RFR 8150679: closed/javax/crypto/CryptoPermission/CallerIdentification.sh fails after fix for JDK-8132734

Steve Drach steve.drach at oracle.com
Thu Mar 3 17:20:00 UTC 2016


> On Mar 3, 2016, at 3:26 AM, Paul Sandoz <paul.sandoz at oracle.com> wrote:
> 
> 
>> On 2 Mar 2016, at 20:12, Steve Drach <steve.drach at oracle.com> wrote:
>> 
>> Please review the following fix for JDK-8150679
>> 
>> webrev: http://cr.openjdk.java.net/~sdrach/8150679/webrev/ <http://cr.openjdk.java.net/~sdrach/8150679/webrev/>
>> issue: https://bugs.openjdk.java.net/browse/JDK-8150679 <https://bugs.openjdk.java.net/browse/JDK-8150679>
>> 
>> The test was modified to demonstrate the problem.
> 
> You are essentially bombing out of MR-JAR functionality if the JarEntry is not an instance of JarFileEntry.

If it’s not a JarFileEntry, none of the MR functionality has been invoked.

> That might be ok for a short-term solution, but it might require some further deeper investigation on things that extend JarEntry and how it is is used by VerifierStream [*].
> 
> JarFile:
> 
> 895     private JarEntry verifiableEntry(ZipEntry ze) {
> 896         if (ze == null) return null;
> 
> You don’t need this. The code will anyway throw an NPE elsewhere, and the original code threw an NPE when obtaining the name:

Ok.  I’ll take this out.  Feels a bit uncomfortable though.

> 
>        return new JarVerifier.VerifierStream(
>            getManifestFromReference(),
>            ze instanceof JarFileEntry ?
>            (JarEntry) ze : getJarEntry(ze.getName()),
>            super.getInputStream(ze),
>            jv);
> 
> 
> 897         if (ze instanceof JarFileEntry) {
> 898             // assure the name and entry match for verification
> 899             return ((JarFileEntry)ze).reifiedEntry();
> 900         }
> 901         ze = getJarEntry(ze.getName());
> 902         assert ze instanceof JarEntry;
> 
> This assertion is redundant as the method signature of getJarEntry returns JarEntry.

I know it’s redundant.  It was a statement of fact. but the method signature does the same thing.

> 
> 
> 903         if (ze instanceof JarFileEntry) {
> 904             return ((JarFileEntry)ze).reifiedEntry();
> 905         }
> 906         return (JarEntry)ze;
> 907     }
> 
> 
> MultiReleaseJarURLConnection
>> 
> Given your changes above i am confused how your test passes for instances of URLJarFileEntry since they cannot be reified.

I suspect that it works for regular jar files but not for MR jar files.  That’s another bug in URLJarFile — it gets a versioned entry that can’t be verified.  I mentioned this yesterday.  I’ll write a test and if warranted submit a bug on this.

> 
> Paul.
> 
> [*] AFAICT JarVerifier directly accesses the fields JarEntry.signers/certs.

Yes, but the overriden fields are the ones of interest.  

> 




More information about the core-libs-dev mailing list