infernap12/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2026-03-04 05:00:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge

Browse Source
This commit is contained in:
Phil Race 2016-10-19 08:06:10 -07:00
commit 4a4be07df3
236 changed files with 4008 additions and 954 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.hgtags
View File

@ -382,3 +382,4 @@ e384420383a5b79fa0012ebcb25d8f83cff7f777 jdk-9+135
9cb87c88ed851c0575b8ead753ea238ed5b544e9 jdk-9+137
d273dfe9a126d3bffe92072547fef2cd1361b0eb jdk-9+138
65477538bec32963dc41153d89c4417eb46c45fc jdk-9+139
0875007901f7d364a08220b052f0c81003e9c8c5 jdk-9+140

1
.hgtags-top-repo
View File

@ -382,3 +382,4 @@ be1218f792a450dfb5d4b1f82616b9d95a6a732e jdk-9+133
d7f519b004254b19e384131d9f0d0e40e31a0fd3 jdk-9+137
67c4388142bdf58aec8fefa4475faaa8a5d7380c jdk-9+138
7dcf453eacae79ee86a6bcc75fd0b546fc99b48a jdk-9+139
a5815c6098a241d3a1df64d22b84b3524e4a77df jdk-9+140

10
common/autoconf/basics.m4
View File

@ -428,9 +428,10 @@ AC_DEFUN([BASIC_SETUP_TOOL],
# Call BASIC_SETUP_TOOL with AC_PATH_PROGS to locate the tool
# $1: variable to set
# $2: executable name (or list of names) to look for
# $3: [path]
AC_DEFUN([BASIC_PATH_PROGS],
[
BASIC_SETUP_TOOL($1, [AC_PATH_PROGS($1, $2)])
BASIC_SETUP_TOOL($1, [AC_PATH_PROGS($1, $2, , $3)])
])
# Call BASIC_SETUP_TOOL with AC_CHECK_TOOLS to locate the tool
@ -444,9 +445,10 @@ AC_DEFUN([BASIC_CHECK_TOOLS],
# Like BASIC_PATH_PROGS but fails if no tool was found.
# $1: variable to set
# $2: executable name (or list of names) to look for
# $3: [path]
AC_DEFUN([BASIC_REQUIRE_PROGS],
[
BASIC_PATH_PROGS($1, $2)
BASIC_PATH_PROGS($1, $2, , $3)
BASIC_CHECK_NONEMPTY($1)
])
@ -1065,7 +1067,9 @@ AC_DEFUN_ONCE([BASIC_SETUP_COMPLEX_TOOLS],
BASIC_PATH_PROGS(HG, hg)
BASIC_PATH_PROGS(STAT, stat)
BASIC_PATH_PROGS(TIME, time)
BASIC_PATH_PROGS(DTRACE, dtrace)
# Dtrace is usually found in /usr/sbin on Solaris, but that directory may not
# be in the user path.
BASIC_PATH_PROGS(DTRACE, dtrace, $PATH:/usr/sbin)
BASIC_PATH_PROGS(PATCH, [gpatch patch])
# Check if it's GNU time
IS_GNU_TIME=`$TIME --version 2>&1 | $GREP 'GNU time'`

2
common/autoconf/basics_windows.m4
View File

@ -1,5 +1,5 @@
#
# Copyright (c) 2011, 2012, Oracle and/or its affiliates. All rights reserved.
# Copyright (c) 2011, 2016, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it

2
common/autoconf/boot-jdk.m4
View File

@ -1,5 +1,5 @@
#
# Copyright (c) 2011, 2015, Oracle and/or its affiliates. All rights reserved.
# Copyright (c) 2011, 2016, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it

2
common/autoconf/bootcycle-spec.gmk.in
View File

@ -1,5 +1,5 @@
#
# Copyright (c) 2011, 2015, Oracle and/or its affiliates. All rights reserved.
# Copyright (c) 2011, 2016, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it

1
common/autoconf/build-performance.m4
View File

@ -168,7 +168,6 @@ AC_DEFUN([BPERF_SETUP_CCACHE],
[AS_HELP_STRING([--enable-ccache],
[enable using ccache to speed up recompilations @<:@disabled@:>@])])
CCACHE=
CCACHE_STATUS=
AC_MSG_CHECKING([is ccache enabled])
if test "x$enable_ccache" = xyes; then

6
common/autoconf/buildjdk-spec.gmk.in
View File

@ -1,5 +1,5 @@
#
# Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
# Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
@ -156,7 +156,3 @@ JVM_VARIANT_KERNEL := false
JVM_VARIANT_ZERO := false
JVM_VARIANT_ZEROSHARK := false
JVM_VARIANT_CORE := false
# Sneak this in via the spec.gmk file, since we don't want to mess around too much with the Hotspot make files.
# This is needed to get the LOG setting to work properly.
include $(SRC_ROOT)/make/common/MakeBase.gmk

2
common/autoconf/compare.sh.in
View File

@ -1,6 +1,6 @@
#!/bin/bash
#
# Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved.
# Copyright (c) 2012, 2016, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it

23
common/autoconf/generated-configure.sh
View File

@ -3657,6 +3657,7 @@ ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var.
# Call BASIC_SETUP_TOOL with AC_PATH_PROGS to locate the tool
# $1: variable to set
# $2: executable name (or list of names) to look for
# $3: [path]
# Call BASIC_SETUP_TOOL with AC_CHECK_TOOLS to locate the tool
@ -3667,6 +3668,7 @@ ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var.
# Like BASIC_PATH_PROGS but fails if no tool was found.
# $1: variable to set
# $2: executable name (or list of names) to look for
# $3: [path]
# Like BASIC_SETUP_TOOL but fails if no tool was found.
@ -3733,7 +3735,7 @@ ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var.
#
# Copyright (c) 2011, 2012, Oracle and/or its affiliates. All rights reserved.
# Copyright (c) 2011, 2016, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
@ -3792,7 +3794,7 @@ ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var.
# ... then the rest
#
# Copyright (c) 2011, 2015, Oracle and/or its affiliates. All rights reserved.
# Copyright (c) 2011, 2016, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
@ -4403,7 +4405,7 @@ VALID_JVM_VARIANTS="server client minimal core zero zeroshark custom"
#
# Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
# Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
@ -4498,7 +4500,7 @@ VALID_JVM_VARIANTS="server client minimal core zero zeroshark custom"
#
# Copyright (c) 2011, 2015, Oracle and/or its affiliates. All rights reserved.
# Copyright (c) 2011, 2016, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
@ -4818,7 +4820,7 @@ VALID_JVM_VARIANTS="server client minimal core zero zeroshark custom"
#
# Copyright (c) 2011, 2015, Oracle and/or its affiliates. All rights reserved.
# Copyright (c) 2011, 2016, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
@ -5091,7 +5093,7 @@ VS_SDK_PLATFORM_NAME_2013=
#CUSTOM_AUTOCONF_INCLUDE
# Do not change or remove the following line, it is needed for consistency checks:
DATE_WHEN_GENERATED=1475218974
DATE_WHEN_GENERATED=1476275292
###############################################################################
#
@ -22769,6 +22771,8 @@ $as_echo "$tool_specified" >&6; }
fi
# Dtrace is usually found in /usr/sbin on Solaris, but that directory may not
# be in the user path.
# Publish this variable in the help.
@ -22791,7 +22795,8 @@ else
;;
*)
as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
for as_dir in $PATH
as_dummy="$PATH:/usr/sbin"
for as_dir in $as_dummy
do
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
@ -22849,7 +22854,8 @@ else
;;
*)
as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
for as_dir in $PATH
as_dummy="$PATH:/usr/sbin"
for as_dir in $as_dummy
do
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
@ -65239,7 +65245,6 @@ if test "${enable_ccache+set}" = set; then :
fi
CCACHE=
CCACHE_STATUS=
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking is ccache enabled" >&5
$as_echo_n "checking is ccache enabled... " >&6; }

2
common/autoconf/jdk-version.m4
View File

@ -1,5 +1,5 @@
#
# Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
# Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it

2
common/autoconf/lib-bundled.m4
View File

@ -1,5 +1,5 @@
#
# Copyright (c) 2011, 2015, Oracle and/or its affiliates. All rights reserved.
# Copyright (c) 2011, 2016, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it

2
common/autoconf/source-dirs.m4
View File

@ -1,5 +1,5 @@
#
# Copyright (c) 2011, 2015, Oracle and/or its affiliates. All rights reserved.
# Copyright (c) 2011, 2016, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it

5
common/autoconf/spec.gmk.in
View File

@ -175,7 +175,7 @@ VERSION_NUMBER_FOUR_POSITIONS := @VERSION_NUMBER_FOUR_POSITIONS@
VERSION_STRING := @VERSION_STRING@
# The short version string, without trailing zeroes and just PRE, if present.
VERSION_SHORT := @VERSION_SHORT@
# The Java specification version. It usually equals to the major version number.
# The Java specification version. It usually equals the major version number.
VERSION_SPECIFICATION := @VERSION_MAJOR@
# A GA version is defined by the PRE string being empty. Rather than testing for
# that, this variable defines it with true/false.
@ -244,9 +244,6 @@ USE_PRECOMPILED_HEADER := @USE_PRECOMPILED_HEADER@
# Only build headless support or not
ENABLE_HEADLESS_ONLY := @ENABLE_HEADLESS_ONLY@
# Legacy support
USE_NEW_HOTSPOT_BUILD:=@USE_NEW_HOTSPOT_BUILD@
# JDK_OUTPUTDIR specifies where a working jvm is built.
# You can run $(JDK_OUTPUTDIR)/bin/java
# Though the layout of the contents of $(JDK_OUTPUTDIR) is not

2
common/autoconf/version-numbers
View File

@ -1,5 +1,5 @@
#
# Copyright (c) 2011, 2015, Oracle and/or its affiliates. All rights reserved.
# Copyright (c) 2011, 2016, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it

2
common/bin/compare_exceptions.sh.incl
View File

@ -1,6 +1,6 @@
#!/bin/bash
#
# Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
# Copyright (c) 2012, 2016, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it

2
common/bin/hgforest.sh
View File

@ -1,6 +1,6 @@
#!/bin/sh
#
# Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved.
# Copyright (c) 2009, 2016, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it

2
common/bin/jib.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
#
# Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
# Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it

8
common/conf/jib-profiles.js
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -287,7 +287,8 @@ var getJibProfilesProfiles = function (input, common) {
target_os: "solaris",
target_cpu: "x64",
dependencies: concat(common.dependencies, "devkit", "cups"),
configure_args: concat(common.configure_args, "--with-zlib=system"),
configure_args: concat(common.configure_args, "--with-zlib=system",
"--enable-dtrace"),
default_make_targets: common.default_make_targets
},
@ -295,7 +296,8 @@ var getJibProfilesProfiles = function (input, common) {
target_os: "solaris",
target_cpu: "sparcv9",
dependencies: concat(common.dependencies, "devkit", "cups"),
configure_args: concat(common.configure_args, "--with-zlib=system"),
configure_args: concat(common.configure_args, "--with-zlib=system",
"--enable-dtrace"),
default_make_targets: common.default_make_targets
},

1
corba/.hgtags
View File

@ -382,3 +382,4 @@ aa053a3faf266c12b4fd5272da431a3e08e4a3e3 jdk-9+136
258cf18fa7fc59359b874f8743b7168dc48baf73 jdk-9+137
27bb44be32076861a0951bcefb07a1d92509a4b6 jdk-9+138
8c9da7fc5b07c606afd571c7012441b77dda83b2 jdk-9+139
9f3fc931bc230f44f2a58d75f7f6360af98bb113 jdk-9+140

2
corba/make/gensrc/Gensrc-java.corba.gmk
View File

@ -1,5 +1,5 @@
#
# Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
# Copyright (c) 2014, 2016, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it

1
hotspot/.hgtags
View File

@ -542,3 +542,4 @@ a20da289f646ee44440695b81abc0548330e4ca7 jdk-9+136
dfcbf839e299e7e2bba1da69bdb347617ea4c7e8 jdk-9+137
fc0956308c7a586267c5dd35dff74f773aa9c3eb jdk-9+138
08492e67bf3226784dab3bf9ae967382ddbc1af5 jdk-9+139
fec31089c2ef5a12dd64f401b0bf2e00f56ee0d0 jdk-9+140

2
hotspot/make/lib/CompileGtest.gmk
View File

@ -69,7 +69,7 @@ $(eval $(call SetupNativeCompilation, BUILD_GTEST_LIBJVM, \
CFLAGS := $(JVM_CFLAGS) -I$(GTEST_FRAMEWORK_SRC) \
-I$(GTEST_FRAMEWORK_SRC)/include \
$(addprefix -I,$(GTEST_TEST_SRC)), \
CFLAGS_windows := /EHsc, \
CFLAGS_windows := -EHsc, \
CFLAGS_solaris := -DGTEST_HAS_EXCEPTIONS=0 -library=stlport4, \
CFLAGS_macosx := -DGTEST_OS_MAC=1, \
CFLAGS_DEBUG_SYMBOLS := $(JVM_CFLAGS_SYMBOLS), \

2
hotspot/src/share/vm/runtime/arguments.cpp
View File

@ -422,6 +422,8 @@ static SpecialFlag const special_jvm_flags[] = {
{ "UseAltSigs", JDK_Version::undefined(), JDK_Version::jdk(9), JDK_Version::jdk(10) },
{ "SegmentedHeapDumpThreshold", JDK_Version::undefined(), JDK_Version::jdk(9), JDK_Version::jdk(10) },
{ "PrintOopAddress", JDK_Version::undefined(), JDK_Version::jdk(9), JDK_Version::jdk(10) },
{ "PermSize", JDK_Version::undefined(), JDK_Version::jdk(8), JDK_Version::jdk(10) },
{ "MaxPermSize", JDK_Version::undefined(), JDK_Version::jdk(8), JDK_Version::jdk(10) },
#ifdef TEST_VERIFY_SPECIAL_JVM_FLAGS
{ "dep > obs", JDK_Version::jdk(9), JDK_Version::jdk(8), JDK_Version::undefined() },

