Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8231387

java.security.Provider.getService returns random result due to race condition with mutating methods in the same class

XMLWordPrintable

    • b16
    • generic
    • generic
    • Verified

        Filed on behalf of Tianmin Shi (tianshi@amazon.com).

        java.security.Provider.getService reads legacyMap at line 1260

        http://hg.openjdk.java.net/jdk/jdk/file/08a5148e7c4e/src/java.base/share/classes/java/security/Provider.java#l1276

        The read is not synchronized with the clear and repopulate of the same map's entries in java.security.Provider.ensureLegacyParsed. The result is a race condition when more than two threads execute both methods simultaneously. I've attached a reproducer.

        The fix is a simpler one liner.

        --- old/src/java.base/share/classes/java/security/Provider.java 2019-09-16 15:28:26.000000000 -0700
        +++ new/src/java.base/share/classes/java/security/Provider.java 2019-09-16 15:28:25.000000000 -0700
        @@ -1255,9 +1255,9 @@
                 }
                 synchronized (this) {
                     ensureLegacyParsed();
        - }
        - if (legacyMap != null && !legacyMap.isEmpty()) {
        - return legacyMap.get(key);
        + if (legacyMap != null && !legacyMap.isEmpty()) {
        + return legacyMap.get(key);
        + }
                 }
                 return null;
             }


         

              phh Paul Hohensee
              phh Paul Hohensee
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: