Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.
Bug 381724 - [jobs] ISchedulingRule security vulnerability
Summary: [jobs] ISchedulingRule security vulnerability
Status: VERIFIED FIXED
Alias: None
Product: Platform
Classification: Eclipse Project
Component: Runtime (show other bugs)
Version: 3.8   Edit
Hardware: All All
: P3 major (vote)
Target Milestone: 4.2.1   Edit
Assignee: Szymon Ptaszkiewicz CLA
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks: 381832
  Show dependency tree
 
Reported: 2012-06-05 10:49 EDT by Szymon Ptaszkiewicz CLA
Modified: 2012-09-05 04:08 EDT (History)
1 user (show)

See Also:


Attachments
Test case (2.07 KB, patch)
2012-06-05 10:49 EDT, Szymon Ptaszkiewicz CLA
no flags Details | Diff
Patch v.0.1 (2.01 KB, patch)
2012-06-07 07:33 EDT, Szymon Ptaszkiewicz CLA
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Szymon Ptaszkiewicz CLA 2012-06-05 10:49:02 EDT
Created attachment 216839 [details]
Test case

Wrong implementation of ISchedulingRule interface that wraps around some basic rule can result in two threads running concurrently with the same rule, although the basic rule would not allow them to be run at the same time. "Wrong implementation" in this case means that the rule does not adhere to the following statement from the javadoc of ISchedulingRule#isConflicting:

"This method must return true if calling contains(ISchedulingRule) on the same rule also returns true. This is required because it would otherwise allow two threads to be running concurrently with the same rule."

See the attached test case for a sample implementation.

The problem is that when we already obtained a rule, we can obtain other rules that are contained within that rule without additional validation being performed. In the original scenario that I found, I was able to schedule two jobs with the workspace root rule at the same time, and that in turn allowed me to perform two simultaneous workspace.save(..) operations (which is one of the potential root causes of bug 149121).

At the moment none of the ISchedulingRule implementations is safe enough, to allow us to say that it will definitely be run only by one thread at the same time.
Comment 1 Szymon Ptaszkiewicz CLA 2012-06-07 07:33:43 EDT
Created attachment 217012 [details]
Patch v.0.1

The attached patch fixes the problem by rejecting a rule that cannot be safely added to the stack of rules. A test is also added.
Comment 3 John Arthorne CLA 2012-08-23 16:25:36 EDT
We used the same branch for 4.1 M1 and 4.2.1, so these changes are actually in 4.2.1 as well.
Comment 4 Szymon Ptaszkiewicz CLA 2012-09-05 04:08:50 EDT
Verified in M20120829-1200.