changeset 12406:6190d1db8b92

8074812: More specific error message when the .java_pid well-known file is not secure Reviewed-by: jbachorik, martin
author dbuck
date Fri, 25 Aug 2017 11:52:49 -0400
parents e96c4a40fdf9
children 59f199bb566b
files src/aix/native/sun/tools/attach/AixVirtualMachine.c src/solaris/native/sun/tools/attach/BsdVirtualMachine.c src/solaris/native/sun/tools/attach/LinuxVirtualMachine.c src/solaris/native/sun/tools/attach/SolarisVirtualMachine.c
diffstat 4 files changed, 100 insertions(+), 36 deletions(-) [+]
line wrap: on
line diff
--- a/src/aix/native/sun/tools/attach/AixVirtualMachine.c	Wed Aug 23 14:14:49 2017 -0400
+++ b/src/aix/native/sun/tools/attach/AixVirtualMachine.c	Fri Aug 25 11:52:49 2017 -0400
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2008, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2008, 2017, Oracle and/or its affiliates. All rights reserved.
  * Copyright 2015 SAP AG. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
@@ -26,6 +26,7 @@
 
 #include "jni.h"
 #include "jni_util.h"
+#include "jvm.h"
 
 #include <stdio.h>
 #include <stdlib.h>
@@ -184,15 +185,26 @@
             res = errno;
         }
 
-        /* release p here before we throw an I/O exception */
-        if (isCopy) {
-            JNU_ReleaseStringPlatformChars(env, path, p);
-        }
-
         if (res == 0) {
-            if ( (sb.st_uid != uid) || (sb.st_gid != gid) ||
-                 ((sb.st_mode & (S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH)) != 0) ) {
-                JNU_ThrowIOException(env, "well-known file is not secure");
+            char msg[100];
+            jboolean isError = JNI_FALSE;
+            if (sb.st_uid != uid) {
+                jio_snprintf(msg, sizeof(msg)-1,
+                    "file should be owned by the current user (which is %d) but is owned by %d", uid, sb.st_uid);
+                isError = JNI_TRUE;
+            } else if (sb.st_gid != gid) {
+                jio_snprintf(msg, sizeof(msg)-1,
+                    "file's group should be the current group (which is %d) but the group is %d", gid, sb.st_gid);
+                isError = JNI_TRUE;
+            } else if ((sb.st_mode & (S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH)) != 0) {
+                jio_snprintf(msg, sizeof(msg)-1,
+                    "file should only be readable and writable by the owner but has 0%03o access", sb.st_mode & 0777);
+                isError = JNI_TRUE;
+            }
+            if (isError) {
+                char buf[256];
+                jio_snprintf(buf, sizeof(buf)-1, "well-known file %s is not secure: %s", p, msg);
+                JNU_ThrowIOException(env, buf);
             }
         } else {
             char* msg = strdup(strerror(res));
@@ -201,6 +213,10 @@
                 free(msg);
             }
         }
+
+        if (isCopy) {
+            JNU_ReleaseStringPlatformChars(env, path, p);
+        }
     }
 }
 
--- a/src/solaris/native/sun/tools/attach/BsdVirtualMachine.c	Wed Aug 23 14:14:49 2017 -0400
+++ b/src/solaris/native/sun/tools/attach/BsdVirtualMachine.c	Fri Aug 25 11:52:49 2017 -0400
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -25,6 +25,7 @@
 
 #include "jni.h"
 #include "jni_util.h"
+#include "jvm.h"
 
 #include <stdio.h>
 #include <stdlib.h>
@@ -149,15 +150,26 @@
             res = errno;
         }
 
-        /* release p here before we throw an I/O exception */
-        if (isCopy) {
-            JNU_ReleaseStringPlatformChars(env, path, p);
-        }
-
         if (res == 0) {
-            if ( (sb.st_uid != uid) || (sb.st_gid != gid) ||
-                 ((sb.st_mode & (S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH)) != 0) ) {
-                JNU_ThrowIOException(env, "well-known file is not secure");
+            char msg[100];
+            jboolean isError = JNI_FALSE;
+            if (sb.st_uid != uid) {
+                jio_snprintf(msg, sizeof(msg)-1,
+                    "file should be owned by the current user (which is %d) but is owned by %d", uid, sb.st_uid);
+                isError = JNI_TRUE;
+            } else if (sb.st_gid != gid) {
+                jio_snprintf(msg, sizeof(msg)-1,
+                    "file's group should be the current group (which is %d) but the group is %d", gid, sb.st_gid);
+                isError = JNI_TRUE;
+            } else if ((sb.st_mode & (S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH)) != 0) {
+                jio_snprintf(msg, sizeof(msg)-1,
+                    "file should only be readable and writable by the owner but has 0%03o access", sb.st_mode & 0777);
+                isError = JNI_TRUE;
+            }
+            if (isError) {
+                char buf[256];
+                jio_snprintf(buf, sizeof(buf)-1, "well-known file %s is not secure: %s", p, msg);
+                JNU_ThrowIOException(env, buf);
             }
         } else {
             char* msg = strdup(strerror(res));
@@ -166,6 +178,10 @@
                 free(msg);
             }
         }
+
+        if (isCopy) {
+            JNU_ReleaseStringPlatformChars(env, path, p);
+        }
     }
 }
 
