changeset 243:0820986e0688

8133860: UART must check SE before DNFE Summary: Check security prior to device name look up Reviewed-by: snazarki Contributed-by: alexey.savin@oracle.com
author snazarki
date Tue, 18 Aug 2015 17:55:46 +0300
parents 5b82c52de3c7
children a2d5f52d6175
files src/share/classes/com/oracle/dio/uart/impl/UARTImpl.java
diffstat 1 files changed, 5 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/classes/com/oracle/dio/uart/impl/UARTImpl.java	Mon Aug 17 16:00:50 2015 +0300
+++ b/src/share/classes/com/oracle/dio/uart/impl/UARTImpl.java	Tue Aug 18 17:55:46 2015 +0300
@@ -87,6 +87,10 @@
         byte[] devName; // UTF-8 device name
         //deviceName = uart device prefix + device number
         String deviceName = getSecurityName();
+        // in case of such device absence we try to check permission for all devices
+        // because non-existing device belongs to all devices set
+        UARTPermission permission = new UARTPermission(null != deviceName ? deviceName : "*");
+        AccessController.checkPermission(permission);
 
         if (deviceName == null){
             throw new DeviceNotFoundException(
@@ -94,9 +98,6 @@
             );
         }
 
-        UARTPermission permission = new UARTPermission(deviceName);
-        AccessController.checkPermission(permission);
-
         if( mode != DeviceManager.EXCLUSIVE){
             throw new UnsupportedAccessModeException();
         }
@@ -184,6 +185,7 @@
             if (devNum == DeviceConfig.DEFAULT) {
                 devNum = 0;
             }
+
             // first port in list is DEFAULT port
             try {
                 String ports = Configuration.getProperty("microedition.commports");