Mercurial > hg > release > icedtea-web-1.5
changeset 51:75832973e0fa
CVE-2010-3860 IcedTea System property information leak via public static
2010-11-24 Omair Majid <omajid@redhat.com>
* netx/net/sourceforge/jnlp/runtime/Boot.java: Remove basedir
option. Add NETX_ABOUT_FILE.
(run): Remove call to JNLPRuntime.setBaseDir.
(getAboutFile): Use the constant in this file, not JNLPRuntime.
(getBaseDir): Remove obsolete method.
* netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java: Remove
baseDir, USER, HOME_DIR, NETXRC_FILE, NETX_DIR, SECURITY_DIR,
CERTFICIATES_FILE, JAVA_HOME_DIR, NETX_ABOUT_FILE.
(initialize): Do not set baseDir.
(getBaseDir): Remove method.
(setBaseDir): Likewise.
(getDefaultBaseDir): Likewise.
(getProperties): Likewise.
* netx/net/sourceforge/jnlp/security/SecurityUtil.java
(getTrustedCertsFilename): Delegate to
KeyStores.getKeyStoreLocation.
* plugin/icedteanp/java/sun/applet/PluginAppletSecurityContext.java
(PluginAppletSecurityContext): Remove call to obsolete method.
| author | Omair Majid <omajid@redhat.com> |
|---|---|
| date | Wed, 24 Nov 2010 14:15:11 -0500 |
| parents | 87624fe05628 |
| children | b43d21667b5b |
| files | ChangeLog NEWS netx/net/sourceforge/jnlp/resources/Messages.properties netx/net/sourceforge/jnlp/runtime/Boot.java netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java netx/net/sourceforge/jnlp/security/SecurityUtil.java plugin/icedteanp/java/sun/applet/PluginAppletSecurityContext.java |
| diffstat | 7 files changed, 34 insertions(+), 132 deletions(-) [+] |
line wrap: on
line diff
--- a/ChangeLog Wed Nov 24 13:12:52 2010 -0500 +++ b/ChangeLog Wed Nov 24 14:15:11 2010 -0500 @@ -1,3 +1,25 @@ +2010-11-24 Omair Majid <omajid@redhat.com> + + CVE-2010-3860 IcedTea System property information leak via public static + * netx/net/sourceforge/jnlp/runtime/Boot.java: Remove basedir + option. Add NETX_ABOUT_FILE. + (run): Remove call to JNLPRuntime.setBaseDir. + (getAboutFile): Use the constant in this file, not JNLPRuntime. + (getBaseDir): Remove obsolete method. + * netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java: Remove + baseDir, USER, HOME_DIR, NETXRC_FILE, NETX_DIR, SECURITY_DIR, + CERTFICIATES_FILE, JAVA_HOME_DIR, NETX_ABOUT_FILE. + (initialize): Do not set baseDir. + (getBaseDir): Remove method. + (setBaseDir): Likewise. + (getDefaultBaseDir): Likewise. + (getProperties): Likewise. + * netx/net/sourceforge/jnlp/security/SecurityUtil.java + (getTrustedCertsFilename): Delegate to + KeyStores.getKeyStoreLocation. + * plugin/icedteanp/java/sun/applet/PluginAppletSecurityContext.java + (PluginAppletSecurityContext): Remove call to obsolete method. + 2010-11-24 Omair Majid <omajid@redhat.com> Fix PR592.
