From 0527e4e4013be6f852a4615f0caaf2dcf39dd6da Mon Sep 17 00:00:00 2001 From: Weijun Wang Date: Mon, 31 Oct 2016 16:41:41 +0800 Subject: [PATCH] 8167646: Better invalid FilePermission Reviewed-by: rriggs --- .../share/classes/java/io/FilePermission.java | 16 ++++- jdk/test/java/io/FilePermission/Invalid.java | 67 +++++++++++++++++++ 2 files changed, 81 insertions(+), 2 deletions(-) create mode 100644 jdk/test/java/io/FilePermission/Invalid.java diff --git a/jdk/src/java.base/share/classes/java/io/FilePermission.java b/jdk/src/java.base/share/classes/java/io/FilePermission.java index bb8bc7a9030..0c5c0ac2e8b 100644 --- a/jdk/src/java.base/share/classes/java/io/FilePermission.java +++ b/jdk/src/java.base/share/classes/java/io/FilePermission.java @@ -173,6 +173,7 @@ public final class FilePermission extends Permission implements Serializable { private transient Path npath; // normalized dir path. private transient Path npath2; // alternative normalized dir path. private transient boolean allFiles; // whether this is <> + private transient boolean invalid; // whether input path is invalid // static Strings used by init(int mask) private static final char RECURSIVE_CHAR = '-'; @@ -223,6 +224,7 @@ public final class FilePermission extends Permission implements Serializable { this.npath = input.npath; this.actions = input.actions; this.allFiles = input.allFiles; + this.invalid = input.invalid; this.recursive = input.recursive; this.directory = input.directory; this.cpath = input.cpath; @@ -325,11 +327,12 @@ public final class FilePermission extends Permission implements Serializable { // Windows. Some JDK codes generate such illegal names. npath = builtInFS.getPath(new File(name).getPath()) .normalize(); + invalid = false; } catch (InvalidPathException ipe) { // Still invalid. For compatibility reason, accept it // but make this permission useless. npath = builtInFS.getPath("-u-s-e-l-e-s-s-"); - this.mask = NONE; + invalid = true; } // lastName should always be non-null now @@ -547,6 +550,12 @@ public final class FilePermission extends Permission implements Serializable { */ boolean impliesIgnoreMask(FilePermission that) { if (FilePermCompat.nb) { + if (this == that) { + return true; + } + if (this.invalid || that.invalid) { + return false; + } if (allFiles) { return true; } @@ -694,6 +703,9 @@ public final class FilePermission extends Permission implements Serializable { FilePermission that = (FilePermission) obj; if (FilePermCompat.nb) { + if (this.invalid || that.invalid) { + return false; + } return (this.mask == that.mask) && (this.allFiles == that.allFiles) && this.npath.equals(that.npath) && @@ -717,7 +729,7 @@ public final class FilePermission extends Permission implements Serializable { public int hashCode() { if (FilePermCompat.nb) { return Objects.hash( - mask, allFiles, directory, recursive, npath, npath2); + mask, allFiles, directory, recursive, npath, npath2, invalid); } else { return 0; } diff --git a/jdk/test/java/io/FilePermission/Invalid.java b/jdk/test/java/io/FilePermission/Invalid.java new file mode 100644 index 00000000000..38c6a98b46c --- /dev/null +++ b/jdk/test/java/io/FilePermission/Invalid.java @@ -0,0 +1,67 @@ +/* + * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/** + * + * @test + * @bug 8167646 + * @summary Better invalid FilePermission + * @library /test/lib + */ + +import jdk.test.lib.Asserts; + +import java.io.FilePermission; + +public class Invalid { + + public static void main(String args[]) throws Exception { + + // Normal + FilePermission fp = new FilePermission("a", "read"); + + // Invalid + FilePermission fp1 = new FilePermission("a\000", "read"); + FilePermission fp2 = new FilePermission("a\000", "read"); + FilePermission fp3 = new FilePermission("b\000", "read"); + + // Invalid equals to itself + Asserts.assertEQ(fp1, fp1); + + // and not equals to anything else, including other invalid ones + Asserts.assertNE(fp, fp1); + Asserts.assertNE(fp1, fp); + Asserts.assertNE(fp1, fp2); + Asserts.assertNE(fp1, fp3); + + // Invalid implies itself + Asserts.assertTrue(fp1.implies(fp1)); + + // and not implies or implied by anything else, including other + // invalid ones + Asserts.assertFalse(fp.implies(fp1)); + Asserts.assertFalse(fp1.implies(fp)); + Asserts.assertFalse(fp1.implies(fp2)); + Asserts.assertFalse(fp1.implies(fp3)); + } +}