--- a/src/java.base/share/conf/security/java.security Mon Jan 08 14:06:25 2018 -0500
+++ b/src/java.base/share/conf/security/java.security Sun Sep 03 16:08:13 2017 +0100
@@ -985,3 +985,24 @@
# java.rmi.dgc.VMID;\
# java.rmi.dgc.Lease;\
# maxdepth=5;maxarray=10000
+
+# CORBA ORBIorTypeCheckRegistryFilter
+# Type check enhancement for ORB::string_to_object processing
+#
+# An IOR type check filter, if configured, is used by an ORB during
+# an ORB::string_to_object invocation to check the veracity of the type encoded
+# in the ior string.
+#
+# The filter pattern consists of a semi-colon separated list of class names.
+# The configured list contains the binary class names of the IDL interface types
+# corresponding to the IDL stub class to be instantiated.
+# As such, a filter specifies a list of IDL stub classes that will be
+# allowed by an ORB when an ORB::string_to_object is invoked.
+# It is used to specify a white list configuration of acceptable
+# IDL stub types which may be contained in a stringified IOR
+# parameter passed as input to an ORB::string_to_object method.
+#
+# Note: This property is currently used by the JDK Reference implementation.
+# It is not guaranteed to be examined and used by other implementations.
+#
+#com.sun.CORBA.ORBIorTypeCheckRegistryFilter=binary_class_name;binary_class_name
--- a/src/java.corba/share/classes/com/sun/corba/se/impl/encoding/BufferManagerWriteGrow.java Mon Jan 08 14:06:25 2018 -0500
+++ b/src/java.corba/share/classes/com/sun/corba/se/impl/encoding/BufferManagerWriteGrow.java Sun Sep 03 16:08:13 2017 +0100
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2000, 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -26,11 +26,13 @@
package com.sun.corba.se.impl.encoding;
import com.sun.corba.se.impl.orbutil.ORBConstants;
+import com.sun.corba.se.impl.orbutil.ORBUtility;
import com.sun.corba.se.impl.encoding.ByteBufferWithInfo;
import com.sun.corba.se.impl.encoding.BufferManagerWrite;
import com.sun.corba.se.pept.encoding.OutputObject;
import com.sun.corba.se.pept.transport.Connection;
import com.sun.corba.se.spi.orb.ORB;
+import com.sun.corba.se.spi.orb.ORBData;
public class BufferManagerWriteGrow extends BufferManagerWrite
{
@@ -48,7 +50,20 @@
* buffer manager as set in the ORB.
*/
public int getBufferSize() {
- return orb.getORBData().getGIOPBufferSize();
+ ORBData orbData = null;
+ int bufferSize = ORBConstants.GIOP_DEFAULT_BUFFER_SIZE;
+ if (orb != null) {
+ orbData = orb.getORBData();
+ if (orbData != null) {
+ bufferSize = orbData.getGIOPBufferSize();
+ dprint("BufferManagerWriteGrow.getBufferSize: bufferSize == " + bufferSize);
+ } else {
+ dprint("BufferManagerWriteGrow.getBufferSize: orbData reference is NULL");
+ }
+ } else {
+ dprint("BufferManagerWriteGrow.getBufferSize: orb reference is NULL");
+ }
+ return bufferSize;
}
public void overflow (ByteBufferWithInfo bbwi)
@@ -89,4 +104,9 @@
*/
public void close() {}
+ private void dprint(String msg) {
+ if (orb.transportDebugFlag) {
+ ORBUtility.dprint(this, msg);
}
+ }
+}
--- a/src/java.corba/share/classes/com/sun/corba/se/impl/encoding/CDRInputStream_1_0.java Mon Jan 08 14:06:25 2018 -0500
+++ b/src/java.corba/share/classes/com/sun/corba/se/impl/encoding/CDRInputStream_1_0.java Sun Sep 03 16:08:13 2017 +0100
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -725,12 +725,14 @@
// IDLEntity.class.isAssignableFrom( clz ).
// 3. If clz is an interface, use it to create the appropriate
// stub factory.
+
public org.omg.CORBA.Object read_Object(Class clz)
{
// In any case, we must first read the IOR.