--- a/src/solaris/native/sun/tools/attach/LinuxVirtualMachine.c	Wed Aug 23 14:14:49 2017 -0400
+++ b/src/solaris/native/sun/tools/attach/LinuxVirtualMachine.c	Fri Aug 25 11:52:49 2017 -0400
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -25,6 +25,7 @@
 
 #include "jni.h"
 #include "jni_util.h"
+#include "jvm.h"
 
 #include <stdio.h>
 #include <stdlib.h>
@@ -367,15 +368,26 @@
             res = errno;
         }
 
-        /* release p here before we throw an I/O exception */
-        if (isCopy) {
-            JNU_ReleaseStringPlatformChars(env, path, p);
-        }
-
         if (res == 0) {
-            if ( (sb.st_uid != uid) || (sb.st_gid != gid) ||
-                 ((sb.st_mode & (S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH)) != 0) ) {
-                JNU_ThrowIOException(env, "well-known file is not secure");
+            char msg[100];
+            jboolean isError = JNI_FALSE;
+            if (sb.st_uid != uid) {
+                jio_snprintf(msg, sizeof(msg)-1,
+                    "file should be owned by the current user (which is %d) but is owned by %d", uid, sb.st_uid);
+                isError = JNI_TRUE;
+            } else if (sb.st_gid != gid) {
+                jio_snprintf(msg, sizeof(msg)-1,
+                    "file's group should be the current group (which is %d) but the group is %d", gid, sb.st_gid);
+                isError = JNI_TRUE;
+            } else if ((sb.st_mode & (S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH)) != 0) {
+                jio_snprintf(msg, sizeof(msg)-1,
+                    "file should only be readable and writable by the owner but has 0%03o access", sb.st_mode & 0777);
+                isError = JNI_TRUE;
+            }
+            if (isError) {
+                char buf[256];
+                jio_snprintf(buf, sizeof(buf)-1, "well-known file %s is not secure: %s", p, msg);
+                JNU_ThrowIOException(env, buf);
             }
         } else {
             char* msg = strdup(strerror(res));
@@ -384,6 +396,10 @@
                 free(msg);
             }
         }
+
+        if (isCopy) {
+            JNU_ReleaseStringPlatformChars(env, path, p);
+        }
     }
 }
 
--- a/src/solaris/native/sun/tools/attach/SolarisVirtualMachine.c	Wed Aug 23 14:14:49 2017 -0400
+++ b/src/solaris/native/sun/tools/attach/SolarisVirtualMachine.c	Fri Aug 25 11:52:49 2017 -0400
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -35,6 +35,7 @@
 
 #include "jni.h"
 #include "jni_util.h"
+#include "jvm.h"
 
 #include "sun_tools_attach_SolarisVirtualMachine.h"
 
@@ -112,15 +113,26 @@
             res = errno;
         }
 
-        /* release p here before we throw an I/O exception */
-        if (isCopy) {
-            JNU_ReleaseStringPlatformChars(env, path, p);
-        }
-
         if (res == 0) {
-            if ( (sb.st_uid != uid) || (sb.st_gid != gid) ||
-                 ((sb.st_mode & (S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH)) != 0) ) {
-                JNU_ThrowIOException(env, "well-known file is not secure");
+            char msg[100];
+            jboolean isError = JNI_FALSE;
+            if (sb.st_uid != uid) {
+                jio_snprintf(msg, sizeof(msg)-1,
+                    "file should be owned by the current user (which is %d) but is owned by %d", uid, sb.st_uid);
+                isError = JNI_TRUE;
+            } else if (sb.st_gid != gid) {
+                jio_snprintf(msg, sizeof(msg)-1,
+                    "file's group should be the current group (which is %d) but the group is %d", gid, sb.st_gid);
+                isError = JNI_TRUE;
+            } else if ((sb.st_mode & (S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH)) != 0) {
+                jio_snprintf(msg, sizeof(msg)-1,
+                    "file should only be readable and writable by the owner but has 0%03o access", sb.st_mode & 0777);
+                isError = JNI_TRUE;
+            }
+            if (isError) {
+                char buf[256];
+                jio_snprintf(buf, sizeof(buf)-1, "well-known file %s is not secure: %s", p, msg);
+                JNU_ThrowIOException(env, buf);
             }
         } else {
             char* msg = strdup(strerror(res));
@@ -129,6 +141,10 @@
                 free(msg);
             }
         }
+
+        if (isCopy) {
+            JNU_ReleaseStringPlatformChars(env, path, p);
+        }
     }
 }