Permission Analysis Report
Analysis of: org.eclipse.swt.win32.win32.x86
Detail
Class: org.eclipse.swt.ole.win32.OleClientSite (Application)
DoPrivileged location: Line# 334 void <init>( org.eclipse.swt.widgets.Composite, int, java.lang.String, java.io.File )
Permission: java.io.FilePermission "???file???", "read"
Primordial/void java.io.FileInputStream.FileInputStream( java.io.File )
CODE
public OleClientSite(Composite parent, int style, String progId, File file) {
this(parent, style);
try {
if (file == null || file.isDirectory() || !file.exists()) OLE.error(OLE.ERROR_INVALID_ARGUMENT);
appClsid = getClassID(progId);
// Are we opening this file with the preferred OLE object?
char[] fileName = (file.getAbsolutePath()+"\0").toCharArray();
GUID fileClsid = new GUID();
COM.GetClassFile(fileName, fileClsid);
if (COM.IsEqualGUID(appClsid, fileClsid)){
// Using the same application that created file, therefore, use default mechanism.
tempStorage = createTempStorage();
// Create ole object with storage object
int[] address = new int[1];
int result = COM.OleCreateFromFile(appClsid, fileName, COM.IIDIUnknown, COM.OLERENDER_DRAW, null, 0, tempStorage.getAddress(), address);
if (result != COM.S_OK) OLE.error(OLE.ERROR_CANNOT_CREATE_OBJECT, result);
objIUnknown = new IUnknown(address[0]);
} else {
// Not using the same application that created file, therefore, copy from original file to a new storage file
IStorage storage = null;
if (COM.StgIsStorageFile(fileName) == COM.S_OK) {
int[] address = new int[1];
int mode = COM.STGM_READ | COM.STGM_TRANSACTED | COM.STGM_SHARE_EXCLUSIVE;
int result = COM.StgOpenStorage(fileName, 0, mode, 0, 0, address); //Does an AddRef if successful
if (result != COM.S_OK) OLE.error(OLE.ERROR_CANNOT_OPEN_FILE, result);
storage = new IStorage(address[0]);
} else {
// Original file is not a Storage file so copy contents to a stream in a new storage file
int[] address = new int[1];
int mode = COM.STGM_READWRITE | COM.STGM_DIRECT | COM.STGM_SHARE_EXCLUSIVE | COM.STGM_CREATE;
int result = COM.StgCreateDocfile(null, mode | COM.STGM_DELETEONRELEASE, 0, address); // Increments ref count if successful
if (result != COM.S_OK) OLE.error(OLE.ERROR_CANNOT_OPEN_FILE, result);
storage = new IStorage(address[0]);
// Create a stream on the storage object.
// Word does not follow the standard and does not use "CONTENTS" as the name of
// its primary stream
String streamName = "CONTENTS"; //$NON-NLS-1$
GUID wordGUID = getClassID(WORDPROGID);
if (COM.IsEqualGUID(appClsid, wordGUID)) streamName = "WordDocument"; //$NON-NLS-1$
address = new int[1];
result = storage.CreateStream(streamName, mode, 0, 0, address); // Increments ref count if successful
if (result != COM.S_OK) {
storage.Release();
OLE.error(OLE.ERROR_CANNOT_OPEN_FILE, result);
}
IStream stream = new IStream(address[0]);
try {
// Copy over data in file to named stream
FileInputStream fileInput = new FileInputStream(file);
int increment = 1024*4;
byte[] buffer = new byte[increment];
int count = 0;
while((count = fileInput.read(buffer)) > 0){
int pv = COM.CoTaskMemAlloc(count);
OS.MoveMemory(pv, buffer, count);
result = stream.Write(pv, count, null) ;
COM.CoTaskMemFree(pv);
if (result != COM.S_OK) {
fileInput.close();
stream.Release();
storage.Release();
OLE.error(OLE.ERROR_CANNOT_OPEN_FILE, result);
}
}
fileInput.close();
stream.Commit(COM.STGC_DEFAULT);
stream.Release();
} catch (IOException err) {
stream.Release();
storage.Release();
OLE.error(OLE.ERROR_CANNOT_OPEN_FILE);
}
}
// Open a temporary storage object
tempStorage = createTempStorage();
// Copy over contents of file
int result = storage.CopyTo(0, null, null, tempStorage.getAddress());
storage.Release();
if (result != COM.S_OK) OLE.error(OLE.ERROR_CANNOT_OPEN_FILE, result);
// create ole client
int[] ppv = new int[1];
