/hg/release/icedtea6-1.9: 7 new changesets
andrew at icedtea.classpath.org
andrew at icedtea.classpath.org
Tue Feb 14 23:44:04 PST 2012
changeset 7e1fcd4b6da6 in /hg/release/icedtea6-1.9
details: http://icedtea.classpath.org/hg/release/icedtea6-1.9?cmd=changeset;node=7e1fcd4b6da6
author: Andrew John Hughes <ahughes at redhat.com>
date: Thu Feb 09 18:41:13 2012 +0000
Add security patches for 2012/02/14.
2012-02-08 Omair Majid <omajid at redhat.com>
* NEWS: Update with security fixes.
* Makefile.am (SECURITY_PATCHES): Add security patches.
(SPECIAL_SECURITY_PATCH): Add new variable.
(ICEDTEA_PATCHES): Add security patch that epends on backport.
* patches/security/20120214/7082299.patch,
* patches/security/20120214/7088367.patch,
* patches/security/20120214/7110683.patch,
* patches/security/20120214/7110687.patch,
* patches/security/20120214/7110700.patch,
* patches/security/20120214/7110704.patch,
* patches/security/20120214/7112642.patch,
* patches/security/20120214/7118283.patch,
* patches/security/20120214/7126960.patch: New security fixes.
changeset 150156323417 in /hg/release/icedtea6-1.9
details: http://icedtea.classpath.org/hg/release/icedtea6-1.9?cmd=changeset;node=150156323417
author: Andrew John Hughes <ahughes at redhat.com>
date: Thu Feb 09 18:49:32 2012 +0000
Prepare for 1.9.13.
2012-02-09 Andrew John Hughes <ahughes at redhat.com>
* NEWS: Set release date for 1.9.13.
* configure.ac: Bump to 1.9.13 proper.
changeset 56926153f83b in /hg/release/icedtea6-1.9
details: http://icedtea.classpath.org/hg/release/icedtea6-1.9?cmd=changeset;node=56926153f83b
author: Andrew John Hughes <ahughes at redhat.com>
date: Fri Feb 10 14:44:39 2012 +0000
S7112642: Incorrect checking for graphics rendering object
(--enable-xrender only)
2012-02-10 Andrew John Hughes <ahughes at redhat.com>
* Makefile.am: Apply 7112642 security patch when
XRender is enabled.
* patches/security/20120214/7112642.patch: Additional security
patch.
changeset 847d06cccadf in /hg/release/icedtea6-1.9
details: http://icedtea.classpath.org/hg/release/icedtea6-1.9?cmd=changeset;node=847d06cccadf
author: Andrew John Hughes <ahughes at redhat.com>
date: Fri Feb 10 14:46:01 2012 +0000
Added tag icedtea6-1.9.13 for changeset 56926153f83b
changeset 491ebf4134d9 in /hg/release/icedtea6-1.9
details: http://icedtea.classpath.org/hg/release/icedtea6-1.9?cmd=changeset;node=491ebf4134d9
author: Andrew John Hughes <ahughes at redhat.com>
date: Mon Feb 13 11:56:27 2012 +0000
Removed tag icedtea6-1.9.13
changeset e25b5c616989 in /hg/release/icedtea6-1.9
details: http://icedtea.classpath.org/hg/release/icedtea6-1.9?cmd=changeset;node=e25b5c616989
author: Andrew John Hughes <ahughes at redhat.com>
date: Mon Feb 13 11:57:50 2012 +0000
Add CVE numbers.
