tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: UDP fails, but doesn't throw a SecurityException
Date Wed, 24 Jun 2009 21:57:01 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Chris,

On 6/24/2009 5:17 PM, Christopher Piggott wrote:
>>> Here's my question: if this was failing, why didn't it throw a
>>> SecurityException?  It would have been less challenging to figure out
>>> what was going on had there been one.
>> Ask your Java vendor. :)
>> There is no Tomcat code there.
> 
> Really?  I guess I didn't realize that.  I figured the security was
> mainly implemented by the classloaders provided by tomcat.

Nope, the security is generally provided by the component that provides
the service (in your case, UDP sockets).

You can see in the source from Sun (for 1.5.0, at least), the code for
DatagramSocket.receive looks like this:

SecurityManager security = System.getSecurityManager();
if (security != null) {
    while(true) {
        String peekAd = null;
        int peekPort = 0;
        // peek at the packet to see who it is from.
        if (!oldImpl) {
            // We can use the new peekData() API
            DatagramPacket peekPacket = new DatagramPacket(new byte[1], 1);
            peekPort = getImpl().peekData(peekPacket);
            peekAd = peekPacket.getAddress().getHostAddress();
        } else {
            InetAddress adr = new InetAddress();
            peekPort = getImpl().peek(adr);
            peekAd = adr.getHostAddress();
        }
        try {
            security.checkAccept(peekAd, peekPort);
            // security check succeeded - so now break
            // and recv the packet.
            break;
        } catch (SecurityException se) {
            // Throw away the offending packet by consuming
            // it in a tmp buffer.
            DatagramPacket tmp = new DatagramPacket(new byte[1], 1);
            getImpl().receive(tmp);

            // silently discard the offending packet
            // and continue: unknown/malicious
            // entities on nets should not make
            // runtime throw security exception and
            // disrupt the applet by sending random
            // datagram packets.
            continue;
        }
    } // end of while
}

You can see that SecurityExceptions are silently ignored in here.
Perhaps a newer version of the JRE includes a smarter implementation.
<shrug>

You can always write some code to do the check yourself: the code to do
it is right there in the code above. In your case, though, you would
propagate the exception instead of stupidly swallowing it :)

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkpCoS0ACgkQ9CaO5/Lv0PCPxgCfV3CEboDDt3L7yNSLujYWOPPe
BUEAn2DxoK+KILa8fjvfeCKCqB3VH7cc
=Eixt
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message