All tests passing but Unsafe blocking disabled as intrinsic to Java 8 operations

2025-01-01 18:56:44 +00:00 · 2023-04-05 09:15:06 +01:00 · 2023-04-05 09:15:06 +01:00 · 8eae615170
commit 8eae615170
parent 2ed10bb0e9
5 changed files with 18 additions and 126 deletions
--- a/tools/aegis4j/src/main/resources/net/gredler/aegis4j/mods.properties
+++ b/tools/aegis4j/src/main/resources/net/gredler/aegis4j/mods.properties
@ -38,12 +38,11 @@ HTTPSERVER.com.sun.net.httpserver.spi.HttpServerProvider.provider=throw new java
 # liability for applications that don't use it. Best to live without it, if at all possible.
 SERIALIZATION.java.io.ObjectInputStream.ObjectInputStream=throw new java.lang.RuntimeException("Java deserialization blocked by aegis4j");
 SERIALIZATION.java.io.ObjectOutputStream.ObjectOutputStream=throw new java.lang.RuntimeException("Java serialization blocked by aegis4j");
-
 # Unsafe
 # ------
 # Quite commonly used in the olden days, but many applications should be able to run without it these days.
-UNSAFE.sun.misc.Unsafe.*=throw new java.lang.RuntimeException("Unsafe blocked by aegis4j");
-
+# Can't really block this on Java 8 as used too much by JVM internals
+#UNSAFE.sun.misc.Unsafe.*=throw new java.lang.RuntimeException("Unsafe blocked by aegis4j");
 # Scripting
 # ---------
 # Nashorn was removed from the platform in JDK 15. There are other JSR 223 script engines out there,
@ -55,6 +54,7 @@ SCRIPTING.javax.script.CompiledScript.CompiledScript=throw new java.lang.Runtime
 # JShell
 # ------
 # Introduced in JDK 9, the Java Shell is intended for rapid prototyping and testing. It is not usually used in production.
+# Have to disable in Java 8
 #JSHELL.jdk.jshell.JShell.JShell=throw new java.lang.RuntimeException("JShell blocked by aegis4j");
 #JSHELL.jdk.jshell.JShell.create=throw new java.lang.RuntimeException("JShell blocked by aegis4j");
 #JSHELL.jdk.jshell.JShell.builder=throw new java.lang.RuntimeException("JShell blocked by aegis4j");
--- a/tools/aegis4j/src/test/java/net/gredler/aegis4j/AegisAgentMonitoringTest.java
+++ b/tools/aegis4j/src/test/java/net/gredler/aegis4j/AegisAgentMonitoringTest.java
@ -14,13 +14,13 @@ import static org.junit.jupiter.api.Assertions.assertNull;
 public class AegisAgentMonitoringTest {
    @AfterAll
    public static void uninstallAgent() throws Exception {
-        TestUtils.installAgent("unblock=unsafe,serialization");
+        TestUtils.installAgent("unblock=serialization");
    }

    @Test
    public void testSystemProperty() throws Exception {
        assertNull(System.getProperty("aegis4j.blocked.features"));
-        TestUtils.installAgent("unblock=jndi,rmi,unsafe,scripting");
+        TestUtils.installAgent("unblock=jndi,rmi,scripting");
        assertEquals("serialization,process,httpserver", System.getProperty("aegis4j.blocked.features"));
    }
 }
--- a/tools/aegis4j/src/test/java/net/gredler/aegis4j/AegisAgentTest.java
+++ b/tools/aegis4j/src/test/java/net/gredler/aegis4j/AegisAgentTest.java
@ -42,23 +42,23 @@ public class AegisAgentTest {

    @BeforeAll
    public static void installAgent() throws Exception {
-        TestUtils.installAgent("unblock=unsafe");
+        TestUtils.installAgent(null);
    }

    @AfterAll
    public static void uninstallAgent() throws Exception {
-        TestUtils.installAgent("unblock=unsafe,serialization");
+        TestUtils.installAgent("unblock=serialization");
    }

