/hg/icedtea6: 5 new changesets
andrew at icedtea.classpath.org
andrew at icedtea.classpath.org
Thu Mar 7 07:50:17 PST 2013
changeset 076acbb953a5 in /hg/icedtea6
details: http://icedtea.classpath.org/hg/icedtea6?cmd=changeset;node=076acbb953a5
author: Andrew John Hughes <gnu.andrew at redhat.com>
date: Wed Mar 06 19:28:09 2013 +0000
Add LogManager regression fixes.
2013-02-17 Andrew John Hughes <gnu.andrew at redhat.com>
* Makefile.am:
(ICEDTEA_PATCHES): Add new patches.
* patches/openjdk/8007393.patch,
* patches/openjdk/8007611.patch:
Regression fixes for LogManager.
changeset 1ecedefb66fa in /hg/icedtea6
details: http://icedtea.classpath.org/hg/icedtea6?cmd=changeset;node=1ecedefb66fa
author: Andrew John Hughes <gnu.andrew at redhat.com>
date: Thu Mar 07 13:16:01 2013 +0000
Add 2013/03/04 security patches.
2013-03-07 Andrew John Hughes <gnu.andrew at redhat.com>
* Makefile.am:
(SECURITY_PATCHES): List new patches.
* patches/security/20130304/8007014.patch,
* patches/security/20130304/8007675.patch:
Patches from upstream.
* patches/security/20130304/declaration_correction.patch:
Correct bad code added to LCMSTransform.java
which fails with ecj.
changeset 7088315fb75f in /hg/icedtea6
details: http://icedtea.classpath.org/hg/icedtea6?cmd=changeset;node=7088315fb75f
author: Andrew John Hughes <gnu.andrew at redhat.com>
date: Thu Mar 07 13:21:49 2013 +0000
Add 1.11.9 & 1.12.4 release notes.
2013-03-07 Andrew John Hughes <gnu.andrew at redhat.com>
* NEWS:
Add 1.11.9 & 1.12.4 release notes.
changeset 0f212e1c6cb4 in /hg/icedtea6
details: http://icedtea.classpath.org/hg/icedtea6?cmd=changeset;node=0f212e1c6cb4
author: Andrew John Hughes <gnu.andrew at redhat.com>
date: Thu Mar 07 15:48:35 2013 +0000
S8009641: OpenJDK 6 build broken via 8007675 fix
2013-03-07 Andrew John Hughes <gnu.andrew at redhat.com>
* patches/security/20130304/declaration_correction.patch:
Remove local patch...
* Makefile.am: Swap patches.
* NEWS: Updated.
* patches/openjdk/8009641-8007675_build_fix.patch:
...replaced by this from upstream.
changeset e162a16dad26 in /hg/icedtea6
details: http://icedtea.classpath.org/hg/icedtea6?cmd=changeset;node=e162a16dad26
author: Andrew John Hughes <gnu.andrew at redhat.com>
date: Thu Mar 07 15:49:50 2013 +0000
Sync hs23 build with IcedTea7 2.3. Only changes are release tags.
2013-03-07 Andrew John Hughes <gnu.andrew at redhat.com>
* hotspot.map: Sync with IcedTea7 2.3 tree;
only changes are new release tags.
diffstat:
ChangeLog | 38 +
Makefile.am | 9 +-
NEWS | 14 +
hotspot.map | 2 +-
patches/openjdk/8007393.patch | 78 +++
patches/openjdk/8007611.patch | 24 +
patches/openjdk/8009641-8007675_build_fix.patch | 49 ++
patches/security/20130304/8007014.patch | 477 ++++++++++++++++++++++++
patches/security/20130304/8007675.patch | 416 ++++++++++++++++++++
9 files changed, 1104 insertions(+), 3 deletions(-)
diffs (truncated from 1169 to 500 lines):
diff -r 9389cc43b7b8 -r e162a16dad26 ChangeLog
--- a/ChangeLog Wed Mar 06 19:22:19 2013 +0000
+++ b/ChangeLog Thu Mar 07 15:49:50 2013 +0000
@@ -1,3 +1,41 @@
+2013-03-07 Andrew John Hughes <gnu.andrew at redhat.com>
+
+ * hotspot.map: Sync with IcedTea7 2.3 tree;
+ only changes are new release tags.