51
hotspot/test/runtime/CommandLine/PermGenFlagsTest.java Normal file
View File

@ -0,0 +1,51 @@
/*
* Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* @test
* @bug 8167446
* @summary Commandline options PermSize and MaxPermSize should be recognized but ignored.
* @library /test/lib
* @modules java.base/jdk.internal.misc
* java.management
* @run driver PermGenFlagsTest
*/
import jdk.test.lib.process.OutputAnalyzer;
import jdk.test.lib.process.ProcessTools;
public class PermGenFlagsTest {
public static void main(String[] args) throws Exception {
ProcessBuilder pb = ProcessTools.createJavaProcessBuilder("-XX:PermSize=22k",
"-version");
OutputAnalyzer output = new OutputAnalyzer(pb.start());
output.shouldContain("Ignoring option PermSize; support was removed in 8.0");
output.shouldHaveExitValue(0);
pb = ProcessTools.createJavaProcessBuilder("-XX:MaxPermSize=22k",
"-version");
output = new OutputAnalyzer(pb.start());
output.shouldContain("Ignoring option MaxPermSize; support was removed in 8.0");
output.shouldHaveExitValue(0);
}
}

7
hotspot/test/runtime/modules/IgnoreModulePropertiesTest.java
View File

@ -67,10 +67,11 @@ public class IgnoreModulePropertiesTest {
}
public static void main(String[] args) throws Exception {
testOption("--add-modules", "java.sqlx", "jdk.module.addmods", "java.lang.module.ResolutionException");
testOption("--add-modules", "java.sqlx", "jdk.module.addmods.0", "java.lang.module.ResolutionException");
testOption("--limit-modules", "java.sqlx", "jdk.module.limitmods", "java.lang.module.ResolutionException");
testOption("--add-reads", "xyzz=yyzd", "jdk.module.addreads.0", "java.lang.RuntimeException");
testOption("--add-exports", "java.base/xyzz=yyzd", "jdk.module.addexports.0", "java.lang.RuntimeException");
testOption("--add-reads", "xyzz=yyzd", "jdk.module.addreads.0", "WARNING: Unknown module: xyzz");
testOption("--add-exports", "java.base/xyzz=yyzd", "jdk.module.addexports.0",
"WARNING: package xyzz not in java.base");
testOption("--patch-module", "=d", "jdk.module.patch.0", "IllegalArgumentException");
}
}

1
jaxp/.hgtags
View File

@ -382,3 +382,4 @@ f1eafcb0eb7182b937bc93f214d8cabd01ec4d59 jdk-9+136
a8d5fe567ae72b4931040e59dd4478363f9004f5 jdk-9+137
69c3b12ba75b2e321dee731ac545e7fbff608451 jdk-9+138
8991d71c5316bde259e6a417c1199b008ca3cdf0 jdk-9+139
8d100cb9b04819b5bd09f33c7fd5b8628d1a456f jdk-9+140

6
jaxp/src/java.xml/share/classes/com/sun/org/apache/xalan/internal/xsltc/compiler/Parser.java
View File

@ -1342,6 +1342,12 @@ public class Parser implements Constants, ContentHandler {
}
else {
SyntaxTreeNode parent = _parentStack.peek();
if (element.getClass().isAssignableFrom(Import.class) &&
parent.notTypeOf(Import.class)) {
ErrorMsg err = new ErrorMsg(ErrorMsg.IMPORT_PRECEDE_OTHERS_ERR,
prefix+':'+localname);
throw new SAXException(err.toString());
}
parent.addElement(element);
element.setParent(parent);
}

18
jaxp/src/java.xml/share/classes/com/sun/org/apache/xalan/internal/xsltc/compiler/SyntaxTreeNode.java
View File

@ -523,6 +523,24 @@ public abstract class SyntaxTreeNode implements Constants {
}
}
/**
* Checks whether any children of this node is not of the specified type.
*
* @param type the type to be checked against
* @return true if there is at least one child that is not of the specified
* type, false otherwise.
*/
public boolean notTypeOf(Class<?> type) {
if (_contents.size() > 0) {
for (SyntaxTreeNode item : _contents) {
if (!item.getClass().isAssignableFrom(type)) {
return true;
}
}
}
return false;
}
/**
* Return true if the node represents a simple RTF.
*

8
jaxp/src/java.xml/share/classes/com/sun/org/apache/xalan/internal/xsltc/compiler/util/ErrorMessages.java
View File

@ -273,6 +273,14 @@ public class ErrorMessages extends ListResourceBundle {
{ErrorMsg.CIRCULAR_INCLUDE_ERR,
"Circular import/include. Stylesheet ''{0}'' already loaded."},
/*
* Note to translators: "xsl:import" and "xsl:include" are keywords that
* should not be translated.
*/
{ErrorMsg.IMPORT_PRECEDE_OTHERS_ERR,
"The xsl:import element children must precede all other element children of "
+ "an xsl:stylesheet element, including any xsl:include element children."},
/*
* Note to translators: A result-tree fragment is a portion of a
* resulting XML document represented as a tree. "<xsl:sort>" is a

1
jaxp/src/java.xml/share/classes/com/sun/org/apache/xalan/internal/xsltc/compiler/util/ErrorMsg.java
View File

@ -70,6 +70,7 @@ public final class ErrorMsg {
public static final String STRAY_ATTRIBUTE_ERR = "STRAY_ATTRIBUTE_ERR";
public static final String ILLEGAL_ATTRIBUTE_ERR = "ILLEGAL_ATTRIBUTE_ERR";
public static final String CIRCULAR_INCLUDE_ERR = "CIRCULAR_INCLUDE_ERR";
public static final String IMPORT_PRECEDE_OTHERS_ERR = "IMPORT_PRECEDE_OTHERS_ERR";
public static final String RESULT_TREE_SORT_ERR = "RESULT_TREE_SORT_ERR";
public static final String SYMBOLS_REDEF_ERR = "SYMBOLS_REDEF_ERR";
public static final String XSL_VERSION_ERR = "XSL_VERSION_ERR";

11
jaxp/src/java.xml/share/classes/com/sun/org/apache/xalan/internal/xsltc/trax/StAXStream2SAX.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2005, 2015, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2005, 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -305,9 +305,12 @@ public class StAXStream2SAX implements XMLReader, Locator {
if (prefix == null) { // true for default namespace
prefix = "";
}
_sax.startPrefixMapping(
prefix,
staxStreamReader.getNamespaceURI(i));
String uri = staxStreamReader.getNamespaceURI(i);
if (uri == null && prefix.isEmpty()) { // true for default namespace
uri = "";
}
_sax.startPrefixMapping(prefix, uri);
}
// fire startElement

23
jaxp/test/javax/xml/jaxp/unittest/parsers/Bug6341770.java
View File

@ -28,6 +28,7 @@ import static jaxp.library.JAXPTestUtilities.tryRunWithTmpPermission;
import java.io.File;
import java.io.FileWriter;
import java.io.PrintWriter;
import java.nio.file.Paths;
import java.util.PropertyPermission;
import javax.xml.parsers.SAXParserFactory;
@ -53,8 +54,14 @@ public class Bug6341770 {
// naming a file "aux" would fail on windows.
@Test
public void testNonAsciiURI() {
if (!isNonAsciiSupported()) {
// @bug 8167478
// if it doesn't support non-ascii, the following test is invalid even if test is passed.
System.out.println("Current environment doesn't support non-ascii, exit the test.");
return;
}
try {
File dir = new File("sko\u0159ice");
File dir = new File(ALPHA);
dir.delete();
dir.mkdir();
File main = new File(dir, "main.xml");
@ -82,4 +89,18 @@ public class Bug6341770 {
}
System.out.println("OK.");
}
private boolean isNonAsciiSupported() {
// Use Paths.get method to test if the path is valid in current environment
try {
Paths.get(ALPHA);
return true;
} catch (Exception e) {
return false;
}
}
// Select alpha because it's a very common non-ascii character in different charsets.
// That this test can run in as many as possible environments if it's possible.
private static final String ALPHA = "\u03b1";
}

31
jaxp/test/javax/xml/jaxp/unittest/transform/StAXSourceTest.java
View File

@ -30,7 +30,9 @@ import javax.xml.stream.XMLEventReader;
import javax.xml.stream.XMLEventWriter;
import javax.xml.stream.XMLInputFactory;
import javax.xml.stream.XMLOutputFactory;
import javax.xml.stream.XMLStreamConstants;
import javax.xml.stream.XMLStreamException;
import javax.xml.stream.XMLStreamReader;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerConfigurationException;
import javax.xml.transform.TransformerException;
@ -38,6 +40,7 @@ import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMResult;
import javax.xml.transform.stax.StAXResult;
import javax.xml.transform.stax.StAXSource;
import javax.xml.transform.stream.StreamResult;
import org.testng.Assert;
import org.testng.annotations.Listeners;
@ -45,6 +48,7 @@ import org.testng.annotations.Test;
/*
* @test
* @bug 8152530
* @library /javax/xml/jaxp/libs /javax/xml/jaxp/unittest
* @run testng/othervm -DrunSecMngr=true transform.StAXSourceTest
* @run testng/othervm transform.StAXSourceTest
@ -52,6 +56,33 @@ import org.testng.annotations.Test;
*/
@Listeners({jaxp.library.FilePolicy.class})
public class StAXSourceTest {
/**
* @bug 8152530
* Verifies that StAXSource handles empty namespace properly. NPE was thrown
* before the fix.
* @throws Exception if the test fails
*/
@Test
public final void testStAXSourceWEmptyNS() throws Exception {
String xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n"
+ "<EntityList>\n"
+ " <Entity xmlns=\"\">\n"
+ " </Entity>\n"
+ " <Entity xmlns=\"\">\n"
+ " </Entity>\n"
+ "</EntityList> ";
XMLInputFactory xif = XMLInputFactory.newInstance();
XMLStreamReader xsr = xif.createXMLStreamReader(new StringReader(xml));
xsr.nextTag();
TransformerFactory tf = TransformerFactory.newInstance();
Transformer t = tf.newTransformer();
while (xsr.nextTag() == XMLStreamConstants.START_ELEMENT && xsr.getLocalName().equals("Entity")) {
StringWriter stringResult = new StringWriter();
t.transform(new StAXSource(xsr), new StreamResult(stringResult));
System.out.println("result: \n" + stringResult.toString());
}
}
@Test
public final void testStAXSource() throws XMLStreamException {

149
jaxp/test/javax/xml/jaxp/unittest/transform/StylesheetTest.java Normal file
View File

@ -0,0 +1,149 @@
/*
* Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package transform;
import java.io.StringReader;
import org.xml.sax.InputSource;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.sax.SAXSource;
import javax.xml.transform.TransformerConfigurationException;
import org.testng.annotations.Listeners;
import org.testng.annotations.DataProvider;
import org.testng.annotations.Test;
/**
* @test
* @bug 8058152
* @library /javax/xml/jaxp/libs /javax/xml/jaxp/unittest
* @run testng/othervm -DrunSecMngr=true transform.StylesheetTest
* @run testng/othervm transform.StylesheetTest
* @summary this test contains test cases for verifying stylesheet
*/
@Listeners(jaxp.library.FilePolicy.class)
public class StylesheetTest {
/**
* @bug 8058152
* Verifies that an error is reported if the xsl:import element
* is not at the top of the stylesheet.
* @throws TransformerConfigurationException
*/
@Test(dataProvider = "invalidImport", expectedExceptions = TransformerConfigurationException.class)
public void testInvalidImport(String xsl) throws TransformerConfigurationException {
StringReader xsl1 = new StringReader(xsl);
TransformerFactory factory = TransformerFactory.newInstance();
SAXSource xslSource = new SAXSource(new InputSource(xsl1));
Transformer transformer = factory.newTransformer(xslSource);
}
/**
* @bug 8058152
* Verifies that valid xsl:import elements are accepted
* @throws TransformerConfigurationException
*/
@Test(dataProvider = "validImport")
public void testValidImport(String file) throws TransformerConfigurationException {
String xsl = getClass().getResource(file).getFile();
TransformerFactory factory = TransformerFactory.newInstance();
SAXSource xslSource = new SAXSource(new InputSource(xsl));
Transformer transformer = factory.newTransformer(xslSource);
}
/*
DataProvider: for testing with xsl:import placed incorrectly
Data: stylesheet
*/
@DataProvider(name = "invalidImport")
public Object[][] getInvalid() {
return new Object[][]{
// xsl:import after template and include elements
{"<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n"
+ "<xsl:stylesheet xmlns:xsl=\"http://www.w3.org/1999/XSL/Transform\" version=\"1.0\">\n"
+ "\n"
+ " <xsl:template match=\"content\">\n"
+ " <html>\n"
+ " <xsl:apply-templates/>\n"
+ " </html>\n"
+ " </xsl:template>\n"
+ " \n"
+ " <xsl:include href=\"XSLInclude_header.xsl\"/>\n"
+ "\n"
+ " <xsl:template match=\"content/title\">\n"
+ " <h1>\n"
+ " <xsl:apply-templates/>\n"
+ " </h1>\n"
+ " </xsl:template>\n"
+ " \n"
+ " <xsl:import href=\"XSLInclude_footer.xsl\"/>\n"
+ "\n"
+ "</xsl:stylesheet>"},
// xsl:import inside template
{"<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n"
+ "<xsl:stylesheet xmlns:xsl=\"http://www.w3.org/1999/XSL/Transform\" version=\"1.0\">\n"
+ "\n"
+ " <xsl:template match=\"content\">\n"
+ " <xsl:import href=\"XSLInclude_header.xsl\"/>"
+ " <html>\n"
+ " <xsl:apply-templates/>\n"
+ " </html>\n"
+ " </xsl:template>\n"
+ "\n"
+ "</xsl:stylesheet>"},
// xsl:import after xsl:include
{"<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n"
+ "<xsl:stylesheet xmlns:xsl=\"http://www.w3.org/1999/XSL/Transform\" version=\"1.0\">\n"
+ " <xsl:include href=\"XSLInclude_header.xsl\"/>\n"
+ " <xsl:import href=\"XSLInclude_footer.xsl\"/>\n"
+ "\n"
+ " <xsl:template match=\"content/title\">\n"
+ " <h1>\n"
+ " <xsl:apply-templates/>\n"
+ " </h1>\n"
+ " </xsl:template>\n"
+ "\n"
+ "</xsl:stylesheet>"}
};
}
/*
DataProvider: for testing with xsl:import placed correctly
Data: path to stylesheet
*/
@DataProvider(name = "validImport")
public Object[][] getValid() {
return new Object[][]{
// xsl:import at the top
{"XSLInclude_main.xsl"},
// two xsl:import elements at the top
{"XSLImport.xsl"}
};
}
}