IOR ior = IORFactories.makeIOR(parent) ;
- if (ior.isNil())
+ if (ior.isNil()) {
return null ;
+ }
PresentationManager.StubFactoryFactory sff = ORB.getStubFactoryFactory() ;
String codeBase = ior.getProfile().getCodebase() ;
@@ -739,6 +741,7 @@
if (clz == null) {
RepositoryId rid = RepositoryId.cache.getId( ior.getTypeId() ) ;
String className = rid.getClassName() ;
+ orb.validateIORClass(className);
boolean isIDLInterface = rid.isIDLType() ;
if (className == null || className.equals( "" ))
@@ -761,11 +764,9 @@
} else {
// clz is an interface class
boolean isIDL = IDLEntity.class.isAssignableFrom( clz ) ;
-
stubFactory = sff.createStubFactory( clz.getName(),
isIDL, codeBase, clz, clz.getClassLoader() ) ;
}
-
return internalIORToObject( ior, stubFactory, orb ) ;
}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/java.corba/share/classes/com/sun/corba/se/impl/ior/IORTypeCheckRegistryImpl.java Sun Sep 03 16:08:13 2017 +0100
@@ -0,0 +1,179 @@
+/*
+ * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation. Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package com.sun.corba.se.impl.ior;
+
+import java.util.Set;
+
+import com.sun.corba.se.impl.orbutil.ORBUtility;
+import com.sun.corba.se.spi.ior.IORTypeCheckRegistry;
+import com.sun.corba.se.spi.orb.ORB;
+
+public class IORTypeCheckRegistryImpl implements IORTypeCheckRegistry {
+
+ private final Set<String> iorTypeNames;
+ private static final Set<String> builtinIorTypeNames;
+ private ORB theOrb;
+
+ static {
+ builtinIorTypeNames = initBuiltinIorTypeNames();
+ }
+
+ public IORTypeCheckRegistryImpl( String filterProperties, ORB orb) {
+ theOrb = orb;
+ iorTypeNames = parseIorClassNameList(filterProperties);
+ }
+
+ /*
+ *
+ * A note on the validation flow:
+ * 1. against the filter class name list
+ * 2. against the builtin class name list
+ */
+
+ @Override
+ public boolean isValidIORType(String iorClassName) {
+ dprintTransport(".isValidIORType : iorClassName == " + iorClassName);
+ return validateIorTypeByName(iorClassName);
+ }
+
+
+ private boolean validateIorTypeByName(String iorClassName) {
+ dprintTransport(".validateIorTypeByName : iorClassName == " + iorClassName);
+ boolean isValidType;
+
+ isValidType = checkIorTypeNames(iorClassName);
+
+ if (!isValidType) {
+ isValidType = checkBuiltinClassNames(iorClassName);
+ }
+
+ dprintTransport(".validateIorTypeByName : isValidType == " + isValidType);
+ return isValidType;
+ }
+
+
+ /*
+ * check if the class name corresponding to an IOR Type name
+ * is in the ior class name list as generated from the filter property.
+ * So if the IOR type is recorded in the registry then allow the creation of the
+ * stub factory and let it resolve and load the class. That is if current
+ * type check deliberation permits.
+ * IOR Type names are configured by the filter property
+ */
+
+ private boolean checkIorTypeNames(
+ String theIorClassName) {
+ return (iorTypeNames != null) && (iorTypeNames.contains(theIorClassName));
+ }
+
+ /*
+ * Check the IOR interface class name against the set of
+ * class names that correspond to the builtin JDK IDL stub classes.
+ */
+
+ private boolean checkBuiltinClassNames(
+ String theIorClassName) {
+ return builtinIorTypeNames.contains(theIorClassName);
+ }
+
+
+ private Set<String> parseIorClassNameList(String filterProperty) {
+ Set<String> _iorTypeNames = null;
+ if (filterProperty != null) {
+ String[] tempIorClassNames = filterProperty.split(";");
+ _iorTypeNames = Set.<String>of(tempIorClassNames);
+ if (theOrb.orbInitDebugFlag) {
+ dprintConfiguredIorTypeNames();
+ }
+ }
+ return _iorTypeNames;
+ }
+
+
+ private static Set<String> initBuiltinIorTypeNames() {
+ Set<Class<?>> builtInCorbaStubTypes = initBuiltInCorbaStubTypes();
+ String [] tempBuiltinIorTypeNames = new String[builtInCorbaStubTypes.size()];
+ int i = 0;
+ for (Class<?> _stubClass: builtInCorbaStubTypes) {
+ tempBuiltinIorTypeNames[i++] = _stubClass.getName();
+ }
+ return Set.<String>of(tempBuiltinIorTypeNames);
+ }
+
+ private static Set<Class<?>> initBuiltInCorbaStubTypes() {
+ Class<?> tempBuiltinCorbaStubTypes[] = {