+
+2013-03-07 Andrew John Hughes <gnu.andrew at redhat.com>
+
+ * patches/security/20130304/declaration_correction.patch:
+ Remove local patch...
+ * Makefile.am: Swap patches.
+ * NEWS: Updated.
+ * patches/openjdk/8009641-8007675_build_fix.patch:
+ ...replaced by this from upstream.
+
+2013-03-07 Andrew John Hughes <gnu.andrew at redhat.com>
+
+ * NEWS:
+ Add 1.11.9 & 1.12.4 release notes.
+
+2013-03-07 Andrew John Hughes <gnu.andrew at redhat.com>
+
+ * Makefile.am:
+ (SECURITY_PATCHES): List new patches.
+ * patches/security/20130304/8007014.patch,
+ * patches/security/20130304/8007675.patch:
+ Patches from upstream.
+ * patches/security/20130304/declaration_correction.patch:
+ Correct bad code added to LCMSTransform.java
+ which fails with ecj.
+
+2013-02-17 Andrew John Hughes <gnu.andrew at redhat.com>
+
+ * Makefile.am:
+ (ICEDTEA_PATCHES): Add new patches.
+ * patches/openjdk/8007393.patch,
+ * patches/openjdk/8007611.patch:
+ Regression fixes for LogManager.
+
2013-02-15 Andrew John Hughes <gnu.andrew at redhat.com>
* Makefile.am:
diff -r 9389cc43b7b8 -r e162a16dad26 Makefile.am
--- a/Makefile.am Wed Mar 06 19:22:19 2013 +0000
+++ b/Makefile.am Thu Mar 07 15:49:50 2013 +0000
@@ -276,7 +276,10 @@
patches/security/20130201/8001235.patch \
patches/security/20130219/8006446.patch \
patches/security/20130219/8006777.patch \
- patches/security/20130219/8007688.patch
+ patches/security/20130219/8007688.patch \
+ patches/security/20130304/8007014.patch \
+ patches/security/20130304/8007675.patch \
+ patches/openjdk/8009641-8007675_build_fix.patch
if !WITH_ALT_HSBUILD
SECURITY_PATCHES += \
@@ -473,7 +476,9 @@
patches/traceable.patch \
patches/openjdk/8005615-failure_to_load_logger_implementation.patch \
patches/openjdk/8004341-jck_dialog_failure.patch \
- patches/pr1319-support_giflib_5.patch
+ patches/pr1319-support_giflib_5.patch \
+ patches/openjdk/8007393.patch \
+ patches/openjdk/8007611.patch
if WITH_ALT_HSBUILD
ICEDTEA_PATCHES += \
diff -r 9389cc43b7b8 -r e162a16dad26 NEWS
--- a/NEWS Wed Mar 06 19:22:19 2013 +0000
+++ b/NEWS Thu Mar 07 15:49:50 2013 +0000
@@ -14,9 +14,23 @@
* New features
- PR1317: Provide an option to build with a more up-to-date HotSpot
+* Backports
+ - S8009641: OpenJDK 6 build broken via 8007675 fix
* Bug fixes
- PR1318: Fix automatic enabling of the Zero build on non-JIT architectures which don't use CACAO or JamVM.