21
jaxp/test/javax/xml/jaxp/unittest/transform/XSLImport.xsl Normal file
View File

@ -0,0 +1,21 @@
<?xml version="1.1" encoding="UTF-8"?>
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0">
<xsl:import href="XSLInclude_header.xsl"/>
<xsl:import href="XSLInclude_footer.xsl"/>
<xsl:template match="content">
<html>
<xsl:apply-templates/>
</html>
</xsl:template>
<xsl:template match="content/title">
<h1>
<xsl:apply-templates/>
</h1>
</xsl:template>
</xsl:stylesheet>

9
jaxp/test/javax/xml/jaxp/unittest/transform/XSLInclude_footer.xsl Normal file
View File

@ -0,0 +1,9 @@
<?xml version="1.0" encoding="UTF-8"?>
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0">
<xsl:template match="footer">
<dv id="footer"><xsl:apply-templates/></dv>
</xsl:template>
</xsl:stylesheet>

8
jaxp/test/javax/xml/jaxp/unittest/transform/XSLInclude_header.xsl Normal file
View File

@ -0,0 +1,8 @@
<?xml version="1.0" encoding="UTF-8"?>
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0">
<xsl:template match="header">
<h4><xsl:apply-templates/></h4>
</xsl:template>
</xsl:stylesheet>

20
jaxp/test/javax/xml/jaxp/unittest/transform/XSLInclude_main.xsl Normal file
View File

@ -0,0 +1,20 @@
<?xml version="1.1" encoding="UTF-8"?>
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0">
<xsl:import href="XSLInclude_header.xsl"/>
<xsl:template match="content">
<html>
<xsl:apply-templates/>
</html>
</xsl:template>
<xsl:template match="content/title">
<h1>
<xsl:apply-templates/>
</h1>
</xsl:template>
<xsl:include href="XSLInclude_footer.xsl"/>
</xsl:stylesheet>

1
jaxws/.hgtags
View File

@ -385,3 +385,4 @@ ab1d78d395d4cb8be426ff181211da1a4085cf01 jdk-9+134
297c16d401c534cb879809d2a746d21ca99d2954 jdk-9+137
7d3a8f52b124db26ba8425c2931b748dd9d2791b jdk-9+138
7a7aadf3c4500cc273c889aa1172d4fe3844bb6b jdk-9+139
9004617323fe99cbe4fad48f373cb2ed4fc50aa6 jdk-9+140

2
jdk/src/java.base/share/classes/java/lang/Class.java
View File

@ -557,7 +557,7 @@ public final class Class<T> implements java.io.Serializable,
Class<?> caller = Reflection.getCallerClass();
if (newInstanceCallerCache != caller) {
int modifiers = tmpConstructor.getModifiers();
Reflection.ensureMemberAccess(caller, this, null, modifiers);
Reflection.ensureMemberAccess(caller, this, this, modifiers);
newInstanceCallerCache = caller;
}
// Run constructor

2
jdk/src/java.base/share/classes/java/lang/Deprecated.java
View File

@ -79,7 +79,7 @@ public @interface Deprecated {
/**
* Returns the version in which the annotated element became deprecated.
* The version string is in the same format and namespace as the value of
* the {@code &#64;since} javadoc tag. The default value is the empty
* the {@code @since} javadoc tag. The default value is the empty
* string.
*
* @return the version string

5
jdk/src/java.base/share/classes/java/lang/Thread.java
View File

@ -504,11 +504,12 @@ class Thread implements Runnable {
}
/**
* Creates a new Thread that inherits the given AccessControlContext.
* Creates a new Thread that inherits the given AccessControlContext
* but thread-local variables are not inherited.
* This is not a public constructor.
*/
Thread(Runnable target, AccessControlContext acc) {
init(null, target, "Thread-" + nextThreadNum(), 0, acc, true);
init(null, target, "Thread-" + nextThreadNum(), 0, acc, false);
}
/**

7
jdk/src/java.base/share/classes/java/lang/module/SystemModuleFinder.java
View File

@ -44,6 +44,8 @@ import java.util.function.Supplier;
import jdk.internal.jimage.ImageLocation;
import jdk.internal.jimage.ImageReader;
import jdk.internal.jimage.ImageReaderFactory;
import jdk.internal.misc.JavaNetUriAccess;
import jdk.internal.misc.SharedSecrets;
import jdk.internal.module.ModuleHashes;
import jdk.internal.module.ModuleHashes.HashSupplier;
import jdk.internal.module.SystemModules;
@ -71,6 +73,8 @@ class SystemModuleFinder implements ModuleFinder {
// ImageReader used to access all modules in the image
private static final ImageReader imageReader;
private static final JavaNetUriAccess jnua = SharedSecrets.getJavaNetUriAccess();
// the set of modules in the run-time image
private static final Set<ModuleReference> modules;
@ -166,7 +170,8 @@ class SystemModuleFinder implements ModuleFinder {
HashSupplier hash)
{
String mn = md.name();
URI uri = URI.create("jrt:/" + mn);
URI uri = jnua.create("jrt", "/".concat(mn));
Supplier<ModuleReader> readerSupplier = new Supplier<>() {
@Override

34
jdk/src/java.base/share/classes/java/lang/reflect/AccessibleObject.java
View File

@ -312,22 +312,22 @@ public class AccessibleObject implements AnnotatedElement {
// (See also Class.newInstance(), which uses a similar method.)
//
// A more complicated security check cache is needed for Method and Field
// The cache can be either null (empty cache), a 2-array of {caller,target},
// or a caller (with target implicitly equal to this.clazz).
// In the 2-array case, the target is always different from the clazz.
// The cache can be either null (empty cache), a 2-array of {caller,targetClass},
// or a caller (with targetClass implicitly equal to memberClass).
// In the 2-array case, the targetClass is always different from the memberClass.
volatile Object securityCheckCache;
void checkAccess(Class<?> caller, Class<?> clazz, Object obj, int modifiers)
final void checkAccess(Class<?> caller, Class<?> memberClass,
Class<?> targetClass, int modifiers)
throws IllegalAccessException
{
if (caller == clazz) { // quick check
if (caller == memberClass) { // quick check
return; // ACCESS IS OK
}
Object cache = securityCheckCache; // read volatile
Class<?> targetClass = clazz;
if (obj != null
if (targetClass != null // instance member or constructor
&& Modifier.isProtected(modifiers)
&& ((targetClass = obj.getClass()) != clazz)) {
&& targetClass != memberClass) {
// Must match a 2-list of { caller, targetClass }.
if (cache instanceof Class[]) {
Class<?>[] cache2 = (Class<?>[]) cache;
@ -339,25 +339,27 @@ public class AccessibleObject implements AnnotatedElement {
// subsumes range check for [0].)
}
} else if (cache == caller) {
// Non-protected case (or obj.class == this.clazz).
// Non-protected case (or targetClass == memberClass or static member).
return; // ACCESS IS OK
}
// If no return, fall through to the slow path.
slowCheckMemberAccess(caller, clazz, obj, modifiers, targetClass);
slowCheckMemberAccess(caller, memberClass, targetClass, modifiers);
}
// Keep all this slow stuff out of line:
void slowCheckMemberAccess(Class<?> caller, Class<?> clazz, Object obj, int modifiers,
Class<?> targetClass)
void slowCheckMemberAccess(Class<?> caller, Class<?> memberClass,
Class<?> targetClass, int modifiers)
throws IllegalAccessException
{
Reflection.ensureMemberAccess(caller, clazz, obj, modifiers);
Reflection.ensureMemberAccess(caller, memberClass, targetClass, modifiers);
// Success: Update the cache.
Object cache = ((targetClass == clazz)
? caller
: new Class<?>[] { caller, targetClass });
Object cache = (targetClass != null
&& Modifier.isProtected(modifiers)
&& targetClass != memberClass)
? new Class<?>[] { caller, targetClass }
: caller;
// Note: The two cache elements are not volatile,
// but they are effectively final. The Java memory model

2
jdk/src/java.base/share/classes/java/lang/reflect/Constructor.java
View File

@ -443,7 +443,7 @@ public final class Constructor<T> extends Executable {
{
if (!override) {
Class<?> caller = Reflection.getCallerClass();
checkAccess(caller, clazz, null, modifiers);
checkAccess(caller, clazz, clazz, modifiers);
}
if ((clazz.getModifiers() & Modifier.ENUM) != 0)
throw new IllegalArgumentException("Cannot reflectively create enum objects");

45
jdk/src/java.base/share/classes/java/lang/reflect/Field.java
View File

@ -403,7 +403,7 @@ class Field extends AccessibleObject implements Member {
{
if (!override) {
Class<?> caller = Reflection.getCallerClass();
checkAccess(caller, clazz, obj, modifiers);
checkAccess(caller, obj);
}
return getFieldAccessor(obj).get(obj);
}
@ -437,7 +437,7 @@ class Field extends AccessibleObject implements Member {
{
if (!override) {
Class<?> caller = Reflection.getCallerClass();
checkAccess(caller, clazz, obj, modifiers);
checkAccess(caller, obj);
}
return getFieldAccessor(obj).getBoolean(obj);
}
@ -471,7 +471,7 @@ class Field extends AccessibleObject implements Member {
{
if (!override) {
Class<?> caller = Reflection.getCallerClass();
checkAccess(caller, clazz, obj, modifiers);
checkAccess(caller, obj);
}
return getFieldAccessor(obj).getByte(obj);
}
@ -507,7 +507,7 @@ class Field extends AccessibleObject implements Member {
{
if (!override) {
Class<?> caller = Reflection.getCallerClass();
checkAccess(caller, clazz, obj, modifiers);
checkAccess(caller, obj);
}
return getFieldAccessor(obj).getChar(obj);
}
@ -543,7 +543,7 @@ class Field extends AccessibleObject implements Member {
{
if (!override) {
Class<?> caller = Reflection.getCallerClass();
checkAccess(caller, clazz, obj, modifiers);
checkAccess(caller, obj);
}
return getFieldAccessor(obj).getShort(obj);
}
@ -579,7 +579,7 @@ class Field extends AccessibleObject implements Member {
{
if (!override) {
Class<?> caller = Reflection.getCallerClass();
checkAccess(caller, clazz, obj, modifiers);
checkAccess(caller, obj);
}
return getFieldAccessor(obj).getInt(obj);
}
@ -615,7 +615,7 @@ class Field extends AccessibleObject implements Member {
{
if (!override) {
Class<?> caller = Reflection.getCallerClass();
checkAccess(caller, clazz, obj, modifiers);
checkAccess(caller, obj);
}
return getFieldAccessor(obj).getLong(obj);
}
@ -651,7 +651,7 @@ class Field extends AccessibleObject implements Member {
{
if (!override) {
Class<?> caller = Reflection.getCallerClass();
checkAccess(caller, clazz, obj, modifiers);
checkAccess(caller, obj);
}
return getFieldAccessor(obj).getFloat(obj);
}
@ -687,7 +687,7 @@ class Field extends AccessibleObject implements Member {
{
if (!override) {
Class<?> caller = Reflection.getCallerClass();
checkAccess(caller, clazz, obj, modifiers);
checkAccess(caller, obj);
}
return getFieldAccessor(obj).getDouble(obj);
}
@ -765,7 +765,7 @@ class Field extends AccessibleObject implements Member {
{
if (!override) {
Class<?> caller = Reflection.getCallerClass();
checkAccess(caller, clazz, obj, modifiers);
checkAccess(caller, obj);
}
getFieldAccessor(obj).set(obj, value);
}
@ -801,7 +801,7 @@ class Field extends AccessibleObject implements Member {
{
if (!override) {
Class<?> caller = Reflection.getCallerClass();
checkAccess(caller, clazz, obj, modifiers);
checkAccess(caller, obj);
}
getFieldAccessor(obj).setBoolean(obj, z);
}
@ -837,7 +837,7 @@ class Field extends AccessibleObject implements Member {
{
if (!override) {
Class<?> caller = Reflection.getCallerClass();
checkAccess(caller, clazz, obj, modifiers);
checkAccess(caller, obj);
}
getFieldAccessor(obj).setByte(obj, b);
}
@ -873,7 +873,7 @@ class Field extends AccessibleObject implements Member {
{
if (!override) {
Class<?> caller = Reflection.getCallerClass();
checkAccess(caller, clazz, obj, modifiers);
checkAccess(caller, obj);
}
getFieldAccessor(obj).setChar(obj, c);
}
@ -909,7 +909,7 @@ class Field extends AccessibleObject implements Member {
{
if (!override) {
Class<?> caller = Reflection.getCallerClass();
checkAccess(caller, clazz, obj, modifiers);
checkAccess(caller, obj);
}
getFieldAccessor(obj).setShort(obj, s);
}
@ -945,7 +945,7 @@ class Field extends AccessibleObject implements Member {
{
if (!override) {
Class<?> caller = Reflection.getCallerClass();
checkAccess(caller, clazz, obj, modifiers);
checkAccess(caller, obj);
}
getFieldAccessor(obj).setInt(obj, i);
}
@ -981,7 +981,7 @@ class Field extends AccessibleObject implements Member {
{
if (!override) {
Class<?> caller = Reflection.getCallerClass();
checkAccess(caller, clazz, obj, modifiers);
checkAccess(caller, obj);
}
getFieldAccessor(obj).setLong(obj, l);
}
@ -1017,7 +1017,7 @@ class Field extends AccessibleObject implements Member {
{
if (!override) {
Class<?> caller = Reflection.getCallerClass();
checkAccess(caller, clazz, obj, modifiers);
checkAccess(caller, obj);
}
getFieldAccessor(obj).setFloat(obj, f);
}
@ -1053,11 +1053,20 @@ class Field extends AccessibleObject implements Member {
{
if (!override) {
Class<?> caller = Reflection.getCallerClass();
checkAccess(caller, clazz, obj, modifiers);
checkAccess(caller, obj);
}
getFieldAccessor(obj).setDouble(obj, d);
}
// check access to field
private void checkAccess(Class<?> caller, Object obj)
throws IllegalAccessException
{
checkAccess(caller, clazz,
Modifier.isStatic(modifiers) ? null : obj.getClass(),
modifiers);
}
// security check is done before calling this method
private FieldAccessor getFieldAccessor(Object obj)
throws IllegalAccessException

