Cynosphere/bcv-vf
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Flexible Blocking

Browse source 
This allows multiple security manager blocks and unblocks to happen without causing conflictions
This commit is contained in:
Konloch 2021-07-12 04:18:52 -07:00
parent 76aaf8f30f
commit 216882c58e
2 changed files with 11 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

6
src/main/java/the/bytecode/club/bytecodeviewer/resources/ExternalResources.java
View file

@ -135,11 +135,11 @@ public class ExternalResources
if(!empty) if(!empty)
return Configuration.java; return Configuration.java;
BytecodeViewer.sm.pauseBlocking();
//check using python CLI flag //check using python CLI flag
try try
{ {
BytecodeViewer.sm.pauseBlocking();
//read the version output to verify python 2 //read the version output to verify python 2
ProcessBuilder pb = new ProcessBuilder("python", "-2", "--version"); ProcessBuilder pb = new ProcessBuilder("python", "-2", "--version");
Process p = pb.start(); Process p = pb.start();
@ -162,6 +162,8 @@ public class ExternalResources
//check if 'python' command is bound as python 2.X //check if 'python' command is bound as python 2.X
try try
{ {
BytecodeViewer.sm.pauseBlocking();
//read the version output to verify python 2 //read the version output to verify python 2
ProcessBuilder pb = new ProcessBuilder("python", "--version"); ProcessBuilder pb = new ProcessBuilder("python", "--version");
Process p = pb.start(); Process p = pb.start();

16
src/main/java/the/bytecode/club/bytecodeviewer/util/SecurityMan.java
View file

@ -32,12 +32,12 @@ import java.security.Permission;
public class SecurityMan extends SecurityManager public class SecurityMan extends SecurityManager
{ {
private boolean blocking = true; //might be insecure due to assholes targeting BCV private int blocking = 1; //might be insecure due to assholes targeting BCV
private boolean printing = false; private boolean printing = false;
private boolean printingPackage = false; private boolean printingPackage = false;
public void resumeBlocking() { public void resumeBlocking() {
blocking = true; blocking++;
} }
public void pauseBlocking() { //slightly safer security system than just a public static boolean being toggled public void pauseBlocking() { //slightly safer security system than just a public static boolean being toggled
@ -55,7 +55,7 @@ public class SecurityMan extends SecurityManager
executedClass.equals("the.bytecode.club.bytecodeviewer.BytecodeViewer") || executedClass.equals("the.bytecode.club.bytecodeviewer.BytecodeViewer") ||
executedClass.equals("the.bytecode.club.bytecodeviewer.Constants") || executedClass.equals("the.bytecode.club.bytecodeviewer.Constants") ||
executedClass.equals("the.bytecode.club.bytecodeviewer.compilers.impl.JavaCompiler")) { executedClass.equals("the.bytecode.club.bytecodeviewer.compilers.impl.JavaCompiler")) {
blocking = false; blocking--;
} else for (StackTraceElement stackTraceElements : Thread.currentThread().getStackTrace()) { } else for (StackTraceElement stackTraceElements : Thread.currentThread().getStackTrace()) {
System.out.println(stackTraceElements.getClassName()); System.out.println(stackTraceElements.getClassName());
} }
@ -82,17 +82,15 @@ public class SecurityMan extends SecurityManager
}; };
boolean allow = false; boolean allow = false;
for (String s : whitelist) { for (String s : whitelist)
if (cmd.contains(s)) { if (cmd.contains(s)) {
allow = true; allow = true;
break; break;
} }
}
if (allow && blocking == 0)
if (allow && !blocking) {
System.out.println("Allowing exec: " + cmd); System.out.println("Allowing exec: " + cmd);
else throw new SecurityException("BCV is awesome, blocking(" + blocking + ") exec " + cmd);
} else throw new SecurityException("BCV is awesome, blocking(" + blocking + ") exec " + cmd);
} }
@Override @Override