-
Bug
-
Resolution: Fixed
-
P3
-
8
-
b29
-
generic
-
generic
-
Verified
SYNOPSIS
--------
NullPointerException in java.security.Policy.implies() when the ProtectionDomain has a null code source
OPERATING SYSTEMS
-----------------
ALL
FULL JDK VERSION
----------------
All
Tested with 6u30, 7u2, and 8(b22)
PROBLEM DESCRIPTION from LICENSEE
---------------------------------
For dynamically generated classes, the code source will be null. The internal implementation of the default Policy does not handle this situation, which results in a NullPointerException when invoking Policy.implies(). (Policy.implies() calls Policy.getPermissions(CodeSource), which then calls down into the internal implementation of the default Policy.)
Other related methods DO cleanly handle the case where the code source is null (e.g. Policy.getPermissions(ProtectionDomain)), so it seems sensible to handle it properly in Policy.getPermissions(CodeSource) as well.
In the provided testcase we are setting the code source to be null explicitly, just to illustrate the problem.
REPRODUCTION INSTRUCTIONS
-------------------------
Compile and exceute the testcase provided
Expected output:
Policy Test: PolicyImpliesTest@de6ced
Observed output (from 6u30):
Exception in thread "main" java.lang.NullPointerException
at sun.security.provider.PolicyFile.canonicalizeCodebase(PolicyFile.java:1794)
at sun.security.provider.PolicyFile.access$700(PolicyFile.java:266)
at sun.security.provider.PolicyFile$7.run(PolicyFile.java:1262)
at java.security.AccessController.doPrivileged(Native Method)
at sun.security.provider.PolicyFile.getPermissions(PolicyFile.java:1258)
at sun.security.provider.PolicyFile.getPermissions(PolicyFile.java:1205)
at PolicyImpliesTest.getPermissions(PolicyImpliesTest.java:22)
at java.security.Policy.getPermissions(Policy.java:634)
at java.security.Policy.implies(Policy.java:687)
at PolicyImpliesTest.main(PolicyImpliesTest.java:16)
TESTCASE
--------
import java.security.*;
public class PolicyImpliesTest extends Policy {
private Policy policy;
public PolicyImpliesTest(Policy defaultPolicy) {
this.policy = defaultPolicy;
}
public static void main(String[] args) throws Exception {
PolicyImpliesTest pt = new PolicyImpliesTest(Policy.getPolicy());
// Create ProtectionDomain with a null code source (for illustration purposes)
ProtectionDomain pd = new ProtectionDomain(null, new Permissions());
pt.implies(pd, new TestPermission("test"));
System.out.println("Policy Test: " + pt );
}
public PermissionCollection getPermissions(CodeSource codesource) {
return policy.getPermissions(codesource);
}
private static class TestPermission extends Permission {
public TestPermission(String name) {
super(name);
}
public boolean implies(Permission permission) {
return false;
}
public int hashCode() {
return 0;
}
public String getActions() {
return null;
}
public boolean equals(Object obj) {
return false;
}
}
}
SUGGESTED FIX from LICENSEE
---------------------------
Handle the null code source properly in the implementation of Policy.getPermissions(). For example, we can fix the problem for the default Policy in sun.security.provider.getPermissions() with this change, relative to the 6u30 source:
--- PolicyFile-before.java 2011-11-10 00:09:24.000000000 +0000
+++ PolicyFile-after.java 2012-02-07 12:59:26.569000000 +0000
@@ -1255,6 +1255,9 @@
private PermissionCollection getPermissions(Permissions perms,
final CodeSource cs) {
+ if (cs == null)
+ return perms;
+
CodeSource canonCodeSource = (CodeSource)
AccessController.doPrivileged
(new java.security.PrivilegedAction(){
--------
NullPointerException in java.security.Policy.implies() when the ProtectionDomain has a null code source
OPERATING SYSTEMS
-----------------
ALL
FULL JDK VERSION
----------------
All
Tested with 6u30, 7u2, and 8(b22)
PROBLEM DESCRIPTION from LICENSEE
---------------------------------
For dynamically generated classes, the code source will be null. The internal implementation of the default Policy does not handle this situation, which results in a NullPointerException when invoking Policy.implies(). (Policy.implies() calls Policy.getPermissions(CodeSource), which then calls down into the internal implementation of the default Policy.)
Other related methods DO cleanly handle the case where the code source is null (e.g. Policy.getPermissions(ProtectionDomain)), so it seems sensible to handle it properly in Policy.getPermissions(CodeSource) as well.
In the provided testcase we are setting the code source to be null explicitly, just to illustrate the problem.
REPRODUCTION INSTRUCTIONS
-------------------------
Compile and exceute the testcase provided
Expected output:
Policy Test: PolicyImpliesTest@de6ced
Observed output (from 6u30):
Exception in thread "main" java.lang.NullPointerException
at sun.security.provider.PolicyFile.canonicalizeCodebase(PolicyFile.java:1794)
at sun.security.provider.PolicyFile.access$700(PolicyFile.java:266)
at sun.security.provider.PolicyFile$7.run(PolicyFile.java:1262)
at java.security.AccessController.doPrivileged(Native Method)
at sun.security.provider.PolicyFile.getPermissions(PolicyFile.java:1258)
at sun.security.provider.PolicyFile.getPermissions(PolicyFile.java:1205)
at PolicyImpliesTest.getPermissions(PolicyImpliesTest.java:22)
at java.security.Policy.getPermissions(Policy.java:634)
at java.security.Policy.implies(Policy.java:687)
at PolicyImpliesTest.main(PolicyImpliesTest.java:16)
TESTCASE
--------
import java.security.*;
public class PolicyImpliesTest extends Policy {
private Policy policy;
public PolicyImpliesTest(Policy defaultPolicy) {
this.policy = defaultPolicy;
}
public static void main(String[] args) throws Exception {
PolicyImpliesTest pt = new PolicyImpliesTest(Policy.getPolicy());
// Create ProtectionDomain with a null code source (for illustration purposes)
ProtectionDomain pd = new ProtectionDomain(null, new Permissions());
pt.implies(pd, new TestPermission("test"));
System.out.println("Policy Test: " + pt );
}
public PermissionCollection getPermissions(CodeSource codesource) {
return policy.getPermissions(codesource);
}
private static class TestPermission extends Permission {
public TestPermission(String name) {
super(name);
}
public boolean implies(Permission permission) {
return false;
}
public int hashCode() {
return 0;
}
public String getActions() {
return null;
}
public boolean equals(Object obj) {
return false;
}
}
}
SUGGESTED FIX from LICENSEE
---------------------------
Handle the null code source properly in the implementation of Policy.getPermissions(). For example, we can fix the problem for the default Policy in sun.security.provider.getPermissions() with this change, relative to the 6u30 source:
--- PolicyFile-before.java 2011-11-10 00:09:24.000000000 +0000
+++ PolicyFile-after.java 2012-02-07 12:59:26.569000000 +0000
@@ -1255,6 +1255,9 @@
private PermissionCollection getPermissions(Permissions perms,
final CodeSource cs) {
+ if (cs == null)
+ return perms;
+
CodeSource canonCodeSource = (CodeSource)
AccessController.doPrivileged
(new java.security.PrivilegedAction(){