+ com.sun.corba.se.spi.activation.Activator.class,
+ com.sun.corba.se.spi.activation._ActivatorStub.class,
+ com.sun.corba.se.spi.activation._InitialNameServiceStub.class,
+ com.sun.corba.se.spi.activation._LocatorStub.class,
+ com.sun.corba.se.spi.activation._RepositoryStub.class,
+ com.sun.corba.se.spi.activation._ServerManagerStub.class,
+ com.sun.corba.se.spi.activation._ServerStub.class,
+ org.omg.CosNaming.BindingIterator.class,
+ org.omg.CosNaming._BindingIteratorStub.class,
+ org.omg.CosNaming.NamingContextExt.class,
+ org.omg.CosNaming._NamingContextExtStub.class,
+ org.omg.CosNaming.NamingContext.class,
+ org.omg.CosNaming._NamingContextStub.class,
+ org.omg.DynamicAny.DynAnyFactory.class,
+ org.omg.DynamicAny._DynAnyFactoryStub.class,
+ org.omg.DynamicAny.DynAny.class,
+ org.omg.DynamicAny._DynAnyStub.class,
+ org.omg.DynamicAny.DynArray.class,
+ org.omg.DynamicAny._DynArrayStub.class,
+ org.omg.DynamicAny.DynEnum.class,
+ org.omg.DynamicAny._DynEnumStub.class,
+ org.omg.DynamicAny.DynFixed.class,
+ org.omg.DynamicAny._DynFixedStub.class,
+ org.omg.DynamicAny.DynSequence.class,
+ org.omg.DynamicAny._DynSequenceStub.class,
+ org.omg.DynamicAny.DynStruct.class,
+ org.omg.DynamicAny._DynStructStub.class,
+ org.omg.DynamicAny.DynUnion.class,
+ org.omg.DynamicAny._DynUnionStub.class,
+ org.omg.DynamicAny._DynValueStub.class,
+ org.omg.DynamicAny.DynValue.class,
+ org.omg.PortableServer.ServantActivator.class,
+ org.omg.PortableServer._ServantActivatorStub.class,
+ org.omg.PortableServer.ServantLocator.class,
+ org.omg.PortableServer._ServantLocatorStub.class };
+ return Set.<Class<?>>of(tempBuiltinCorbaStubTypes);
+ }
+
+ private void dprintConfiguredIorTypeNames() {
+ if (iorTypeNames != null) {
+ for (String iorTypeName : iorTypeNames) {
+ ORBUtility.dprint(this, ".dprintConfiguredIorTypeNames: " + iorTypeName);
+ }
+ }
+ }
+
+ private void dprintTransport(String msg) {
+ if (theOrb.transportDebugFlag) {
+ ORBUtility.dprint(this, msg);
+ }
+ }
+}
--- a/src/java.corba/share/classes/com/sun/corba/se/impl/orb/ORBImpl.java Mon Jan 08 14:06:25 2018 -0500
+++ b/src/java.corba/share/classes/com/sun/corba/se/impl/orb/ORBImpl.java Sun Sep 03 16:08:13 2017 +0100
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2002, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2002, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -54,6 +54,7 @@
import java.security.PrivilegedAction;
import java.security.AccessController;
+import java.security.Security;
import javax.rmi.CORBA.Util;
import javax.rmi.CORBA.ValueHandler;
@@ -90,6 +91,7 @@
import com.sun.corba.se.pept.transport.TransportManager;
import com.sun.corba.se.spi.ior.IOR;
+import com.sun.corba.se.spi.ior.IORTypeCheckRegistry;
import com.sun.corba.se.spi.ior.IdentifiableFactoryFinder;
import com.sun.corba.se.spi.ior.TaggedComponentFactoryFinder;
import com.sun.corba.se.spi.ior.IORFactories;
@@ -124,6 +126,7 @@
import com.sun.corba.se.spi.transport.CorbaContactInfoListFactory;
import com.sun.corba.se.spi.transport.CorbaTransportManager;
import com.sun.corba.se.spi.legacy.connection.LegacyServerSocketManager;
+import com.sun.corba.se.spi.logging.CORBALogDomains;
import com.sun.corba.se.spi.copyobject.CopierManager;
import com.sun.corba.se.spi.presentation.rmi.PresentationDefaults;
import com.sun.corba.se.spi.presentation.rmi.PresentationManager;
@@ -145,6 +148,7 @@
import com.sun.corba.se.impl.encoding.CachedCodeBase;
import com.sun.corba.se.impl.interceptors.PIHandlerImpl;
import com.sun.corba.se.impl.interceptors.PINoOpHandlerImpl;
+import com.sun.corba.se.impl.ior.IORTypeCheckRegistryImpl;
import com.sun.corba.se.impl.ior.TaggedComponentFactoryFinderImpl;
import com.sun.corba.se.impl.ior.TaggedProfileFactoryFinderImpl;
import com.sun.corba.se.impl.ior.TaggedProfileTemplateFactoryFinderImpl;
@@ -226,6 +230,8 @@
private ServiceContextRegistry serviceContextRegistry ;
+ private IORTypeCheckRegistry iorTypeCheckRegistry;
+
// Needed here to implement connect/disconnect
private TOAFactory toaFactory ;
@@ -274,6 +280,8 @@
// insNamingDelegate.
