Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Crash in PRNGFixes.java:259 #1155

Closed
amishra-dev opened this issue Mar 23, 2018 · 5 comments
Closed

Crash in PRNGFixes.java:259 #1155

amishra-dev opened this issue Mar 23, 2018 · 5 comments
Assignees
@piqiums

Comments

@amishra-dev
Copy link
Contributor

java.lang.SecurityException: Failed to read from /dev/urandom at com.microsoft.aad.adal.PRNGFixes$LinuxPRNGSecureRandom.engineNextBytes(PRNGFixes.java:259) at java.security.SecureRandom.nextBytes(SecureRandom.java:272) at com.microsoft.aad.adal.StorageHelper.encrypt(StorageHelper.java:188) at com.microsoft.aad.adal.DefaultTokenCacheStore.encrypt(DefaultTokenCacheStore.java:125) at com.microsoft.aad.adal.DefaultTokenCacheStore.setItem(DefaultTokenCacheStore.java:190) at com.microsoft.aad.adal.TokenCacheAccessor.setItemToCacheForUser(TokenCacheAccessor.java:363) at com.microsoft.aad.adal.TokenCacheAccessor.updateTokenCache(TokenCacheAccessor.java:244) at com.microsoft.aad.adal.TokenCacheAccessor.updateCachedItemWithResult(TokenCacheAccessor.java:222) at com.microsoft.aad.adal.AcquireTokenSilentHandler.acquireTokenWithCachedItem(AcquireTokenSilentHandler.java:339) at com.microsoft.aad.adal.AcquireTokenSilentHandler.tryFRT(AcquireTokenSilentHandler.java:299) at com.microsoft.aad.adal.AcquireTokenSilentHandler.tryMRRT(AcquireTokenSilentHandler.java:247) at com.microsoft.aad.adal.AcquireTokenSilentHandler.tryRT(AcquireTokenSilentHandler.java:209) at com.microsoft.aad.adal.AcquireTokenSilentHandler.getAccessToken(AcquireTokenSilentHandler.java:107) at com.microsoft.aad.adal.AcquireTokenRequest.tryAcquireTokenSilentLocally(AcquireTokenRequest.java:438) at com.microsoft.aad.adal.AcquireTokenRequest.acquireTokenSilentFlow(AcquireTokenRequest.java:401) at com.microsoft.aad.adal.AcquireTokenRequest.tryAcquireTokenSilent(AcquireTokenRequest.java:354) at com.microsoft.aad.adal.AcquireTokenRequest.performAcquireTokenRequest(AcquireTokenRequest.java:333) at com.microsoft.aad.adal.AcquireTokenRequest.access$200(AcquireTokenRequest.java:47) at com.microsoft.aad.adal.AcquireTokenRequest$1.run(AcquireTokenRequest.java:111) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1080) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:573) at java.lang.Thread.run(Thread.java:856)
@msft-cofitz
Copy link
Contributor

msft-cofitz commented Jun 5, 2018
edited
Loading

I saw this occur on an API 17 device.

@titorodi

Edit: some more context - the change below moved the locking around getUrandomInputStream():
https://github.com/AzureAD/azure-activedirectory-library-for-android/pull/1059/files/13ba29a64e4c0a816bca7b8f15047929e5a48a3e

@TheY2T
Copy link

TheY2T commented Jun 13, 2018

Hi, I', also getting this exception on an API 16 device.

