/hg/icedtea6: Add latest security patches
mmatejov at icedtea.classpath.org
mmatejov at icedtea.classpath.org
Thu Nov 5 14:20:37 PST 2009
changeset d966ce93b58b in /hg/icedtea6
details: http://icedtea.classpath.org/hg/icedtea6?cmd=changeset;node=d966ce93b58b
author: Martin Matejovic <mmatejov at redhat.com>
date: Thu Nov 05 23:24:59 2009 +0100
Add latest security patches 2009-11-05 Martin Matejovic
<mmatejov at redhat.com>
* patches/security/icedtea-6631533.patch
* patches/security/icedtea-6632445.patch
* patches/security/icedtea-6636650.patch
* patches/security/icedtea-6631533.patch
* patches/security/icedtea-6657026.patch
* patches/security/icedtea-6657138.patch
* patches/security/icedtea-6822057.patch
* patches/security/icedtea-6824265.patch
* patches/security/icedtea-6861062.patch
* patches/security/icedtea-6872358.patch
* Makefile.am: apply the above
diffstat:
11 files changed, 3484 insertions(+), 1 deletion(-)
ChangeLog | 13
Makefile.am | 11
patches/security/icedtea-6631533.patch | 184 +++
patches/security/icedtea-6632445.patch | 103 ++
patches/security/icedtea-6636650.patch | 139 ++
patches/security/icedtea-6657026.patch | 1608 ++++++++++++++++++++++++++++++++
patches/security/icedtea-6657138.patch | 775 +++++++++++++++
patches/security/icedtea-6822057.patch | 32
patches/security/icedtea-6824265.patch | 119 ++
patches/security/icedtea-6861062.patch | 344 ++++++
patches/security/icedtea-6872358.patch | 157 +++
diffs (truncated from 3538 to 500 lines):
diff -r a88ccd40d4c0 -r d966ce93b58b ChangeLog
--- a/ChangeLog Thu Nov 05 17:05:39 2009 +0000
+++ b/ChangeLog Thu Nov 05 23:24:59 2009 +0100
@@ -1,3 +1,16 @@ 2009-11-05 Edward Nevill <ed at camswl.com>
+2009-11-05 Martin Matejovic <mmatejov at redhat.com>
+ * patches/security/icedtea-6631533.patch
+ * patches/security/icedtea-6632445.patch
+ * patches/security/icedtea-6636650.patch
+ * patches/security/icedtea-6631533.patch
+ * patches/security/icedtea-6657026.patch
+ * patches/security/icedtea-6657138.patch
+ * patches/security/icedtea-6822057.patch
+ * patches/security/icedtea-6824265.patch
+ * patches/security/icedtea-6861062.patch
+ * patches/security/icedtea-6872358.patch
+ * Makefile.am: apply the above
+
2009-11-05 Edward Nevill <ed at camswl.com>
* Make OSR work with Shark
diff -r a88ccd40d4c0 -r d966ce93b58b Makefile.am
--- a/Makefile.am Thu Nov 05 17:05:39 2009 +0000
+++ b/Makefile.am Thu Nov 05 23:24:59 2009 +0100
@@ -594,7 +594,16 @@ ICEDTEA_PATCHES = \
patches/security/icedtea-6863503.patch \
patches/security/icedtea-6864911.patch \
patches/security/icedtea-6872357.patch \
- patches/security/icedtea-6874643.patch
+ patches/security/icedtea-6874643.patch \
+ patches/security/icedtea-6631533.patch \
+ patches/security/icedtea-6632445.patch \
+ patches/security/icedtea-6636650.patch \
+ patches/security/icedtea-6657026.patch \
+ patches/security/icedtea-6657138.patch \
+ patches/security/icedtea-6822057.patch \
+ patches/security/icedtea-6824265.patch \
+ patches/security/icedtea-6861062.patch \
+ patches/security/icedtea-6872358.patch
if WITH_RHINO
ICEDTEA_PATCHES += \
diff -r a88ccd40d4c0 -r d966ce93b58b patches/security/icedtea-6631533.patch
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/patches/security/icedtea-6631533.patch Thu Nov 05 23:24:59 2009 +0100
@@ -0,0 +1,184 @@
+--- old/src/share/classes/java/awt/color/ICC_Profile.java 2009-07-29 13:31:14.948600000 +0400
++++ openjdk/jdk/src/share/classes/java/awt/color/ICC_Profile.java 2009-07-29 13:31:14.153000000 +0400
+@@ -944,15 +944,15 @@
+ * and it does not permit read access to the given file.
