RFR: 8344179: SecurityManager cleanup in the ZIP and JAR areas
Roger Riggs
rriggs at openjdk.org
Thu Nov 14 12:42:00 UTC 2024
On Thu, 14 Nov 2024 10:18:18 GMT, Eirik Bjørsnøs <eirbjo at openjdk.org> wrote:
> Please review this PR which cleans up security manager related code in `java.util.zip` and `java.util.jar`:
>
> * `JarFile` and `ZipFile` are updated to use `System::getProperty` instead of `GetPropertyAction::privilegedGetProperty`
> * `ZipFile` is updated to not call SM::checkRead, SM::checkDelete when opening files
> * `ZipOutputStream` is updated to use `Boolean::getBoolean` instead of `GetBooleanAction::privilegedGetProperty`
>
> The field `ZipFile.startsWithLoc` is deliberately left alone, that should be handled separately. I found no SM-dependent code in the ZIP or JAR tests.
>
> Testing: This is a cleanup PR, no tests are changed or updated. ZIP and JAR tests run green locally. GHA results pending.
src/java.base/share/classes/java/util/jar/JarFile.java line 183:
> 181: RUNTIME_VERSION = Runtime.Version.parse(Integer.toString(runtimeVersion));
> 182: String enableMultiRelease = System.
> 183: getProperty("jdk.util.jar.enableMultiRelease", "true");
I'd fold this to a single line.
src/java.base/share/classes/java/util/zip/ZipOutputStream.java line 60:
> 58: */
> 59: private static final boolean inhibitZip64 =
> 60: Boolean.getBoolean("jdk.util.zip.inhibitZip64");
fold to a single line.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/22099#discussion_r1842150272
PR Review Comment: https://git.openjdk.org/jdk/pull/22099#discussion_r1842150753
More information about the core-libs-dev
mailing list