< prev index next >

src/os/bsd/vm/os_bsd.cpp

Print this page
rev 12741 : 8173848: realpath is unsafe
Summary: Fix occurrences of realpath in hotspot to use safe POSIX.1-2008 form.
Reviewed-by: dsamersoff, dholmes, clanger
   1 /*
   2  * Copyright (c) 1999, 2016, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.
   8  *
   9  * This code is distributed in the hope that it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  12  * version 2 for more details (a copy is included in the LICENSE file that
  13  * accompanied this code).
  14  *
  15  * You should have received a copy of the GNU General Public License version
  16  * 2 along with this work; if not, write to the Free Software Foundation,
  17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  18  *
  19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  20  * or visit www.oracle.com if you need additional information or have any
  21  * questions.
  22  *


1737 void os::jvm_path(char *buf, jint buflen) {
1738   // Error checking.
1739   if (buflen < MAXPATHLEN) {
1740     assert(false, "must use a large-enough buffer");
1741     buf[0] = '\0';
1742     return;
1743   }
1744   // Lazy resolve the path to current module.
1745   if (saved_jvm_path[0] != 0) {
1746     strcpy(buf, saved_jvm_path);
1747     return;
1748   }
1749 
1750   char dli_fname[MAXPATHLEN];
1751   bool ret = dll_address_to_library_name(
1752                                          CAST_FROM_FN_PTR(address, os::jvm_path),
1753                                          dli_fname, sizeof(dli_fname), NULL);
1754   assert(ret, "cannot locate libjvm");
1755   char *rp = NULL;
1756   if (ret && dli_fname[0] != '\0') {
1757     rp = realpath(dli_fname, buf);
1758   }
1759   if (rp == NULL) {
1760     return;
1761   }
1762 
1763   if (Arguments::sun_java_launcher_is_altjvm()) {
1764     // Support for the java launcher's '-XXaltjvm=<path>' option. Typical
1765     // value for buf is "<JAVA_HOME>/jre/lib/<arch>/<vmtype>/libjvm.so"
1766     // or "<JAVA_HOME>/jre/lib/<vmtype>/libjvm.dylib". If "/jre/lib/"
1767     // appears at the right place in the string, then assume we are
1768     // installed in a JDK and we're done. Otherwise, check for a
1769     // JAVA_HOME environment variable and construct a path to the JVM
1770     // being overridden.
1771 
1772     const char *p = buf + strlen(buf) - 1;
1773     for (int count = 0; p > buf && count < 5; ++count) {
1774       for (--p; p > buf && *p != '/'; --p)
1775         /* empty */ ;
1776     }
1777 
1778     if (strncmp(p, "/jre/lib/", 9) != 0) {
1779       // Look for JAVA_HOME in the environment.
1780       char* java_home_var = ::getenv("JAVA_HOME");
1781       if (java_home_var != NULL && java_home_var[0] != 0) {
1782         char* jrelib_p;
1783         int len;
1784 
1785         // Check the current module name "libjvm"
1786         p = strrchr(buf, '/');
1787         assert(strstr(p, "/libjvm") == p, "invalid library name");
1788 
1789         rp = realpath(java_home_var, buf);
1790         if (rp == NULL) {
1791           return;
1792         }
1793 
1794         // determine if this is a legacy image or modules image
1795         // modules image doesn't have "jre" subdirectory
1796         len = strlen(buf);
1797         assert(len < buflen, "Ran out of buffer space");
1798         jrelib_p = buf + len;
1799 
1800         // Add the appropriate library subdir
1801         snprintf(jrelib_p, buflen-len, "/jre/lib");
1802         if (0 != access(buf, F_OK)) {
1803           snprintf(jrelib_p, buflen-len, "/lib");
1804         }
1805 
1806         // Add the appropriate client or server subdir
1807         len = strlen(buf);
1808         jrelib_p = buf + len;
1809         snprintf(jrelib_p, buflen-len, "/%s", COMPILER_VARIANT);
1810         if (0 != access(buf, F_OK)) {
1811           snprintf(jrelib_p, buflen-len, "%s", "");
1812         }
1813 
1814         // If the path exists within JAVA_HOME, add the JVM library name
1815         // to complete the path to JVM being overridden.  Otherwise fallback
1816         // to the path to the current library.
1817         if (0 == access(buf, F_OK)) {
1818           // Use current module name "libjvm"
1819           len = strlen(buf);
1820           snprintf(buf + len, buflen-len, "/libjvm%s", JNI_LIB_SUFFIX);
1821         } else {
1822           // Fall back to path of current library
1823           rp = realpath(dli_fname, buf);
1824           if (rp == NULL) {
1825             return;
1826           }
1827         }
1828       }
1829     }
1830   }
1831 
1832   strncpy(saved_jvm_path, buf, MAXPATHLEN);
1833   saved_jvm_path[MAXPATHLEN - 1] = '\0';
1834 }
1835 
1836 void os::print_jni_name_prefix_on(outputStream* st, int args_size) {
1837   // no prefix required, not even "_"
1838 }
1839 
1840 void os::print_jni_name_suffix_on(outputStream* st, int args_size) {
1841   // no suffix required
1842 }
1843 


