OpenJDK / amber / amber

changeset 10429:d274e775b258

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
7049079: NTSYSTEM CLASS IS LEAKING WINDOWS TOKENS Reviewed-by: weijun
author coffeys
date Mon, 05 Sep 2011 11:28:23 +0100
parents 0bb8e9b89b98
children f338d4485f5c
files jdk/src/share/classes/com/sun/security/auth/module/NTSystem.java jdk/src/windows/native/com/sun/security/auth/module/nt.c
diffstat 2 files changed, 25 insertions(+), 23 deletions(-) [+]
line wrap: on
line diff
--- a/jdk/src/share/classes/com/sun/security/auth/module/NTSystem.java	Mon Sep 05 18:17:55 2011 +0800
+++ b/jdk/src/share/classes/com/sun/security/auth/module/NTSystem.java	Mon Sep 05 11:28:23 2011 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -33,6 +33,7 @@
 public class NTSystem {
 
     private native void getCurrent(boolean debug);
+    private native long getImpersonationToken0();
 
     private String userName;
     private String domain;
@@ -132,10 +133,14 @@
      *
      * @return an impersonation token for the current NT user.
      */
-    public long getImpersonationToken() {
+    public synchronized long getImpersonationToken() {
+        if (impersonationToken == 0) {
+            impersonationToken = getImpersonationToken0();
+        }
         return impersonationToken;
     }
 
+
     private void loadNative() {
         System.loadLibrary("jaas_nt");
     }
--- a/jdk/src/windows/native/com/sun/security/auth/module/nt.c	Mon Sep 05 18:17:55 2011 +0800
+++ b/jdk/src/windows/native/com/sun/security/auth/module/nt.c	Mon Sep 05 11:28:23 2011 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2004, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -43,6 +43,19 @@
 BOOL getTextualSid(PSID pSid, LPTSTR TextualSid, LPDWORD lpdwBufferLen);
 void DisplayErrorText(DWORD dwLastError);
 
+JNIEXPORT jlong JNICALL
+Java_com_sun_security_auth_module_NTSystem_getImpersonationToken0
+        (JNIEnv *env, jobject obj) {
+    HANDLE impersonationToken = 0;      // impersonation token
+    if (debug) {
+        printf("getting impersonation token\n");
+    }
+    if (getImpersonationToken(&impersonationToken) == FALSE) {
+        return 0;
+    }
+    return (jlong)impersonationToken;
+}
+
 JNIEXPORT void JNICALL
 Java_com_sun_security_auth_module_NTSystem_getCurrent
     (JNIEnv *env, jobject obj, jboolean debugNative) {
@@ -59,7 +72,6 @@
     DWORD numGroups = 0;                // num groups
     LPTSTR *groups = NULL;              // groups array
     long pIndex = -1;                   // index of primaryGroup in groups array
-    HANDLE impersonationToken = 0;      // impersonation token
 
     jfieldID fid;
     jstring jstr;
@@ -100,13 +112,6 @@
         return;
     }
 
-    if (debug) {
-        printf("getting impersonation token\n");
-    }
-    if (getImpersonationToken(&impersonationToken) == FALSE) {
-        return;
-    }
-
     // then set values into NTSystem
 
     fid = (*env)->GetFieldID(env, cls, "userName", "Ljava/lang/String;");
@@ -233,18 +238,6 @@
         (*env)->SetObjectField(env, obj, fid, jgroups);
     }
 
-    fid = (*env)->GetFieldID(env, cls, "impersonationToken", "J");
-    if (fid == 0) {
-        jclass newExcCls =
-            (*env)->FindClass(env, "java/lang/IllegalArgumentException");
-        if (newExcCls == 0) {
-            systemError = TRUE;
-            goto out;
-        }
-        (*env)->ThrowNew(env, newExcCls, "invalid field: impersonationToken");
-    }
-    (*env)->SetLongField(env, obj, fid, (jlong)impersonationToken);
-
 out:
     if (userName != NULL) {
         HeapFree(GetProcessHeap(), 0, userName);
@@ -269,6 +262,7 @@
         }
         HeapFree(GetProcessHeap(), 0, groups);
     }
+    CloseHandle(tokenHandle);
 
     if (systemError && debug) {
         printf("  [getCurrent] System Error: ");
@@ -592,6 +586,7 @@
         }
         return FALSE;
     }
+    CloseHandle(dupToken);
 
     if (debug) {
         printf("  [getImpersonationToken] token = %d\n", *impersonationToken);
@@ -802,6 +797,8 @@
         }
         HeapFree(GetProcessHeap(), 0, groups);
     }
+    CloseHandle(impersonationToken);
+    CloseHandle(tokenHandle);
 }
 */
© 2007, Oracle and/or its affiliates
Terms of Use · Privacy · Trademarks