Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8242488

Arrays should be cloned in several JAAS Callback classes

    XMLWordPrintable

    Details

    • Type: CSR
    • Status: Closed
    • Priority: P3
    • Resolution: Approved
    • Fix Version/s: 15
    • Component/s: security-libs
    • Labels:
      None
    • Subcomponent:
    • Compatibility Kind:
      behavioral
    • Compatibility Risk:
      minimal
    • Compatibility Risk Description:
      No good program should rely on the abuse of these methods.
    • Interface Kind:
      Java API
    • Scope:
      SE

      Description

      Summary

      Add defensive clone calls to some methods in ConfirmationCallback and ChoiceCallback.

      Problem

      In these classes, arrays are not cloned when passed into a constructor or returned. This allows an external program to get access to internal fields of these classes.

      Solution

      See spec.

      Specification

      src/java.base/share/classes/javax/security/auth/callback/ChoiceCallback.java:

           /**
            * Set the selected choices.
            *
            * @param selections the selections represented as indexes into the
      -     *          {@code choices} list.
      +     *          {@code choices} list. The array is cloned to protect
      +     *          against subsequent modification.
            */
           public void setSelectedIndexes(int[] selections);
      
           /**
            * Get the selected choices.
            *
      -     * @return the selected choices, represented as indexes into the
      +     * @return a copy of the selected choices, represented as indexes into the
            *          {@code choices} list.
            */
           public int[] getSelectedIndexes();
      
           /**
            * Construct a {@code ChoiceCallback} with a prompt,
            * a list of choices, a default choice, and a boolean specifying
            * whether or not multiple selections from the list of choices are allowed.
            *
      -     * @param choices the list of choices.
      +     * @param choices the list of choices. The array is cloned to protect
      +     *                  against subsequent modification.
            */
           public ChoiceCallback(String prompt, String[] choices,
                       int defaultChoice, boolean multipleSelectionsAllowed);
      
           /**
            * Get the list of choices.
            *
      -     * @return the list of choices.
      +     * @return a copy of the list of choices.
            */
           public String[] getChoices();

      src/java.base/share/classes/javax/security/auth/callback/ConfirmationCallback.java

           /**
            * Construct a {@code ConfirmationCallback} with a
            * message type, a list of options and a default option.
            *
      -     * @param options the list of confirmation options.
      +     * @param options the list of confirmation options. The array is cloned
      +     *                  to protect against subsequent modification.
            */
           public ConfirmationCallback(int messageType,
                       String[] options, int defaultOption);
      
           /**
            * Construct a {@code ConfirmationCallback} with a prompt,
            * message type, a list of options and a default option.
            *
      -     * @param options the list of confirmation options.
      +     * @param options the list of confirmation options. The array is cloned
      +     *                  to protect against subsequent modification.
            */
           public ConfirmationCallback(String prompt, int messageType,
                       String[] options, int defaultOption);
      
           /**
            * Get the confirmation options.
            *
      -     * @return the list of confirmation options, or null if this
      +     * @return a copy of the list of confirmation options, or null if this
            *          {@code ConfirmationCallback} was instantiated with
            *          an {@code optionType} instead of {@code options}.
            */
           public String[] getOptions();

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              weijun Weijun Wang
              Reporter:
              weijun Weijun Wang
              Reviewed By:
              Sean Mullan
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: