Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

BigInteger protection can be bypassed. #455

Closed
ehhthing opened this issue Jun 17, 2019 · 1 comment
Closed

BigInteger protection can be bypassed. #455

ehhthing opened this issue Jun 17, 2019 · 1 comment
Labels
bug executors grading
Milestone
2.0.0

Comments

@ehhthing
Copy link
Member

Using Java's built in ScriptEngine, it is possible to create instances of the BigInteger class when BigInteger should be disallowed.

See this submission
@Xyene
Copy link
Member

Xyene commented Sep 2, 2019

The exact machinery of why this works is icky, but it boils down to

https://github.com/DMOJ/java-sandbox-agent/blob/master/src/main/java/ca/dmoj/java/SubmissionAgent.java#L50

...not being enough to actually kill the submission if the loading thread has a different exception handler. In hindsight this is obvious. Throwing inside the transformer doesn't work either, since it'll be caught and the classfile will still be loaded. The solution is to exit immediately, though this requires the exitVM.# permission.

@Xyene Xyene added this to the 1.5.0 milestone Sep 15, 2019
Xyene added a commit that referenced this issue Oct 27, 2019
@Xyene
Allow the Java sandbox agent to exit the VM; #455
655258d
Xyene added a commit to DMOJ/java-sandbox-agent that referenced this issue Oct 27, 2019
@Xyene
Immediately exit upon denying a class load; fixes DMOJ/judge-server#455
a08e555
Xyene added a commit to DMOJ/java-sandbox-agent that referenced this issue Oct 27, 2019
@Xyene
Immediately exit upon denying a class load; fixes DMOJ/judge-server#455
756b105
@Xyene Xyene reopened this Oct 27, 2019
Xyene added a commit that referenced this issue Oct 27, 2019
@Xyene
java: update agent binary; #455
09a41af
Xyene added a commit that referenced this issue Oct 27, 2019
@Xyene
java: update agent binary; #455
5d7013e
Xyene added a commit to DMOJ/java-sandbox-agent that referenced this issue Oct 27, 2019
@Xyene
Print last exception to standard error with UUID for easier parsing; D…
0b06d2a 
…MOJ/judge-server#455
Xyene added a commit to DMOJ/java-sandbox-agent that referenced this issue Oct 27, 2019
@Xyene
Print last exception to standard error with UUID for easier parsing; D…
9376ec4 
…MOJ/judge-server#455
@Xyene Xyene closed this as completed in 62b4f79 Oct 27, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug executors grading
Projects
None yet
Milestone
2.0.0
Development

No branches or pull requests
3 participants
@Xyene @ehhthing @kiritofeng