JDK-8231387 : java.security.Provider.getService returns random result due to race condition with mutating methods in the same class
  • Type: Bug
  • Component: security-libs
  • Sub-Component: java.security
  • Affected Version: 14
  • Priority: P3
  • Status: Closed
  • Resolution: Fixed
  • OS: generic
  • CPU: generic
  • Submitted: 2019-09-24
  • Updated: 2019-09-30
  • Resolved: 2019-09-25
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 14
14 b16Fixed
Related Reports
Relates :  
Description
Filed on behalf of Tianmin Shi (tianshi@amazon.com).

java.security.Provider.getService reads legacyMap at line 1260 

http://hg.openjdk.java.net/jdk/jdk/file/08a5148e7c4e/src/java.base/share/classes/java/security/Provider.java#l1276

The read is not synchronized with the clear and repopulate of the same map's entries in java.security.Provider.ensureLegacyParsed. The result is a race condition when more than two threads execute both methods simultaneously. I've attached a reproducer.

The fix is a simpler one liner.

--- old/src/java.base/share/classes/java/security/Provider.java	2019-09-16 15:28:26.000000000 -0700
+++ new/src/java.base/share/classes/java/security/Provider.java	2019-09-16 15:28:25.000000000 -0700
@@ -1255,9 +1255,9 @@
         }
         synchronized (this) {
             ensureLegacyParsed();
-        }
-        if (legacyMap != null && !legacyMap.isEmpty()) {
-            return legacyMap.get(key);
+            if (legacyMap != null && !legacyMap.isEmpty()) {
+                return legacyMap.get(key);
+            }
         }
         return null;
     }


 
Comments
URL: https://hg.openjdk.java.net/jdk/jdk/rev/270abce77942 User: phh Date: 2019-09-25 15:29:44 +0000
25-09-2019

Fixed that by adding a regression test, see new webrev https://cr.openjdk.java.net/~phh/8231387/webrev.01/
25-09-2019

Need to add a noreg-x label since the webrev does not contain a regression test
24-09-2019

I've assigned this issue to myself on Tianmin's behalf.
24-09-2019