summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSven Gothel <[email protected]>2013-06-20 20:09:43 +0200
committerSven Gothel <[email protected]>2013-06-20 20:09:43 +0200
commit12b3084ecc9da5b768fb7c9a9180d54b3d24ee43 (patch)
tree5d44696c07f6a14d72024b44bb214bbe2b18e939
parent55b5449ce106164e7f47b827cbe03a7831de9942 (diff)
Security: Tighten DynamicLinker*, NativeLibrary and DynamicLibraryBundle access.
-rwxr-xr-xmake/joal-alc.cfg2
-rwxr-xr-xmake/joal-alcabstract-CustomJavaCode.java14
-rw-r--r--make/joal-alext.cfg2
-rw-r--r--make/joal-alextabstract-CustomJavaCode.java14
-rw-r--r--make/joal-common-CustomJavaCode.java24
-rw-r--r--src/java/jogamp/openal/ALDynamicLibraryBundleInfo.java19
6 files changed, 45 insertions, 30 deletions
diff --git a/make/joal-alc.cfg b/make/joal-alc.cfg
index bd5a1d1..efba5a6 100755
--- a/make/joal-alc.cfg
+++ b/make/joal-alc.cfg
@@ -26,6 +26,8 @@ Import java.io.UnsupportedEncodingException
Import java.util.*
Import com.jogamp.openal.*
Import jogamp.openal.*
+Import java.security.AccessController
+Import java.security.PrivilegedAction
# Factor out the OpenAL constants into their own interface
Ignore ^AL_.+
diff --git a/make/joal-alcabstract-CustomJavaCode.java b/make/joal-alcabstract-CustomJavaCode.java
index 3420cc2..debadad 100755
--- a/make/joal-alcabstract-CustomJavaCode.java
+++ b/make/joal-alcabstract-CustomJavaCode.java
@@ -1,11 +1,15 @@
private static final ALCProcAddressTable alcProcAddressTable;
static {
- alcProcAddressTable = new ALCProcAddressTable();
- if(null==alcProcAddressTable) {
- throw new RuntimeException("Couldn't instantiate ALCProcAddressTable");
- }
- alcProcAddressTable.reset(ALImpl.alDynamicLookupHelper);
+ alcProcAddressTable = AccessController.doPrivileged(new PrivilegedAction<ALCProcAddressTable>() {
+ public ALCProcAddressTable run() {
+ final ALCProcAddressTable alcProcAddressTable = new ALCProcAddressTable();
+ if(null==alcProcAddressTable) {
+ throw new RuntimeException("Couldn't instantiate ALCProcAddressTable");
+ }
+ alcProcAddressTable.reset(ALImpl.alDynamicLookupHelper);
+ return alcProcAddressTable;
+ } } );
}
public static ALCProcAddressTable getALCProcAddressTable() { return alcProcAddressTable; }
diff --git a/make/joal-alext.cfg b/make/joal-alext.cfg
index d57b9a3..da63612 100644
--- a/make/joal-alext.cfg
+++ b/make/joal-alext.cfg
@@ -31,6 +31,8 @@ Import java.io.UnsupportedEncodingException
Import java.util.*
Import com.jogamp.openal.*
Import jogamp.openal.*
+Import java.security.AccessController
+Import java.security.PrivilegedAction
# Factor out the OpenAL constants into their own interface
Ignore ^AL_.+
diff --git a/make/joal-alextabstract-CustomJavaCode.java b/make/joal-alextabstract-CustomJavaCode.java
index e73dc60..e467fc7 100644
--- a/make/joal-alextabstract-CustomJavaCode.java
+++ b/make/joal-alextabstract-CustomJavaCode.java
@@ -1,11 +1,15 @@
private static final ALExtProcAddressTable alExtProcAddressTable;
static {
- alExtProcAddressTable = new ALExtProcAddressTable();
- if(null==alExtProcAddressTable) {
- throw new RuntimeException("Couldn't instantiate ALExtProcAddressTable");
- }
- alExtProcAddressTable.reset(ALImpl.alDynamicLookupHelper);
+ alExtProcAddressTable = AccessController.doPrivileged(new PrivilegedAction<ALExtProcAddressTable>() {
+ public ALExtProcAddressTable run() {
+ final ALExtProcAddressTable alExtProcAddressTable = new ALExtProcAddressTable();
+ if(null==alExtProcAddressTable) {
+ throw new RuntimeException("Couldn't instantiate ALExtProcAddressTable");
+ }
+ alExtProcAddressTable.reset(ALImpl.alDynamicLookupHelper);
+ return alExtProcAddressTable;
