/hg/release/icedtea7-forest-2.3/jdk: 22 new changesets
andrew at icedtea.classpath.org
andrew at icedtea.classpath.org
Tue Oct 16 13:38:12 PDT 2012
changeset cb996986a525 in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=cb996986a525
author: weijun
date: Fri Jun 15 09:40:30 2012 +0800
6631398: FilePermission improved path checking
Reviewed-by: mullan, skoivu, jdn
changeset e1cd2adcb6fc in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=e1cd2adcb6fc
author: smarks
date: Thu Jun 21 00:20:49 2012 -0700
7093490: adjust package access in rmiregistry
Reviewed-by: ahgross, coffeys, dmocek
changeset ae6eefc8216c in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=ae6eefc8216c
author: sundar
date: Sat Aug 04 21:16:20 2012 +0530
7143535: ScriptEngine corrected permissions
Reviewed-by: jjh
changeset da0ee7f1af26 in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=da0ee7f1af26
author: dsamersoff
date: Fri Jun 15 15:34:35 2012 +0400
7158796: Tighten properties checking in EnvHelp
Summary: Move getProperty call out of computeBooleanFromString
Reviewed-by: skoivu, sla
changeset f2bae6dacc05 in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=f2bae6dacc05
author: mullan
date: Thu Jun 07 12:31:16 2012 -0400
7163198: Tightened package accessibility
7169887: Tightened package accessibility
Reviewed-by: hawtin
changeset ec46ad0afaa2 in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=ec46ad0afaa2
author: wetmore
date: Mon May 21 15:42:08 2012 -0700
7167656: Multiple Seeders are being created
Reviewed-by: smarks, mduigou, ahgross
changeset 97f75273d727 in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=97f75273d727
author: robm
date: Tue Sep 11 14:45:22 2012 +0100
7169884: LogManager checks do not work correctly for sub-types
Reviewed-by: alanb
changeset 33544e126c75 in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=33544e126c75
author: dsamersoff
date: Fri Jun 15 17:02:58 2012 +0400
7169888: Narrowing resource definitions in JMX RMI connector
Summary: CPU bug, we can't put offending calls outside doPrivileged, but narrow granted permissions.
Reviewed-by: ahgross, fparain
changeset 0048b76ea9fd in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=0048b76ea9fd
author: mullan
date: Tue Jun 19 13:16:19 2012 -0400
7172522: Improve DomainCombiner checking
Reviewed-by: vinnie, ahgross
changeset 65b5c1d1fe57 in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=65b5c1d1fe57
author: xuelei
date: Mon Jul 30 20:32:52 2012 -0700
7186286: TLS implementation to better adhere to RFC
Summary: also reviewed by Alexander Fomin <Alexander.Fomin at Oracle.COM>, Andrew Gross<Andrew.Gross at Oracle.COM>, Sean Coffey<Sean.Coffey at Oracle.COM>
Reviewed-by: valeriep, wetmore
changeset 00c665aa6d1d in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=00c665aa6d1d
author: chegar
date: Mon Aug 20 22:10:39 2012 +0100
7189103: Executors needs to maintain state
Reviewed-by: dholmes, hawtin
changeset ca88b412e85f in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=ca88b412e85f
author: mullan
date: Wed Aug 15 11:39:21 2012 -0400
7189490: More improvements to DomainCombiner checking
Reviewed-by: ahgross, jdn, vinnie
changeset e75f6a1028d1 in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=e75f6a1028d1
author: chegar
date: Wed Aug 22 22:51:16 2012 +0100
7189567: java net obselete protocol
Reviewed-by: alanb, ahgross
changeset da9b90b138f3 in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=da9b90b138f3
author: dsamersoff
date: Sun Sep 23 23:43:31 2012 +0400
7192975: Issue with JMX reflection
Summary: Make security check unconditional
Reviewed-by: ahgross, asaha
Contributed-by: jaroslav.bachorik at oracle.com
changeset bdda5d624540 in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=bdda5d624540
author: rupashka
date: Tue Sep 11 17:27:31 2012 +0400
7195194: Better data validation for Swing
Reviewed-by: art, ahgross
changeset 06a9af6fad52 in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=06a9af6fad52
author: malenkov
date: Tue Sep 11 15:58:50 2012 +0400
7195549: Better bean object persistence
Reviewed-by: art, ahgross
changeset fa7cbfacfb00 in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=fa7cbfacfb00
author: malenkov
date: Wed Sep 19 19:10:55 2012 +0400
7195917: XMLDecoder parsing at close-time should be improved
Reviewed-by: art, ahgross
changeset c7b17be8f842 in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=c7b17be8f842
author: smarks
date: Mon Sep 10 15:52:51 2012 -0700
7195919: (sl) ServiceLoader can throw CCE without needing to create instance
Reviewed-by: ahgross, alanb, dmeetry
changeset 43113374306c in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=43113374306c
author: jrose
date: Wed Sep 19 18:37:12 2012 -0700
7196190: Improve method of handling MethodHandles
Summary: Bind callers to caller-sensitive methods.