2012-02-13 Andrew John Hughes <ahughes at redhat.com>
* NEWS: Add CVE numbers.
changeset 146d1c863e10 in /hg/release/icedtea6-1.9
details: http://icedtea.classpath.org/hg/release/icedtea6-1.9?cmd=changeset;node=146d1c863e10
author: Andrew John Hughes <ahughes at redhat.com>
date: Mon Feb 13 11:57:58 2012 +0000
Added tag icedtea6-1.9.13 for changeset e25b5c616989
diffstat:
.hgtags | 5 +
ChangeLog | 35 +-
Makefile.am | 15 +-
NEWS | 12 +-
configure.ac | 2 +-
patches/security/20120214/7082299.patch | 200 ++++++++
patches/security/20120214/7088367.patch | 43 +
patches/security/20120214/7110683.patch | 169 +++++++
patches/security/20120214/7110687.patch | 231 +++++++++
patches/security/20120214/7110700.patch | 41 +
patches/security/20120214/7110704.patch | 60 ++
patches/security/20120214/7112642.patch | 744 ++++++++++++++++++++++++++++++++
patches/security/20120214/7118283.patch | 26 +
patches/security/20120214/7126960.patch | 80 +++
14 files changed, 1658 insertions(+), 5 deletions(-)
diffs (truncated from 1776 to 500 lines):
diff -r eb61b840c119 -r 146d1c863e10 .hgtags
--- a/.hgtags Thu Feb 09 12:45:55 2012 +0000
+++ b/.hgtags Mon Feb 13 11:57:58 2012 +0000
@@ -32,3 +32,8 @@
7451a7b2b43e5c529c53a28361693cd51fc41a18 icedtea6-1.9.10
fc3dc6228784993d02959aac8796f2accdedb857 icedtea6-1.9.11
cf5b7f41e0e9a0c963bf8c5953797ae8db50bb6e icedtea6-1.9.12
+56926153f83bc1c2dc607c8649e2daa7bf8b5684 icedtea6-1.9.13
+56926153f83bc1c2dc607c8649e2daa7bf8b5684 icedtea6-1.9.13
+0000000000000000000000000000000000000000 icedtea6-1.9.13
+0000000000000000000000000000000000000000 icedtea6-1.9.13
+e25b5c616989e46ee127185d5d220495b56267ee icedtea6-1.9.13
diff -r eb61b840c119 -r 146d1c863e10 ChangeLog
--- a/ChangeLog Thu Feb 09 12:45:55 2012 +0000
+++ b/ChangeLog Mon Feb 13 11:57:58 2012 +0000
@@ -1,3 +1,36 @@
+2012-02-13 Andrew John Hughes <ahughes at redhat.com>
+
+ * NEWS: Add CVE numbers.
+
+2012-02-10 Andrew John Hughes <ahughes at redhat.com>
+
+ * Makefile.am: Apply 7112642 security patch
+ when XRender is enabled.
+ * patches/security/20120214/7112642.patch:
+ Additional security patch.
+
+2012-02-09 Andrew John Hughes <ahughes at redhat.com>
+
+ * NEWS: Set release date for 1.9.13.
+ * configure.ac: Bump to 1.9.13 proper.
+
+2012-02-08 Omair Majid <omajid at redhat.com>
+
+ * NEWS: Update with security fixes.
+ * Makefile.am
+ (SECURITY_PATCHES): Add security patches.
+ (SPECIAL_SECURITY_PATCH): Add new variable.
+ (ICEDTEA_PATCHES): Add security patch that epends on backport.
+ * patches/security/20120214/7082299.patch,
+ * patches/security/20120214/7088367.patch,
+ * patches/security/20120214/7110683.patch,
+ * patches/security/20120214/7110687.patch,
+ * patches/security/20120214/7110700.patch,
+ * patches/security/20120214/7110704.patch,
+ * patches/security/20120214/7112642.patch,
+ * patches/security/20120214/7118283.patch,
+ * patches/security/20120214/7126960.patch: New security fixes.
+
2012-02-09 Andrew John Hughes <ahughes at redhat.com>
* NEWS: Mention RH580478.