4
jdk/src/java.base/share/classes/java/lang/reflect/Method.java
View File

@ -526,7 +526,9 @@ public final class Method extends Executable {
{
if (!override) {
Class<?> caller = Reflection.getCallerClass();
checkAccess(caller, clazz, obj, modifiers);
checkAccess(caller, clazz,
Modifier.isStatic(modifiers) ? null : obj.getClass(),
modifiers);
}
MethodAccessor ma = methodAccessor; // read volatile
if (ma == null) {

32
jdk/src/java.base/share/classes/java/net/URI.java
View File

@ -37,6 +37,9 @@ import java.nio.charset.CoderResult;
import java.nio.charset.CodingErrorAction;
import java.nio.charset.CharacterCodingException;
import java.text.Normalizer;
import jdk.internal.loader.URLClassPath;
import jdk.internal.misc.JavaNetUriAccess;
import jdk.internal.misc.SharedSecrets;
import sun.nio.cs.ThreadLocalCoders;
import java.lang.Character; // for javadoc
@ -819,6 +822,25 @@ public final class URI
.parse(false);
}
/**
* Constructs a simple URI consisting of only a scheme and a pre-validated
* path. Provides a fast-path for some internal cases.
*/
URI(String scheme, String path) {
assert validSchemeAndPath(scheme, path);
this.scheme = scheme;
this.path = path;
}
private static boolean validSchemeAndPath(String scheme, String path) {
try {
URI u = new URI(scheme + ":" + path);
return scheme.equals(u.scheme) && path.equals(u.path);
} catch (URISyntaxException e) {
return false;
}
}
/**
* Creates a URI by parsing the given string.
*
@ -3571,5 +3593,13 @@ public final class URI
}
}
static {
SharedSecrets.setJavaNetUriAccess(
new JavaNetUriAccess() {
public URI create(String scheme, String path) {
return new URI(scheme, path);
}
}
);
}
}

9
jdk/src/java.base/share/classes/java/net/URLClassLoader.java
View File

@ -51,8 +51,6 @@ import java.util.jar.Manifest;
import jdk.internal.loader.Resource;
import jdk.internal.loader.URLClassPath;
import jdk.internal.misc.JavaNetAccess;
import jdk.internal.misc.SharedSecrets;
import jdk.internal.perf.PerfCounter;
import sun.net.www.ParseUtil;
import sun.security.util.SecurityConstants;
@ -767,13 +765,6 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
}
static {
SharedSecrets.setJavaNetAccess(
new JavaNetAccess() {
public URLClassPath getURLClassPath(URLClassLoader u) {
return u.ucp;
}
}
);
ClassLoader.registerAsParallelCapable();
}
}

4
jdk/src/java.base/share/classes/java/time/Instant.java
View File

@ -610,7 +610,7 @@ public final class Instant
* <p>
* The epoch second count is a simple incrementing count of seconds where
* second 0 is 1970-01-01T00:00:00Z.
* The nanosecond part of the day is returned by {@code getNanosOfSecond}.
* The nanosecond part of the day is returned by {@link #getNano}.
*
* @return the seconds from the epoch of 1970-01-01T00:00:00Z
*/
@ -623,7 +623,7 @@ public final class Instant
* of the second.
* <p>
* The nanosecond-of-second value measures the total number of nanoseconds from
* the second returned by {@code getEpochSecond}.
* the second returned by {@link #getEpochSecond}.
*
* @return the nanoseconds within the second, always positive, never exceeds 999,999,999
*/

4
jdk/src/java.base/share/classes/java/util/Date.java
View File

@ -85,12 +85,12 @@ import sun.util.calendar.ZoneInfo;
* further information is the U.S. Naval Observatory, particularly
* the Directorate of Time at:
* <blockquote><pre>
* <a href=http://tycho.usno.navy.mil>http://tycho.usno.navy.mil</a>
* <a href="http://www.usno.navy.mil">http://www.usno.navy.mil</a>
* </pre></blockquote>
* <p>
* and their definitions of "Systems of Time" at:
* <blockquote><pre>
* <a href=http://tycho.usno.navy.mil/systime.html>http://tycho.usno.navy.mil/systime.html</a>
* <a href="http://www.usno.navy.mil/USNO/time/master-clock/systems-of-time">http://www.usno.navy.mil/USNO/time/master-clock/systems-of-time</a>
* </pre></blockquote>
* <p>
* In all methods of class {@code Date} that accept or return

8
jdk/src/java.base/share/classes/jdk/internal/jmod/JmodFile.java
View File

@ -71,7 +71,9 @@ public class JmodFile implements AutoCloseable {
NATIVE_LIBS("native"),
NATIVE_CMDS("bin"),
CLASSES("classes"),
CONFIG("conf");
CONFIG("conf"),
HEADER_FILES("include"),
MAN_PAGES("man");
private final String jmodDir;
private Section(String jmodDir) {
@ -151,6 +153,10 @@ public class JmodFile implements AutoCloseable {
return Section.CLASSES;
case "conf":
return Section.CONFIG;
case "include":
return Section.HEADER_FILES;
case "man":
return Section.MAN_PAGES;
default:
throw new IllegalArgumentException("invalid section: " + s);
}

11
jdk/src/java.base/share/classes/jdk/internal/misc/JavaNetAccess.java → jdk/src/java.base/share/classes/jdk/internal/misc/JavaNetUriAccess.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2006, 2015, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2006, 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -25,12 +25,11 @@
package jdk.internal.misc;
import java.net.URLClassLoader;
import jdk.internal.loader.URLClassPath;
import java.net.URI;
public interface JavaNetAccess {
public interface JavaNetUriAccess {
/**
* return the URLClassPath belonging to the given loader
* Create a URI of pre-validated scheme and path.
*/
URLClassPath getURLClassPath (URLClassLoader u);
URI create(String scheme, String path);
}

14
jdk/src/java.base/share/classes/jdk/internal/misc/SharedSecrets.java
View File

@ -53,10 +53,10 @@ public class SharedSecrets {
private static JavaLangInvokeAccess javaLangInvokeAccess;
private static JavaLangRefAccess javaLangRefAccess;
private static JavaIOAccess javaIOAccess;
private static JavaNetAccess javaNetAccess;
private static JavaNetInetAddressAccess javaNetInetAddressAccess;
private static JavaNetHttpCookieAccess javaNetHttpCookieAccess;
private static JavaNetSocketAccess javaNetSocketAccess;
private static JavaNetUriAccess javaNetUriAccess;
private static JavaNioAccess javaNioAccess;
private static JavaIOFileDescriptorAccess javaIOFileDescriptorAccess;
private static JavaIOFilePermissionAccess javaIOFilePermissionAccess;
@ -134,14 +134,14 @@ public class SharedSecrets {
return javaLangRefAccess;
}
public static void setJavaNetAccess(JavaNetAccess jna) {
javaNetAccess = jna;
public static void setJavaNetUriAccess(JavaNetUriAccess jnua) {
javaNetUriAccess = jnua;
}
public static JavaNetAccess getJavaNetAccess() {
if (javaNetAccess == null)
unsafe.ensureClassInitialized(java.net.URLClassLoader.class);
return javaNetAccess;
public static JavaNetUriAccess getJavaNetUriAccess() {
if (javaNetUriAccess == null)
unsafe.ensureClassInitialized(java.net.URI.class);
return javaNetUriAccess;
}
public static void setJavaNetInetAddressAccess(JavaNetInetAddressAccess jna) {

54
jdk/src/java.base/share/classes/jdk/internal/reflect/Reflection.java
View File

@ -84,9 +84,22 @@ public class Reflection {
public static native int getClassAccessFlags(Class<?> c);
/**
* Ensures that access to a member is granted and throws
* IllegalAccessException if not.
*
* @param currentClass the class performing the access
* @param memberClass the declaring class of the member being accessed
* @param targetClass the class of target object if accessing instance
* field or method;
* or the declaring class if accessing constructor;
* or null if accessing static field or method
* @param modifiers the member's access modifiers
* @throws IllegalAccessException if access to member is denied
*/
public static void ensureMemberAccess(Class<?> currentClass,
Class<?> memberClass,
Object target,
Class<?> targetClass,
int modifiers)
throws IllegalAccessException
{
@ -94,18 +107,15 @@ public class Reflection {
throw new InternalError();
}
if (!verifyMemberAccess(currentClass, memberClass, target, modifiers)) {
throwIllegalAccessException(currentClass, memberClass, target, modifiers);
if (!verifyMemberAccess(currentClass, memberClass, targetClass, modifiers)) {
throwIllegalAccessException(currentClass, memberClass, targetClass, modifiers);
}
}
public static boolean verifyMemberAccess(Class<?> currentClass,
// Declaring class of field
// or method
Class<?> memberClass,
// May be NULL in case of statics
Object target,
int modifiers)
private static boolean verifyMemberAccess(Class<?> currentClass,
Class<?> memberClass,
Class<?> targetClass,
int modifiers)
{
// Verify that currentClass can access a field, method, or
// constructor of memberClass, where that member's access bits are
@ -162,18 +172,18 @@ public class Reflection {
return false;
}
if (Modifier.isProtected(modifiers)) {
// Additional test for protected members: JLS 6.6.2
Class<?> targetClass = (target == null ? memberClass : target.getClass());
if (targetClass != currentClass) {
if (!gotIsSameClassPackage) {
isSameClassPackage = isSameClassPackage(currentClass, memberClass);
gotIsSameClassPackage = true;
}
if (!isSameClassPackage) {
if (!isSubclassOf(targetClass, currentClass)) {
return false;
}
// Additional test for protected instance members
// and protected constructors: JLS 6.6.2
if (targetClass != null && Modifier.isProtected(modifiers) &&
targetClass != currentClass)
{
if (!gotIsSameClassPackage) {
isSameClassPackage = isSameClassPackage(currentClass, memberClass);
gotIsSameClassPackage = true;
}
if (!isSameClassPackage) {
if (!isSubclassOf(targetClass, currentClass)) {
return false;
}
}
}

2
jdk/src/java.base/share/classes/module-info.java
View File

@ -171,8 +171,10 @@ module java.base {
jdk.jartool,
jdk.jdeps,
jdk.jlink,
jdk.jshell,
jdk.net,
jdk.scripting.nashorn,
jdk.scripting.nashorn.shell,
jdk.unsupported,
jdk.vm.ci;
exports jdk.internal.perf to

41
jdk/src/java.base/share/classes/sun/net/www/protocol/http/AuthenticationHeader.java
View File

@ -25,8 +25,11 @@
package sun.net.www.protocol.http;
import java.util.Collections;
import java.util.Iterator;
import java.util.HashMap;
import java.util.Set;
import sun.net.www.*;
import sun.security.action.GetPropertyAction;
@ -67,8 +70,8 @@ import sun.security.action.GetPropertyAction;
* -Dhttp.auth.preference="scheme"
*
* which in this case, specifies that "scheme" should be used as the auth scheme when offered
* disregarding the default prioritisation. If scheme is not offered then the default priority
* is used.
* disregarding the default prioritisation. If scheme is not offered, or explicitly
* disabled, by {@code disabledSchemes}, then the default priority is used.
*
* Attention: when http.auth.preference is set as SPNEGO or Kerberos, it's actually "Negotiate
* with SPNEGO" or "Negotiate with Kerberos", which means the user will prefer the Negotiate
@ -113,17 +116,32 @@ public class AuthenticationHeader {
String hdrname; // Name of the header to look for
/**
* parse a set of authentication headers and choose the preferred scheme
* that we support for a given host
* Parses a set of authentication headers and chooses the preferred scheme
* that is supported for a given host.
*/
public AuthenticationHeader (String hdrname, MessageHeader response,
HttpCallerInfo hci, boolean dontUseNegotiate) {
this(hdrname, response, hci, dontUseNegotiate, Collections.emptySet());
}
/**
* Parses a set of authentication headers and chooses the preferred scheme
* that is supported for a given host.
*
* <p> The {@code disabledSchemes} parameter is a, possibly empty, set of
* authentication schemes that are disabled.
*/
public AuthenticationHeader(String hdrname,
MessageHeader response,
HttpCallerInfo hci,
boolean dontUseNegotiate,
Set<String> disabledSchemes) {
this.hci = hci;
this.dontUseNegotiate = dontUseNegotiate;
rsp = response;
this.rsp = response;
this.hdrname = hdrname;
schemes = new HashMap<>();
parse();
this.schemes = new HashMap<>();
parse(disabledSchemes);
}
public HttpCallerInfo getHttpCallerInfo() {
@ -143,10 +161,11 @@ public class AuthenticationHeader {
* then the last one will be used. The
* preferred scheme that we support will be used.
*/
private void parse () {
private void parse(Set<String> disabledSchemes) {
Iterator<String> iter = rsp.multiValueIterator(hdrname);
while (iter.hasNext()) {
String raw = iter.next();
// HeaderParser lower cases everything, so can be used case-insensitively
HeaderParser hp = new HeaderParser(raw);
Iterator<String> keys = hp.keys();
int i, lastSchemeIndex;
@ -156,7 +175,8 @@ public class AuthenticationHeader {
if (lastSchemeIndex != -1) {
HeaderParser hpn = hp.subsequence (lastSchemeIndex, i);
String scheme = hpn.findKey(0);
schemes.put (scheme, new SchemeMapValue (hpn, raw));
if (!disabledSchemes.contains(scheme))
schemes.put(scheme, new SchemeMapValue (hpn, raw));
}
lastSchemeIndex = i;
}
@ -164,7 +184,8 @@ public class AuthenticationHeader {
if (i > lastSchemeIndex) {
HeaderParser hpn = hp.subsequence (lastSchemeIndex, i);
String scheme = hpn.findKey(0);
schemes.put(scheme, new SchemeMapValue (hpn, raw));
if (!disabledSchemes.contains(scheme))
schemes.put(scheme, new SchemeMapValue (hpn, raw));
}
}

57
jdk/src/java.base/share/classes/sun/net/www/protocol/http/HttpURLConnection.java
View File

