Loading...

XML

Word

Printable

Type: CSR
Resolution: Approved
Priority: P3
Fix Version/s: 15
Component/s: security-libs
Labels:
None

Subcomponent:
javax.security
Compatibility Kind:

behavioral
Compatibility Risk:
minimal
Compatibility Risk Description:
No good program should rely on the abuse of these methods.
Interface Kind:

Java API
Scope:
SE

Summary

Add defensive clone calls to some methods in ConfirmationCallback and ChoiceCallback.

Problem

In these classes, arrays are not cloned when passed into a constructor or returned. This allows an external program to get access to internal fields of these classes.

Solution

See spec.

Specification

src/java.base/share/classes/javax/security/auth/callback/ChoiceCallback.java:

     /**
      * Set the selected choices.
      *
      * @param selections the selections represented as indexes into the
-     *          {@code choices} list.
+     *          {@code choices} list. The array is cloned to protect
+     *          against subsequent modification.
      */
     public void setSelectedIndexes(int[] selections);

     /**
      * Get the selected choices.
      *
-     * @return the selected choices, represented as indexes into the
+     * @return a copy of the selected choices, represented as indexes into the
      *          {@code choices} list.
      */
     public int[] getSelectedIndexes();

     /**
      * Construct a {@code ChoiceCallback} with a prompt,
      * a list of choices, a default choice, and a boolean specifying
      * whether or not multiple selections from the list of choices are allowed.
      *
-     * @param choices the list of choices.
+     * @param choices the list of choices. The array is cloned to protect
+     *                  against subsequent modification.
      */
     public ChoiceCallback(String prompt, String[] choices,
                 int defaultChoice, boolean multipleSelectionsAllowed);

     /**
      * Get the list of choices.
      *
-     * @return the list of choices.
+     * @return a copy of the list of choices.
      */
     public String[] getChoices();

src/java.base/share/classes/javax/security/auth/callback/ConfirmationCallback.java

     /**
      * Construct a {@code ConfirmationCallback} with a
      * message type, a list of options and a default option.
      *
-     * @param options the list of confirmation options.
+     * @param options the list of confirmation options. The array is cloned
+     *                  to protect against subsequent modification.
      */
     public ConfirmationCallback(int messageType,
                 String[] options, int defaultOption);

     /**
      * Construct a {@code ConfirmationCallback} with a prompt,
      * message type, a list of options and a default option.
      *
-     * @param options the list of confirmation options.
+     * @param options the list of confirmation options. The array is cloned
+     *                  to protect against subsequent modification.
      */
     public ConfirmationCallback(String prompt, int messageType,
                 String[] options, int defaultOption);

     /**
      * Get the confirmation options.
      *
-     * @return the list of confirmation options, or null if this
+     * @return a copy of the list of confirmation options, or null if this
      *          {@code ConfirmationCallback} was instantiated with
      *          an {@code optionType} instead of {@code options}.
      */
     public String[] getOptions();

csr of

JDK-8242330 Arrays should be cloned in several JAAS Callback classes

Closed

Assignee:: Weijun Wang

Reporter:: Weijun Wang

Reviewed By:: Sean Mullan

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2020-04-10 04:58

Updated:: 2023-09-29 08:54

Resolved:: 2020-04-11 17:10

Details

Description

Summary

Problem

Solution

Specification

Attachments

Issue Links

Activity

People

Dates