Page History

...

Code Block

bgColor	#ccccff

 // Trusted.java

import java.security.*;

public class Trusted {

   // load native libraries
   static{
      System.loadLibrary("NativeMethodLib1");
	  System.loadLibrary("NativeMethodLib2");
	  ...
   }

   // private native methods
   private native void nativeOperation1(byte[] data, int offset, int len);
   private native void nativeOperation2(...)
   ...
 
   // wrapper methods perform SecurityManager and input validation checks
   public void doOperation1(byte[] data, int offset, int len) {
      // permission needed to invoke native method
      securityManagerCheck();

      if (data == null) {
         throw new NullPointerException();
      }

      // copy mutable input
      data = data.clone();

      // validate input
      if ((offset < 0) || (len < 0) || (offset > (data.length - len))) {
         throw new IllegalArgumentException();
      }

      nativeOperation1(data, offset, len);
   }
   
   public void doOperation2(...){
      ...
   }
}

Exceptions

Risk Assessment

Rule	Severity	Likelihood	Remediation Cost	Priority	Level
JNI01-J	high	likely	low	P27	L1

Automated Detection

Detecting calls, such as java.lang.System.loadLibrary(), that perform tasks using the immediate caller's class loader can be detected automatically. Determining whether the use of these calls is safe cannot be done automatically.

Tool	Version	Checker	Description
Parasoft Jtest	9.5	BD.SECURITY.TDLIB

Implemented

Protect against Library injection

Related Guidelines

MITRE CWE	CWE-111. Direct use of unsafe JNI
Secure Coding Guidelines for Java SE, Version 5.0	Guideline 9-9. Safely invoke standard APIs that perform tasks using the immediate caller's class loader instance

Bibliography

[Oracle 2014]

...

Space shortcuts

Page tree

Versions Compared

Old Version 32

New Version 33

Key

Exceptions

Risk Assessment

Automated Detection

Related Guidelines

Bibliography