Unsafe JNI

ABSTRACT

Java Native Interface（JNI）應用不當會導致 Java 應用程序容易受到其他語言的安全漏洞攻擊。

EXPLANATION

當 Java 應用程序使用 JNI 調用以其他編程語言編寫的代碼時，會發生 Unsafe JNI 漏洞。

例如：以下 Java 代碼定義了一個名為 Echo 的類。這個類聲明了一個本地方法（下文定義），使用 C 語言將控制臺上輸入的命令回顯給用戶。

class Echo {
	public native void runEcho();
	
	static {
		System.loadLibrary("echo");
		}
    
	public static void main(String[] args) {
		new Echo().runEcho();
		}
}

#include <jni.h>
#include "Echo.h" //the java class above compiled with javah
#include <stdio.h>

JNIEXPORT void JNICALL 
Java_Echo_runEcho(JNIEnv *env, jobject obj) 
{
	char buf[64]; 
	gets(buf);
	printf(buf);
}

REFERENCES

[1] Standards Mapping - OWASP Top 10 2004 - (OWASP 2004) A1 Unvalidated Input

[2] Standards Mapping - Security Technical Implementation Guide Version 3 - (STIG 3) APP3510 CAT I

[3] Standards Mapping - Security Technical Implementation Guide Version 3.4 - (STIG 3.4) APP3510 CAT I

[4] Standards Mapping - Common Weakness Enumeration - (CWE) CWE ID 111

[5] Standards Mapping - Payment Card Industry Data Security Standard Version 1.2 - (PCI 1.2) Requirement 6.3.1.1

[6] Standards Mapping - Payment Card Industry Data Security Standard Version 1.1 - (PCI 1.1) Requirement 6.5.1

[7] Standards Mapping - FIPS200 - (FISMA) SI

[8] B. Stearns The Java Tutorial:The Java Native Interface