[Bug 381] Stackoverflow error with security manager, signed jars and -Djava.security.debug set

bugzilla-daemon at icedtea.classpath.org bugzilla-daemon at icedtea.classpath.org
Wed Aug 26 16:18:35 PDT 2009


gnu_andrew at member.fsf.org changed:

           What    |Removed                     |Added
             Status|NEW                         |ASSIGNED

------- Comment #15 from gnu_andrew at member.fsf.org  2009-08-26 23:18 -------
I've posted a revised version to the i18n lists:


which does the same, but looks in tz.properties for the fix, rather than using
a value hardcoded into either the HotSpot (mjw's fix) or JDK (keith's fix)
sources.  This has the advantage that the value is easier to change and
standard OpenJDK builds won't start trying to use whatever is in
/usr/share/javazi.  As that's the version being reviewed, I'd suggest we
replace the one in IcedTea with this.  As demonstrated in the mail, I've tested
this both with and without said properties file using strace.

I haven't been able to replicate the bug though (at least as given).  I ran the
testcase from http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=377 with
-Djava.security.manager -Djava.security.debug=access,failure,debug and got an
exception being thrown, but no recursion.

access: access allowed (java.util.PropertyPermission java.home read)
access: access allowed (java.io.FilePermission
/usr/lib64/icedtea6/jre/lib/zi/ZoneInfoMappings read)
access: access allowed (java.io.FilePermission
/usr/lib64/icedtea6/jre/lib/zi/ZoneInfoMappings read)
access: access allowed (java.io.FilePermission
/usr/lib64/icedtea6/jre/lib/zi/ZoneInfoMappings read)
access: access allowed (java.io.FilePermission
/usr/lib64/icedtea6/jre/lib/zi/ZoneInfoMappings read)
access: access allowed (java.io.FilePermission
/usr/lib64/icedtea6/jre/lib/zi/ZoneInfoMappings read)
Asia/Amman      access: access allowed (java.util.PropertyPermission
user.zoneinfo.dir read)
access: access denied (java.io.FilePermission
/usr/share/javazi/ZoneInfoMappings read)
java.lang.Exception: Stack trace
        at java.lang.Thread.dumpStack(Thread.java:1223)
        at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
        at java.lang.SecurityManager.checkRead(SecurityManager.java:888)
        at java.io.File.exists(File.java:748)
        at sun.util.calendar.ZoneInfoFile.createZoneInfo(ZoneInfoFile.java:575)
        at sun.util.calendar.ZoneInfoFile.getZoneInfo(ZoneInfoFile.java:545)
        at sun.util.calendar.ZoneInfo.getTimeZone(ZoneInfo.java:600)
        at java.util.TimeZone.getTimeZone(TimeZone.java:486)
        at java.util.TimeZone.getTimeZone(TimeZone.java:482)
        at CalTest2.main(CalTest2.java:13)

I have a feeling part of the failure may be because /usr/share/javazi doesn't
exist, either here or on RHEL.

Interestingly, I don't get any output with the new patch applied to OpenJDK7.

Configure bugmail: http://icedtea.classpath.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the distro-pkg-dev mailing list