Native methods are defined in Java and written in languages such as C and C++ [JNI 2006]. The added extensibility comes at the cost of flexibility and portability because the code no longer conforms to the policies enforced by Java. Native methods have been used for performing platform-specific operations, interfacing with legacy library code, and improving program performance [Bloch 2008].
Defining a wrapper method facilitates installing appropriate security manager checks, validating arguments passed to native code, validating return values, defensively copying mutable inputs, and sanitizing untrusted data. Consequently, every native method must be private and must be invoked only by a wrapper method.
...
Automated detection is not feasible in the fully general case. However, an approach similar to Design Fragments [Fairbanks 2007] could assist both programmers and static analysis tools.
...
CWE-111. Direct use of unsafe JNI | |
Secure Coding Guidelines for the Java Programming Language, Version 4.0 | Guideline 5-3. Define wrappers around native methods |
Bibliography
| |
[JNI 2006] |
|
| |
Section 2.2.3, Interfaces and Architectures |
...