+ */
+ public static ICC_Profile getInstance(String fileName) throws IOException {
+- ICC_Profile thisProfile;
+- FileInputStream fis;
++ ICC_Profile thisProfile;
++ FileInputStream fis = null;
+
+- SecurityManager security = System.getSecurityManager();
+- if (security != null) {
+- security.checkRead(fileName);
+- }
+
+- if ((fis = openProfile(fileName)) == null) {
++ File f = getProfileFile(fileName);
++ if (f != null) {
++ fis = new FileInputStream(f);
++ }
++ if (fis == null) {
+ throw new IOException("Cannot open file " + fileName);
+ }
+
+@@ -1064,13 +1064,24 @@
+
+
+ void activateDeferredProfile() {
+- byte profileData[];
+- FileInputStream fis;
+- String fileName = deferralInfo.filename;
++ byte profileData[];
++ FileInputStream fis;
++ final String fileName = deferralInfo.filename;
+
+ profileActivator = null;
+ deferralInfo = null;
+- if ((fis = openProfile(fileName)) == null) {
++ PrivilegedAction<FileInputStream> pa = new PrivilegedAction<FileInputStream>() {
++ public FileInputStream run() {
++ File f = getStandardProfileFile(fileName);
++ if (f != null) {
++ try {
++ return new FileInputStream(f);
++ } catch (FileNotFoundException e) {}
++ }
++ return null;
++ }
++ };
++ if ((fis = AccessController.doPrivileged(pa)) == null) {
+ throw new IllegalArgumentException("Cannot open file " + fileName);
+ }
+ try {
+@@ -1765,66 +1776,88 @@
+ * available, such as a profile for sRGB. Built-in profiles use .pf as
+ * the file name extension for profiles, e.g. sRGB.pf.
+ */
+- private static FileInputStream openProfile(final String fileName) {
+- return (FileInputStream)java.security.AccessController.doPrivileged(
+- new java.security.PrivilegedAction() {
+- public Object run() {
+- return privilegedOpenProfile(fileName);
+- }
+- });
+- }
+-
+- /*
+- * this version is called from doPrivileged in privilegedOpenProfile.
+- * the whole method is privileged!
+- */
+- private static FileInputStream privilegedOpenProfile(String fileName) {
+- FileInputStream fis = null;
++ private static File getProfileFile(String fileName) {
+ String path, dir, fullPath;
+
+ File f = new File(fileName); /* try absolute file name */
+-
++ if (f.isAbsolute()) {
++ /* Rest of code has little sense for an absolute pathname,
++ so return here. */
++ return f.isFile() ? f : null;
++ }
+ if ((!f.isFile()) &&
+ ((path = System.getProperty("java.iccprofile.path")) != null)){
+ /* try relative to java.iccprofile.path */
+- StringTokenizer st =
+- new StringTokenizer(path, File.pathSeparator);
+- while (st.hasMoreTokens() && (!f.isFile())) {
+- dir = st.nextToken();
+- fullPath = dir + File.separatorChar + fileName;
+- f = new File(fullPath);
++ StringTokenizer st =
++ new StringTokenizer(path, File.pathSeparator);
++ while (st.hasMoreTokens() && ((f == null) || (!f.isFile()))) {
++ dir = st.nextToken();
++ fullPath = dir + File.separatorChar + fileName;
++ f = new File(fullPath);
++ if (!isChildOf(f, dir)) {
++ f = null;
+ }
+ }
++ }
+
+- if ((!f.isFile()) &&
++ if (((f == null) || (!f.isFile())) &&
+ ((path = System.getProperty("java.class.path")) != null)) {
+ /* try relative to java.class.path */
+- StringTokenizer st =
+- new StringTokenizer(path, File.pathSeparator);
+- while (st.hasMoreTokens() && (!f.isFile())) {
+- dir = st.nextToken();
+- fullPath = dir + File.separatorChar + fileName;
+- f = new File(fullPath);
+- }
+- }
+-
+- if (!f.isFile()) { /* try the directory of built-in profiles */
+- dir = System.getProperty("java.home") +
+- File.separatorChar + "lib" + File.separatorChar + "cmm";
++ StringTokenizer st =
++ new StringTokenizer(path, File.pathSeparator);
++ while (st.hasMoreTokens() && ((f == null) || (!f.isFile()))) {
