JDK-8005793 : Connected UDP sockets are not actually connected on a Macintosh
  • Type: Bug
  • Component: core-libs
  • Sub-Component: java.net
  • Priority: P4
  • Status: Resolved
  • Resolution: Duplicate
  • OS: os_x
  • CPU: generic
  • Submitted: 2013-01-07
  • Updated: 2013-01-28
  • Resolved: 2013-01-28
Related Reports
Relates :  
JDK-7164518 - No PortUnreachableException when connecting to a non-existing DatagramSocket (mac)
Description
When one creates a UDP socket, it's possible to "connect" it... which means that the socket is associated with a specific endpoint pair: IP Address, Port #. When one writes to a UDP socket, there are two system calls that can be used: send() and sendto(). The send() call is to be used for a connected socket, e.g., send(fd, buffer, bufferLength), whereas the sendto() call is to be used for an unconnected socket, e.g., stndto(fd, buffer, bufferLength, remoteAddress, sizeof(remoteAddress).

It turns out that on a Linux host, it's possible to use the sendto() call on a connected socket, but, on a Macintosh host, the use of sendto() on a connected socket results in an error: the sendto() call returns the value "-1" and the system call fails.

The Java implementation of the UDP socket has some extra logic that determines if the underlying host is a Mac, and if so, the socket will be actually be connected, and this circumvents the system call error when the wrong system call is used, e.g., sendto() instead of send().

However, this approach introduces a security issue, because some applications create connected UDP sockets, to ensure that traffic that is written to them will always go to a predetermined IP address and port. When a "connected" socket isn't actually connected, then one can "hijack" the socket and write traffic through it to any desired destination. And, because the socket isn't actually connected, the security manager can't detect this "sin".
Comments
This bug is a duplicate of 7164518
28-01-2013
I suggest looking at the implementation of DatagramChannel.
08-01-2013
Has the native issues ( disconnecting the datagram socket leaves it in an undefined state (See 7122794) ), been confirmed on the latest OSX version, 10.8??
08-01-2013
In our UDP send code, we do change the address to set the address argument to null before calling sendTo() if the socket is connected. See the following: src/solaris/native/java/net/PlainDatagramSocketImpl.c:send() : 391 if (connected) { 392 /*arg to NET_Sendto () null in this case */ 393 len = 0; 394 rmtaddrP = 0; 395 } It has to be double checked if switching off the emulation mode actually causes any error when using sendTo (I believe not). We have emulation mode on only because under specific circumstances, disconnecting the datagram socket leaves it in an undefined state (See 7122794), and we have not yet found a way around it.
07-01-2013
This is the same issue as JDK-7164518.
07-01-2013