+New in release 1.12.4 (2013-03-04):
+
+* Security fixes
+ - S8007014, CVE-2013-0809: Improve image handling
+ - S8007675, CVE-2013-1493: Improve color conversion
+
+New in release 1.11.9 (2013-03-04):
+
+* Security fixes
+ - S8007014, CVE-2013-0809: Improve image handling
+ - S8007675, CVE-2013-1493: Improve color conversion
+
New in release 1.12.3 (2013-02-19):
* Security fixes
diff -r 9389cc43b7b8 -r e162a16dad26 hotspot.map
--- a/hotspot.map Wed Mar 06 19:22:19 2013 +0000
+++ b/hotspot.map Thu Mar 07 15:49:50 2013 +0000
@@ -1,2 +1,2 @@
# version url changeset sha256sum
-hs23 http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot bc0de5a0ece2 4b571c99b9dfdca6e8456a7d0d47eedb1a8e3c4863322cc853f959b1cb4bc068
+hs23 http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/hotspot a152dced63a1 eac2313e3012653afa7549257765d56e4348c775363eee0733968d32a7c1eeae
diff -r 9389cc43b7b8 -r e162a16dad26 patches/openjdk/8007393.patch
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/patches/openjdk/8007393.patch Thu Mar 07 15:49:50 2013 +0000
@@ -0,0 +1,78 @@
+
+# HG changeset patch
+# User coffeys
+# Date 1360860659 0
+# Node ID 828b93329939ec20530ed98f42b2966b2ea53048
+# Parent cff0241d217f7b463d58ddcd0add8d41de9eb280
+8007393: Possible race condition after JDK-6664509
+Reviewed-by: mchung
+
+--- openjdk/jdk/src/share/classes/java/util/logging/LogManager.java Tue Feb 05 23:33:50 2013 +0000
++++ openjdk/jdk/src/share/classes/java/util/logging/LogManager.java Thu Feb 14 16:50:59 2013 +0000
+@@ -411,7 +411,40 @@ public class LogManager {
+ }
+
+ Logger demandSystemLogger(String name, String resourceBundleName) {
+- return systemContext.demandLogger(name, resourceBundleName);
++ // Add a system logger in the system context's namespace
++ final Logger sysLogger = systemContext.demandLogger(name, resourceBundleName);
++
++ // Add the system logger to the LogManager's namespace if not exist
++ // so that there is only one single logger of the given name.
++ // System loggers are visible to applications unless a logger of
++ // the same name has been added.
++ Logger logger;
++ do {
++ // First attempt to call addLogger instead of getLogger
++ // This would avoid potential bug in custom LogManager.getLogger
++ // implementation that adds a logger if not exists
++ if (addLogger(sysLogger)) {
++ // successfully added the new system logger
++ logger = sysLogger;
++ } else {
++ logger = getLogger(name);
++ }
++ } while (logger == null);
++
++ // LogManager will set the sysLogger's handlers via LogManager.addLogger method.
++ if (logger != sysLogger && sysLogger.getHandlers().length == 0) {
++ // if logger already exists but handlers not set
++ final Logger l = logger;
++ AccessController.doPrivileged(new PrivilegedAction<Void>() {
++ public Void run() {
++ for (Handler hdl : l.getHandlers()) {
++ sysLogger.addHandler(hdl);
++ }
++ return null;
++ }
++ });
++ }
++ return sysLogger;
+ }
+
+ // LoggerContext maintains the logger namespace per context.
+@@ -619,22 +652,7 @@ public class LogManager {
+ }
+ } while (result == null);
+ }
+- // Add the system logger to the LogManager's namespace if not exists
+- // The LogManager will set its handlers via the LogManager.addLogger method.
