changeset 56061:3bc26ffdf001

8229957: Harden pid verification in attach mechanism Reviewed-by: sspitsyn, ysuenaga, sgehwolf
author lmesnik
date Thu, 22 Aug 2019 10:40:34 -0700
parents abf6ee4c477c
children db6829c1cc3a
files src/jdk.attach/aix/classes/sun/tools/attach/VirtualMachineImpl.java src/jdk.attach/linux/classes/sun/tools/attach/VirtualMachineImpl.java src/jdk.attach/macosx/classes/sun/tools/attach/VirtualMachineImpl.java src/jdk.attach/solaris/classes/sun/tools/attach/VirtualMachineImpl.java test/hotspot/jtreg/serviceability/attach/AttachNegativePidTest.java
diffstat 5 files changed, 70 insertions(+), 4 deletions(-) [+]
line wrap: on
line diff
--- a/src/jdk.attach/aix/classes/sun/tools/attach/VirtualMachineImpl.java	Thu Aug 22 10:43:25 2019 -0400
+++ b/src/jdk.attach/aix/classes/sun/tools/attach/VirtualMachineImpl.java	Thu Aug 22 10:40:34 2019 -0700
@@ -58,8 +58,11 @@
         int pid;
         try {
             pid = Integer.parseInt(vmid);
+            if (pid < 1) {
+                throw new NumberFormatException();
+            }
         } catch (NumberFormatException x) {
-            throw new AttachNotSupportedException("Invalid process identifier");
+            throw new AttachNotSupportedException("Invalid process identifier: " + vmid);
         }
 
         // Find the socket file. If not found then we attempt to start the
--- a/src/jdk.attach/linux/classes/sun/tools/attach/VirtualMachineImpl.java	Thu Aug 22 10:43:25 2019 -0400
+++ b/src/jdk.attach/linux/classes/sun/tools/attach/VirtualMachineImpl.java	Thu Aug 22 10:40:34 2019 -0700
@@ -60,8 +60,11 @@
         int pid;
         try {
             pid = Integer.parseInt(vmid);
+            if (pid < 1) {
+                throw new NumberFormatException();
+            }
         } catch (NumberFormatException x) {
-            throw new AttachNotSupportedException("Invalid process identifier");
+            throw new AttachNotSupportedException("Invalid process identifier: " + vmid);
         }
 
         // Try to resolve to the "inner most" pid namespace
--- a/src/jdk.attach/macosx/classes/sun/tools/attach/VirtualMachineImpl.java	Thu Aug 22 10:43:25 2019 -0400
+++ b/src/jdk.attach/macosx/classes/sun/tools/attach/VirtualMachineImpl.java	Thu Aug 22 10:40:34 2019 -0700
@@ -59,8 +59,11 @@
         int pid;
         try {
             pid = Integer.parseInt(vmid);
+            if (pid < 1) {
+                throw new NumberFormatException();
+            }
         } catch (NumberFormatException x) {
-            throw new AttachNotSupportedException("Invalid process identifier");
+            throw new AttachNotSupportedException("Invalid process identifier: " + vmid);
         }
 
         // Find the socket file. If not found then we attempt to start the
--- a/src/jdk.attach/solaris/classes/sun/tools/attach/VirtualMachineImpl.java	Thu Aug 22 10:43:25 2019 -0400
+++ b/src/jdk.attach/solaris/classes/sun/tools/attach/VirtualMachineImpl.java	Thu Aug 22 10:40:34 2019 -0700
@@ -60,8 +60,11 @@
         int pid;
         try {
             pid = Integer.parseInt(vmid);
+            if (pid < 1) {
+                throw new NumberFormatException();
+            }
         } catch (NumberFormatException x) {
-            throw new AttachNotSupportedException("Invalid process identifier");
+            throw new AttachNotSupportedException("Invalid process identifier: " + vmid);
         }
 
         // Opens the door file to the target VM. If the file is not
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/hotspot/jtreg/serviceability/attach/AttachNegativePidTest.java	Thu Aug 22 10:40:34 2019 -0700
@@ -0,0 +1,54 @@
+/*
+ * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test Verifies that negative pids are correctly rejected
+ * @bug 8229957
+ * @requires os.family != "windows"
+ * @library /test/lib
+ * @modules jdk.attach/com.sun.tools.attach
+ * @run main AttachNegativePidTest
+ */
+
+import java.io.IOException;
+
+import com.sun.tools.attach.VirtualMachine;
+import com.sun.tools.attach.AttachNotSupportedException;
+
+import jdk.test.lib.apps.LingeredApp;
+
+public class AttachNegativePidTest {
+
+    public static void main(String... args) throws Exception {
+        LingeredApp app = LingeredApp.startApp();
+        String strPID = Long.toString(-1 * app.getPid());
+        try {
+            VirtualMachine.attach(strPID);
+        } catch (AttachNotSupportedException anse) {
+            // Passed
+            return;
+        }
+        throw new RuntimeException("There is no expected AttachNotSupportedException for " + strPID);
+    }
+
+}