@ -25,6 +25,7 @@
package sun.net.www.protocol.http;
import java.security.PrivilegedAction;
import java.util.Arrays;
import java.net.URL;
import java.net.URLConnection;
@ -109,6 +110,14 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
static final boolean validateProxy;
static final boolean validateServer;
/** A, possibly empty, set of authentication schemes that are disabled
* when proxying plain HTTP ( not HTTPS ). */
static final Set<String> disabledProxyingSchemes;
/** A, possibly empty, set of authentication schemes that are disabled
* when setting up a tunnel for HTTPS ( HTTP CONNECT ). */
static final Set<String> disabledTunnelingSchemes;
private StreamingOutputStream strOutputStream;
private static final String RETRY_MSG1 =
"cannot retry due to proxy authentication, in streaming mode";
@ -206,6 +215,22 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
"Via"
};
private static String getNetProperty(String name) {
PrivilegedAction<String> pa = () -> NetProperties.get(name);
return AccessController.doPrivileged(pa);
}
private static Set<String> schemesListToSet(String list) {
if (list == null || list.isEmpty())
return Collections.emptySet();
Set<String> s = new HashSet<>();
String[] parts = list.split("\\s*,\\s*");
for (String part : parts)
s.add(part.toLowerCase(Locale.ROOT));
return s;
}
static {
Properties props = GetPropertyAction.privilegedGetProperties();
maxRedirects = GetIntegerAction.privilegedGetProperty(
@ -218,6 +243,14 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
agent = agent + " Java/"+version;
}
userAgent = agent;
// A set of net properties to control the use of authentication schemes
// when proxing/tunneling.
String p = getNetProperty("jdk.http.auth.tunneling.disabledSchemes");
disabledTunnelingSchemes = schemesListToSet(p);
p = getNetProperty("jdk.http.auth.proxying.disabledSchemes");
disabledProxyingSchemes = schemesListToSet(p);
validateProxy = Boolean.parseBoolean(
props.getProperty("http.auth.digest.validateProxy"));
validateServer = Boolean.parseBoolean(
@ -1575,10 +1608,13 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
// altered in similar ways.
AuthenticationHeader authhdr = new AuthenticationHeader (
"Proxy-Authenticate", responses,
new HttpCallerInfo(url, http.getProxyHostUsed(),
http.getProxyPortUsed()),
dontUseNegotiate
"Proxy-Authenticate",
responses,
new HttpCallerInfo(url,
http.getProxyHostUsed(),
http.getProxyPortUsed()),
dontUseNegotiate,
disabledProxyingSchemes
);
if (!doingNTLMp2ndStage) {
@ -2024,11 +2060,14 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
}
}
AuthenticationHeader authhdr = new AuthenticationHeader (
"Proxy-Authenticate", responses,
new HttpCallerInfo(url, http.getProxyHostUsed(),
http.getProxyPortUsed()),
dontUseNegotiate
AuthenticationHeader authhdr = new AuthenticationHeader(
"Proxy-Authenticate",
responses,
new HttpCallerInfo(url,
http.getProxyHostUsed(),
http.getProxyPortUsed()),
dontUseNegotiate,
disabledTunnelingSchemes
);
if (!doingNTLMp2ndStage) {
proxyAuthentication =

78
jdk/src/java.base/share/classes/sun/reflect/misc/ReflectUtil.java
View File

@ -44,9 +44,21 @@ public final class ReflectUtil {
return Class.forName(name);
}
/*
* Reflection.ensureMemberAccess is overly-restrictive
* due to a bug. We awkwardly work around it for now.
/**
* Ensures that access to a method or field is granted and throws
* IllegalAccessException if not. This method is not suitable for checking
* access to constructors.
*
* @param currentClass the class performing the access
* @param memberClass the declaring class of the member being accessed
* @param target the target object if accessing instance field or method;
* or null if accessing static field or method or if target
* object access rights will be checked later
* @param modifiers the member's access modifiers
* @throws IllegalAccessException if access to member is denied
* @implNote Delegates directly to
* {@link Reflection#ensureMemberAccess(Class, Class, Class, int)}
* which should be used instead.
*/
public static void ensureMemberAccess(Class<?> currentClass,
Class<?> memberClass,
@ -54,62 +66,10 @@ public final class ReflectUtil {
int modifiers)
throws IllegalAccessException
{
if (target == null && Modifier.isProtected(modifiers)) {
int mods = modifiers;
mods = mods & (~Modifier.PROTECTED);
mods = mods | Modifier.PUBLIC;
/*
* See if we fail because of class modifiers
*/
Reflection.ensureMemberAccess(currentClass,
memberClass,
target,
mods);
try {
/*
* We're still here so class access was ok.
* Now try with default field access.
*/
mods = mods & (~Modifier.PUBLIC);
Reflection.ensureMemberAccess(currentClass,
memberClass,
target,
mods);
/*
* We're still here so access is ok without
* checking for protected.
*/
return;
} catch (IllegalAccessException e) {
/*
* Access failed but we're 'protected' so
* if the test below succeeds then we're ok.
*/
if (isSubclassOf(currentClass, memberClass)) {
return;
} else {
throw e;
}
}
} else {
Reflection.ensureMemberAccess(currentClass,
memberClass,
target,
modifiers);
}
}
private static boolean isSubclassOf(Class<?> queryClass,
Class<?> ofClass)
{
while (queryClass != null) {
if (queryClass == ofClass) {
return true;
}
queryClass = queryClass.getSuperclass();
}
return false;
Reflection.ensureMemberAccess(currentClass,
memberClass,
target == null ? null : target.getClass(),
modifiers);
}
/**

75
jdk/src/java.base/share/classes/sun/security/pkcs/SignerInfo.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1996, 2015, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1996, 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -28,20 +28,38 @@ package sun.security.pkcs;
import java.io.OutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.CryptoPrimitive;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.Timestamp;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertPath;
import java.security.cert.X509Certificate;
import java.security.*;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.EnumSet;
import java.util.Set;
import sun.security.timestamp.TimestampToken;
import sun.security.util.*;
import sun.security.util.Debug;
import sun.security.util.DerEncoder;
import sun.security.util.DerInputStream;
import sun.security.util.DerOutputStream;
import sun.security.util.DerValue;
import sun.security.util.DisabledAlgorithmConstraints;
import sun.security.util.HexDumpEncoder;
import sun.security.util.KeyUtil;
import sun.security.util.ObjectIdentifier;
import sun.security.x509.AlgorithmId;
import sun.security.x509.X500Name;
import sun.security.x509.KeyUsageExtension;
import sun.security.util.HexDumpEncoder;
/**
* A SignerInfo, as defined in PKCS#7's signedData type.
@ -50,6 +68,17 @@ import sun.security.util.HexDumpEncoder;
*/
public class SignerInfo implements DerEncoder {
// Digest and Signature restrictions
private static final Set<CryptoPrimitive> DIGEST_PRIMITIVE_SET =
Collections.unmodifiableSet(EnumSet.of(CryptoPrimitive.MESSAGE_DIGEST));
private static final Set<CryptoPrimitive> SIG_PRIMITIVE_SET =
Collections.unmodifiableSet(EnumSet.of(CryptoPrimitive.SIGNATURE));
private static final DisabledAlgorithmConstraints JAR_DISABLED_CHECK =
new DisabledAlgorithmConstraints(
DisabledAlgorithmConstraints.PROPERTY_JAR_DISABLED_ALGS);
BigInteger version;
X500Name issuerName;
BigInteger certificateSerialNumber;
@ -318,6 +347,13 @@ public class SignerInfo implements DerEncoder {
if (messageDigest == null) // fail if there is no message digest
return null;
// check that algorithm is not restricted
if (!JAR_DISABLED_CHECK.permits(DIGEST_PRIMITIVE_SET,
digestAlgname, null)) {
throw new SignatureException("Digest check failed. " +
"Disabled algorithm used: " + digestAlgname);
}
MessageDigest md = MessageDigest.getInstance(digestAlgname);
byte[] computedMessageDigest = md.digest(data);
@ -349,12 +385,26 @@ public class SignerInfo implements DerEncoder {
String algname = AlgorithmId.makeSigAlg(
digestAlgname, encryptionAlgname);
Signature sig = Signature.getInstance(algname);
X509Certificate cert = getCertificate(block);
// check that algorithm is not restricted
if (!JAR_DISABLED_CHECK.permits(SIG_PRIMITIVE_SET, algname, null)) {
throw new SignatureException("Signature check failed. " +
"Disabled algorithm used: " + algname);
}
X509Certificate cert = getCertificate(block);
PublicKey key = cert.getPublicKey();
if (cert == null) {
return null;
}
// check if the public key is restricted
if (!JAR_DISABLED_CHECK.permits(SIG_PRIMITIVE_SET, key)) {
throw new SignatureException("Public key check failed. " +
"Disabled key used: " +
KeyUtil.getKeySize(key) + " bit " +
key.getAlgorithm());
}
if (cert.hasUnsupportedCriticalExtension()) {
throw new SignatureException("Certificate has unsupported "
+ "critical extension(s)");
@ -391,11 +441,9 @@ public class SignerInfo implements DerEncoder {
}
}
PublicKey key = cert.getPublicKey();
Signature sig = Signature.getInstance(algname);
sig.initVerify(key);
sig.update(dataSigned);
if (sig.verify(encryptedDigest)) {
return this;
}
@ -515,9 +563,16 @@ public class SignerInfo implements DerEncoder {
*/
private void verifyTimestamp(TimestampToken token)
throws NoSuchAlgorithmException, SignatureException {
String digestAlgname = token.getHashAlgorithm().getName();
// check that algorithm is not restricted
if (!JAR_DISABLED_CHECK.permits(DIGEST_PRIMITIVE_SET, digestAlgname,
null)) {
throw new SignatureException("Timestamp token digest check failed. " +
"Disabled algorithm used: " + digestAlgname);
}
MessageDigest md =
MessageDigest.getInstance(token.getHashAlgorithm().getName());
MessageDigest.getInstance(digestAlgname);
if (!Arrays.equals(token.getHashedMessage(),
md.digest(encryptedDigest))) {

26
jdk/src/java.base/share/classes/sun/security/provider/certpath/AlgorithmChecker.java
View File

@ -185,20 +185,22 @@ public final class AlgorithmChecker extends PKIXCertPathChecker {
AlgorithmConstraints constraints,
Date pkixdate) {
if (anchor == null) {
throw new IllegalArgumentException(
"The trust anchor cannot be null");
}
if (anchor.getTrustedCert() != null) {
this.trustedPubKey = anchor.getTrustedCert().getPublicKey();
// Check for anchor certificate restrictions
trustedMatch = checkFingerprint(anchor.getTrustedCert());
if (trustedMatch && debug != null) {
debug.println("trustedMatch = true");
if (anchor != null) {
if (anchor.getTrustedCert() != null) {
this.trustedPubKey = anchor.getTrustedCert().getPublicKey();
// Check for anchor certificate restrictions
trustedMatch = checkFingerprint(anchor.getTrustedCert());
if (trustedMatch && debug != null) {
debug.println("trustedMatch = true");
}
} else {
this.trustedPubKey = anchor.getCAPublicKey();
}
} else {
this.trustedPubKey = anchor.getCAPublicKey();
this.trustedPubKey = null;
if (debug != null) {
debug.println("TrustAnchor is null, trustedMatch is false.");
}
}
this.prevPubKey = trustedPubKey;

25
jdk/src/java.base/share/classes/sun/security/provider/certpath/ForwardBuilder.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -816,18 +816,22 @@ class ForwardBuilder extends Builder {
/**
* Verifies whether the input certificate completes the path.
* Checks the cert against each trust anchor that was specified, in order,
* and returns true as soon as it finds a valid anchor.
* Returns true if the cert matches a trust anchor specified as a
* certificate or if the cert verifies with a trust anchor that
* was specified as a trusted {pubkey, caname} pair. Returns false if none
* of the trust anchors are valid for this cert.
* First checks the cert against each trust anchor that was specified,
* in order, and returns true if the cert matches the trust anchor
* specified as a certificate or has the same key and subject of an anchor
* specified as a trusted {pubkey, caname} pair.
* If no match has been found, does a second check of the cert against
* anchors specified as a trusted {pubkey, caname} pair to see if the cert
* was issued by that anchor.
* Returns false if none of the trust anchors are valid for this cert.
*
* @param cert the certificate to test
* @return a boolean value indicating whether the cert completes the path.
*/
@Override
boolean isPathCompleted(X509Certificate cert) {
List<TrustAnchor> otherAnchors = new ArrayList<>();
// first, check if cert is already trusted
for (TrustAnchor anchor : trustAnchors) {
if (anchor.getTrustedCert() != null) {
if (cert.equals(anchor.getTrustedCert())) {
@ -849,7 +853,12 @@ class ForwardBuilder extends Builder {
}
// else, it is a self-issued certificate of the anchor
}
otherAnchors.add(anchor);
}
// next, check if cert is issued by anchor specified by key/name
for (TrustAnchor anchor : otherAnchors) {
X500Principal principal = anchor.getCA();
PublicKey publicKey = anchor.getCAPublicKey();
// Check subject/issuer name chaining
if (principal == null ||
!principal.equals(cert.getIssuerX500Principal())) {

14
jdk/src/java.base/share/classes/sun/security/provider/certpath/OCSP.java
View File

@ -35,6 +35,7 @@ import java.security.cert.CertPathValidatorException;
import java.security.cert.CertPathValidatorException.BasicReason;
import java.security.cert.CRLReason;
import java.security.cert.Extension;
import java.security.cert.TrustAnchor;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Collections;
@ -163,6 +164,15 @@ public final class OCSP {
X509Certificate responderCert,
Date date, List<Extension> extensions)
throws IOException, CertPathValidatorException
{
return check(cert, responderURI, null, issuerCert, responderCert, date, extensions);
}
public static RevocationStatus check(X509Certificate cert,
URI responderURI, TrustAnchor anchor, X509Certificate issuerCert,
X509Certificate responderCert, Date date,
List<Extension> extensions)
throws IOException, CertPathValidatorException
{
CertId certId = null;
try {
@ -173,8 +183,8 @@ public final class OCSP {
("Exception while encoding OCSPRequest", e);
}
OCSPResponse ocspResponse = check(Collections.singletonList(certId),
responderURI, new OCSPResponse.IssuerInfo(issuerCert),
responderCert, date, extensions);
responderURI, new OCSPResponse.IssuerInfo(anchor, issuerCert),
responderCert, date, extensions);
return (RevocationStatus) ocspResponse.getSingleResponse(certId);
}

56
jdk/src/java.base/share/classes/sun/security/provider/certpath/OCSPResponse.java
View File