    @Test
    public void testParseBlockList() {
-        assertEquals(TestUtils.setOf("jndi", "rmi", "process", "httpserver", "serialization", "unsafe", "scripting"), toBlockList("", null));
-        assertEquals(TestUtils.setOf("jndi", "rmi", "process", "httpserver", "serialization", "unsafe", "scripting"), toBlockList("   ", null));
-        assertEquals(TestUtils.setOf("jndi", "rmi", "process", "httpserver", "unsafe", "scripting"), toBlockList("unblock=serialization", null));
-        assertEquals(TestUtils.setOf("jndi", "rmi", "httpserver", "unsafe", "scripting"), toBlockList("unblock=serialization,process", null));
-        assertEquals(TestUtils.setOf("jndi", "rmi", "httpserver", "unsafe", "scripting"), toBlockList("UNbloCk=SERIALIZATION,Process", null));
-        assertEquals(TestUtils.setOf("jndi", "rmi", "httpserver", "unsafe", "scripting"), toBlockList(" unblock\t=    serialization      , process\t", null));
-        assertEquals(TestUtils.setOf(), toBlockList("unblock=jndi,rmi,process,httpserver,serialization,unsafe,scripting", null));
+        assertEquals(TestUtils.setOf("jndi", "rmi", "process", "httpserver", "serialization", "scripting"), toBlockList("", null));
+        assertEquals(TestUtils.setOf("jndi", "rmi", "process", "httpserver", "serialization", "scripting"), toBlockList("   ", null));
+        assertEquals(TestUtils.setOf("jndi", "rmi", "process", "httpserver", "scripting"), toBlockList("unblock=serialization", null));
+        assertEquals(TestUtils.setOf("jndi", "rmi", "httpserver", "scripting"), toBlockList("unblock=serialization,process", null));
+        assertEquals(TestUtils.setOf("jndi", "rmi", "httpserver", "scripting"), toBlockList("UNbloCk=SERIALIZATION,Process", null));
+        assertEquals(TestUtils.setOf("jndi", "rmi", "httpserver", "scripting"), toBlockList(" unblock\t=    serialization      , process\t", null));
+        assertEquals(TestUtils.setOf(), toBlockList("unblock=jndi,rmi,process,httpserver,serialization,scripting", null));
        assertEquals(TestUtils.setOf("jndi"), toBlockList("block=jndi", null));
        assertEquals(TestUtils.setOf("jndi", "rmi", "process"), toBlockList("block=jndi,rmi,process", null));
        assertEquals(TestUtils.setOf("jndi", "rmi", "process"), toBlockList("block = jndi\t, rmi ,\nprocess", null));
@ -169,114 +169,6 @@ public class AegisAgentTest {
        assertThrowsRE(() -> new ObjectOutputStream(baos), "Java serialization blocked by aegis4j");
    }