+ } } );
}
public static ALExtProcAddressTable getALExtProcAddressTable() { return alExtProcAddressTable; }
diff --git a/make/joal-common-CustomJavaCode.java b/make/joal-common-CustomJavaCode.java
index 436f462..5df6cfd 100644
--- a/make/joal-common-CustomJavaCode.java
+++ b/make/joal-common-CustomJavaCode.java
@@ -9,19 +9,19 @@ static {
alDynamicLookupHelper = AccessController.doPrivileged(new PrivilegedAction<DynamicLibraryBundle>() {
public DynamicLibraryBundle run() {
- return new DynamicLibraryBundle(new ALDynamicLibraryBundleInfo());
+ final DynamicLibraryBundle bundle = new DynamicLibraryBundle(new ALDynamicLibraryBundleInfo());
+ if(null==bundle) {
+ throw new RuntimeException("Null ALDynamicLookupHelper");
+ }
+ if(!bundle.isToolLibLoaded()) {
+ throw new RuntimeException("Couln't load native AL library");
+ }
+ if(!bundle.isLibComplete()) {
+ throw new RuntimeException("Couln't load native AL/JNI glue library");
+ }
+ alProcAddressTable.reset(bundle);
+ return bundle;
} } );
-
- if(null==alDynamicLookupHelper) {
- throw new RuntimeException("Null ALDynamicLookupHelper");
- }
- if(!alDynamicLookupHelper.isToolLibLoaded()) {
- throw new RuntimeException("Couln't load native AL library");
- }
- if(!alDynamicLookupHelper.isLibComplete()) {
- throw new RuntimeException("Couln't load native AL/JNI glue library");
- }
- alProcAddressTable.reset(alDynamicLookupHelper);
}
public static ALProcAddressTable getALProcAddressTable() { return alProcAddressTable; }
diff --git a/src/java/jogamp/openal/ALDynamicLibraryBundleInfo.java b/src/java/jogamp/openal/ALDynamicLibraryBundleInfo.java
index 59765fe..69c6a28 100644
--- a/src/java/jogamp/openal/ALDynamicLibraryBundleInfo.java
+++ b/src/java/jogamp/openal/ALDynamicLibraryBundleInfo.java
@@ -40,8 +40,8 @@ import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.*;
-public class ALDynamicLibraryBundleInfo implements DynamicLibraryBundleInfo {
- private static List<String> glueLibNames;
+public final class ALDynamicLibraryBundleInfo implements DynamicLibraryBundleInfo {
+ private static final List<String> glueLibNames;
static {
AccessController.doPrivileged(new PrivilegedAction<Object>() {
public Object run() {
@@ -62,13 +62,16 @@ public class ALDynamicLibraryBundleInfo implements DynamicLibraryBundleInfo {
protected ALDynamicLibraryBundleInfo() {
}
- /** FIXME: not default, maybe local ? **/
+ /**
+ * Returns <code>true</code>,
+ * since we might load the library and allow symbol access to subsequent libs.
+ */
@Override
- public boolean shallLinkGlobal() { return true; }
+ public final boolean shallLinkGlobal() { return true; }
/** default **/
@Override
- public boolean shallLookupGlobal() { return false; }
+ public final boolean shallLookupGlobal() { return false; }
@Override
public final List<String> getGlueLibNames() {
@@ -76,7 +79,7 @@ public class ALDynamicLibraryBundleInfo implements DynamicLibraryBundleInfo {
}
@Override
- public List<List<String>> getToolLibNames() {
+ public final List<List<String>> getToolLibNames() {
List<List<String>> libNamesList = new ArrayList<List<String>>();
final List<String> alSystemLibNames = new ArrayList<String>();
@@ -138,12 +141,12 @@ public class ALDynamicLibraryBundleInfo implements DynamicLibraryBundleInfo {
}
@Override
- public boolean useToolGetProcAdressFirst(String funcName) {
+ public final boolean useToolGetProcAdressFirst(String funcName) {
return true;
}
@Override
- public RunnableExecutor getLibLoaderExecutor() {
+ public final RunnableExecutor getLibLoaderExecutor() {
return DynamicLibraryBundle.getDefaultRunnableExecutor();
}
}