private final Object resolverLock = new Object() ;
+ private static final String IORTYPECHECKREGISTRY_FILTER_PROPNAME = "com.sun.CORBA.ORBIorTypeCheckRegistryFilter";
+
private TaggedComponentFactoryFinder taggedComponentFactoryFinder ;
private IdentifiableFactoryFinder taggedProfileFactoryFinder ;
@@ -411,6 +419,39 @@
};
serviceContextRegistry = new ServiceContextRegistry( this ) ;
+
+ }
+
+
+ private void initIORTypeCheckRegistry() {
+ String filterProps = AccessController
+ .doPrivileged(new PrivilegedAction<String>() {
+ public String run() {
+ String props = System
+ .getProperty(IORTYPECHECKREGISTRY_FILTER_PROPNAME);
+ if (props == null) {
+ props = Security
+ .getProperty(IORTYPECHECKREGISTRY_FILTER_PROPNAME);
+ }
+ return props;
+ }
+ });
+ if (filterProps != null) {
+ try {
+ iorTypeCheckRegistry = new IORTypeCheckRegistryImpl(filterProps, this);
+ } catch (Exception ex) {
+ throw wrapper.bootstrapException(ex);
+ }
+
+ if (this.orbInitDebugFlag) {
+ dprint(".initIORTypeCheckRegistry, IORTypeCheckRegistryImpl created for properties == "
+ + filterProps);
+ }
+ } else {
+ if (this.orbInitDebugFlag) {
+ dprint(".initIORTypeCheckRegistry, IORTypeCheckRegistryImpl NOT created for properties == ");
+ }
+ }
}
protected void setDebugFlags( String[] args )
@@ -494,6 +535,8 @@
getThreadPoolManager();
super.getByteBufferPool();
+
+ initIORTypeCheckRegistry();
}
private synchronized POAFactory getPOAFactory()
@@ -2089,6 +2132,17 @@
}
return copierManager ;
}
+
+ @Override
+ public void validateIORClass(String iorClassName) {
+ if (iorTypeCheckRegistry != null) {
+ if (!iorTypeCheckRegistry.isValidIORType(iorClassName)) {
+ throw ORBUtilSystemException.get( this,
+ CORBALogDomains.OA_IOR ).badStringifiedIor();
+ }
+ }
+ }
+
} // Class ORBImpl
////////////////////////////////////////////////////////////////////////
--- a/src/java.corba/share/classes/com/sun/corba/se/impl/orb/ORBSingleton.java Mon Jan 08 14:06:25 2018 -0500
+++ b/src/java.corba/share/classes/com/sun/corba/se/impl/orb/ORBSingleton.java Sun Sep 03 16:08:13 2017 +0100
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -768,6 +768,13 @@
public CopierManager getCopierManager() {
return null ;
}
+
+ @Override
+ public void validateIORClass(String iorClassName) {
+ getFullORB().validateIORClass(iorClassName);
+
+ }
+
}
// End of file.
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/java.corba/share/classes/com/sun/corba/se/spi/ior/IORTypeCheckRegistry.java Sun Sep 03 16:08:13 2017 +0100
@@ -0,0 +1,31 @@
+/*
+ * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation. Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package com.sun.corba.se.spi.ior;
+
+public interface IORTypeCheckRegistry {
+ public boolean isValidIORType(String iorClassName);
+}
+
--- a/src/java.corba/share/classes/com/sun/corba/se/spi/orb/ORB.java Mon Jan 08 14:06:25 2018 -0500
+++ b/src/java.corba/share/classes/com/sun/corba/se/spi/orb/ORB.java Sun Sep 03 16:08:13 2017 +0100
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2002, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2002, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -121,6 +121,7 @@
public boolean shutdownDebugFlag = false;
public boolean giopDebugFlag = false;
public boolean invocationTimingDebugFlag = false ;
+ public boolean orbInitDebugFlag = false ;
// SystemException log wrappers. Protected so that they can be used in
// subclasses.
@@ -487,6 +488,24 @@
public abstract ThreadPoolManager getThreadPoolManager();
public abstract CopierManager getCopierManager() ;
+
+ /*
+ * This method is called to verify that a stringified IOR passed to
+ * an org.omg.CORBA.ORB::string_to_object method contains a valid and acceptable IOR type.
+ * If an ORB is configured with IOR type checking enabled,
+ * the ORB executes a IOR type registry lookup to
+ * validate that the class name extract from a type id in
+ * a stringified IOR is a known and accepted type.
+ * A CORBA {@code org.omg.CORBA.DATA_CONVERSION} exception will be thrown should the type check fail.
+ *
+ * @param iorClassName
+ * a string representing the class name corresponding to the type id of an IOR
+ * @throws org.omg.CORBA.DATA_CONVERSION
+ * exception with an indication that it is a "Bad stringified IOR", which is thrown
+ * when the type check fails.
+ */
+ public abstract void validateIORClass(String iorClassName);
+
}
// End of file.