++ dir = st.nextToken();
+ fullPath = dir + File.separatorChar + fileName;
+ f = new File(fullPath);
++ if (!isChildOf(f, dir)) {
++ f = null;
++ }
+ }
++ }
++ if ((f == null) || (!f.isFile())) {
++ /* try the directory of built-in profiles */
++ f = getStandardProfileFile(fileName);
++ }
++ if (f != null && f.isFile()) {
++ return f;
++ }
++ return null;
++ }
+
+- if (f.isFile()) {
+- try {
+- fis = new FileInputStream(f);
+- } catch (FileNotFoundException e) {
++ /**
++ * Returns a file object corresponding to a built-in profile
++ * specified by fileName.
++ * If there is no built-in profile with such name, then the method
++ * returns null.
++ */
++ private static File getStandardProfileFile(String fileName) {
++ String dir = System.getProperty("java.home") +
++ File.separatorChar + "lib" + File.separatorChar + "cmm";
++ String fullPath = dir + File.separatorChar + fileName;
++ File f = new File(fullPath);
++ return (f.isFile() && isChildOf(f, dir)) ? f : null;
++ }
++
++ /**
++ * Checks whether given file resides inside give directory.
++ */
++ private static boolean isChildOf(File f, String dirName) {
++ try {
++ File dir = new File(dirName);
++ String canonicalDirName = dir.getCanonicalPath();
++ if (!canonicalDirName.endsWith(File.separator)) {
++ canonicalDirName += File.separator;
+ }
++ String canonicalFileName = f.getCanonicalPath();
++ return canonicalFileName.startsWith(canonicalDirName);
++ } catch (IOException e) {
++ /* we do not expect the IOException here, because invocation
++ * of this function is always preceeded by isFile() call.
++ */
++ return false;
+ }
+- return fis;
+ }
+
+-
+ /*
+ * Serialization support.
+ *
diff -r a88ccd40d4c0 -r d966ce93b58b patches/security/icedtea-6632445.patch
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/patches/security/icedtea-6632445.patch Thu Nov 05 23:24:59 2009 +0100
@@ -0,0 +1,103 @@
+--- old/src/share/classes/com/sun/imageio/plugins/bmp/BMPImageReader.java 2009-07-28 17:06:52.144000000 +0400
++++ openjdk/jdk/src/share/classes/com/sun/imageio/plugins/bmp/BMPImageReader.java 2009-07-28 17:06:51.488000000 +0400
+@@ -62,6 +62,8 @@
+
+ import java.io.*;
+ import java.nio.*;
++import java.security.AccessController;
++import java.security.PrivilegedAction;
+ import java.util.ArrayList;
+ import java.util.Iterator;
+ import java.util.StringTokenizer;
+@@ -502,12 +504,18 @@
+ iis.reset();
+
+ try {
+- if (metadata.colorSpace == PROFILE_LINKED)
++ if (metadata.colorSpace == PROFILE_LINKED &&
++ isLinkedProfileAllowed() &&
++ !isUncOrDevicePath(profile))
++ {
++ String path = new String(profile, "windows-1252");
++
+ colorSpace =
+- new ICC_ColorSpace(ICC_Profile.getInstance(new String(profile)));
+- else
++ new ICC_ColorSpace(ICC_Profile.getInstance(path));
++ } else {
+ colorSpace =
+ new ICC_ColorSpace(ICC_Profile.getInstance(profile));
++ }
+ } catch (Exception e) {
+ colorSpace = ColorSpace.getInstance(ColorSpace.CS_sRGB);
+ }
+@@ -1745,4 +1753,69 @@
+ public void sequenceStarted(ImageReader src, int minIndex) {}
+ public void readAborted(ImageReader src) {}
+ }
++
++ private static Boolean isLinkedProfileDisabled = null;
++
++ private static boolean isLinkedProfileAllowed() {
++ if (isLinkedProfileDisabled == null) {
++ PrivilegedAction<Boolean> a = new PrivilegedAction<Boolean>() {
++ public Boolean run() {
++ return Boolean.getBoolean("sun.imageio.plugins.bmp.disableLinkedProfiles");
++ }
++ };
++ isLinkedProfileDisabled = AccessController.doPrivileged(a);
++ }
++ return !isLinkedProfileDisabled;
++ }
++
++ private static Boolean isWindowsPlatform = null;
++
++ /**
++ * Verifies whether the byte array contans a unc path.