@@ -12,7 +45,7 @@
to be substituted during configure
* policytool.desktop: removed, replaced by policytool.desktop.in
* policytool.desktop.in: new file, stub for desktop file, have variable
- to be substituted during configure
+ to be substituted during configure
2012-01-12 Andrew John Hughes <ahughes at redhat.com>
diff -r eb61b840c119 -r 146d1c863e10 Makefile.am
--- a/Makefile.am Thu Feb 09 12:45:55 2012 +0000
+++ b/Makefile.am Mon Feb 13 11:57:58 2012 +0000
@@ -248,7 +248,17 @@
patches/security/20111018/7083012.patch \
patches/security/20111018/7096936.patch \
patches/security/20111018/7046794.patch \
- patches/security/20111018/7077466.patch
+ patches/security/20111018/7077466.patch \
+ patches/security/20120214/7082299.patch \
+ patches/security/20120214/7088367.patch \
+ patches/security/20120214/7110683.patch \
+ patches/security/20120214/7110687.patch \
+ patches/security/20120214/7110700.patch \
+ patches/security/20120214/7110704.patch \
+ patches/security/20120214/7118283.patch \
+ patches/security/20120214/7126960.patch
+
+SPECIAL_SECURITY_PATCH = patches/security/20120214/7112642.patch
ICEDTEA_PATCHES = \
$(SECURITY_PATCHES) \
@@ -429,7 +439,8 @@
patches/openjdk/6307603-xrender-01.patch \
patches/openjdk/6961633-xrender-02.patch \
patches/openjdk/6791612-opengl-jni-fix.patch \
- patches/openjdk/6755274-glgetstring-crash.patch
+ patches/openjdk/6755274-glgetstring-crash.patch \
+ $(SPECIAL_SECURITY_PATCH)
endif
if ENABLE_NIO2
diff -r eb61b840c119 -r 146d1c863e10 NEWS
--- a/NEWS Thu Feb 09 12:45:55 2012 +0000
+++ b/NEWS Mon Feb 13 11:57:58 2012 +0000
@@ -8,8 +8,18 @@
CVE-XXXX-YYYY: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY
-New in release 1.9.13 (2012-02-XX):
+New in release 1.9.13 (2012-02-14):
+* Security fixes
+ - S7082299, CVE-2011-3571: Fix in AtomicReferenceArray
+ - S7088367, CVE-2011-3563: Fix issues in java sound
+ - S7110683, CVE-2012-0502: Issues with some KeyboardFocusManager method
+ - S7110687, CVE-2012-0503: Issues with TimeZone class
+ - S7110700, CVE-2012-0505: Enhance exception throwing mechanism in ObjectStreamClass
+ - S7110704, CVE-2012-0506: Issues with some method in corba
+ - S7112642, CVE-2012-0497: Incorrect checking for graphics rendering object
+ - S7118283, CVE-2012-0501: Better input parameter checking in zip file processing
+ - S7126960, CVE-2011-5035: Add property to limit number of request headers to the HTTP Server
* Bug fixes
- RH580478: Desktop files should not use hardcoded path
diff -r eb61b840c119 -r 146d1c863e10 configure.ac
--- a/configure.ac Thu Feb 09 12:45:55 2012 +0000
+++ b/configure.ac Mon Feb 13 11:57:58 2012 +0000
@@ -1,4 +1,4 @@
-AC_INIT([icedtea6],[1.9.13pre],[distro-pkg-dev at openjdk.java.net])
+AC_INIT([icedtea6],[1.9.13],[distro-pkg-dev at openjdk.java.net])
AM_INIT_AUTOMAKE([1.9 tar-pax foreign])
AC_CONFIG_FILES([Makefile])
diff -r eb61b840c119 -r 146d1c863e10 patches/security/20120214/7082299.patch
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/patches/security/20120214/7082299.patch Mon Feb 13 11:57:58 2012 +0000
@@ -0,0 +1,201 @@
+# HG changeset patch
+# User robm
+# Date 1322691030 0
+# Node ID ee0f12b18cb8d20c3fb61e96817bde6318a29221
+# Parent dd8956e41b892ed7102e1d5668781f2c68ea9ac5
+7082299: AtomicReferenceArray should ensure that array is Object[]
+Summary: java.util.concurrent.AtomicReferenceArray needs to ensure that internal array is always Object[].
+Reviewed-by: chegar, coffeys
+
+diff --git a/src/share/classes/java/util/concurrent/atomic/AtomicReferenceArray.java b/src/share/classes/java/util/concurrent/atomic/AtomicReferenceArray.java
+--- openjdk/jdk/src/share/classes/java/util/concurrent/atomic/AtomicReferenceArray.java
++++ openjdk/jdk/src/share/classes/java/util/concurrent/atomic/AtomicReferenceArray.java
+@@ -34,8 +34,9 @@
+ */
+
+ package java.util.concurrent.atomic;
++import java.lang.reflect.Array;
++import java.util.Arrays;
+ import sun.misc.Unsafe;
+-import java.util.*;
+
+ /**
+ * An array of object references in which elements may be updated
+@@ -49,15 +50,37 @@ public class AtomicReferenceArray<E> imp
+ public class AtomicReferenceArray<E> implements java.io.Serializable {
+ private static final long serialVersionUID = -6209656149925076980L;
+
+- private static final Unsafe unsafe = Unsafe.getUnsafe();
+- private static final int base = unsafe.arrayBaseOffset(Object[].class);
+- private static final int scale = unsafe.arrayIndexScale(Object[].class);
+- private final Object[] array;
++ private static final Unsafe unsafe;
++ private static final int base;
++ private static final int shift;
++ private static final long arrayFieldOffset;
++ private final Object[] array; // must have exact type Object[]
+
+- private long rawIndex(int i) {
++ static {
++ int scale;
++ try {
++ unsafe = Unsafe.getUnsafe();
++ arrayFieldOffset = unsafe.objectFieldOffset
++ (AtomicReferenceArray.class.getDeclaredField("array"));
++ base = unsafe.arrayBaseOffset(Object[].class);
++ scale = unsafe.arrayIndexScale(Object[].class);
++ } catch (Exception e) {
++ throw new Error(e);
++ }
++ if ((scale & (scale - 1)) != 0)
++ throw new Error("data type scale not a power of two");
++ shift = 31 - Integer.numberOfLeadingZeros(scale);
++ }
++
++ private long checkedByteOffset(int i) {
+ if (i < 0 || i >= array.length)
+ throw new IndexOutOfBoundsException("index " + i);
+- return base + (long) i * scale;
++
++ return byteOffset(i);
++ }
++
++ private static long byteOffset(int i) {
++ return ((long) i << shift) + base;
+ }
+
+ /**
+@@ -66,9 +89,6 @@ public class AtomicReferenceArray<E> imp
+ */
+ public AtomicReferenceArray(int length) {
+ array = new Object[length];
+- // must perform at least one volatile write to conform to JMM
+- if (length > 0)
+- unsafe.putObjectVolatile(array, rawIndex(0), null);
+ }
+
+ /**
+@@ -79,18 +99,8 @@ public class AtomicReferenceArray<E> imp
+ * @throws NullPointerException if array is null
+ */
+ public AtomicReferenceArray(E[] array) {
+- if (array == null)
+- throw new NullPointerException();
+- int length = array.length;
+- this.array = new Object[length];
+- if (length > 0) {
+- int last = length-1;
+- for (int i = 0; i < last; ++i)
+- this.array[i] = array[i];
+- // Do the last write as volatile
+- E e = array[last];