Reviewed-by: twisti, jjh, vlivanov, ahgross
changeset a0ae1a8c83e0 in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=a0ae1a8c83e0
author: dsamersoff
date: Wed Sep 19 12:21:24 2012 -0700
7198296: Refactor classloader usage
Reviewed-by: ahgross
Contributed-by: dmitry.samersoff at oracle.com
changeset 6d4f9b2e4a51 in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=6d4f9b2e4a51
author: andrew
date: Mon Oct 15 11:17:27 2012 +0100
Remove merge artefact.
changeset 5ec94d162f05 in /hg/release/icedtea7-forest-2.3/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk?cmd=changeset;node=5ec94d162f05
author: andrew
date: Tue Oct 16 21:36:45 2012 +0100
Added tag icedtea-2.3.3 for changeset 6d4f9b2e4a51
diffstat:
.hgtags | 1 +
src/share/classes/com/sun/beans/decoder/DocumentHandler.java | 55 ++-
src/share/classes/com/sun/beans/decoder/PropertyElementHandler.java | 12 +-
src/share/classes/com/sun/jmx/remote/internal/ServerNotifForwarder.java | 6 +-
src/share/classes/com/sun/jmx/remote/util/EnvHelp.java | 76 +---
src/share/classes/com/sun/script/javascript/RhinoScriptEngine.java | 10 +-
src/share/classes/java/beans/XMLDecoder.java | 16 +-
src/share/classes/java/io/FilePermission.java | 2 +-
src/share/classes/java/lang/invoke/MethodHandleImpl.java | 169 +++++++++-
src/share/classes/java/lang/invoke/MethodHandleNatives.java | 99 +++++-
src/share/classes/java/lang/invoke/MethodHandleStatics.java | 4 +-
src/share/classes/java/lang/invoke/MethodHandles.java | 24 +-
src/share/classes/java/net/URL.java | 28 +-
src/share/classes/java/security/AccessController.java | 17 +-
src/share/classes/java/util/ServiceLoader.java | 15 +-
src/share/classes/java/util/concurrent/Executors.java | 19 +-
src/share/classes/java/util/logging/FileHandler.java | 12 +-
src/share/classes/java/util/logging/Handler.java | 18 +-
src/share/classes/java/util/logging/LogManager.java | 24 +-
src/share/classes/java/util/logging/Logger.java | 18 +-
src/share/classes/java/util/logging/MemoryHandler.java | 2 +-
src/share/classes/java/util/logging/StreamHandler.java | 2 +-
src/share/classes/javax/management/modelmbean/DescriptorSupport.java | 5 +-
src/share/classes/javax/management/remote/rmi/RMIConnectionImpl.java | 93 +++++-
src/share/classes/javax/management/remote/rmi/RMIConnector.java | 6 +-
src/share/classes/javax/management/remote/rmi/RMIConnectorServer.java | 5 +-
src/share/classes/javax/swing/text/DefaultFormatter.java | 4 +-
src/share/classes/sun/invoke/anon/AnonymousClassLoader.java | 76 +----
src/share/classes/sun/misc/Service.java | 12 +-
src/share/classes/sun/rmi/registry/RegistryImpl.java | 3 +-
src/share/classes/sun/security/provider/SecureRandom.java | 37 +-
src/share/classes/sun/security/ssl/HandshakeInStream.java | 13 +-
src/share/classes/sun/security/ssl/Handshaker.java | 4 +-
src/share/classes/sun/security/ssl/RSAClientKeyExchange.java | 56 ++-
src/share/lib/security/java.security | 4 +-
src/share/lib/security/java.security-macosx | 4 +-
src/share/lib/security/java.security-solaris | 4 +-
src/share/lib/security/java.security-windows | 4 +-
test/java/net/URL/Test.java | 4 -
39 files changed, 668 insertions(+), 295 deletions(-)
diffs (truncated from 2020 to 500 lines):
diff -r f78eb7e08ee1 -r 5ec94d162f05 .hgtags
--- a/.hgtags Fri Aug 31 12:21:12 2012 +0100
+++ b/.hgtags Tue Oct 16 21:36:45 2012 +0100
@@ -217,3 +217,4 @@
0000000000000000000000000000000000000000 icedtea-2.3.2
0000000000000000000000000000000000000000 icedtea-2.3.2
64ec99488219da2565d3eea0a53ffb4854c87fbe icedtea-2.3.2
+6d4f9b2e4a51be218c0d0a1b10cd8469d8ca3cdc icedtea-2.3.3