++ * Non-UNC path examples:
++ * c:\path\to\file - simple notation
++ * \\?\c:\path\to\file - long notation
++ *
++ * UNC path examples:
++ * \\server\share - a UNC path in simple notation
++ * \\?\UNC\server\share - a UNC path in long notation
++ * \\.\some\device - a path to device.
++ */
++ private static boolean isUncOrDevicePath(byte[] p) {
++ if (isWindowsPlatform == null) {
++ PrivilegedAction<Boolean> a = new PrivilegedAction<Boolean>() {
++ public Boolean run() {
++ String osname = System.getProperty("os.name");
++ return (osname != null &&
++ osname.toLowerCase().startsWith("win"));
++ }
++ };
++ isWindowsPlatform = AccessController.doPrivileged(a);
++ }
++
++ if (!isWindowsPlatform) {
++ /* no need for the check on platforms except windows */
++ return false;
++ }
++
++ /* normalize prefix of the path */
++ if (p[0] == '/') p[0] = '\\';
++ if (p[1] == '/') p[1] = '\\';
++ if (p[3] == '/') p[3] = '\\';
++
++
++ if ((p[0] == '\\') && (p[1] == '\\')) {
++ if ((p[2] == '?') && (p[3] == '\\')) {
++ // long path: whether unc or local
++ return ((p[4] == 'U' || p[4] == 'u') &&
++ (p[5] == 'N' || p[5] == 'n') &&
++ (p[6] == 'C' || p[6] == 'c'));
++ } else {
++ // device path or short unc notation
++ return true;
++ }
++ } else {
++ return false;
++ }
++ }
+ }
diff -r a88ccd40d4c0 -r d966ce93b58b patches/security/icedtea-6636650.patch
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/patches/security/icedtea-6636650.patch Thu Nov 05 23:24:59 2009 +0100
@@ -0,0 +1,139 @@
+--- old/src/share/classes/java/lang/ClassLoader.java Fri Jul 31 15:59:47 2009
++++ openjdk/jdk/src/share/classes/java/lang/ClassLoader.java Fri Jul 31 15:59:46 2009
+@@ -147,11 +147,6 @@
+ registerNatives();
+ }
+
+- // If initialization succeed this is set to true and security checks will
+- // succeed. Otherwise the object is not initialized and the object is
+- // useless.
+- private boolean initialized = false;
+-
+ // The parent class loader for delegation
+ private ClassLoader parent;
+
+@@ -177,6 +172,18 @@
+ // to its corresponding Package object.
+ private HashMap packages = new HashMap();
+
++ private static Void checkCreateClassLoader() {
++ SecurityManager security = System.getSecurityManager();
++ if (security != null) {
++ security.checkCreateClassLoader();
++ }
++ return null;
++ }
++
++ private ClassLoader(Void unused, ClassLoader parent) {
++ this.parent = parent;
++ }
++
+ /**
+ * Creates a new class loader using the specified parent class loader for
+ * delegation.
+@@ -197,12 +204,7 @@
+ * @since 1.2
+ */
+ protected ClassLoader(ClassLoader parent) {
+- SecurityManager security = System.getSecurityManager();
+- if (security != null) {
+- security.checkCreateClassLoader();
+- }
+- this.parent = parent;
+- initialized = true;
++ this(checkCreateClassLoader(), parent);
+ }
+
+ /**
+@@ -221,15 +223,9 @@
+ * of a new class loader.
+ */
+ protected ClassLoader() {
+- SecurityManager security = System.getSecurityManager();
+- if (security != null) {
+- security.checkCreateClassLoader();
+- }
+- this.parent = getSystemClassLoader();
+- initialized = true;
++ this(checkCreateClassLoader(), getSystemClassLoader());
+ }
+
+-
+ // -- Class --
+
+ /**
+@@ -611,7 +607,6 @@
+ ProtectionDomain protectionDomain)
+ throws ClassFormatError
+ {
+- check();
+ protectionDomain = preDefineClass(name, protectionDomain);
+
+ Class c = null;
+@@ -693,8 +688,6 @@
+ ProtectionDomain protectionDomain)
+ throws ClassFormatError
+ {
+- check();
+-
+ int len = b.remaining();
+
+ // Use byte[] if not a direct ByteBufer:
+@@ -842,7 +835,6 @@
+ * @see #defineClass(String, byte[], int, int)
+ */
+ protected final void resolveClass(Class<?> c) {
+- check();
+ resolveClass0(c);
+ }
+
+@@ -873,7 +865,6 @@
+ protected final Class<?> findSystemClass(String name)
+ throws ClassNotFoundException
+ {
+- check();
+ ClassLoader system = getSystemClassLoader();
+ if (system == null) {
+ if (!checkName(name))
+@@ -886,7 +877,6 @@
+ private Class findBootstrapClass0(String name)
+ throws ClassNotFoundException
+ {
+- check();
+ if (!checkName(name))
+ throw new ClassNotFoundException(name);
+ return findBootstrapClass(name);
+@@ -895,13 +885,6 @@
+ private native Class findBootstrapClass(String name)
+ throws ClassNotFoundException;
+
+- // Check to make sure the class loader has been initialized.
+- private void check() {
+- if (!initialized) {
+- throw new SecurityException("ClassLoader object not initialized");
+- }
+- }
+-
+ /**
+ * Returns the class with the given <a href="#name">binary name</a> if this
+ * loader has been recorded by the Java virtual machine as an initiating
+@@ -917,7 +900,6 @@
+ * @since 1.1
+ */
+ protected final Class<?> findLoadedClass(String name) {
+- check();
+ if (!checkName(name))
+ return null;
+ return findLoadedClass0(name);
+@@ -938,11 +920,9 @@
+ * @since 1.1
+ */
+ protected final void setSigners(Class<?> c, Object[] signers) {
+- check();
+ c.setSigners(signers);
+ }
+
+-
+ // -- Resource --
+
+ /**
diff -r a88ccd40d4c0 -r d966ce93b58b patches/security/icedtea-6657026.patch
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/patches/security/icedtea-6657026.patch Thu Nov 05 23:24:59 2009 +0100
@@ -0,0 +1,1608 @@
+--- old/src/share/classes/javax/swing/ToolTipManager.java 2009-08-11 12:05:32.501050200 +0400
++++ openjdk/jdk/src/share/classes/javax/swing/ToolTipManager.java 2009-08-11 12:05:31.670050200 +0400
+@@ -1,5 +1,5 @@
+ /*
+- * Copyright 1997-2006 Sun Microsystems, Inc. All Rights Reserved.
++ * Copyright 1997-2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+@@ -27,10 +27,7 @@
+ package javax.swing;
+
+ import java.awt.event.*;
+-import java.applet.*;
+ import java.awt.*;
+-import java.io.Serializable;
+-import sun.swing.UIAction;
More information about the distro-pkg-dev
mailing list