   1 /*
   2  * Copyright (c) 1999, 2017, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.
   8  *
   9  * This code is distributed in the hope that it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  12  * version 2 for more details (a copy is included in the LICENSE file that
  13  * accompanied this code).
  14  *
  15  * You should have received a copy of the GNU General Public License version
  16  * 2 along with this work; if not, write to the Free Software Foundation,
  17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  18  *
  19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  20  * or visit www.oracle.com if you need additional information or have any
  21  * questions.
  22  *


1737 void os::jvm_path(char *buf, jint buflen) {
1738   // Error checking.
1739   if (buflen < MAXPATHLEN) {
1740     assert(false, "must use a large-enough buffer");
1741     buf[0] = '\0';
1742     return;
1743   }
1744   // Lazy resolve the path to current module.
1745   if (saved_jvm_path[0] != 0) {
1746     strcpy(buf, saved_jvm_path);
1747     return;
1748   }
1749 
1750   char dli_fname[MAXPATHLEN];
1751   bool ret = dll_address_to_library_name(
1752                                          CAST_FROM_FN_PTR(address, os::jvm_path),
1753                                          dli_fname, sizeof(dli_fname), NULL);
1754   assert(ret, "cannot locate libjvm");
1755   char *rp = NULL;
1756   if (ret && dli_fname[0] != '\0') {
1757     rp = os::Posix::realpath(dli_fname, buf, buflen);
1758   }
1759   if (rp == NULL) {
1760     return;
1761   }
1762 
1763   if (Arguments::sun_java_launcher_is_altjvm()) {
1764     // Support for the java launcher's '-XXaltjvm=<path>' option. Typical
1765     // value for buf is "<JAVA_HOME>/jre/lib/<arch>/<vmtype>/libjvm.so"
1766     // or "<JAVA_HOME>/jre/lib/<vmtype>/libjvm.dylib". If "/jre/lib/"
1767     // appears at the right place in the string, then assume we are
1768     // installed in a JDK and we're done. Otherwise, check for a
1769     // JAVA_HOME environment variable and construct a path to the JVM
1770     // being overridden.
1771 
1772     const char *p = buf + strlen(buf) - 1;
1773     for (int count = 0; p > buf && count < 5; ++count) {
1774       for (--p; p > buf && *p != '/'; --p)
1775         /* empty */ ;
1776     }
1777 
1778     if (strncmp(p, "/jre/lib/", 9) != 0) {
1779       // Look for JAVA_HOME in the environment.
1780       char* java_home_var = ::getenv("JAVA_HOME");
1781       if (java_home_var != NULL && java_home_var[0] != 0) {
1782         char* jrelib_p;
1783         int len;
1784 
1785         // Check the current module name "libjvm"
1786         p = strrchr(buf, '/');
1787         assert(strstr(p, "/libjvm") == p, "invalid library name");
1788 
1789         rp = os::Posix::realpath(java_home_var, buf, buflen);
1790         if (rp == NULL) {
1791           return;
1792         }
1793 
1794         // determine if this is a legacy image or modules image
1795         // modules image doesn't have "jre" subdirectory
1796         len = strlen(buf);
1797         assert(len < buflen, "Ran out of buffer space");
1798         jrelib_p = buf + len;
1799 
1800         // Add the appropriate library subdir
1801         snprintf(jrelib_p, buflen-len, "/jre/lib");
1802         if (0 != access(buf, F_OK)) {
1803           snprintf(jrelib_p, buflen-len, "/lib");
1804         }
1805 
1806         // Add the appropriate client or server subdir
1807         len = strlen(buf);
1808         jrelib_p = buf + len;
1809         snprintf(jrelib_p, buflen-len, "/%s", COMPILER_VARIANT);
1810         if (0 != access(buf, F_OK)) {
1811           snprintf(jrelib_p, buflen-len, "%s", "");
1812         }
1813 
1814         // If the path exists within JAVA_HOME, add the JVM library name
1815         // to complete the path to JVM being overridden.  Otherwise fallback
1816         // to the path to the current library.
1817         if (0 == access(buf, F_OK)) {
1818           // Use current module name "libjvm"
1819           len = strlen(buf);
1820           snprintf(buf + len, buflen-len, "/libjvm%s", JNI_LIB_SUFFIX);
1821         } else {
1822           // Fall back to path of current library
1823           rp = os::Posix::realpath(dli_fname, buf, buflen);
1824           if (rp == NULL) {
1825             return;
1826           }
1827         }
1828       }
1829     }
1830   }
1831 
1832   strncpy(saved_jvm_path, buf, MAXPATHLEN);
1833   saved_jvm_path[MAXPATHLEN - 1] = '\0';
1834 }
1835 
1836 void os::print_jni_name_prefix_on(outputStream* st, int args_size) {
1837   // no prefix required, not even "_"
1838 }
1839 
1840 void os::print_jni_name_suffix_on(outputStream* st, int args_size) {
1841   // no suffix required
1842 }
1843 


< prev index next >