From a06047acce82f60b5ca193a7b2aa329ed24b46f4 Mon Sep 17 00:00:00 2001 From: Sergey Chernyshev Date: Wed, 20 Sep 2023 10:24:15 +0000 Subject: [PATCH] 8168469: Memory leak in JceSecurity Backport-of: a284920b3432b00496a2a32a284a91a9bd49fb06 --- .../javax/crypto/JceSecurity.java.template | 71 ++++++++++++------- .../JceSecurity/VerificationResults.java | 59 +++++++++++++++ 2 files changed, 103 insertions(+), 27 deletions(-) create mode 100644 test/jdk/javax/crypto/JceSecurity/VerificationResults.java diff --git a/src/java.base/share/classes/javax/crypto/JceSecurity.java.template b/src/java.base/share/classes/javax/crypto/JceSecurity.java.template index 7a344e8e306..bcdff388123 100644 --- a/src/java.base/share/classes/javax/crypto/JceSecurity.java.template +++ b/src/java.base/share/classes/javax/crypto/JceSecurity.java.template @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2021, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -51,7 +51,10 @@ package javax.crypto; import java.util.*; import java.util.concurrent.ConcurrentHashMap; +import java.util.function.Function; import java.io.*; +import java.lang.ref.ReferenceQueue; +import java.lang.ref.WeakReference; import java.net.URL; import java.nio.file.*; import java.security.*; @@ -86,13 +89,16 @@ final class JceSecurity { // Map of the providers we already have verified. // If verified ok, value == PROVIDER_VERIFIED, otherwise // the cause of verification failure is stored as value. - private static final Map + private static final Map verificationResults = new ConcurrentHashMap<>(); // Map of the providers currently being verified private static final Map verifyingProviders = new IdentityHashMap<>(); + // weak references queued by GC + private static final ReferenceQueue queue = new ReferenceQueue<>(); + private static final boolean isRestricted; /* @@ -199,38 +205,51 @@ final class JceSecurity { * Return null if ok, failure Exception if verification failed. */ static Exception getVerificationResult(Provider p) { - IdentityWrapper pKey = new IdentityWrapper(p); - Object o = verificationResults.get(pKey); - // no mapping found - if (o == null) { - synchronized (JceSecurity.class) { - // check cache again in case the result is now available - o = verificationResults.get(pKey); - if (o == null) { + expungeStaleWrappers(); + WeakIdentityWrapper pKey = new WeakIdentityWrapper(p, queue); + try { + Object o = verificationResults.computeIfAbsent(pKey, new Function<>() { + public Object apply(WeakIdentityWrapper key) { + // no mapping found if (verifyingProviders.get(p) != null) { // recursion; return failure now - return new NoSuchProviderException - ("Recursion during verification"); + throw new IllegalStateException(); } + Object result; try { verifyingProviders.put(p, Boolean.FALSE); URL providerURL = getCodeBase(p.getClass()); verifyProvider(providerURL, p); - o = PROVIDER_VERIFIED; + result = PROVIDER_VERIFIED; } catch (Exception e) { - o = e; + result = e; } finally { verifyingProviders.remove(p); } - verificationResults.put(pKey, o); if (debug != null) { debug.println("Provider " + p.getName() + - " verification result: " + o); + " verification result: " + result); } + return result; } - } + }); + return (o == PROVIDER_VERIFIED? null : (Exception) o); + + } catch (IllegalStateException ise) { + // recursive update detected + return new NoSuchProviderException + ("Recursion during verification"); + } + } + + /** + * Removes weakly reachable keys from history. + */ + static void expungeStaleWrappers() { + WeakIdentityWrapper key; + while ((key = (WeakIdentityWrapper) queue.poll()) != null) { + verificationResults.remove(key); } - return (o == PROVIDER_VERIFIED? null : (Exception) o); } // return whether this provider is properly signed and can be used by JCE @@ -403,12 +422,13 @@ final class JceSecurity { return isRestricted; } - private static final class IdentityWrapper { + private static final class WeakIdentityWrapper extends WeakReference { - final Provider obj; + final int hash; - IdentityWrapper(Provider obj) { - this.obj = obj; + WeakIdentityWrapper(Provider obj, ReferenceQueue queue) { + super(obj, queue); + hash = System.identityHashCode(obj); } @Override @@ -416,15 +436,12 @@ final class JceSecurity { if (this == o) { return true; } - if (!(o instanceof IdentityWrapper)) { - return false; - } - return this.obj == ((IdentityWrapper)o).obj; + return o instanceof WeakIdentityWrapper w && get() == w.get(); } @Override public int hashCode() { - return System.identityHashCode(obj); + return hash; } } } diff --git a/test/jdk/javax/crypto/JceSecurity/VerificationResults.java b/test/jdk/javax/crypto/JceSecurity/VerificationResults.java new file mode 100644 index 00000000000..9f87433a6b6 --- /dev/null +++ b/test/jdk/javax/crypto/JceSecurity/VerificationResults.java @@ -0,0 +1,59 @@ +/* + * Copyright (c) 2023, BELLSOFT. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 8168469 + * @summary Memory leak in JceSecurity + * @compile --add-exports java.base/com.sun.crypto.provider=ALL-UNNAMED VerificationResults.java + * @run main/othervm -Xmx128m --add-exports java.base/com.sun.crypto.provider=ALL-UNNAMED VerificationResults + */ + +import java.security.NoSuchAlgorithmException; +import java.security.Provider; + +import javax.crypto.Cipher; +import javax.crypto.NoSuchPaddingException; + +import com.sun.crypto.provider.SunJCE; + +public class VerificationResults { + + // approximate double the number of providers that fits in -Xmx128m heap + private static final int PROVIDERS_COUNT = 2000; + // the heap buffer size that triggers the OOME when the providers heap cannot be reclaimed + private static final int OOM_TRIGGER_SIZE = 10 * 1024 * 1024; + public static void main(String[] args) throws NoSuchAlgorithmException, NoSuchPaddingException { + int i = 0; + try { + for (; i < PROVIDERS_COUNT; i++) { + SunJCE jceProvider = new SunJCE(); + Cipher c = Cipher.getInstance("AES", jceProvider); + char[] arr = new char[OOM_TRIGGER_SIZE]; + } + } catch (OutOfMemoryError e) { + System.out.println("Caught OOME - less than 10M heap left.\nCreated " + i + " SunJCE providers"); + throw e; + } + } +}