[PATCH][IcedTea6] Fix Backport from S6657673

Mon Apr 22 13:54:15 PDT 2013

On 04/22/2013 01:23 PM, Elliott Baron wrote:
> Hi,
>
> On 04/22/2013 12:08 PM, Andrew Hughes wrote:
>> ----- Original Message -----
>>> On 04/22/2013 11:59 AM, Andrew Hughes wrote:
>>>> ----- Original Message -----
>>>>> On 04/22/2013 07:03 AM, Andrew Hughes wrote:
>>>>>> ----- Original Message -----
>>>>>>> Hi Andrew,
>>>>>>>
>>>>>>> On 04/19/2013 02:59 PM, Andrew Hughes wrote:
>>>>>>>> ----- Original Message -----
>>>>>>>>> Hi,
>>>>>>>>>
>>>>>>>>> This patch improves our backport of the Java 7 S6657673 
>>>>>>>>> security fix.
>>>>>>>>> This fixes a problem where
>>>>>>>>> javax.xml.parsers.DocumentBuilderFactory.newInstance would 
>>>>>>>>> fail due to
>>>>>>>>> package access restrictions on Xerces.
>>>>>>>>> Okay to push?
>>>>>>>>>
>>>>>>>> No.  If you're backporting patches, as has been said before, they
>>>>>>>> should
>>>>>>>> be in the openjdk directory named with the bug ID so they can be
>>>>>>>> traced.
>>>>>>>> This is hard for me to read now, never mind for long term 
>>>>>>>> maintenance.
>>>>>>>>
>>>>>>>>> Thanks,
>>>>>>>>> Elliott
>>>>>>>>>
>>>>>>> There were actually a couple of patches I backported, and they 
>>>>>>> were just
>>>>>>> partial backports. I didn't think it was suitable to classify it 
>>>>>>> as a
>>>>>>> proper OpenJDK patch. The commit policy says only direct backports
>>>>>>> should be placed in the openjdk subdirectory.
>>>>>>>
>>>>>>> Thanks,
>>>>>>> Elliott
>>>>>>>
>>>>>> Can you provide more details on:
>>>>>>
>>>>>> * The repository these changes came from and which changesets
>>>>>    From the ChangeLog:
>>>>>>     * 
>>>>>> patches/security/20130416/6657673-jaxp-backport-factoryfinder.patch:
>>>>>>     Backported {parser,transform}.FactoryFinder fixes
>>>>>>     from jdk7u-dev changesets: 4a61ac055189 & 38d4d23d167c.
>>>> Yes, I've seen this.  Which repository?
>>> http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jaxp
>>>
>>>>>> * What subset of the patches were used?
>>>>> The first changeset 4a61ac055189: Adding the parameter 
>>>>> useBSClassLoader
>>>>> to getProviderClass and newInstance. Other portions of the patch that
>>>>> updated the usage of these two methods to include useBSClassLoader 
>>>>> were
>>>>> also backported.
>>>>> The second changeset 38d4d23d167c: Is a fixed backport of S6657673 
>>>>> for
>>>>> these two FactoryFinder classes that actually sets useBSClassLoader.
>>>>>
>>>> Ok can we at least have these as two separate patches?  I need to know
>>>> what's going on if we're ever going to upstream this.
>>> Alright, I will split them up.
>>>
>>> Thanks,
>>> Elliott
>>>
>>>
>> It would make it much easier to review.
>>
>> Thanks,
>
> Here are the split patches. The first patch is 7133220, the second is 
> 6557673.
>
> Thanks,
> Elliott

Here is the full changeset.

Thanks,
Elliott
-------------- next part --------------
A non-text attachment was scrubbed...
Name: split-jaxp-backport-factoryfinder.patch
Type: text/x-patch
Size: 30707 bytes
Desc: not available
Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20130422/7ae1e711/split-jaxp-backport-factoryfinder.patch 