infernap12/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2026-05-24 12:28:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

8029354: URLPermission.<init> throws llegalArgumentException: Invalid characters in hostname

Browse Source 
Reviewed-by: alanb, chegar
This commit is contained in:
Michael McMahon 2014-01-06 11:00:12 +00:00
parent dddabe454d
commit 208ab44594
3 changed files with 104 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
jdk/src/share/classes/java/net/URLPermission.java
View File

@ -47,7 +47,7 @@ import java.security.Permission;
* class.
* <i>authority</i> is specified as:
* <pre>
* authority = hostrange [ : portrange ]
* authority = [ userinfo @ ] hostrange [ : portrange ]
* portrange = portnumber | -portnumber | portnumber-[portnumber] | *
* hostrange = ([*.] dnsname) | IPv4address | IPv6address
* </pre>
@ -65,6 +65,9 @@ import java.security.Permission;
* (default 443). No default is assumed for other schemes. A wildcard may be specified
* which means all ports.
* <p>
* <i>userinfo</i> is optional. A userinfo component if present, is ignored when
* creating a URLPermission, and has no effect on any other methods defined by this class.
* <p>
* The <i>path</i> component comprises a sequence of path segments,
* separated by '/' characters. <i>path</i> may also be empty. The path is specified
* in a similar way to the path in {@link java.io.FilePermission}. There are
@ -473,7 +476,12 @@ public final class URLPermission extends Permission {
HostPortrange p;
Authority(String scheme, String authority) {
p = new HostPortrange(scheme, authority);
int at = authority.indexOf('@');
if (at == -1) {
p = new HostPortrange(scheme, authority);
} else {
p = new HostPortrange(scheme, authority.substring(at+1));
}
}
boolean implies(Authority other) {

48
jdk/test/java/net/URLPermission/OpenURL.java Normal file
View File

@ -0,0 +1,48 @@
/*
* Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* @test
* @bug 8029354
* @run main/othervm OpenURL
*/
import java.net.*;
import java.io.*;
public class OpenURL {
public static void main (String[] args) throws Exception {
System.setSecurityManager(new SecurityManager());
try {
URL url = new URL ("http://joe@127.0.0.1/a/b");
HttpURLConnection urlc = (HttpURLConnection)url.openConnection();
InputStream is = urlc.getInputStream();
// error will throw exception other than SecurityException
} catch (SecurityException e) {
System.out.println("OK");
}
}
}

47
jdk/test/java/net/URLPermission/URLPermissionTest.java
View File

@ -26,7 +26,7 @@ import java.io.*;
/**
* @test
* @bug 8010464 8027570 8027687
* @bug 8010464 8027570 8027687 8029354
*/
public class URLPermissionTest {
@ -37,7 +37,30 @@ public class URLPermissionTest {
abstract boolean execute();
};
// Instantiation: should succeed
static class CreateTest extends Test {
String arg;
CreateTest(String arg) {
this.arg = arg;
}
@Override
boolean execute() {
try {
URLPermission p = new URLPermission(arg);
return true;
} catch (Exception e) {
return false;
}
}
};
static CreateTest createtest(String arg) {
return new CreateTest(arg);
}
// Should throw an IAE on construction
static class ExTest extends Test {
String arg;
ExTest(String arg) {
@ -262,6 +285,7 @@ public class URLPermissionTest {
imtest("https://www.foo.com/a/b", "https://www.foo.com:443/a/b", true),
imtest("https://www.foo.com:200-500/a/b", "https://www.foo.com/a/b", true),
imtest("http://www.foo.com:*/a/b", "http://www.foo.com:1-12345/a/b", true),
imtest("http://host/a/b", "http://HOST/a/b", true),
// misc
imtest("https:*", "http://www.foo.com", false),
@ -297,6 +321,16 @@ public class URLPermissionTest {
eqtest("http://www.foo.com/a/b", "http://www.foo.com:82/a/b", false),
eqtest("https://www.foo.com/a/b", "https://www.foo.com:443/a/b", true),
eqtest("https://www.foo.com/a/b", "https://www.foo.com:444/a/b", false),
eqtest("http://michael@foo.com/bar","http://michael@foo.com/bar", true),
eqtest("http://Michael@foo.com/bar","http://michael@goo.com/bar",false),
eqtest("http://michael@foo.com/bar","http://george@foo.com/bar", true),
eqtest("http://@foo.com/bar","http://foo.com/bar", true)
};
static Test[] createTests = {
createtest("http://user@foo.com/a/b/c"),
createtest("http://user:pass@foo.com/a/b/c"),
createtest("http://user:@foo.com/a/b/c")
};
static boolean failed = false;
@ -386,6 +420,17 @@ public class URLPermissionTest {
}
}
for (int i=0; i<createTests.length; i++) {
CreateTest test = (CreateTest)createTests[i];
boolean result = test.execute();
if (!result) {
System.out.println ("test failed: " + test.arg);
failed = true;
} else {
System.out.println ("create test " + i + " OK");
}
}
for (int i=0; i<actionImplies.length ; i++) {
ActionImpliesTest test = (ActionImpliesTest)actionImplies[i];
Exception caught = null;