-    /*
-    @Test
-    public void testUnsafe() throws Exception {
-
-        Field f = Unsafe.class.getDeclaredField("theUnsafe");
-        f.setAccessible(true);
-        Unsafe unsafe = (Unsafe) f.get(null);
-
-        String msg = "Unsafe blocked by aegis4j";
-
-        assertThrowsRE(() -> Unsafe.getUnsafe(), msg);
-        assertThrowsRE(() -> unsafe.addressSize(), msg);
-        assertThrowsRE(() -> unsafe.allocateInstance(null), msg);
-        assertThrowsRE(() -> unsafe.allocateMemory(1), msg);
-        assertThrowsRE(() -> unsafe.arrayBaseOffset(null), msg);
-        assertThrowsRE(() -> unsafe.arrayIndexScale(null), msg);
-        assertThrowsRE(() -> unsafe.compareAndSwapInt(null, 0, 0, 0), msg);
-        assertThrowsRE(() -> unsafe.compareAndSwapLong(null, 0, 0, 0), msg);
-        assertThrowsRE(() -> unsafe.compareAndSwapObject(null, 0, null, null), msg);
-        assertThrowsRE(() -> unsafe.copyMemory(0, 0, 0), msg);
-        assertThrowsRE(() -> unsafe.copyMemory(null, 0, null, 0, 0), msg);
-        assertThrowsRE(() -> unsafe.ensureClassInitialized(null), msg);
-        assertThrowsRE(() -> unsafe.freeMemory(0), msg);
-        assertThrowsRE(() -> unsafe.fullFence(), msg);
-        assertThrowsRE(() -> unsafe.getAddress(0), msg);
-        assertThrowsRE(() -> unsafe.getAndAddInt(null, 0, 0), msg);
-        assertThrowsRE(() -> unsafe.getAndAddLong(null, 0, 0), msg);
-        assertThrowsRE(() -> unsafe.getAndSetInt(null, 0, 0), msg);
-        assertThrowsRE(() -> unsafe.getAndSetLong(null, 0, 0), msg);
-        assertThrowsRE(() -> unsafe.getAndSetObject(null, 0, null), msg);
-        assertThrowsRE(() -> unsafe.getBoolean(null, 0), msg);
-        assertThrowsRE(() -> unsafe.getBooleanVolatile(null, 0), msg);
-        assertThrowsRE(() -> unsafe.getByte(0), msg);
-        assertThrowsRE(() -> unsafe.getByte(null, 0), msg);
-        assertThrowsRE(() -> unsafe.getByteVolatile(null, 0), msg);
-        assertThrowsRE(() -> unsafe.getChar(0), msg);
-        assertThrowsRE(() -> unsafe.getChar(null, 0), msg);
-        assertThrowsRE(() -> unsafe.getCharVolatile(null, 0), msg);
-        assertThrowsRE(() -> unsafe.getDouble(0), msg);
-        assertThrowsRE(() -> unsafe.getDouble(null, 0), msg);
-        assertThrowsRE(() -> unsafe.getDoubleVolatile(null, 0), msg);
-        assertThrowsRE(() -> unsafe.getFloat(0), msg);
-        assertThrowsRE(() -> unsafe.getFloat(null, 0), msg);
-        assertThrowsRE(() -> unsafe.getFloatVolatile(null, 0), msg);
-        assertThrowsRE(() -> unsafe.getInt(0), msg);
-        assertThrowsRE(() -> unsafe.getInt(null, 0), msg);
-        assertThrowsRE(() -> unsafe.getIntVolatile(null, 0), msg);
-        assertThrowsRE(() -> unsafe.getLoadAverage(null, 0), msg);
-        assertThrowsRE(() -> unsafe.getLong(0), msg);
-        assertThrowsRE(() -> unsafe.getLong(null, 0), msg);
-        assertThrowsRE(() -> unsafe.getLongVolatile(null, 0), msg);
-        assertThrowsRE(() -> unsafe.getObject(null, 0), msg);
-        assertThrowsRE(() -> unsafe.getObjectVolatile(null, 0), msg);
-        assertThrowsRE(() -> unsafe.getShort(0), msg);
-        assertThrowsRE(() -> unsafe.getShort(null, 0), msg);
-        assertThrowsRE(() -> unsafe.getShortVolatile(null, 0), msg);
-        //assertThrowsRE(() -> unsafe.invokeCleaner(null), msg);
-        assertThrowsRE(() -> unsafe.loadFence(), msg);
-        assertThrowsRE(() -> unsafe.objectFieldOffset(null), msg);
-        assertThrowsRE(() -> unsafe.pageSize(), msg);
-        assertThrowsRE(() -> unsafe.park(false, 0), msg);
-        assertThrowsRE(() -> unsafe.putAddress(0, 0), msg);
-        assertThrowsRE(() -> unsafe.putBoolean(null, 0, false), msg);
-        assertThrowsRE(() -> unsafe.putBooleanVolatile(null, 0, false), msg);
-        assertThrowsRE(() -> unsafe.putByte(0, (byte) 0), msg);
-        assertThrowsRE(() -> unsafe.putByte(null, 0, (byte) 0), msg);
-        assertThrowsRE(() -> unsafe.putByteVolatile(null, 0, (byte) 0), msg);
-        assertThrowsRE(() -> unsafe.putChar(0, 'x'), msg);
