-
Bug
-
Resolution: Fixed
-
P2
-
9
-
b69
-
b71
-
Verified
Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
---|---|---|---|---|---|---|
JDK-8135950 | emb-9 | Artem Smotrakov | P2 | Resolved | Fixed | team |
A string which contains a number of principals can be passed to constructor of DelegationPermission. The class parses this string, and extracts principals. But hashCode() method in DelegationPermission uses Permission.getName() to calculate a hash:
http://hg.openjdk.java.net/jdk9/jdk9/jdk/file/467094c6081b/src/java.security.jgss/share/classes/javax/security/auth/kerberos/DelegationPermission.java#l182
...
public int hashCode() {
return getName().hashCode();
}
...
Permission.getName() method returns the original string which was passed to constructor. As a result, semantically equal instances of DelegationPermission may return different hash codes. A test in the webrev below reproduces the problem.
WhenJDK-8065942 was integrated, a problem may occur during permission check. If code has an appropriate DelegationPermission in policy file, AccessController may not take it into account because KrbDelegationPermissionCollection.implies() now uses ConcurrentHashMap.containsKey():
http://hg.openjdk.java.net/jdk9/jdk9/jdk/rev/467094c6081b
...
+ @Override
public boolean implies(Permission permission) {
if (! (permission instanceof DelegationPermission))
- return false;
+ return false;
- synchronized (this) {
- for (Permission x : perms) {
- if (x.implies(permission))
- return true;
- }
- }
- return false;
-
+ // if map contains key, then it automatically implies it
+ return perms.containsKey(permission);
}
...
As a result, ACE may be thrown even if code has a correct permission in policy file.
The following patch seems to fix the issue:
http://cr.openjdk.java.net/~asmotrak/delegation_permission/webrev.00/
http://hg.openjdk.java.net/jdk9/jdk9/jdk/file/467094c6081b/src/java.security.jgss/share/classes/javax/security/auth/kerberos/DelegationPermission.java#l182
...
public int hashCode() {
return getName().hashCode();
}
...
Permission.getName() method returns the original string which was passed to constructor. As a result, semantically equal instances of DelegationPermission may return different hash codes. A test in the webrev below reproduces the problem.
When
http://hg.openjdk.java.net/jdk9/jdk9/jdk/rev/467094c6081b
...
+ @Override
public boolean implies(Permission permission) {
if (! (permission instanceof DelegationPermission))
- return false;
+ return false;
- synchronized (this) {
- for (Permission x : perms) {
- if (x.implies(permission))
- return true;
- }
- }
- return false;
-
+ // if map contains key, then it automatically implies it
+ return perms.containsKey(permission);
}
...
As a result, ACE may be thrown even if code has a correct permission in policy file.
The following patch seems to fix the issue:
http://cr.openjdk.java.net/~asmotrak/delegation_permission/webrev.00/
- backported by
-
JDK-8135950 Equal DelegationPermission instances may return different hash codes
-
- Resolved
-
- relates to
-
JDK-8065942 Store PermissionCollection entries in a ConcurrentHashMap instead of a HashMap in Permissions class
-
- Resolved
-