Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8016046

(process) Strict validation of input should be security manager case only [win]

    XMLWordPrintable

Details

    • b96
    • Verified

    Backports

      Description


        The changes in JDK-8005942 (with follow up changes JDK-8009463 and JDK-8012453) involve parsing the command-line input to determine the command and arguments parts. The parsing includes checking for quoting and other special cases such as CMD and BAT files.

        These changes are causing huge pain to developers and customers that have been using Runtime.exec and ProcessBuilder in insecure and sloppy ways. In summary we cannot change the JDK to impose rules around quoting and special cases after 15 years without causing major breakage and compatibility issues for customers and developers.

        This bug is submitted to re-visit this topic with a view to only imposing the strict parsing and checking when there is a security manager set. When not running with a security manager then the JDK should just pass the command to Windows as it always did. Clearly there is still potential for breakage when running with a security manager but any usages of Runtime.exec and ProcessBuilder in this context need to be done in a secure manner.

        One downside of reverting to long standing behavior that developers will continue to use Runtime.exec in sloppy ways. One possible aid would be to introduce a property that allows developers to strict parsing. If the diagnostic output is good then it would help developers to create the command strings correctly.

        Attachments

          Issue Links

            backported by

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8019737 (process) Strict validation of input should be security manager case only [win]

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8023504 (process) Strict validation of input should be security manager case only [win]

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8023962 (process) Strict validation of input should be security manager case only [win]

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8016049 (process) Strict validation of input should be security manager case only [win]

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8019457 (process) Strict validation of input should be security manager case only [win]

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8022877 (process) Strict validation of input should be security manager case only [win]

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8022878 (process) Strict validation of input should be security manager case only [win]

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8024187 (process) Strict validation of input should be security manager case only [win]

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed
            duplicates

            Bug - A problem which impairs or prevents the functions of the product. JDK-8017467 Misspelling in property name jdk.lang.Process.allowAmbigousCommands

            • P3 - Major loss of function.
            • Resolved
            relates to

            Bug - A problem which impairs or prevents the functions of the product. JDK-7051946 Runtime.exec(String command) / ProcessBuilder command parsing issues

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved

            Activity

              People

                uta Alexey Utkin (Inactive)
                alanb Alan Bateman
                Votes:
                0 Vote for this issue
                Watchers:
                10 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: