolName; long addr = GetProcAddressA(libraryHandle, _symbolName); if(0==addr) { @@ -84,16 +97,10 @@ public final class WindowsDynamicLinkerImpl implements DynamicLinker { } @Override - public final long lookupSymbolGlobal(String symbolName) { - if(DEBUG_LOOKUP) { - System.err.println("lookupSymbolGlobal: Not supported on Windows"); + public final void closeLibrary(long libraryHandle) throws IllegalArgumentException { + if( null == decrLibRefCount( libraryHandle ) ) { + throw new IllegalArgumentException("Library handle 0x"+Long.toHexString(libraryHandle)+" unknown."); } - // allow DynamicLibraryBundle to continue w/ local libs - return 0; - } - - @Override - public final void closeLibrary(long libraryHandle) { FreeLibrary(libraryHandle); } -- cgit v1.2.3