@ -507,9 +507,8 @@ public final class OCSPResponse {
// Check algorithm constraints specified in security property
// "jdk.certpath.disabledAlgorithms".
AlgorithmChecker algChecker = new AlgorithmChecker(
new TrustAnchor(issuerInfo.getName(),
issuerInfo.getPublicKey(), null));
AlgorithmChecker algChecker =
new AlgorithmChecker(issuerInfo.getAnchor(), date);
algChecker.init(false);
algChecker.check(signerCert, Collections.<String>emptySet());
@ -982,36 +981,38 @@ public final class OCSPResponse {
/**
* Helper class that allows consumers to pass in issuer information. This
* will always consist of the issuer's name and public key, but may also
* contain a certificate if the originating data is in that form.
* contain a certificate if the originating data is in that form. The
* trust anchor for the certificate chain will be included for certpath
* disabled algorithm checking.
*/
static final class IssuerInfo {
private final TrustAnchor anchor;
private final X509Certificate certificate;
private final X500Principal name;
private final PublicKey pubKey;
IssuerInfo(X509Certificate issuerCert) {
certificate = Objects.requireNonNull(issuerCert,
"Constructor requires non-null certificate");
name = certificate.getSubjectX500Principal();
pubKey = certificate.getPublicKey();
}
IssuerInfo(X500Principal subjectName, PublicKey key) {
certificate = null;
name = Objects.requireNonNull(subjectName,
"Constructor requires non-null subject");
pubKey = Objects.requireNonNull(key,
"Constructor requires non-null public key");
}
IssuerInfo(TrustAnchor anchor) {
certificate = anchor.getTrustedCert();
if (certificate != null) {
name = certificate.getSubjectX500Principal();
pubKey = certificate.getPublicKey();
this(anchor, (anchor != null) ? anchor.getTrustedCert() : null);
}
IssuerInfo(X509Certificate issuerCert) {
this(null, issuerCert);
}
IssuerInfo(TrustAnchor anchor, X509Certificate issuerCert) {
if (anchor == null && issuerCert == null) {
throw new NullPointerException("TrustAnchor and issuerCert " +
"cannot be null");
}
this.anchor = anchor;
if (issuerCert != null) {
name = issuerCert.getSubjectX500Principal();
pubKey = issuerCert.getPublicKey();
certificate = issuerCert;
} else {
name = anchor.getCA();
pubKey = anchor.getCAPublicKey();
certificate = anchor.getTrustedCert();
}
}
@ -1046,6 +1047,15 @@ public final class OCSPResponse {
return pubKey;
}
/**
* Get the TrustAnchor for the certificate chain.
*
* @return a {@code TrustAnchor}.
*/
TrustAnchor getAnchor() {
return anchor;
}
/**
* Create a string representation of this IssuerInfo.
*

6
jdk/src/java.base/share/classes/sun/security/provider/certpath/RevocationChecker.java
View File

@ -437,7 +437,7 @@ class RevocationChecker extends PKIXRevocationChecker {
private void updateState(X509Certificate cert)
throws CertPathValidatorException
{
issuerInfo = new OCSPResponse.IssuerInfo(cert);
issuerInfo = new OCSPResponse.IssuerInfo(anchor, cert);
// Make new public key if parameters are missing
PublicKey pubKey = cert.getPublicKey();
@ -740,8 +740,8 @@ class RevocationChecker extends PKIXRevocationChecker {
}
response = OCSP.check(Collections.singletonList(certId),
responderURI, issuerInfo,
responderCert, null, ocspExtensions);
responderURI, issuerInfo, responderCert, params.date(),
ocspExtensions);
}
} catch (IOException e) {
throw new CertPathValidatorException(

70
jdk/src/java.base/share/classes/sun/security/util/CurveDB.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2006, 2014, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2006, 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -664,6 +664,74 @@ public class CurveDB {
0xFF70, nameSplitPattern);
*/
/*
* Brainpool curves (RFC 5639)
* (Twisted curves are not included)
*/
add("brainpoolP160r1", "1.3.36.3.3.2.8.1.1.1", P,
"E95E4A5F737059DC60DFC7AD95B3D8139515620F",
"340E7BE2A280EB74E2BE61BADA745D97E8F7C300",
"1E589A8595423412134FAA2DBDEC95C8D8675E58",
"BED5AF16EA3F6A4F62938C4631EB5AF7BDBCDBC3",
"1667CB477A1A8EC338F94741669C976316DA6321",
"E95E4A5F737059DC60DF5991D45029409E60FC09",
1, nameSplitPattern);
add("brainpoolP192r1", "1.3.36.3.3.2.8.1.1.3", P,
"C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297",
"6A91174076B1E0E19C39C031FE8685C1CAE040E5C69A28EF",
"469A28EF7C28CCA3DC721D044F4496BCCA7EF4146FBF25C9",
"C0A0647EAAB6A48753B033C56CB0F0900A2F5C4853375FD6",
"14B690866ABD5BB88B5F4828C1490002E6773FA2FA299B8F",
"C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1",
1, nameSplitPattern);
add("brainpoolP224r1", "1.3.36.3.3.2.8.1.1.5", P,
"D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF",
"68A5E62CA9CE6C1C299803A6C1530B514E182AD8B0042A59CAD29F43",
"2580F63CCFE44138870713B1A92369E33E2135D266DBB372386C400B",
"0D9029AD2C7E5CF4340823B2A87DC68C9E4CE3174C1E6EFDEE12C07D",
"58AA56F772C0726F24C6B89E4ECDAC24354B9E99CAA3F6D3761402CD",
"D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F",
1, nameSplitPattern);
add("brainpoolP256r1", "1.3.36.3.3.2.8.1.1.7", P,
"A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377",
"7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9",
"26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6",
"8BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262",
"547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997",
"A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7",
1, nameSplitPattern);
add("brainpoolP320r1", "1.3.36.3.3.2.8.1.1.9", P,
"D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E27",
"3EE30B568FBAB0F883CCEBD46D3F3BB8A2A73513F5EB79DA66190EB085FFA9F492F375A97D860EB4",
"520883949DFDBC42D3AD198640688A6FE13F41349554B49ACC31DCCD884539816F5EB4AC8FB1F1A6",
"43BD7E9AFB53D8B85289BCC48EE5BFE6F20137D10A087EB6E7871E2A10A599C710AF8D0D39E20611",
"14FDD05545EC1CC8AB4093247F77275E0743FFED117182EAA9C77877AAAC6AC7D35245D1692E8EE1",
"D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D482EC7EE8658E98691555B44C59311",
1, nameSplitPattern);
add("brainpoolP384r1", "1.3.36.3.3.2.8.1.1.11", P,
"8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC53",
"7BC382C63D8C150C3C72080ACE05AFA0C2BEA28E4FB22787139165EFBA91F90F8AA5814A503AD4EB04A8C7DD22CE2826",
"04A8C7DD22CE28268B39B55416F0447C2FB77DE107DCD2A62E880EA53EEB62D57CB4390295DBC9943AB78696FA504C11",
"1D1C64F068CF45FFA2A63A81B7C13F6B8847A3E77EF14FE3DB7FCAFE0CBD10E8E826E03436D646AAEF87B2E247D4AF1E",
"8ABE1D7520F9C2A45CB1EB8E95CFD55262B70B29FEEC5864E19C054FF99129280E4646217791811142820341263C5315",
"8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565",
1, nameSplitPattern);
add("brainpoolP512r1", "1.3.36.3.3.2.8.1.1.13", P,
"AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3",
"7830A3318B603B89E2327145AC234CC594CBDD8D3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CA",
"3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CADC083E67984050B75EBAE5DD2809BD638016F723",
"81AEE4BDD82ED9645A21322E9C4C6A9385ED9F70B5D916C1B43B62EEF4D0098EFF3B1F78E2D0D48D50D1687B93B97D5F7C6D5047406A5E688B352209BCB9F822",
"7DDE385D566332ECC0EABFA9CF7822FDF209F70024A57B1AA000C55B881F8111B2DCDE494A5F485E5BCA4BD88A2763AED1CA2B2FA8F0540678CD1E0F3AD80892",
"AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069",
1, nameSplitPattern);
specCollection = Collections.unmodifiableCollection(oidMap.values());
}
}

26
jdk/src/java.base/share/classes/sun/security/util/DisabledAlgorithmConstraints.java
View File

@ -60,6 +60,10 @@ public class DisabledAlgorithmConstraints extends AbstractAlgorithmConstraints {
public static final String PROPERTY_TLS_DISABLED_ALGS =
"jdk.tls.disabledAlgorithms";
// the known security property, jdk.jar.disabledAlgorithms
public static final String PROPERTY_JAR_DISABLED_ALGS =
"jdk.jar.disabledAlgorithms";
private final String[] disabledAlgorithms;
private final Constraints algorithmConstraints;
@ -73,6 +77,14 @@ public class DisabledAlgorithmConstraints extends AbstractAlgorithmConstraints {
this(propertyName, new AlgorithmDecomposer());
}
/**
* Initialize algorithm constraints with the specified security property
* for a specific usage type.
*
* @param propertyName the security property name that define the disabled
* algorithm constraints
* @param decomposer an alternate AlgorithmDecomposer.
*/
public DisabledAlgorithmConstraints(String propertyName,
AlgorithmDecomposer decomposer) {
super(decomposer);
@ -530,7 +542,8 @@ public class DisabledAlgorithmConstraints extends AbstractAlgorithmConstraints {
}
throw new CertPathValidatorException(
"Algorithm constraints check failed on certificate " +
"anchor limits",
"anchor limits. " + algorithm + " used with " +
cp.getCertificate().getSubjectX500Principal(),
null, null, -1, BasicReason.ALGORITHM_CONSTRAINED);
}
}
@ -611,8 +624,8 @@ public class DisabledAlgorithmConstraints extends AbstractAlgorithmConstraints {
return;
}
throw new CertPathValidatorException(
"denyAfter constraint check failed. " +
"Constraint date: " +
"denyAfter constraint check failed: " + algorithm +
" used with Constraint date: " +
dateFormat.format(denyAfterDate) + "; "
+ errmsg + dateFormat.format(currentDate),
null, null, -1, BasicReason.ALGORITHM_CONSTRAINED);
@ -644,6 +657,7 @@ public class DisabledAlgorithmConstraints extends AbstractAlgorithmConstraints {
private int minSize; // the minimal available key size
private int maxSize; // the maximal available key size
private int prohibitedSize = -1; // unavailable key sizes
private int size;
public KeySizeConstraint(String algo, Operator operator, int length) {
algorithm = algo;
@ -695,7 +709,9 @@ public class DisabledAlgorithmConstraints extends AbstractAlgorithmConstraints {
return;
}
throw new CertPathValidatorException(
"Algorithm constraints check failed on keysize limits",
"Algorithm constraints check failed on keysize limits. "
+ algorithm + " " + size + "bit key used with "
+ cp.getCertificate().getSubjectX500Principal(),
null, null, -1, BasicReason.ALGORITHM_CONSTRAINED);
}
}
@ -722,7 +738,7 @@ public class DisabledAlgorithmConstraints extends AbstractAlgorithmConstraints {
return true;
}
int size = KeyUtil.getKeySize(key);
size = KeyUtil.getKeySize(key);
if (size == 0) {
return false; // we don't allow any key of size 0.
} else if (size > 0) {

58
jdk/src/java.base/share/classes/sun/security/util/SignatureFileVerifier.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -25,26 +25,49 @@
package sun.security.util;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.CodeSigner;
import java.security.CryptoPrimitive;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SignatureException;
import java.security.cert.CertPath;
import java.security.cert.X509Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.*;
import java.io.*;
import java.util.*;
import java.util.jar.*;
import sun.security.pkcs.*;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Collections;
import java.util.EnumSet;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Set;
import java.util.jar.Attributes;
import java.util.jar.JarException;
import java.util.jar.JarFile;
import java.util.jar.Manifest;
import sun.security.jca.Providers;
import sun.security.pkcs.PKCS7;
import sun.security.pkcs.SignerInfo;
public class SignatureFileVerifier {
/* Are we debugging ? */
private static final Debug debug = Debug.getInstance("jar");
/* cache of CodeSigner objects */
private static final Set<CryptoPrimitive> DIGEST_PRIMITIVE_SET =
Collections.unmodifiableSet(EnumSet.of(CryptoPrimitive.MESSAGE_DIGEST));
private static final DisabledAlgorithmConstraints JAR_DISABLED_CHECK =
new DisabledAlgorithmConstraints(
DisabledAlgorithmConstraints.PROPERTY_JAR_DISABLED_ALGS);
private ArrayList<CodeSigner[]> signerCache;
private static final String ATTR_DIGEST =
@ -199,8 +222,15 @@ public class SignatureFileVerifier {
/** get digest from cache */
private MessageDigest getDigest(String algorithm)
{
private MessageDigest getDigest(String algorithm) throws SignatureException {
// check that algorithm is not restricted
if (!JAR_DISABLED_CHECK.permits(DIGEST_PRIMITIVE_SET, algorithm, null)) {
SignatureException e =
new SignatureException("SignatureFile check failed. " +
"Disabled algorithm used: " + algorithm);
throw e;
}
if (createdDigests == null)
createdDigests = new HashMap<>();
@ -320,7 +350,7 @@ public class SignatureFileVerifier {
private boolean verifyManifestHash(Manifest sf,
ManifestDigester md,
List<Object> manifestDigests)
throws IOException
throws IOException, SignatureException
{
Attributes mattr = sf.getMainAttributes();
boolean manifestSigned = false;
@ -364,7 +394,7 @@ public class SignatureFileVerifier {
private boolean verifyManifestMainAttrs(Manifest sf,
ManifestDigester md)
throws IOException
throws IOException, SignatureException
{
Attributes mattr = sf.getMainAttributes();
boolean attrsVerified = true;
@ -430,14 +460,14 @@ public class SignatureFileVerifier {
private boolean verifySection(Attributes sfAttr,
String name,
ManifestDigester md)
throws IOException
throws IOException, SignatureException
{
boolean oneDigestVerified = false;
ManifestDigester.Entry mde = md.get(name,block.isOldStyle());
if (mde == null) {
throw new SecurityException(
"no manifiest section for signature file entry "+name);
"no manifest section for signature file entry "+name);
}
if (sfAttr != null) {