+- unsafe.putObjectVolatile(this.array, rawIndex(last), e);
+- }
++ // Visibility guaranteed by final field guarantees
++ this.array = Arrays.copyOf(array, array.length, Object[].class);
+ }
+
+ /**
+@@ -109,7 +119,11 @@ public class AtomicReferenceArray<E> imp
+ * @return the current value
+ */
+ public final E get(int i) {
+- return (E) unsafe.getObjectVolatile(array, rawIndex(i));
++ return getRaw(checkedByteOffset(i));
++ }
++
++ private E getRaw(long offset) {
++ return (E) unsafe.getObjectVolatile(array, offset);
+ }
+
+ /**
+@@ -119,7 +133,7 @@ public class AtomicReferenceArray<E> imp
+ * @param newValue the new value
+ */
+ public final void set(int i, E newValue) {
+- unsafe.putObjectVolatile(array, rawIndex(i), newValue);
++ unsafe.putObjectVolatile(array, checkedByteOffset(i), newValue);
+ }
+
+ /**
+@@ -130,7 +144,7 @@ public class AtomicReferenceArray<E> imp
+ * @since 1.6
+ */
+ public final void lazySet(int i, E newValue) {
+- unsafe.putOrderedObject(array, rawIndex(i), newValue);
++ unsafe.putOrderedObject(array, checkedByteOffset(i), newValue);
+ }
+
+
+@@ -143,9 +157,10 @@ public class AtomicReferenceArray<E> imp
+ * @return the previous value
+ */
+ public final E getAndSet(int i, E newValue) {
++ long offset = checkedByteOffset(i);
+ while (true) {
+- E current = get(i);
+- if (compareAndSet(i, current, newValue))
++ E current = getRaw(offset);
++ if (compareAndSetRaw(offset, current, newValue))
+ return current;
+ }
+ }
+@@ -153,6 +168,7 @@ public class AtomicReferenceArray<E> imp
+ /**
+ * Atomically sets the element at position {@code i} to the given
+ * updated value if the current value {@code ==} the expected value.
++ *
+ * @param i the index
+ * @param expect the expected value
+ * @param update the new value
+@@ -160,8 +176,11 @@ public class AtomicReferenceArray<E> imp
+ * the actual value was not equal to the expected value.
+ */
+ public final boolean compareAndSet(int i, E expect, E update) {
+- return unsafe.compareAndSwapObject(array, rawIndex(i),
+- expect, update);
++ return compareAndSetRaw(checkedByteOffset(i), expect, update);
++ }
++
++ private boolean compareAndSetRaw(long offset, E expect, E update) {
++ return unsafe.compareAndSwapObject(array, offset, expect, update);
+ }
+
+ /**
+@@ -186,9 +205,33 @@ public class AtomicReferenceArray<E> imp
+ * @return the String representation of the current values of array.
+ */
+ public String toString() {
+- if (array.length > 0) // force volatile read
+- get(0);
+- return Arrays.toString(array);
++ int iMax = array.length - 1;
++ if (iMax == -1)
++ return "[]";
++
++ StringBuilder b = new StringBuilder();
++ b.append('[');
++ for (int i = 0; ; i++) {
++ b.append(getRaw(byteOffset(i)));
++ if (i == iMax)
++ return b.append(']').toString();
++ b.append(',').append(' ');
++ }
++ }
++
++ /**
++ * Reconstitutes the instance from a stream (that is, deserializes it).
