Potential Security Vulnerability
There is a bug IKVM's implementation of java.lang.reflect.Field.set(). The dynamic method that is generated doesn't properly cast the value to the type of the field. This is obviously a bug, but it could also lead to a type safety vulnerability. It is not directly exploitable, because the unverifiable dynamic method will do a full trust security demand and when there is partially trusted code on the stack, that will fail.
However, if you have any code that indirectly exposes Field.set() to untrusted code, it may be exploitable. In particular, the following scenarios warrant careful attention:
IKVM.NET version 0.38, 0.40, 0.42 and 0.44 are affected. Version 0.36 and earlier are not affected.
There is an update of IKVM.NET 0.42, earlier versions will not be updated and there will be a new 0.44 release candidate later today.
IKVM.NET 0.42 Update 2
Binaries available here: ikvmbin-0.42.0.7.zipSources: ikvm-0.42.0.7.zip, openjdk6-b16-stripped.zip
Thanks to Dawid Weiss for reporting this issue.
I apologize for the lameness of this, but the comment spam was driving me nuts.
In order to be able to post a comment, you need to answer a simple question. Hopefully this question
is easy enough not to annoy serious commenters, but hard enough to keep the spammers away.
Anti-Spam Question: What method on java.lang.System returns an object's original hashcode (i.e. the
one that would be returned by java.lang.Object.hashCode() if it wasn't overridden)? (case is significant)
Powered by: newtelligence dasBlog 2.3.12105.0
© Copyright 2017, Jeroen Frijters