-        assertThrowsRE(() -> unsafe.putChar(null, 0, 'x'), msg);
-        assertThrowsRE(() -> unsafe.putCharVolatile(null, 0, 'x'), msg);
-        assertThrowsRE(() -> unsafe.putDouble(0, 0), msg);
-        assertThrowsRE(() -> unsafe.putDouble(null, 0, 0), msg);
-        assertThrowsRE(() -> unsafe.putDoubleVolatile(null, 0, 0), msg);
-        assertThrowsRE(() -> unsafe.putFloat(0, 0), msg);
-        assertThrowsRE(() -> unsafe.putFloat(null, 0, 0), msg);
-        assertThrowsRE(() -> unsafe.putFloatVolatile(null, 0, 0), msg);
-        assertThrowsRE(() -> unsafe.putInt(0, 0), msg);
-        assertThrowsRE(() -> unsafe.putInt(null, 0, 0), msg);
-        assertThrowsRE(() -> unsafe.putIntVolatile(null, 0, 0), msg);
-        assertThrowsRE(() -> unsafe.putLong(0, 0), msg);
-        assertThrowsRE(() -> unsafe.putLong(null, 0, 0), msg);
-        assertThrowsRE(() -> unsafe.putLongVolatile(null, 0, 0), msg);
-        assertThrowsRE(() -> unsafe.putObject(null, 0, null), msg);
-        assertThrowsRE(() -> unsafe.putObjectVolatile(null, 0, null), msg);
-        assertThrowsRE(() -> unsafe.putOrderedInt(null, 0, 0), msg);
-        assertThrowsRE(() -> unsafe.putOrderedLong(null, 0, 0), msg);
-        assertThrowsRE(() -> unsafe.putOrderedObject(null, 0, null), msg);
-        assertThrowsRE(() -> unsafe.putShort(0, (short) 0), msg);
-        assertThrowsRE(() -> unsafe.putShort(null, 0, (short) 0), msg);
-        assertThrowsRE(() -> unsafe.putShortVolatile(null, 0, (short) 0), msg);
-        assertThrowsRE(() -> unsafe.reallocateMemory(0, 0), msg);
-        assertThrowsRE(() -> unsafe.setMemory(0, 0, (byte) 0), msg);
-        assertThrowsRE(() -> unsafe.setMemory(null, 0, 0, (byte) 0), msg);
-        assertThrowsRE(() -> unsafe.shouldBeInitialized(null), msg);
-        //assertThrowsRE(() -> unsafe.staticFieldBase(null), msg);
-        assertThrowsRE(() -> unsafe.staticFieldOffset(null), msg);
-        assertThrowsRE(() -> unsafe.storeFence(), msg);
-        assertThrowsRE(() -> unsafe.throwException(null), msg);
-        assertThrowsRE(() -> unsafe.unpark(null), msg);
-
-        // Spring should still work with Unsafe disabled
-        SpringObjenesis so = new SpringObjenesis();
-        assertInstanceOf(SerializablePojo.class, so.newInstance(SerializablePojo.class));
-        assertInstanceOf(TestUtils.class, so.newInstance(TestUtils.class));
-        assertInstanceOf(LocalDate.class, so.newInstance(LocalDate.class));
-    }
-    */
-
    private static void assertThrowsNICE(Executable task) {
        assertThrows(task, NoInitialContextException.class, "JNDI context creation blocked by aegis4j");
    }
--- a/tools/aegis4j/src/test/java/net/gredler/aegis4j/CVE_2015_7501.java
+++ b/tools/aegis4j/src/test/java/net/gredler/aegis4j/CVE_2015_7501.java
@ -37,7 +37,7 @@ import static org.junit.jupiter.api.Assertions.fail;
 public class CVE_2015_7501 {
    @AfterAll
    public static void uninstallAgent() throws Exception {
-        TestUtils.installAgent("unblock=unsafe,serialization");
+        TestUtils.installAgent("unblock=serialization");
    }

    @Test
@ -82,7 +82,7 @@ public class CVE_2015_7501 {
        assertEquals("", TestUtils.fileReadString(temp), path);

        // install aegis4j agent
-        installAgent("unblock=unsafe");
+        installAgent(null);

        // trigger again directly, verify not owned
        try {
--- a/tools/aegis4j/src/test/java/net/gredler/aegis4j/TestUtils.java
+++ b/tools/aegis4j/src/test/java/net/gredler/aegis4j/TestUtils.java
@ -52,7 +52,7 @@ public final class TestUtils {
        System.clearProperty(OWNED);
        assertNull(System.getProperty(OWNED));

-        installAgent("unblock=unsafe");
+        installAgent(null);

        try {
            trigger.execute();
@ -65,7 +65,7 @@ public final class TestUtils {
        }

        ldapServer.shutDown(true);
-        TestUtils.installAgent("unblock=unsafe,serialization");
+        TestUtils.installAgent("unblock=serialization");
    }

    // https://docs.oracle.com/javase/jndi/tutorial/objects/representation/ldap.html