++ * @param s the stream
++ */
++ private void readObject(java.io.ObjectInputStream s)
++ throws java.io.IOException, ClassNotFoundException {
++ // Note: This must be changed if any additional fields are defined
++ Object a = s.readFields().get("array", null);
++ if (a == null || !a.getClass().isArray())
++ throw new java.io.InvalidObjectException("Not array type");
++ if (a.getClass() != Object[].class)
++ a = Arrays.copyOf((Object[])a, Array.getLength(a), Object[].class);
++ unsafe.putObjectVolatile(this, arrayFieldOffset, a);
+ }
+
+ }
diff -r eb61b840c119 -r 146d1c863e10 patches/security/20120214/7088367.patch
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/patches/security/20120214/7088367.patch Mon Feb 13 11:57:58 2012 +0000
@@ -0,0 +1,45 @@
+# HG changeset patch
+# User amenkov
+# Date 1319622989 -14400
+# Node ID b34a3ed0c8f2f6b9121d38ed330430d913f8a385
+# Parent cdc68d7a17dd412402b100dc427abbe0a90cf2ab
+7088367: JavaSound security issue (12865443)
+Reviewed-by: denis
+
+diff --git a/src/share/classes/com/sun/media/sound/DirectAudioDevice.java b/src/share/classes/com/sun/media/sound/DirectAudioDevice.java
+--- openjdk/jdk/src/share/classes/com/sun/media/sound/DirectAudioDevice.java
++++ openjdk/jdk/src/share/classes/com/sun/media/sound/DirectAudioDevice.java
+@@ -771,7 +771,7 @@ class DirectAudioDevice extends Abstract
+ if (off < 0) {
+ throw new ArrayIndexOutOfBoundsException(off);
+ }
+- if (off + len > b.length) {
++ if ((long)off + (long)len > (long)b.length) {
+ throw new ArrayIndexOutOfBoundsException(b.length);
+ }
+
+@@ -1000,7 +1000,7 @@ class DirectAudioDevice extends Abstract
+ if (off < 0) {
+ throw new ArrayIndexOutOfBoundsException(off);
+ }
+- if (off + len > b.length) {
++ if ((long)off + (long)len > (long)b.length) {
+ throw new ArrayIndexOutOfBoundsException(b.length);
+ }
+ if (!isActive() && doIO) {
+diff --git a/src/share/classes/com/sun/media/sound/SoftMixingSourceDataLine.java b/src/share/classes/com/sun/media/sound/SoftMixingSourceDataLine.java
+--- openjdk/jdk/src/share/classes/com/sun/media/sound/SoftMixingSourceDataLine.java
++++ openjdk/jdk/src/share/classes/com/sun/media/sound/SoftMixingSourceDataLine.java
+@@ -130,6 +130,12 @@ public class SoftMixingSourceDataLine ex
+ if (len % framesize != 0)
+ throw new IllegalArgumentException(
+ "Number of bytes does not represent an integral number of sample frames.");
++ if (off < 0) {
++ throw new ArrayIndexOutOfBoundsException(off);
++ }
++ if ((long)off + (long)len > (long)b.length) {
++ throw new ArrayIndexOutOfBoundsException(b.length);
++ }
+
+ byte[] buff = cycling_buffer;
+ int buff_len = cycling_buffer.length;
diff -r eb61b840c119 -r 146d1c863e10 patches/security/20120214/7110683.patch
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/patches/security/20120214/7110683.patch Mon Feb 13 11:57:58 2012 +0000
@@ -0,0 +1,170 @@
+# HG changeset patch
+# User skoppar
+# Date 1324575564 28800
+# Node ID e05eb7bee1ce0a44f3e414454e44cd49d77ba9de
+# Parent bfaa99d5bef813217cdbc6eddcdd511cf53327e7
+7110683: Issues with some KeyboardFocusManager method
+7116384: backout the unallowed changes in the KeyboardFocusManager.java javadoc
+Reviewed-by: ant
+
+diff --git a/src/share/classes/java/awt/KeyboardFocusManager.java b/src/share/classes/java/awt/KeyboardFocusManager.java
+--- openjdk/jdk/src/share/classes/java/awt/KeyboardFocusManager.java
++++ openjdk/jdk/src/share/classes/java/awt/KeyboardFocusManager.java
+@@ -1,5 +1,5 @@
+ /*
+- * Copyright (c) 2000, 2007, Oracle and/or its affiliates. All rights reserved.
++ * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+@@ -476,14 +476,8 @@ public abstract class KeyboardFocusManag
+ */
+ protected Component getGlobalFocusOwner() throws SecurityException {
+ synchronized (KeyboardFocusManager.class) {
+- if (this == getCurrentKeyboardFocusManager()) {
+- return focusOwner;
+- } else {
+- if (focusLog.isLoggable(Level.FINER)) {
+- focusLog.log(Level.FINER, "This manager is " + this + ", current is " + getCurrentKeyboardFocusManager());
+- }
+- throw new SecurityException(notPrivileged);
+- }
++ checkCurrentKFMSecurity();
++ return focusOwner;
+ }
+ }
+
+@@ -517,6 +511,7 @@ public abstract class KeyboardFocusManag
+
+ if (focusOwner == null || focusOwner.isFocusable()) {
+ synchronized (KeyboardFocusManager.class) {
++ checkCurrentKFMSecurity();
+ oldFocusOwner = getFocusOwner();
+
+ try {
+@@ -566,6 +561,10 @@ public abstract class KeyboardFocusManag
+ * @see java.awt.event.FocusEvent#FOCUS_LOST
+ */
+ public void clearGlobalFocusOwner() {
++ synchronized (KeyboardFocusManager.class) {
++ checkCurrentKFMSecurity();
++ }
++
+ if (!GraphicsEnvironment.isHeadless()) {
+ // Toolkit must be fully initialized, otherwise
+ // _clearGlobalFocusOwner will crash or throw an exception
+@@ -645,14 +644,8 @@ public abstract class KeyboardFocusManag
+ throws SecurityException
+ {
+ synchronized (KeyboardFocusManager.class) {
+- if (this == getCurrentKeyboardFocusManager()) {
+- return permanentFocusOwner;
+- } else {
+- if (focusLog.isLoggable(Level.FINER)) {
+- focusLog.log(Level.FINER, "This manager is " + this + ", current is " + getCurrentKeyboardFocusManager());
+- }
+- throw new SecurityException(notPrivileged);
+- }
++ checkCurrentKFMSecurity();
++ return permanentFocusOwner;
+ }
+ }
+
+@@ -688,6 +681,7 @@ public abstract class KeyboardFocusManag
+
+ if (permanentFocusOwner == null || permanentFocusOwner.isFocusable()) {
+ synchronized (KeyboardFocusManager.class) {
++ checkCurrentKFMSecurity();
+ oldPermanentFocusOwner = getPermanentFocusOwner();
+
+ try {
+@@ -753,14 +747,8 @@ public abstract class KeyboardFocusManag
+ */
+ protected Window getGlobalFocusedWindow() throws SecurityException {
+ synchronized (KeyboardFocusManager.class) {
+- if (this == getCurrentKeyboardFocusManager()) {
+- return focusedWindow;
+- } else {
+- if (focusLog.isLoggable(Level.FINER)) {
+- focusLog.log(Level.FINER, "This manager is " + this + ", current is " + getCurrentKeyboardFocusManager());
+- }
+- throw new SecurityException(notPrivileged);
+- }
++ checkCurrentKFMSecurity();
++ return focusedWindow;
+ }
+ }
+
+@@ -791,6 +779,7 @@ public abstract class KeyboardFocusManag
+
+ if (focusedWindow == null || focusedWindow.isFocusableWindow()) {
+ synchronized (KeyboardFocusManager.class) {
++ checkCurrentKFMSecurity();
+ oldFocusedWindow = getFocusedWindow();
+
+ try {
+@@ -857,14 +846,8 @@ public abstract class KeyboardFocusManag
+ */
+ protected Window getGlobalActiveWindow() throws SecurityException {
+ synchronized (KeyboardFocusManager.class) {
+- if (this == getCurrentKeyboardFocusManager()) {
+- return activeWindow;
+- } else {
+- if (focusLog.isLoggable(Level.FINER)) {
+- focusLog.log(Level.FINER, "This manager is " + this + ", current is " + getCurrentKeyboardFocusManager());
+- }
+- throw new SecurityException(notPrivileged);
+- }
More information about the distro-pkg-dev
mailing list