+- if (!manager.addLogger(result) && result.getHandlers().length == 0) {
+- // if logger already exists but handlers not set
+- final Logger l = manager.getLogger(name);
+- final Logger logger = result;
+- AccessController.doPrivileged(new PrivilegedAction<Void>() {
+- public Void run() {
+- for (Handler hdl : l.getHandlers()) {
+- logger.addHandler(hdl);
+- }
+- return null;
+- }
+- });
+- }
+- return result;
++ return result;
+ }
+ }
+
+
diff -r 9389cc43b7b8 -r e162a16dad26 patches/openjdk/8007611.patch
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/patches/openjdk/8007611.patch Thu Mar 07 15:49:50 2013 +0000
@@ -0,0 +1,24 @@
+
+# HG changeset patch
+# User coffeys
+# Date 1360861865 0
+# Node ID 25e83b78298b71abb46eb5a337ed7bddef418ca4
+# Parent 828b93329939ec20530ed98f42b2966b2ea53048
+8007611: logging behavior in applet changed
+Reviewed-by: mchung
+
+--- openjdk/jdk/src/share/classes/java/util/logging/LogManager.java Thu Feb 14 16:50:59 2013 +0000
++++ openjdk/jdk/src/share/classes/java/util/logging/LogManager.java Thu Feb 14 17:11:05 2013 +0000
+@@ -351,7 +351,10 @@ public class LogManager {
+ context = userContext;
+ } else {
+ context = new LoggerContext();
+- context.addLocalLogger(manager.rootLogger);
++ // during initialization, rootLogger is null when
++ // instantiating itself RootLogger
++ if (manager.rootLogger != null)
++ context.addLocalLogger(manager.rootLogger);
+ }
+ javaAwtAccess.put(ecx, LoggerContext.class, context);
+ }
+
diff -r 9389cc43b7b8 -r e162a16dad26 patches/openjdk/8009641-8007675_build_fix.patch
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/patches/openjdk/8009641-8007675_build_fix.patch Thu Mar 07 15:49:50 2013 +0000
@@ -0,0 +1,49 @@
+# HG changeset patch
+# User bae
+# Date 1362669637 -10800
+# Node ID c73944a23b44ead9aa552ffaa4346bda08940ed3
+# Parent 9714f53ef17344fbcb6dc2249a7b238e6292f726
+8009641: OpenJDK 6 build broken via 8007675 fix
+Reviewed-by: andrew
+
+diff --git a/src/share/classes/sun/java2d/cmm/lcms/LCMSTransform.java b/src/share/classes/sun/java2d/cmm/lcms/LCMSTransform.java
+--- openjdk/jdk/src/share/classes/sun/java2d/cmm/lcms/LCMSTransform.java
++++ openjdk/jdk/src/share/classes/sun/java2d/cmm/lcms/LCMSTransform.java
+@@ -572,14 +572,14 @@
+ dst, dst.length/getNumOutComponents(),
+ LCMSImageLayout.CHANNELS_SH(getNumOutComponents()) |
+ LCMSImageLayout.BYTES_SH(2), getNumOutComponents()*2);
++
++ synchronized(this) {
++ LCMS.colorConvert(this, srcIL, dstIL);
++ }
+ } catch (ImageLayoutException e) {
+ throw new CMMException("Unable to convert data");
+ }
+
+- synchronized(this) {
+- LCMS.colorConvert(this, srcIL, dstIL);
+- }
+-
+ return dst;
+ }
+
+@@ -598,14 +598,14 @@
+ dst, dst.length/getNumOutComponents(),
+ LCMSImageLayout.CHANNELS_SH(getNumOutComponents()) |
+ LCMSImageLayout.BYTES_SH(1), getNumOutComponents());
++
++ synchronized(this) {
++ LCMS.colorConvert(this, srcIL, dstIL);
++ }
+ } catch (ImageLayoutException e) {
+ throw new CMMException("Unable to convert data");
+ }
+
+- synchronized(this) {
+- LCMS.colorConvert(this, srcIL, dstIL);
+- }
+-
+ return dst;
+ }
+ }
diff -r 9389cc43b7b8 -r e162a16dad26 patches/security/20130304/8007014.patch
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/patches/security/20130304/8007014.patch Thu Mar 07 15:49:50 2013 +0000
@@ -0,0 +1,477 @@
+# HG changeset patch
+# User bae
+# Date 1360857111 -14400
+# Node ID 44c99b68e36c57648829320843fbc77cf2d4c4d1
+# Parent b8b3916e20ed651fa6ad9da6ae96b2548a13f96c
+8007014: Improve image handling
+Reviewed-by: prr, mschoene, jgodinez
+
+diff --git a/src/share/classes/sun/awt/image/ByteComponentRaster.java b/src/share/classes/sun/awt/image/ByteComponentRaster.java
+--- openjdk/jdk/src/share/classes/sun/awt/image/ByteComponentRaster.java
++++ openjdk/jdk/src/share/classes/sun/awt/image/ByteComponentRaster.java
+@@ -868,6 +868,15 @@
+ * or if data buffer has not enough capacity.