27
jdk/src/java.base/share/conf/net.properties
View File

@ -72,3 +72,30 @@ ftp.nonProxyHosts=localhost|127.*|[::1]
# value is 10).
# http.KeepAlive.remainingData=512
# http.KeepAlive.queuedConnections=10
# Authentication Scheme restrictions for HTTP and HTTPS.
#
# In some environments certain authentication schemes may be undesirable
# when proxying HTTP or HTTPS. For example, "Basic" results in effectively the
# cleartext transmission of the user's password over the physical network.
# This section describes the mechanism for disabling authentication schemes
# based on the scheme name. Disabled schemes will be treated as if they are not
# supported by the implementation.
#
# The 'jdk.http.auth.tunneling.disabledSchemes' property lists the authentication
# schemes that will be disabled when tunneling HTTPS over a proxy, HTTP CONNECT.
# The 'jdk.http.auth.proxying.disabledSchemes' property lists the authentication
# schemes that will be disabled when proxying HTTP.
#
# In both cases the property is a comma-separated list of, case-insensitive,
# authentication scheme names, as defined by their relevant RFCs. An
# implementation may, but is not required to, support common schemes whose names
# include: 'Basic', 'Digest', 'NTLM', 'Kerberos', 'Negotiate'. A scheme that
# is not known, or not supported, by the implementation is ignored.
#
# Note: This property is currently used by the JDK Reference implementation. It
# is not guaranteed to be examined and used by other implementations.
#
#jdk.http.auth.proxying.disabledSchemes=
jdk.http.auth.tunneling.disabledSchemes=Basic

39
jdk/src/java.base/share/conf/security/java.security
View File

@ -935,3 +935,42 @@ jdk.xml.dsig.secureValidationPolicy=\
# Otherwise, the status is UNDECIDED.
#
#jdk.serialFilter=pattern;pattern
# Algorithm restrictions for signed JAR files
#
# In some environments, certain algorithms or key lengths may be undesirable
# for signed JAR validation. For example, "MD2" is generally no longer
# considered to be a secure hash algorithm. This section describes the
# mechanism for disabling algorithms based on algorithm name and/or key length.
# JARs signed with any of the disabled algorithms or key sizes will be treated
# as unsigned.
#
# The syntax of the disabled algorithm string is described as follows:
# DisabledAlgorithms:
# " DisabledAlgorithm { , DisabledAlgorithm } "
#
# DisabledAlgorithm:
# AlgorithmName [Constraint]
#
# AlgorithmName:
# (see below)
#
# Constraint:
# KeySizeConstraint
#
# KeySizeConstraint:
# keySize Operator KeyLength
#
# Operator:
# <= | < | == | != | >= | >
#
# KeyLength:
# Integer value of the algorithm's key length in bits
#
# Note: This property is currently used by the JDK Reference
# implementation. It is not guaranteed to be examined and used by other
# implementations.
#
jdk.jar.disabledAlgorithms=MD2, RSA keySize < 1024, \
DSA keySize < 1024

1
jdk/src/java.base/share/lib/security/default.policy
View File

@ -103,7 +103,6 @@ grant codeBase "jrt:/jdk.crypto.ec" {
permission java.lang.RuntimePermission
"accessClassInPackage.sun.security.*";
permission java.lang.RuntimePermission "loadLibrary.sunec";
permission java.util.PropertyPermission "*", "read";
permission java.security.SecurityPermission "putProviderProperty.SunEC";
permission java.security.SecurityPermission "clearProviderProperties.SunEC";
permission java.security.SecurityPermission "removeProviderProperty.SunEC";

31
jdk/src/java.base/share/native/libverify/check_code.c
View File

@ -1293,14 +1293,13 @@ verify_opcode_operands(context_type *context, unsigned int inumber, int offset)
case JVM_OPC_invokevirtual:
case JVM_OPC_invokespecial:
case JVM_OPC_invokestatic:
case JVM_OPC_invokedynamic:
case JVM_OPC_invokeinterface: {
/* Make sure the constant pool item is the right type. */
int key = (code[offset + 1] << 8) + code[offset + 2];
const char *methodname;
jclass cb = context->class;
fullinfo_type clazz_info;
int is_constructor, is_internal, is_invokedynamic;
int is_constructor, is_internal;
int kind;
switch (opcode ) {
@ -1309,9 +1308,6 @@ verify_opcode_operands(context_type *context, unsigned int inumber, int offset)
? (1 << JVM_CONSTANT_Methodref)
: ((1 << JVM_CONSTANT_InterfaceMethodref) | (1 << JVM_CONSTANT_Methodref)));
break;
case JVM_OPC_invokedynamic:
kind = 1 << JVM_CONSTANT_NameAndType;
break;
case JVM_OPC_invokeinterface:
kind = 1 << JVM_CONSTANT_InterfaceMethodref;
break;
@ -1319,7 +1315,6 @@ verify_opcode_operands(context_type *context, unsigned int inumber, int offset)
kind = 1 << JVM_CONSTANT_Methodref;
}
is_invokedynamic = opcode == JVM_OPC_invokedynamic;
/* Make sure the constant pool item is the right type. */
verify_constant_pool_type(context, key, kind);
methodname = JVM_GetCPMethodNameUTF(env, cb, key);
@ -1328,11 +1323,8 @@ verify_opcode_operands(context_type *context, unsigned int inumber, int offset)
is_internal = methodname[0] == '<';
pop_and_free(context);
if (is_invokedynamic)
clazz_info = context->object_info; // anything will do
else
clazz_info = cp_index_to_class_fullinfo(context, key,
JVM_CONSTANT_Methodref);
clazz_info = cp_index_to_class_fullinfo(context, key,
JVM_CONSTANT_Methodref);
this_idata->operand.i = key;
this_idata->operand2.fi = clazz_info;
if (is_constructor) {
@ -1387,17 +1379,15 @@ verify_opcode_operands(context_type *context, unsigned int inumber, int offset)
"Fourth operand byte of invokeinterface must be zero");
}
pop_and_free(context);
} else if (opcode == JVM_OPC_invokedynamic) {
if (code[offset + 3] != 0 || code[offset + 4] != 0) {
CCerror(context,
"Third and fourth operand bytes of invokedynamic must be zero");
}
} else if (opcode == JVM_OPC_invokevirtual
|| opcode == JVM_OPC_invokespecial)
set_protected(context, inumber, key, opcode);
break;
}
case JVM_OPC_invokedynamic:
CCerror(context,
"invokedynamic bytecode is not supported in this class file version");
case JVM_OPC_instanceof:
case JVM_OPC_checkcast:
@ -2085,7 +2075,6 @@ pop_stack(context_type *context, unsigned int inumber, stack_info_type *new_stac
case JVM_OPC_invokevirtual: case JVM_OPC_invokespecial:
case JVM_OPC_invokeinit: /* invokespecial call to <init> */
case JVM_OPC_invokedynamic:
case JVM_OPC_invokestatic: case JVM_OPC_invokeinterface: {
/* The top stuff on the stack depends on the method signature */
int operand = this_idata->operand.i;
@ -2101,8 +2090,7 @@ pop_stack(context_type *context, unsigned int inumber, stack_info_type *new_stac
print_formatted_methodname(context, operand);
}
#endif
if (opcode != JVM_OPC_invokestatic &&
opcode != JVM_OPC_invokedynamic)
if (opcode != JVM_OPC_invokestatic)
/* First, push the object */
*ip++ = (opcode == JVM_OPC_invokeinit ? '@' : 'A');
for (p = signature + 1; *p != JVM_SIGNATURE_ENDFUNC; ) {
@ -2388,7 +2376,6 @@ pop_stack(context_type *context, unsigned int inumber, stack_info_type *new_stac
case JVM_OPC_invokevirtual: case JVM_OPC_invokespecial:
case JVM_OPC_invokeinit:
case JVM_OPC_invokedynamic:
case JVM_OPC_invokeinterface: case JVM_OPC_invokestatic: {
int operand = this_idata->operand.i;
const char *signature =
@ -2398,8 +2385,7 @@ pop_stack(context_type *context, unsigned int inumber, stack_info_type *new_stac
int item;
const char *p;
check_and_push(context, signature, VM_STRING_UTF);
if (opcode == JVM_OPC_invokestatic ||
opcode == JVM_OPC_invokedynamic) {
if (opcode == JVM_OPC_invokestatic) {
item = 0;
} else if (opcode == JVM_OPC_invokeinit) {
fullinfo_type init_type = this_idata->operand2.fi;
@ -2795,7 +2781,6 @@ push_stack(context_type *context, unsigned int inumber, stack_info_type *new_sta
case JVM_OPC_invokevirtual: case JVM_OPC_invokespecial:
case JVM_OPC_invokeinit:
case JVM_OPC_invokedynamic:
case JVM_OPC_invokestatic: case JVM_OPC_invokeinterface: {
/* Look to signature to determine correct result. */
int operand = this_idata->operand.i;

5
jdk/src/java.base/solaris/lib/security/default.policy
View File

@ -4,7 +4,10 @@ grant codeBase "jrt:/jdk.crypto.ucrypto" {
permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch";
permission java.lang.RuntimePermission "loadLibrary.j2ucrypto";
// need "com.oracle.security.ucrypto.debug" for debugging
permission java.util.PropertyPermission "*", "read";
permission java.util.PropertyPermission "com.oracle.security.ucrypto.debug", "read";
permission java.util.PropertyPermission "file.separator", "read";
permission java.util.PropertyPermission "java.home", "read";
permission java.util.PropertyPermission "os.name", "read";
permission java.security.SecurityPermission
"putProviderProperty.OracleUcrypto";
permission java.security.SecurityPermission

5
jdk/src/java.base/unix/native/libnet/net_util_md.c
View File

@ -273,13 +273,10 @@ int cmpScopeID (unsigned int scope, struct sockaddr *him) {
#endif
void
NET_ThrowByNameWithLastError(JNIEnv *env, const char *name,
const char *defaultDetail) {
char errmsg[255];
sprintf(errmsg, "errno: %d, error: %s\n", errno, defaultDetail);
JNU_ThrowByNameWithLastError(env, name, errmsg);
JNU_ThrowByNameWithMessageAndLastError(env, name, defaultDetail);
}
void

12
jdk/src/java.base/windows/native/libjli/java_md.c
View File

@ -48,6 +48,10 @@ static jboolean GetJVMPath(const char *jrepath, const char *jvmtype,
char *jvmpath, jint jvmpathsize);
static jboolean GetJREPath(char *path, jint pathsize);
#ifdef USE_REGISTRY_LOOKUP
jboolean GetPublicJREHome(char *buf, jint bufsize);
#endif
/* We supports warmup for UI stack that is performed in parallel
* to VM initialization.
* This helps to improve startup of UI application as warmup phase
@ -346,6 +350,14 @@ GetJREPath(char *path, jint pathsize)
}
}
#ifdef USE_REGISTRY_LOOKUP
/* Lookup public JRE using Windows registry. */
if (GetPublicJREHome(path, pathsize)) {
JLI_TraceLauncher("JRE path is %s\n", path);
return JNI_TRUE;
}
#endif
JLI_ReportErrorMessage(JRE_ERROR8 JAVA_DLL);
return JNI_FALSE;
}

4
jdk/src/java.base/windows/native/libnet/net_util_md.c
View File

@ -205,9 +205,7 @@ NET_ThrowCurrent(JNIEnv *env, char *msg)
void
NET_ThrowByNameWithLastError(JNIEnv *env, const char *name,
const char *defaultDetail) {
char errmsg[255];
sprintf(errmsg, "errno: %d, error: %s\n", WSAGetLastError(), defaultDetail);
JNU_ThrowByNameWithLastError(env, name, errmsg);
JNU_ThrowByNameWithMessageAndLastError(env, name, defaultDetail);
}
jfieldID

4
jdk/src/java.desktop/macosx/native/libjsound/PLATFORM_API_MacOSX_PCM.cpp
View File

@ -817,6 +817,10 @@ void* DAUDIO_Open(INT32 mixerIndex, INT32 deviceID, int isSource,
ERROR1("<<DAUDIO_Open: ERROR: unsupported encoding (%d)\n", encoding);
return NULL;
}
if (channels <= 0) {
ERROR1("<<DAUDIO_Open: ERROR: Invalid number of channels=%d!\n", channels);
return NULL;
}
OSX_DirectAudioDevice *device = new OSX_DirectAudioDevice();

5
jdk/src/java.desktop/share/native/libfontmanager/layout/ContextualGlyphSubstProc.cpp
View File

@ -46,6 +46,7 @@ UOBJECT_DEFINE_RTTI_IMPLEMENTATION(ContextualGlyphSubstitutionProcessor)
ContextualGlyphSubstitutionProcessor::ContextualGlyphSubstitutionProcessor(const LEReferenceTo<MorphSubtableHeader> &morphSubtableHeader, LEErrorCode &success)
: StateTableProcessor(morphSubtableHeader, success), entryTable(), contextualGlyphSubstitutionHeader(morphSubtableHeader, success)
{
if (LE_FAILURE(success)) return;
contextualGlyphSubstitutionHeader.orphan();
substitutionTableOffset = SWAPW(contextualGlyphSubstitutionHeader->substitutionTableOffset);
@ -66,10 +67,10 @@ void ContextualGlyphSubstitutionProcessor::beginStateTable()
markGlyph = 0;
}
ByteOffset ContextualGlyphSubstitutionProcessor::processStateEntry(LEGlyphStorage &glyphStorage, le_int32 &currGlyph, EntryTableIndex index)
ByteOffset ContextualGlyphSubstitutionProcessor::processStateEntry(LEGlyphStorage &glyphStorage, le_int32 &currGlyph, EntryTableIndex index, LEErrorCode &success)
{
LEErrorCode success = LE_NO_ERROR;
const ContextualGlyphSubstitutionStateEntry *entry = entryTable.getAlias(index, success);
if (LE_FAILURE(success)) return 0;
ByteOffset newState = SWAPW(entry->newStateOffset);
le_int16 flags = SWAPW(entry->flags);
WordOffset markOffset = SWAPW(entry->markOffset);

2
jdk/src/java.desktop/share/native/libfontmanager/layout/ContextualGlyphSubstProc.h
View File

@ -52,7 +52,7 @@ class ContextualGlyphSubstitutionProcessor : public StateTableProcessor
public:
virtual void beginStateTable();
virtual ByteOffset processStateEntry(LEGlyphStorage &glyphStorage, le_int32 &currGlyph, EntryTableIndex index);
virtual ByteOffset processStateEntry(LEGlyphStorage &glyphStorage, le_int32 &currGlyph, EntryTableIndex index, LEErrorCode &success);
virtual void endStateTable();

