JDK-7155720 : PKCS11 minor issues in native code
  • Type: Bug
  • Component: security-libs
  • Sub-Component: java.security
  • Affected Version: 8
  • Priority: P4
  • Status: Resolved
  • Resolution: Fixed
  • OS: generic
  • CPU: generic
  • Submitted: 2012-03-21
  • Updated: 2019-01-05
  • Resolved: 2018-12-10
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 7 JDK 8
7u221 b01Fixed 8Fixed
Description
A handful of minor issues in the native code for the pkcs11 provider.

jdk/src/share/native/sun/security/pkcs11/wrapper/p11_convert.c: 689-690
        free(ckParam.pReturnedKeyMaterial);
        free(ckParam.pReturnedKeyMaterial->pIVClient);
free() order should be reversed to avoid use after free.

jdk/src/solaris/native/sun/security/pkcs11/wrapper/p11_md.c
1) line 109: malloc return value not checked
2) line 139: ditto
3) C_GetFunctionList could be used w/o initialization, should set = NULL in declaration
Comments
Didn't get to do this for 7u, probably not worthwhile to do this given the limited public life 7u left. Will close this as will-not-fix.
12-03-2014
Note that the "use-after-free" issue in "p11_convert.c" is covered by 8008107 and its RE has just sent out a webrev. Also, the value of C_GetFunctionList also has been set to NULL in declaration in current code. Thus, I am updating my fix for this bug to cover the remaining issues in "p11_md.c", i.e. add NULL check and OOM error handling to all malloc calls().
30-03-2013
Will fix.
12-02-2013