+ */
+ protected final void verify() {
++ /* Need to re-verify the dimensions since a sample model may be
++ * specified to the constructor
++ */
++ if (width <= 0 || height <= 0 ||
++ height > (Integer.MAX_VALUE / width))
++ {
++ throw new RasterFormatException("Invalid raster dimension");
++ }
++
+ for (int i = 0; i < dataOffsets.length; i++) {
+ if (dataOffsets[i] < 0) {
+ throw new RasterFormatException("Data offsets for band " + i
+@@ -905,13 +914,14 @@
+ lastPixelOffset += lastScanOffset;
+
+ for (int i = 0; i < numDataElements; i++) {
+- size = lastPixelOffset + dataOffsets[i];
+ if (dataOffsets[i] > (Integer.MAX_VALUE - lastPixelOffset)) {
+ throw new RasterFormatException("Incorrect band offset: "
+ + dataOffsets[i]);
+
+ }
+
++ size = lastPixelOffset + dataOffsets[i];
++
+ if (size > maxSize) {
+ maxSize = size;
+ }
+diff --git a/src/share/classes/sun/awt/image/BytePackedRaster.java b/src/share/classes/sun/awt/image/BytePackedRaster.java
+--- openjdk/jdk/src/share/classes/sun/awt/image/BytePackedRaster.java
++++ openjdk/jdk/src/share/classes/sun/awt/image/BytePackedRaster.java
+@@ -1368,11 +1368,35 @@
+ throw new RasterFormatException("Data offsets must be >= 0");
+ }
+
++ /* Need to re-verify the dimensions since a sample model may be
++ * specified to the constructor
++ */
++ if (width <= 0 || height <= 0 ||
++ height > (Integer.MAX_VALUE / width))
++ {
++ throw new RasterFormatException("Invalid raster dimension");
++ }
++
++
++ /*
++ * pixelBitstride was verified in constructor, so just make
++ * sure that it is safe to multiply it by width.
++ */
++ if ((width - 1) > Integer.MAX_VALUE / pixelBitStride) {
++ throw new RasterFormatException("Invalid raster dimension");
++ }
++
++ if (scanlineStride < 0 ||
++ scanlineStride > (Integer.MAX_VALUE / height))
++ {
++ throw new RasterFormatException("Invalid scanline stride");
++ }
++
+ int lastbit = (dataBitOffset
+ + (height-1) * scanlineStride * 8
+ + (width-1) * pixelBitStride
+ + pixelBitStride - 1);
+- if (lastbit / 8 >= data.length) {
++ if (lastbit < 0 || lastbit / 8 >= data.length) {
+ throw new RasterFormatException("raster dimensions overflow " +
+ "array bounds");
+ }
+diff --git a/src/share/classes/sun/awt/image/IntegerComponentRaster.java b/src/share/classes/sun/awt/image/IntegerComponentRaster.java
+--- openjdk/jdk/src/share/classes/sun/awt/image/IntegerComponentRaster.java
++++ openjdk/jdk/src/share/classes/sun/awt/image/IntegerComponentRaster.java
+@@ -208,7 +208,7 @@
+ " SinglePixelPackedSampleModel");
+ }
+
+- verify(false);
++ verify();
+ }
+
+
+@@ -629,16 +629,26 @@
+ }
+
+ /**
+- * Verify that the layout parameters are consistent with
+- * the data. If strictCheck
+- * is false, this method will check for ArrayIndexOutOfBounds conditions. If
+- * strictCheck is true, this method will check for additional error
+- * conditions such as line wraparound (width of a line greater than
+- * the scanline stride).
+- * @return String Error string, if the layout is incompatible with
+- * the data. Otherwise returns null.
++ * Verify that the layout parameters are consistent with the data.
++ *
++ * The method verifies whether scanline stride and pixel stride do not
++ * cause an integer overflow during calculation of a position of the pixel
++ * in data buffer. It also verifies whether the data buffer has enough data
++ * to correspond the raster layout attributes.
++ *
++ * @throws RasterFormatException if an integer overflow is detected,
++ * or if data buffer has not enough capacity.