result = COM.CoCreateInstance(appClsid, 0, COM.CLSCTX_INPROC_HANDLER | COM.CLSCTX_INPROC_SERVER, COM.IIDIUnknown, ppv);
if (result != COM.S_OK) OLE.error(OLE.ERROR_CANNOT_CREATE_OBJECT, result);
objIUnknown = new IUnknown(ppv[0]);
// get the persistant storage of the ole client
ppv = new int[1];
result = objIUnknown.QueryInterface(COM.IIDIPersistStorage, ppv);
if (result != COM.S_OK) OLE.error(OLE.ERROR_CANNOT_CREATE_OBJECT, result);
IPersistStorage iPersistStorage = new IPersistStorage(ppv[0]);
// load the contents of the file into the ole client site
result = iPersistStorage.Load(tempStorage.getAddress());
iPersistStorage.Release();
if (result != COM.S_OK)OLE.error(OLE.ERROR_CANNOT_CREATE_OBJECT, result);
}
// Init sinks
addObjectReferences();
if (COM.OleRun(objIUnknown.getAddress()) == OLE.S_OK) state = STATE_RUNNING;
} catch (SWTException e) {
dispose();
disposeCOMInterfaces();
throw e;
}
}
Tainted variable reference trace:
Permission Requirements:
- permission java.io.FilePermission "???file???", "read";
Conclusion:
The file variable is passed in as a method parameter.
Grant the permission to this plug-in via OSGI-INF/permissions.perm file.
DoPrivileged location: Line# 1080 boolean saveFromContents( int, java.io.File )
Permission: java.io.FilePermission "???file???", "write"
Primordial/void java.io.FileOutputStream.FileOutputStream( java.io.File )
CODE
private boolean saveFromContents(int address, File file) {
boolean success = false;
IStream tempContents = new IStream(address);
tempContents.AddRef();
try {
FileOutputStream writer = new FileOutputStream(file);
int increment = 1024 * 4;
int pv = COM.CoTaskMemAlloc(increment);
int[] pcbWritten = new int[1];
while (tempContents.Read(pv, increment, pcbWritten) == COM.S_OK && pcbWritten[0] > 0) {
byte[] buffer = new byte[ pcbWritten[0]];
OS.MoveMemory(buffer, pv, pcbWritten[0]);
writer.write(buffer); // Note: if file does not exist, this will create the file the
// first time it is called
success = true;
}
COM.CoTaskMemFree(pv);
writer.close();
} catch (IOException err) {
}
tempContents.Release();
return success;
}
Tainted variable reference trace:
Permission Requirements:
- permission java.io.FilePermission "???file???", "write";
Conclusion:
The caller require the permission on the file varible it passes in.
Grant the permission to this plug-in via OSGI-INF/permissions.perm file.
DoPrivileged location: Line# 1128 boolean saveFromOle10Native( int, java.io.File )
Permission: java.io.FilePermission "???file???", "write"
Primordial/void java.io.FileOutputStream.FileOutputStream( java.io.File )
CODE
private boolean saveFromOle10Native(int address, File file) {
boolean success = false;
IStream tempContents = new IStream(address);
tempContents.AddRef();
// The "\1Ole10Native" stream contains a DWORD header whose value is the length
// of the native data that follows.
int pv = COM.CoTaskMemAlloc(4);
int[] size = new int[1];
int rc = tempContents.Read(pv, 4, null);
OS.MoveMemory(size, pv, 4);
COM.CoTaskMemFree(pv);
if (rc == COM.S_OK && size[0] > 0) {
// Read the data
byte[] buffer = new byte[size[0]];
pv = COM.CoTaskMemAlloc(size[0]);
rc = tempContents.Read(pv, size[0], null);
OS.MoveMemory(buffer, pv, size[0]);
COM.CoTaskMemFree(pv);
// open the file and write data into it
try {
FileOutputStream writer = new FileOutputStream(file);
writer.write(buffer); // Note: if file does not exist, this will create the file
writer.close();
success = true;
} catch (IOException err) {
}
}
tempContents.Release();
return success;
}
Tainted variable reference trace:
Permission Requirements:
- permission java.io.FilePermission "???file???", "write";
Conclusion:
The caller require the permission on the file varible it passes in.
Grant the permission to this plug-in via OSGI-INF/permissions.perm file.