--- a/NEWS Wed Nov 24 13:12:52 2010 -0500 +++ b/NEWS Wed Nov 24 14:15:11 2010 -0500 @@ -11,6 +11,7 @@ New in release 1.0 (2010-XX-XX): * Initial release of IcedTea-Web +* CVE-2010-3860: IcedTea System property information leak via public static * PR542: Plugin fails with NPE on http://www.openprocessing.org/visuals/iframe.php?visualID=2615 * Applets are now double-buffered to eliminate flicker in ones that do heavy drawing * Iinterfaces javax.jnlp.IntegrationService and javax.jnlp.DownloadService2 are now available
--- a/netx/net/sourceforge/jnlp/resources/Messages.properties Wed Nov 24 13:12:52 2010 -0500 +++ b/netx/net/sourceforge/jnlp/resources/Messages.properties Wed Nov 24 14:15:11 2010 -0500 @@ -139,7 +139,6 @@ # Boot options, message should be shorter than this ----------------> BOUsage=javaws [-run-options] <jnlp file> BOUsage2=javaws [-control-options] -BOBasedir = Directory where the cache is kept. BOJnlp = Location of JNLP file to launch (url or file). BOArg = Adds an application argument before launching. BOParam = Adds an applet parameter before launching. @@ -232,4 +231,4 @@ KSJsseCerts=Trusted JSSE Certificates KSCaCerts=Trusted Root CA Certificates KSJsseCaCerts=Trusted JSSE Root CA Certificates, -KSClientCerts=Client Authentication Certificates \ No newline at end of file +KSClientCerts=Client Authentication Certificates
--- a/netx/net/sourceforge/jnlp/runtime/Boot.java Wed Nov 24 13:12:52 2010 -0500 +++ b/netx/net/sourceforge/jnlp/runtime/Boot.java Wed Nov 24 14:15:11 2010 -0500 @@ -95,7 +95,6 @@ + " -viewer "+R("BOViewer")+"\n" + "\n" + "run-options:"+"\n" - + " -basedir dir "+R("BOBasedir")+"\n" + " -arg arg "+R("BOArg")+"\n" + " -param name=value "+R("BOParam")+"\n" + " -property name=value "+R("BOProperty")+"\n" @@ -111,6 +110,11 @@ + " -Xclearcache "+R("BXclearcache")+"\n" + " -help "+R("BOHelp")+"\n"; + /** the JNLP file to open to display the network-based about window */ + private static final String NETX_ABOUT_FILE = System.getProperty("java.home") + File.separator + "lib" + + File.separator + "about.jnlp"; + + private static final String doubleArgs = "-basedir -jnlp -arg -param -property -update"; private static String args[]; // avoid the hot potato @@ -179,7 +183,6 @@ * The privileged part (jdk1.3 compatibility). */ public Void run() { - JNLPRuntime.setBaseDir(getBaseDir()); JNLPRuntime.setSecurityEnabled(null == getOption("-nosecurity")); JNLPRuntime.initialize(true); @@ -221,8 +224,8 @@ */ private static String getAboutFile() { - if (new File(JNLPRuntime.NETX_ABOUT_FILE).exists()) - return JNLPRuntime.NETX_ABOUT_FILE; + if (new File(NETX_ABOUT_FILE).exists()) + return NETX_ABOUT_FILE; else return null; } @@ -414,28 +417,4 @@ return result.toArray( new String[result.size()] ); } - /** - * Return the base dir. If the base dir parameter is not set - * the value is read from JNLPRuntime.NETX_ABOUT_FILE file. - * If that file does not exist, an install dialog is displayed - * to select the base directory. - */ - private static File getBaseDir() { - if (getOption("-basedir") != null) { - File basedir = new File(getOption("-basedir")); - - if (!basedir.exists() || !basedir.isDirectory()) - fatalError(R("BNoDir", basedir)); - - return basedir; - } - - // check .netxrc - File basedir = JNLPRuntime.getDefaultBaseDir(); - if (basedir == null) - fatalError(R("BNoBase")); - - return basedir; - } - }
--- a/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java Wed Nov 24 13:12:52 2010 -0500 +++ b/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java Wed Nov 24 14:15:11 2010 -0500 @@ -80,9 +80,6 @@ /** handles all security message to show appropriate security dialogs */ private static SecurityDialogMessageHandler securityDialogMessageHandler; - /** the base dir for cache, etc */ - private static File baseDir; - /** a default launch handler */ private static LaunchHandler handler = null; @@ -128,33 +125,6 @@ public static final String STDERR_FILE = "java.stderr"; public static final String STDOUT_FILE = "java.stdout"; - /** Username */ - public static final String USER = System.getProperty("user.name"); - - /** User's home directory */ - public static final String HOME_DIR = System.getProperty("user.home"); - - /** the ~/.netxrc file containing netx settings */ - public static final String NETXRC_FILE = HOME_DIR + File.separator + ".netxrc"; - - /** the ~/.netx directory containing user-specific