+ */
+- private void verify (boolean strictCheck) {
++ protected final void verify() {
++ /* Need to re-verify the dimensions since a sample model may be
++ * specified to the constructor
++ */
++ if (width <= 0 || height <= 0 ||
++ height > (Integer.MAX_VALUE / width))
++ {
++ throw new RasterFormatException("Invalid raster dimension");
++ }
++
+ if (dataOffsets[0] < 0) {
+ throw new RasterFormatException("Data offset ("+dataOffsets[0]+
+ ") must be >= 0");
+@@ -647,17 +657,46 @@
+ int maxSize = 0;
+ int size;
+
+- for (int i=0; i < numDataElements; i++) {
+- size = (height-1)*scanlineStride + (width-1)*pixelStride +
+- dataOffsets[i];
++ // we can be sure that width and height are greater than 0
++ if (scanlineStride < 0 ||
++ scanlineStride > (Integer.MAX_VALUE / height))
++ {
++ // integer overflow
++ throw new RasterFormatException("Incorrect scanline stride: "
++ + scanlineStride);
++ }
++ int lastScanOffset = (height - 1) * scanlineStride;
++
++ if (pixelStride < 0 ||
++ pixelStride > (Integer.MAX_VALUE / width))
++ {
++ // integer overflow
++ throw new RasterFormatException("Incorrect pixel stride: "
++ + pixelStride);
++ }
++ int lastPixelOffset = (width - 1) * pixelStride;
++
++ if (lastPixelOffset > (Integer.MAX_VALUE - lastScanOffset)) {
++ // integer overflow
++ throw new RasterFormatException("Incorrect raster attributes");
++ }
++ lastPixelOffset += lastScanOffset;
++
++ for (int i = 0; i < numDataElements; i++) {
++ if (dataOffsets[i] > (Integer.MAX_VALUE - lastPixelOffset)) {
++ throw new RasterFormatException("Incorrect band offset: "
++ + dataOffsets[i]);
++ }
++
++ size = lastPixelOffset + dataOffsets[i];
++
+ if (size > maxSize) {
+ maxSize = size;
+ }
+ }
+ if (data.length < maxSize) {
+- throw new RasterFormatException("Data array too small (should be "+
+- maxSize
+- +" but is "+data.length+" )");
++ throw new RasterFormatException("Data array too small (should be "
++ + maxSize + " )");
+ }
+ }
+
+diff --git a/src/share/classes/sun/awt/image/IntegerInterleavedRaster.java b/src/share/classes/sun/awt/image/IntegerInterleavedRaster.java
+--- openjdk/jdk/src/share/classes/sun/awt/image/IntegerInterleavedRaster.java
++++ openjdk/jdk/src/share/classes/sun/awt/image/IntegerInterleavedRaster.java
+@@ -151,7 +151,7 @@
+ throw new RasterFormatException("IntegerInterleavedRasters must have"+
+ " SinglePixelPackedSampleModel");
+ }
+- verify(false);
++ verify();
+ }
+
+
+@@ -540,31 +540,6 @@
+ return createCompatibleWritableRaster(width,height);
+ }
+
+- /**
+- * Verify that the layout parameters are consistent with
+- * the data. If strictCheck
+- * is false, this method will check for ArrayIndexOutOfBounds conditions. If
+- * strictCheck is true, this method will check for additional error
+- * conditions such as line wraparound (width of a line greater than
+- * the scanline stride).
+- * @return String Error string, if the layout is incompatible with
+- * the data. Otherwise returns null.
+- */
+- private void verify (boolean strictCheck) {
+- int maxSize = 0;
+- int size;
+-
+- size = (height-1)*scanlineStride + (width-1) + dataOffsets[0];
+- if (size > maxSize) {
+- maxSize = size;
+- }
+- if (data.length < maxSize) {
+- throw new RasterFormatException("Data array too small (should be "+
+- maxSize
+- +" but is "+data.length+" )");
+- }
+- }
+-
+ public String toString() {
+ return new String ("IntegerInterleavedRaster: width = "+width
+ +" height = " + height
More information about the distro-pkg-dev
mailing list