diff -r f78eb7e08ee1 -r 5ec94d162f05 src/share/classes/com/sun/beans/decoder/DocumentHandler.java
--- a/src/share/classes/com/sun/beans/decoder/DocumentHandler.java Fri Aug 31 12:21:12 2012 +0100
+++ b/src/share/classes/com/sun/beans/decoder/DocumentHandler.java Tue Oct 16 21:36:45 2012 +0100
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2008, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2008, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -37,6 +37,9 @@
import java.util.HashMap;
import java.util.List;
import java.util.Map;
+import java.security.AccessControlContext;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.parsers.SAXParserFactory;
@@ -46,6 +49,8 @@
import org.xml.sax.SAXException;
import org.xml.sax.helpers.DefaultHandler;
+import sun.misc.SharedSecrets;
+
/**
* The main class to parse JavaBeans XML archive.
*
@@ -56,11 +61,10 @@
* @see ElementHandler
*/
public final class DocumentHandler extends DefaultHandler {
- private final Map<String, Class<? extends ElementHandler>> handlers = new HashMap<String, Class<? extends ElementHandler>>();
-
- private final Map<String, Object> environment = new HashMap<String, Object>();
-
- private final List<Object> objects = new ArrayList<Object>();
+ private final AccessControlContext acc = AccessController.getContext();
+ private final Map<String, Class<? extends ElementHandler>> handlers = new HashMap<>();
+ private final Map<String, Object> environment = new HashMap<>();
+ private final List<Object> objects = new ArrayList<>();
private Reference<ClassLoader> loader;
private ExceptionListener listener;
@@ -351,23 +355,32 @@
*
* @param input the input source to parse
*/
- public void parse(InputSource input) {
- try {
- SAXParserFactory.newInstance().newSAXParser().parse(input, this);
+ public void parse(final InputSource input) {
+ if ((this.acc == null) && (null != System.getSecurityManager())) {
+ throw new SecurityException("AccessControlContext is not set");
}
- catch (ParserConfigurationException exception) {
- handleException(exception);
- }
- catch (SAXException wrapper) {
- Exception exception = wrapper.getException();
- if (exception == null) {
- exception = wrapper;
+ AccessControlContext stack = AccessController.getContext();
+ SharedSecrets.getJavaSecurityAccess().doIntersectionPrivilege(new PrivilegedAction<Void>() {
+ public Void run() {
+ try {
+ SAXParserFactory.newInstance().newSAXParser().parse(input, DocumentHandler.this);
+ }
+ catch (ParserConfigurationException exception) {
+ handleException(exception);
+ }
+ catch (SAXException wrapper) {
+ Exception exception = wrapper.getException();
+ if (exception == null) {
+ exception = wrapper;
+ }
+ handleException(exception);
+ }
+ catch (IOException exception) {
+ handleException(exception);
+ }
+ return null;
}
- handleException(exception);
- }
- catch (IOException exception) {
- handleException(exception);
- }
+ }, stack, this.acc);
}
/**
diff -r f78eb7e08ee1 -r 5ec94d162f05 src/share/classes/com/sun/beans/decoder/PropertyElementHandler.java
--- a/src/share/classes/com/sun/beans/decoder/PropertyElementHandler.java Fri Aug 31 12:21:12 2012 +0100
+++ b/src/share/classes/com/sun/beans/decoder/PropertyElementHandler.java Tue Oct 16 21:36:45 2012 +0100
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2008, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2008, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -35,6 +35,8 @@
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
+import sun.reflect.misc.MethodUtil;
+
/**
* This class is intended to handle <property> element.
* This element simplifies access to the properties.
@@ -168,11 +170,11 @@
private static Object getPropertyValue(Object bean, String name, Integer index) throws IllegalAccessException, IntrospectionException, InvocationTargetException, NoSuchMethodException {
Class<?> type = bean.getClass();
if (index == null) {
- return findGetter(type, name).invoke(bean);
+ return MethodUtil.invoke(findGetter(type, name), bean, new Object[] {});
} else if (type.isArray() && (name == null)) {
return Array.get(bean, index);
} else {
- return findGetter(type, name, int.class).invoke(bean, index);
+ return MethodUtil.invoke(findGetter(type, name, int.class), bean, new Object[] {index});
}
}
@@ -197,11 +199,11 @@
: null;
if (index == null) {
- findSetter(type, name, param).invoke(bean, value);
+ MethodUtil.invoke(findSetter(type, name, param), bean, new Object[] {value});
} else if (type.isArray() && (name == null)) {
Array.set(bean, index, value);
} else {
- findSetter(type, name, int.class, param).invoke(bean, index, value);
+ MethodUtil.invoke(findSetter(type, name, int.class, param), bean, new Object[] {index, value});
}
}
diff -r f78eb7e08ee1 -r 5ec94d162f05 src/share/classes/com/sun/jmx/remote/internal/ServerNotifForwarder.java
--- a/src/share/classes/com/sun/jmx/remote/internal/ServerNotifForwarder.java Fri Aug 31 12:21:12 2012 +0100
+++ b/src/share/classes/com/sun/jmx/remote/internal/ServerNotifForwarder.java Tue Oct 16 21:36:45 2012 +0100
@@ -68,9 +68,9 @@
this.notifBuffer = notifBuffer;
this.connectionId = connectionId;
connectionTimeout = EnvHelp.getServerConnectionTimeout(env);
- checkNotificationEmission = EnvHelp.computeBooleanFromString(
- env,
- "jmx.remote.x.check.notification.emission",false);
+
+ String stringBoolean = (String) env.get("jmx.remote.x.check.notification.emission");
+ checkNotificationEmission = EnvHelp.computeBooleanFromString( stringBoolean );
notificationAccessController =
EnvHelp.getNotificationAccessController(env);
}
diff -r f78eb7e08ee1 -r 5ec94d162f05 src/share/classes/com/sun/jmx/remote/util/EnvHelp.java
--- a/src/share/classes/com/sun/jmx/remote/util/EnvHelp.java Fri Aug 31 12:21:12 2012 +0100
+++ b/src/share/classes/com/sun/jmx/remote/util/EnvHelp.java Tue Oct 16 21:36:45 2012 +0100
@@ -665,97 +665,57 @@
* Computes a boolean value from a string value retrieved from a
* property in the given map.
*
- * @param env the environment map.
- * @param prop the name of the property in the environment map whose
- * returned string value must be converted into a boolean value.
- * @param systemProperty if true, consult a system property of the
- * same name if there is no entry in the environment map.
+ * @param stringBoolean the string value that must be converted
+ * into a boolean value.
*
* @return
* <ul>
- * <li>{@code false} if {@code env.get(prop)} is {@code null}</li>
+ * <li>{@code false} if {@code stringBoolean} is {@code null}</li>
* <li>{@code false} if
- * {@code ((String)env.get(prop)).equalsIgnoreCase("false")}
+ * {@code stringBoolean.equalsIgnoreCase("false")}
* is {@code true}</li>
* <li>{@code true} if
- * {@code ((String)env.get(prop)).equalsIgnoreCase("true")}
+ * {@code stringBoolean.equalsIgnoreCase("true")}
* is {@code true}</li>
* </ul>
*
- * @throws IllegalArgumentException if {@code env} is {@code null} or
- * {@code env.get(prop)} is not {@code null} and
+ * @throws IllegalArgumentException if
* {@code ((String)env.get(prop)).equalsIgnoreCase("false")} and
* {@code ((String)env.get(prop)).equalsIgnoreCase("true")} are
* {@code false}.
- * @throws ClassCastException if {@code env.get(prop)} cannot be cast
- * to {@code String}.
*/
- public static boolean computeBooleanFromString(
- Map<String, ?> env, String prop, boolean systemProperty) {
-
- if (env == null)
- throw new IllegalArgumentException("env map cannot be null");
-
+ public static boolean computeBooleanFromString(String stringBoolean) {
// returns a default value of 'false' if no property is found...
- return computeBooleanFromString(env,prop,systemProperty,false);
+ return computeBooleanFromString(stringBoolean,false);
}
/**
* Computes a boolean value from a string value retrieved from a
* property in the given map.
*
- * @param env the environment map.
- * @param prop the name of the property in the environment map whose
- * returned string value must be converted into a boolean value.
- * @param systemProperty if true, consult a system property of the
- * same name if there is no entry in the environment map.
+ * @param stringBoolean the string value that must be converted
+ * into a boolean value.
* @param defaultValue a default value to return in case no property
* was defined.
*
* @return
* <ul>
- * <li>{@code defaultValue} if {@code env.get(prop)} is {@code null}
- * and {@code systemProperty} is {@code false}</li>
- * <li>{@code defaultValue} if {@code env.get(prop)} is {@code null}
- * and {@code systemProperty} is {@code true} and
- * {@code System.getProperty(prop)} is {@code null}</li>
- * <li>{@code false} if {@code env.get(prop)} is {@code null}
- * and {@code systemProperty} is {@code true} and
- * {@code System.getProperty(prop).equalsIgnoreCase("false")}
- * is {@code true}</li>
- * <li>{@code true} if {@code env.get(prop)} is {@code null}
- * and {@code systemProperty} is {@code true} and
- * {@code System.getProperty(prop).equalsIgnoreCase("true")}
- * is {@code true}</li>
+ * <li>{@code defaultValue} if {@code stringBoolean}
+ * is {@code null}</li>
* <li>{@code false} if
- * {@code ((String)env.get(prop)).equalsIgnoreCase("false")}
+ * {@code stringBoolean.equalsIgnoreCase("false")}
* is {@code true}</li>
* <li>{@code true} if
- * {@code ((String)env.get(prop)).equalsIgnoreCase("true")}
+ * {@code stringBoolean.equalsIgnoreCase("true")}
* is {@code true}</li>
* </ul>
*
- * @throws IllegalArgumentException if {@code env} is {@code null} or
- * {@code env.get(prop)} is not {@code null} and
+ * @throws IllegalArgumentException if
* {@code ((String)env.get(prop)).equalsIgnoreCase("false")} and
* {@code ((String)env.get(prop)).equalsIgnoreCase("true")} are
* {@code false}.
- * @throws ClassCastException if {@code env.get(prop)} cannot be cast
- * to {@code String}.
*/
- public static boolean computeBooleanFromString(
- Map<String, ?> env, String prop,
- boolean systemProperty, boolean defaultValue) {
-
- if (env == null)
- throw new IllegalArgumentException("env map cannot be null");
-
- String stringBoolean = (String) env.get(prop);
- if (stringBoolean == null && systemProperty) {
- stringBoolean =
- AccessController.doPrivileged(new GetPropertyAction(prop));
- }
-
+ public static boolean computeBooleanFromString( String stringBoolean, boolean defaultValue) {
if (stringBoolean == null)
return defaultValue;
else if (stringBoolean.equalsIgnoreCase("true"))
@@ -763,8 +723,8 @@
else if (stringBoolean.equalsIgnoreCase("false"))
return false;
else
- throw new IllegalArgumentException(prop +
- " must be \"true\" or \"false\" instead of \"" +
+ throw new IllegalArgumentException(
+ "Property value must be \"true\" or \"false\" instead of \"" +
stringBoolean + "\"");
}
diff -r f78eb7e08ee1 -r 5ec94d162f05 src/share/classes/com/sun/script/javascript/RhinoScriptEngine.java
--- a/src/share/classes/com/sun/script/javascript/RhinoScriptEngine.java Fri Aug 31 12:21:12 2012 +0100
+++ b/src/share/classes/com/sun/script/javascript/RhinoScriptEngine.java Tue Oct 16 21:36:45 2012 +0100
@@ -146,11 +146,11 @@
*/
public RhinoScriptEngine() {
if (System.getSecurityManager() != null) {
- accCtxt = AccessController.getContext();
- }
-
- if (System.getSecurityManager() != null) {
- accCtxt = AccessController.getContext();
+ try {
+ AccessController.checkPermission(new AllPermission());
+ } catch (AccessControlException ace) {
+ accCtxt = AccessController.getContext();
+ }
}
Context cx = enterContext();
diff -r f78eb7e08ee1 -r 5ec94d162f05 src/share/classes/java/beans/XMLDecoder.java
--- a/src/share/classes/java/beans/XMLDecoder.java Fri Aug 31 12:21:12 2012 +0100
+++ b/src/share/classes/java/beans/XMLDecoder.java Tue Oct 16 21:36:45 2012 +0100
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -29,6 +29,9 @@
import java.io.Closeable;
import java.io.InputStream;
import java.io.IOException;
+import java.security.AccessControlContext;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
import org.xml.sax.InputSource;
import org.xml.sax.helpers.DefaultHandler;
@@ -61,6 +64,7 @@
* @author Philip Milne
*/
public class XMLDecoder implements AutoCloseable {
+ private final AccessControlContext acc = AccessController.getContext();
private final DocumentHandler handler = new DocumentHandler();
private final InputSource input;
private Object owner;
@@ -189,7 +193,15 @@
return false;
}
if (this.array == null) {
- this.handler.parse(this.input);
+ if ((this.acc == null) && (null != System.getSecurityManager())) {
+ throw new SecurityException("AccessControlContext is not set");
+ }
+ AccessController.doPrivileged(new PrivilegedAction<Void>() {
+ public Void run() {
+ XMLDecoder.this.handler.parse(XMLDecoder.this.input);
+ return null;
+ }
+ }, this.acc);
this.array = this.handler.getObjects();
}
return true;
diff -r f78eb7e08ee1 -r 5ec94d162f05 src/share/classes/java/io/FilePermission.java
--- a/src/share/classes/java/io/FilePermission.java Fri Aug 31 12:21:12 2012 +0100
+++ b/src/share/classes/java/io/FilePermission.java Tue Oct 16 21:36:45 2012 +0100
@@ -418,7 +418,7 @@
*/
public int hashCode() {
- return this.cpath.hashCode();
+ return 0;
}
/**
diff -r f78eb7e08ee1 -r 5ec94d162f05 src/share/classes/java/lang/invoke/MethodHandleImpl.java
--- a/src/share/classes/java/lang/invoke/MethodHandleImpl.java Fri Aug 31 12:21:12 2012 +0100
+++ b/src/share/classes/java/lang/invoke/MethodHandleImpl.java Tue Oct 16 21:36:45 2012 +0100
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2008, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2008, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -25,7 +25,6 @@
package java.lang.invoke;
-import sun.invoke.util.VerifyType;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.ArrayList;
@@ -35,6 +34,7 @@
import java.util.List;
import sun.invoke.empty.Empty;
import sun.invoke.util.ValueConversions;
+import sun.invoke.util.VerifyType;
import sun.invoke.util.Wrapper;
import sun.misc.Unsafe;
import static java.lang.invoke.MethodHandleStatics.*;
@@ -1258,4 +1258,169 @@
return THROW_EXCEPTION;
}
static <T extends Throwable> Empty throwException(T t) throws T { throw t; }
+
+ /**
+ * Create an alias for the method handle which, when called,
+ * appears to be called from the same class loader and protection domain
+ * as hostClass.
+ * This is an expensive no-op unless the method which is called
+ * is sensitive to its caller. A small number of system methods
+ * are in this category, including Class.forName and Method.invoke.
+ */
+ static
+ MethodHandle bindCaller(MethodHandle mh, Class<?> hostClass) {
+ return BindCaller.bindCaller(mh, hostClass);
+ }
+
+ // Put the whole mess into its own nested class.
+ // That way we can lazily load the code and set up the constants.
+ private static class BindCaller {
+ static
+ MethodHandle bindCaller(MethodHandle mh, Class<?> hostClass) {
+ // Do not use this function to inject calls into system classes.
+ if (hostClass == null) {
+ hostClass = C_Trampoline;
+ } else if (hostClass.isArray() ||
+ hostClass.isPrimitive() ||
+ hostClass.getName().startsWith("java.") ||
+ hostClass.getName().startsWith("sun.")) {
+ throw new InternalError(); // does not happen, and should not anyway
+ }
+ // For simplicity, convert mh to a varargs-like method.
+ MethodHandle vamh = prepareForInvoker(mh);
+ // Cache the result of makeInjectedInvoker once per argument class.
+ MethodHandle bccInvoker = CV_makeInjectedInvoker.get(hostClass);
+ return restoreToType(bccInvoker.bindTo(vamh), mh.type());
+ }
+
+ // This class ("Trampoline") is known to be inside a dead-end class loader.
+ // Inject all doubtful calls into this class.
+ private static Class<?> C_Trampoline;
+ static {
+ Class<?> tramp = null;
+ try {
+ final int FRAME_COUNT_ARG = 1; // [0] Reflection [1] Trampoline
+ java.lang.reflect.Method gcc = sun.reflect.Reflection.class.getMethod("getCallerClass", int.class);
+ tramp = (Class<?>) sun.reflect.misc.MethodUtil.invoke(gcc, null, new Object[]{ FRAME_COUNT_ARG });
+ if (tramp.getClassLoader() == BindCaller.class.getClassLoader())
+ throw new RuntimeException(tramp.getName()+" class loader");
+ } catch (Throwable ex) {
+ throw new InternalError(ex.toString());
+ }
+ C_Trampoline = tramp;
+ }
+
+ private static final Unsafe UNSAFE = Unsafe.getUnsafe();
+
+ private static MethodHandle makeInjectedInvoker(Class<?> hostClass) {
+ Class<?> bcc = UNSAFE.defineAnonymousClass(hostClass, T_BYTES, null);
+ if (hostClass.getClassLoader() != bcc.getClassLoader())
+ throw new InternalError(hostClass.getName()+" (CL)");
+ try {
+ if (hostClass.getProtectionDomain() != bcc.getProtectionDomain())
+ throw new InternalError(hostClass.getName()+" (PD)");
+ } catch (SecurityException ex) {
+ // Self-check was blocked by security manager. This is OK.
+ // In fact the whole try body could be turned into an assertion.
+ }
+ try {
+ MethodHandle init = IMPL_LOOKUP.findStatic(bcc, "init", MethodType.methodType(void.class));
+ init.invokeExact(); // force initialization of the class
+ } catch (Throwable ex) {
+ throw uncaughtException(ex);
+ }
+ MethodHandle bccInvoker;
+ try {
+ MethodType invokerMT = MethodType.methodType(Object.class, MethodHandle.class, Object[].class);
+ bccInvoker = IMPL_LOOKUP.findStatic(bcc, "invoke_V", invokerMT);
+ } catch (ReflectiveOperationException ex) {
+ throw uncaughtException(ex);
+ }
+ // Test the invoker, to ensure that it really injects into the right place.
+ try {
+ MethodHandle vamh = prepareForInvoker(MH_checkCallerClass);
+ Object ok = bccInvoker.invokeExact(vamh, new Object[]{hostClass, bcc});
+ } catch (Throwable ex) {
+ throw new InternalError(ex.toString());
+ }
+ return bccInvoker;
+ }
+ private static ClassValue<MethodHandle> CV_makeInjectedInvoker = new ClassValue<MethodHandle>() {
+ @Override protected MethodHandle computeValue(Class<?> hostClass) {
+ return makeInjectedInvoker(hostClass);
+ }
+ };
+
+ // Adapt mh so that it can be called directly from an injected invoker:
+ private static MethodHandle prepareForInvoker(MethodHandle mh) {
+ mh = mh.asFixedArity();
+ MethodType mt = mh.type();
+ int arity = mt.parameterCount();
+ MethodHandle vamh = mh.asType(mt.generic());
+ vamh = vamh.asSpreader(Object[].class, arity);
+ return vamh;
More information about the distro-pkg-dev
mailing list