data */ - public static final String NETX_DIR = HOME_DIR + File.separator + ".netx"; - - /** the ~/.netx/security directory containing security related information */ - public static final String SECURITY_DIR = NETX_DIR + File.separator + "security"; - - /** the ~/.netx/security/trusted.certs file containing trusted certificates */ - public static final String CERTIFICATES_FILE = SECURITY_DIR + File.separator + "trusted.certs"; - - /** the java.home directory */ - public static final String JAVA_HOME_DIR = System.getProperty("java.home"); - - /** the JNLP file to open to display the network-based about window */ - public static final String NETX_ABOUT_FILE = JAVA_HOME_DIR + File.separator + "lib" - + File.separator + "about.jnlp"; - - - /** * Returns whether the JNLP runtime environment has been * initialized. Once initialized, some properties such as the @@ -213,12 +183,6 @@ if (handler == null) handler = new DefaultLaunchHandler(); - if (baseDir == null) - baseDir = getDefaultBaseDir(); - - if (baseDir == null) - throw new IllegalStateException(JNLPRuntime.getMessage("BNoBase")); - ServiceManager.setServiceManagerStub(new XServiceManagerStub()); // ignored if we're running under Web Start policy = new JNLPPolicy(); @@ -395,25 +359,6 @@ } /** - * Return the base directory containing the cache, persistence - * store, etc. - */ - public static File getBaseDir() { - return baseDir; - } - - /** - * Sets the base directory containing the cache, persistence - * store, etc. - * - * @throws IllegalStateException if caller is not the exit class - */ - public static void setBaseDir(File baseDirectory) { - checkInitialized(); - baseDir = baseDirectory; - } - - /** * Returns whether the secure runtime environment is enabled. */ public static boolean isSecurityEnabled() { @@ -452,31 +397,6 @@ } /** - * Returns the system default base dir for or if not set, - * prompts the user for the location. - * - * @return the base dir, or null if the user canceled the dialog - * @throws IOException if there was an io exception - */ - public static File getDefaultBaseDir() { - PropertiesFile props = JNLPRuntime.getProperties(); - - String baseStr = props.getProperty("basedir"); - if (baseStr != null) - return new File(baseStr); - - String homeDir = HOME_DIR; - File baseDir = new File(NETX_DIR); - if (homeDir == null || (!baseDir.isDirectory() && !baseDir.mkdir())) - return null; - - props.setProperty("basedir", baseDir.toString()); - props.store(); - - return baseDir; - } - - /** * Set a class that can exit the JVM; if not set then any class * can exit the JVM. * @@ -505,15 +425,6 @@ } /** - * Return a PropertiesFile object backed by the runtime's - * properties file. - */ - public static PropertiesFile getProperties() { - File netxrc = new File(NETXRC_FILE); - return new PropertiesFile(netxrc); - } - - /** * Return whether debug statements for the JNLP client code * should be printed. */
--- a/netx/net/sourceforge/jnlp/security/SecurityUtil.java Wed Nov 24 13:12:52 2010 -0500 +++ b/netx/net/sourceforge/jnlp/security/SecurityUtil.java Wed Nov 24 14:15:11 2010 -0500 @@ -43,20 +43,15 @@ import java.security.KeyStore; import net.sourceforge.jnlp.runtime.JNLPRuntime; +import net.sourceforge.jnlp.security.KeyStores.Level; +import net.sourceforge.jnlp.security.KeyStores.Type; public class SecurityUtil { private static final char[] password = "changeit".toCharArray(); public static String getTrustedCertsFilename() throws Exception{ - - String homeDir = JNLPRuntime.HOME_DIR; - - if (homeDir == null) { - throw new Exception("Could not access home directory"); - } else { - return JNLPRuntime.CERTIFICATES_FILE; - } + return KeyStores.getKeyStoreLocation(Level.USER, Type.CERTS); } public static char[] getTrustedCertsPassword() {
--- a/plugin/icedteanp/java/sun/applet/PluginAppletSecurityContext.java Wed Nov 24 13:12:52 2010 -0500 +++ b/plugin/icedteanp/java/sun/applet/PluginAppletSecurityContext.java Wed Nov 24 14:15:11 2010 -0500 @@ -250,11 +250,6 @@ public PluginAppletSecurityContext(int identifier) { this.identifier = identifier; - - // also, override the basedir, use a different one for the plugin - File f = new File(System.getProperty("user.home") + "/.icedteaplugin/"); - f.mkdir(); - JNLPRuntime.setBaseDir(f); // We need a security manager.. and since there is a good chance that // an applet will be loaded at some point, we should make it the SM