...
| Code Block | ||
|---|---|---|
| ||
// Trusted.java
import java.security.*;
public class Trusted {
public static void loadLibrary(final String library){
AccessController.doPrivileged(new PrivilegedAction<Void>() {
public Void run() {
System.loadLibrary(library);
return null;
}
});
}
}
---------------------------------------------------------------------------------
// Untrusted.java
public class Untrusted {
private native void myMethod();
public static void main(String[] args) {
String library = new String("MyLibLibrary1");
Trusted.loadLibrary(library);
new Untrusted.myMethodnativeOperation(); // invoke the native method
}
} |
...
| Code Block | ||
|---|---|---|
| ||
// Trusted.java
import java.security.*;
public class Trusted {
static{
System.loadLibrary("Library1");
System.loadLibrary("Library2");
...
}
// private native methods
private native void nativeOperation1(byte[] data, int offset, int len);
private native void nativeOperation2(...)
...
// wrapper method performs SecurityManager and input validation checks
public void doOperation1(byte[] data, int offset, int len) {
// permission needed to invoke native method
securityManagerCheck();
if (data == null) {
throw new NullPointerException();
}
// copy mutable input
data = data.clone();
// validate input
if ((offset < 0) || (len < 0) || (offset > (data.length - len))) {
throw new IllegalArgumentException();
}
nativeOperation(data, offset, len);
}
} |
Exceptions
Risk Assessment
...