E/AndroidRuntime: FATAL EXCEPTION: main
                  java.lang.SecurityException: Failed to read from /dev/urandom
                      at com.microsoft.aad.adal.PRNGFixes$LinuxPRNGSecureRandom.engineNextBytes(PRNGFixes.java:259)
                      at java.security.SecureRandom.nextBytes(SecureRandom.java:273)
                      at java.util.UUID.randomUUID(UUID.java:130)
                      at com.microsoft.aad.adal.AuthenticationContext.getRequestCorrelationId(AuthenticationContext.java:1062)
                      at com.microsoft.aad.adal.AuthenticationContext.acquireToken(AuthenticationContext.java:351)
                      at au.com.pacificnational.trainscanner.activities.LoginActivity$4.handleMessage(LoginActivity.java:190)
                      at android.os.Handler.dispatchMessage(Handler.java:99)
                      at android.os.Looper.loop(Looper.java:137)
                      at android.app.ActivityThread.main(ActivityThread.java:4745)
                      at java.lang.reflect.Method.invokeNative(Native Method)
                      at java.lang.reflect.Method.invoke(Method.java:511)
                      at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:786)
                      at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:553)
                      at dalvik.system.NativeStart.main(Native Method)
                   Caused by: java.io.IOException: read failed: EBADF (Bad file number)
                      at libcore.io.IoBridge.read(IoBridge.java:442)
                      at java.io.FileInputStream.read(FileInputStream.java:179)
                      at libcore.io.Streams.readFully(Streams.java:81)
                      at java.io.DataInputStream.readFully(DataInputStream.java:120)
                      at java.io.DataInputStream.readFully(DataInputStream.java:116)
                      at com.microsoft.aad.adal.PRNGFixes$LinuxPRNGSecureRandom.engineNextBytes(PRNGFixes.java:256)
                      at java.security.SecureRandom.nextBytes(SecureRandom.java:273) 
                      at java.util.UUID.randomUUID(UUID.java:130) 
                      at com.microsoft.aad.adal.AuthenticationContext.getRequestCorrelationId(AuthenticationContext.java:1062) 
                      at com.microsoft.aad.adal.AuthenticationContext.acquireToken(AuthenticationContext.java:351) 
                      at au.com.pacificnational.trainscanner.activities.LoginActivity$4.handleMessage(LoginActivity.java:190) 
                      at android.os.Handler.dispatchMessage(Handler.java:99) 
                      at android.os.Looper.loop(Looper.java:137) 
                      at android.app.ActivityThread.main(ActivityThread.java:4745) 
                      at java.lang.reflect.Method.invokeNative(Native Method) 
                      at java.lang.reflect.Method.invoke(Method.java:511) 
                      at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:786) 
                      at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:553) 
                      at dalvik.system.NativeStart.main(Native Method) 
                   Caused by: libcore.io.ErrnoException: read failed: EBADF (Bad file number)
                      at libcore.io.Posix.readBytes(Native Method)
                      at libcore.io.Posix.read(Posix.java:118)
                      at libcore.io.BlockGuardOs.read(BlockGuardOs.java:149)
                      at libcore.io.IoBridge.read(IoBridge.java:432)
                      at java.io.FileInputStream.read(FileInputStream.java:179) 
                      at libcore.io.Streams.readFully(Streams.java:81) 
                      at java.io.DataInputStream.readFully(DataInputStream.java:120) 
                      at java.io.DataInputStream.readFully(DataInputStream.java:116) 
                      at com.microsoft.aad.adal.PRNGFixes$LinuxPRNGSecureRandom.engineNextBytes(PRNGFixes.java:256) 
                      at java.security.SecureRandom.nextBytes(SecureRandom.java:273) 
                      at java.util.UUID.randomUUID(UUID.java:130) 
                      at com.microsoft.aad.adal.AuthenticationContext.getRequestCorrelationId(AuthenticationContext.java:1062) 
                      at com.microsoft.aad.adal.AuthenticationContext.acquireToken(AuthenticationContext.java:351) 
                      at au.com.pacificnational.trainscanner.activities.LoginActivity$4.handleMessage(LoginActivity.java:190) 
                      at android.os.Handler.dispatchMessage(Handler.java:99) 
                      at android.os.Looper.loop(Looper.java:137) 
                      at android.app.ActivityThread.main(ActivityThread.java:4745) 
                      at java.lang.reflect.Method.invokeNative(Native Method) 
                      at java.lang.reflect.Method.invoke(Method.java:511) 
                      at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:786) 
                      at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:553) 
                      at dalvik.system.NativeStart.main(Native Method) 

The exception occurs after triggering mAuthContext.acquireToken(getActivity(), RESOURCE_ID, CLIENT_ID, REDIRECT_URI, PromptBehavior.Auto, getAuthInteractiveCallback());.

Prior to that, I had called setSecretKey() via AuthenticationSettings. Can anyone assist?

@piqiums piqiums self-assigned this Jun 28, 2018
@piqiums
Copy link
Contributor

piqiums commented Jun 29, 2018
edited
Loading

I've got an Android V4.2.2 API 17 device, and this could repro while acquiring token.
@cofitz1, in comparison, I tried to change the locking around getUrandomInputStream() back, but the crash is still there. So that's not related with the locking change around getUrandomInputStream. I will continue work on this.
Found somebody has the same issue on Android 4.2 https://gist.github.com/scottyab/6498556

@shoatman
Copy link
Contributor

I took a look. I believe that we closed the inputstream in engineNextBytes (for /dev/urandom) and subsequently attempted to read from it. getUrandomInputStream returns a reference to the input stream (it effectively treats the input stream as a singleton and keeps a static reference). Inside engineNextBytes we close that stream via the reference, but do not set it to null. Subsequent calls to getUrandomInputStream return a reference to a closed inputstream.

I don't think there is any reason to close this stream given the frequency with which this is invoked.

I'll submit a PR to address this shortly.

This was referenced Jul 11, 2018
Closed
Merged
@iambmelt
Copy link
Member

Closed by #1244

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@piqiums piqiums

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@iambmelt @shoatman @amishra-dev @TheY2T @piqiums @msft-cofitz