6
jdk/src/java.desktop/share/native/libfontmanager/layout/IndicRearrangementProcessor.cpp
View File

@ -63,10 +63,10 @@ void IndicRearrangementProcessor::beginStateTable()
lastGlyph = 0;
}
ByteOffset IndicRearrangementProcessor::processStateEntry(LEGlyphStorage &glyphStorage, le_int32 &currGlyph, EntryTableIndex index)
ByteOffset IndicRearrangementProcessor::processStateEntry(LEGlyphStorage &glyphStorage, le_int32 &currGlyph, EntryTableIndex index, LEErrorCode &success)
{
LEErrorCode success = LE_NO_ERROR; // todo- make a param?
const IndicRearrangementStateEntry *entry = entryTable.getAlias(index,success);
const IndicRearrangementStateEntry *entry = entryTable.getAlias(index, success);
if (LE_FAILURE(success)) return 0;
ByteOffset newState = SWAPW(entry->newStateOffset);
IndicRearrangementFlags flags = (IndicRearrangementFlags) SWAPW(entry->flags);

2
jdk/src/java.desktop/share/native/libfontmanager/layout/IndicRearrangementProcessor.h
View File

@ -52,7 +52,7 @@ class IndicRearrangementProcessor : public StateTableProcessor
public:
virtual void beginStateTable();
virtual ByteOffset processStateEntry(LEGlyphStorage &glyphStorage, le_int32 &currGlyph, EntryTableIndex index);
virtual ByteOffset processStateEntry(LEGlyphStorage &glyphStorage, le_int32 &currGlyph, EntryTableIndex index, LEErrorCode &success);
virtual void endStateTable();

3
jdk/src/java.desktop/share/native/libfontmanager/layout/LigatureSubstProc.cpp
View File

@ -67,9 +67,8 @@ void LigatureSubstitutionProcessor::beginStateTable()
m = -1;
}
ByteOffset LigatureSubstitutionProcessor::processStateEntry(LEGlyphStorage &glyphStorage, le_int32 &currGlyph, EntryTableIndex index)
ByteOffset LigatureSubstitutionProcessor::processStateEntry(LEGlyphStorage &glyphStorage, le_int32 &currGlyph, EntryTableIndex index, LEErrorCode &success)
{
LEErrorCode success = LE_NO_ERROR;
const LigatureSubstitutionStateEntry *entry = entryTable.getAlias(index, success);
if (LE_FAILURE(success)) {
currGlyph++;

2
jdk/src/java.desktop/share/native/libfontmanager/layout/LigatureSubstProc.h
View File

@ -54,7 +54,7 @@ class LigatureSubstitutionProcessor : public StateTableProcessor
public:
virtual void beginStateTable();
virtual ByteOffset processStateEntry(LEGlyphStorage &glyphStorage, le_int32 &currGlyph, EntryTableIndex index);
virtual ByteOffset processStateEntry(LEGlyphStorage &glyphStorage, le_int32 &currGlyph, EntryTableIndex index, LEErrorCode &success);
virtual void endStateTable();

3
jdk/src/java.desktop/share/native/libfontmanager/layout/StateTableProcessor.cpp
View File

@ -81,6 +81,7 @@ void StateTableProcessor::process(LEGlyphStorage &glyphStorage, LEErrorCode &suc
while (currGlyph <= glyphCount) {
if(LE_STATE_PATIENCE_DECR()) break; // patience exceeded.
if (LE_FAILURE(success)) break;
ClassCode classCode = classCodeOOB;
if (currGlyph == glyphCount) {
// XXX: How do we handle EOT vs. EOL?
@ -100,7 +101,7 @@ void StateTableProcessor::process(LEGlyphStorage &glyphStorage, LEErrorCode &suc
EntryTableIndex entryTableIndex = stateArray.getObject((le_uint8)classCode, success);
if (LE_FAILURE(success)) { break; }
LE_STATE_PATIENCE_CURR(le_int32, currGlyph);
currentState = processStateEntry(glyphStorage, currGlyph, entryTableIndex);
currentState = processStateEntry(glyphStorage, currGlyph, entryTableIndex, success);
LE_STATE_PATIENCE_INCR(currGlyph);
}

2
jdk/src/java.desktop/share/native/libfontmanager/layout/StateTableProcessor.h
View File

@ -53,7 +53,7 @@ public:
virtual void beginStateTable() = 0;
virtual ByteOffset processStateEntry(LEGlyphStorage &glyphStorage, le_int32 &currGlyph, EntryTableIndex index) = 0;
virtual ByteOffset processStateEntry(LEGlyphStorage &glyphStorage, le_int32 &currGlyph, EntryTableIndex index, LEErrorCode &success) = 0;
virtual void endStateTable() = 0;

2
jdk/src/java.desktop/share/native/liblcms/cmsintrp.c
View File

@ -244,7 +244,7 @@ void LinLerp1D(register const cmsUInt16Number Value[],
// To prevent out of bounds indexing
cmsINLINE cmsFloat32Number fclamp(cmsFloat32Number v)
{
return v < 0.0f ? 0.0f : (v > 1.0f ? 1.0f : v);
return v < 0.0f || v != v ? 0.0f : (v > 1.0f ? 1.0f : v);
}
// Floating-point version of 1D interpolation

7
jdk/src/java.desktop/share/native/liblcms/cmsio0.c
View File

@ -1543,6 +1543,13 @@ void* CMSEXPORT cmsReadTag(cmsHPROFILE hProfile, cmsTagSignature sig)
// If the element is already in memory, return the pointer
if (Icc -> TagPtrs[n]) {
if (Icc -> TagTypeHandlers[n] == NULL) goto Error;
BaseType = Icc -> TagTypeHandlers[n]->Signature;
if (BaseType == 0) goto Error;
TagDescriptor = _cmsGetTagDescriptor(Icc-> ContextID, sig);
if (TagDescriptor == NULL) goto Error;
if (!IsTypeSupported(TagDescriptor, BaseType)) goto Error;
if (Icc ->TagSaveAsRaw[n]) goto Error; // We don't support read raw tags as cooked
_cmsUnlockMutex(Icc->ContextID, Icc ->UsrMutex);

5
jdk/src/java.desktop/share/native/liblcms/cmstypes.c
View File

@ -4313,7 +4313,10 @@ void *Type_MPEclut_Read(struct _cms_typehandler_struct* self, cmsIOHANDLER* io,
// Copy MAX_INPUT_DIMENSIONS at most. Expand to cmsUInt32Number
nMaxGrids = InputChans > MAX_INPUT_DIMENSIONS ? MAX_INPUT_DIMENSIONS : InputChans;
for (i=0; i < nMaxGrids; i++) GridPoints[i] = (cmsUInt32Number) Dimensions8[i];
for (i=0; i < nMaxGrids; i++) {
if (Dimensions8[i] == 1) goto Error; // Impossible value, 0 for no CLUT and then 2 at least
GridPoints[i] = (cmsUInt32Number)Dimensions8[i];
}
// Allocate the true CLUT
mpe = cmsStageAllocCLutFloatGranular(self ->ContextID, GridPoints, InputChans, OutputChans, NULL);

11
jdk/src/java.desktop/unix/classes/sun/java2d/x11/X11SurfaceDataProxy.java
View File

@ -102,10 +102,13 @@ public abstract class X11SurfaceDataProxy extends SurfaceDataProxy
int w, int h)
{
if (cachedData == null) {
// Bitmask will be created lazily during the blit phase
cachedData = X11SurfaceData.createData(x11gc, w, h,
x11gc.getColorModel(),
null, 0, getTransparency());
try {
// Bitmask will be created lazily during the blit phase
cachedData = X11SurfaceData.createData(x11gc, w, h,
x11gc.getColorModel(),
null, 0, getTransparency());
} catch (OutOfMemoryError oome) {
}
}
return cachedData;
}

3
jdk/src/java.desktop/unix/classes/sun/java2d/xr/XRPMBlitLoops.java
View File

@ -138,6 +138,9 @@ public class XRPMBlitLoops {
vImg = (SunVolatileImage) dst.getGraphicsConfig().createCompatibleVolatileImage(w, h, src.getTransparency());
vImg.setAccelerationPriority(1.0f);
if (!(vImg.getDestSurface() instanceof XRSurfaceData)) {
throw new InvalidPipeException("Could not create XRSurfaceData");
}
if (src.getTransparency() == SurfaceData.OPAQUE) {
rgbTmpPM = new WeakReference<SunVolatileImage>(vImg);
} else {

9
jdk/src/java.desktop/unix/classes/sun/java2d/xr/XRSurfaceDataProxy.java
View File

@ -59,9 +59,12 @@ public class XRSurfaceDataProxy extends SurfaceDataProxy implements Transparency
public SurfaceData validateSurfaceData(SurfaceData srcData,
SurfaceData cachedData, int w, int h) {
if (cachedData == null) {
cachedData = XRSurfaceData.createData(xrgc, w, h,
xrgc.getColorModel(), null, 0,
getTransparency(), true);
try {
cachedData = XRSurfaceData.createData(xrgc, w, h,
xrgc.getColorModel(), null, 0,
getTransparency(), true);
} catch (OutOfMemoryError oome) {
}
}
return cachedData;
}

2
jdk/src/java.desktop/unix/native/common/java2d/x11/X11SurfaceData.c
View File

@ -441,7 +441,7 @@ jboolean XShared_initSurface(JNIEnv *env, X11SDOps *xsdo, jint depth, jint width
* width , height must be nonzero otherwise XCreatePixmap
* generates BadValue in error_handler
*/
if (width <= 0 || height <= 0) {
if (width <= 0 || height <= 0 || width > 32767 || height > 32767) {
JNU_ThrowOutOfMemoryError(env,
"Can't create offscreen surface");
return JNI_FALSE;

5
jdk/src/java.desktop/unix/native/libjsound/PLATFORM_API_BsdOS_ALSA_PCM.c
View File

@ -434,7 +434,10 @@ void* DAUDIO_Open(INT32 mixerIndex, INT32 deviceID, int isSource,
snd_output_stdio_attach(&ALSA_OUTPUT, stdout, 0);
}
#endif
if (channels <= 0) {
ERROR1("ERROR: Invalid number of channels=%d!\n", channels);
return NULL;
}
info = (AlsaPcmInfo*) malloc(sizeof(AlsaPcmInfo));
if (!info) {
ERROR0("Out of memory\n");

5
jdk/src/java.desktop/unix/native/libjsound/PLATFORM_API_LinuxOS_ALSA_PCM.c
View File

@ -434,7 +434,10 @@ void* DAUDIO_Open(INT32 mixerIndex, INT32 deviceID, int isSource,
snd_output_stdio_attach(&ALSA_OUTPUT, stdout, 0);
}
#endif
if (channels <= 0) {
ERROR1("ERROR: Invalid number of channels=%d!\n", channels);
return NULL;
}
info = (AlsaPcmInfo*) malloc(sizeof(AlsaPcmInfo));
if (!info) {
ERROR0("Out of memory\n");

4
jdk/src/java.desktop/unix/native/libjsound/PLATFORM_API_SolarisOS_PCM.c
View File

@ -182,6 +182,10 @@ void* DAUDIO_Open(INT32 mixerIndex, INT32 deviceID, int isSource,
ERROR1(" DAUDIO_Open: invalid encoding %d\n", (int) encoding);
return NULL;
}
if (channels <= 0) {
ERROR1(" DAUDIO_Open: Invalid number of channels=%d!\n", channels);
return NULL;
}
info = (SolPcmInfo*) malloc(sizeof(SolPcmInfo));
if (!info) {

15
jdk/src/java.desktop/windows/classes/sun/awt/windows/WFramePeer.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1996, 2014, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1996, 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -153,6 +153,19 @@ class WFramePeer extends WWindowPeer implements FramePeer {
@Override
public void setMenuBar(MenuBar mb) {
WMenuBarPeer mbPeer = (WMenuBarPeer) WToolkit.targetToPeer(mb);
if (mbPeer != null) {
if (mbPeer.framePeer != this) {
mb.removeNotify();
mb.addNotify();
mbPeer = (WMenuBarPeer) WToolkit.targetToPeer(mb);
if (mbPeer != null && mbPeer.framePeer != this) {
throw new IllegalStateException("Wrong parent peer");
}
}
if (mbPeer != null) {
addChildPeer(mbPeer);
}
}
setMenuBar0(mbPeer);
updateInsets(insets_);
}

9
jdk/src/java.desktop/windows/classes/sun/awt/windows/WMenuBarPeer.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1996, 2014, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1996, 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -31,6 +31,8 @@ final class WMenuBarPeer extends WMenuPeer implements MenuBarPeer {
// MenuBarPeer implementation
final WFramePeer framePeer;
@Override
public native void addMenu(Menu m);
@Override
@ -44,8 +46,11 @@ final class WMenuBarPeer extends WMenuPeer implements MenuBarPeer {
// Toolkit & peer internals
WMenuBarPeer(MenuBar target) {
this.target = target;
WFramePeer framePeer = (WFramePeer)
framePeer = (WFramePeer)
WToolkit.targetToPeer(target.getParent());
if (framePeer != null) {
framePeer.addChildPeer(this);
}
create(framePeer);
// fix for 5088782: check if menu object is created successfully
checkMenuCreation();

3
jdk/src/java.desktop/windows/classes/sun/awt/windows/WMenuItemPeer.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1996, 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -107,6 +107,7 @@ class WMenuItemPeer extends WObjectPeer implements MenuItemPeer {
this.target = target;
this.parent = (WMenuPeer) WToolkit.targetToPeer(target.getParent());
this.isCheckbox = isCheckbox;
parent.addChildPeer(this);
create(parent);
// fix for 5088782: check if menu object is created successfully
checkMenuCreation();

4
jdk/src/java.desktop/windows/classes/sun/awt/windows/WMenuPeer.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1996, 2014, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1996, 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -51,10 +51,12 @@ class WMenuPeer extends WMenuItemPeer implements MenuPeer {
if (parent instanceof MenuBar) {
WMenuBarPeer mbPeer = (WMenuBarPeer) WToolkit.targetToPeer(parent);
this.parent = mbPeer;
mbPeer.addChildPeer(this);
createMenu(mbPeer);
}
else if (parent instanceof Menu) {
this.parent = (WMenuPeer) WToolkit.targetToPeer(parent);
this.parent.addChildPeer(this);
createSubMenu(this.parent);
}
else {

Some files were not shown because too many files have changed in this diff Show More