RFR: 8348986: Improve coverage of enhanced exception messages [v13]
Daniel Fuchs
dfuchs at openjdk.org
Thu May 29 17:10:04 UTC 2025
On Thu, 29 May 2025 14:35:11 GMT, Michael McMahon <michaelm at openjdk.org> wrote:
>> Hi,
>>
>> Enhanced exception messages are designed to hide sensitive information such as hostnames, IP
>> addresses from exception message strings, unless the enhanced mode for the specific category
>> has been explicitly enabled. Enhanced exceptions were first introduced in 8204233 in JDK 11 and
>> updated in 8207846.
>>
>> This PR aims to increase the coverage of enhanced exception messages in the networking code.
>> A limited number of exceptions are already hidden (restricted) by default. The new categories and
>> exceptions in this PR will be restricted on an opt-in basis, ie. the default mode will be enhanced
>> (while preserving the existing behavior).
>>
>> The mechanism is controlled by the security/system property "jdk.includeInExceptions" which takes as value
>> a comma separated list of category names, which identify groups of exceptions where the exception
>> message may be enhanced. Any category not listed is "restricted" which means that potentially
>> sensitive information (such as hostnames, IP addresses, user identities) are excluded from the message text.
>>
>> The changes to the java.security conf file describe the exact changes in terms of the categories now
>> supported and any changes in behavior.
>>
>> Thanks,
>> Michael
>
> Michael McMahon has updated the pull request incrementally with one additional commit since the last revision:
>
> Additional callsites identified by Mark S.
src/java.base/share/classes/sun/net/www/protocol/https/HttpsClient.java line 566:
> 564: filterNonSocketInfo(url.getHost())
> 565: .prefixWith("should be <")
> 566: .suffixWith(">")));
Suggestion:
throw new IOException(formatMsg("Wrong HTTPS hostname%s",
filterNonSocketInfo(url.getHost())
.prefixWith(": should be <")
.suffixWith(">")));
src/java.base/share/classes/sun/nio/ch/NioSocketImpl.java line 560:
> 558: if (isa.isUnresolved()) {
> 559: throw new UnknownHostException(
> 560: formatMsg("%s", filterNonSocketInfo(isa.getHostName())));
Suggestion:
formatMsg(filterNonSocketInfo(isa.getHostName())));
src/java.base/share/classes/sun/nio/ch/SocketAdaptor.java line 99:
> 97: close();
> 98: throw new UnknownHostException(
> 99: formatMsg("%s", filterNonSocketInfo(remote.toString())));
Suggestion:
throw new UnknownHostException(
formatMsg(filterNonSocketInfo(remote.toString())));
src/java.naming/share/classes/com/sun/jndi/ldap/LdapURL.java line 125:
> 123: protected MalformedURLException newInvalidURISchemeException(String uri) {
> 124: return new MalformedURLException(formatMsg("Not an LDAP URL: %s",
> 125: filterNonSocketInfo(uri)));
Suggestion:
return new MalformedURLException(formatMsg("Not an LDAP URL%s",
filterNonSocketInfo(uri).prefixWith(": ")));
src/java.naming/share/classes/com/sun/jndi/toolkit/url/Uri.java line 238:
> 236:
> 237: private MalformedURLException newMalformedURLException(String prefix, String msg) {
> 238: return new MalformedURLException(formatMsg(prefix + " %s", filterNonSocketInfo(msg)));
Suggestion:
return new MalformedURLException(prefix + formatMsg(filterNonSocketInfo(msg).withPrefix(prefix.isEmpty()? "" : ": "));
src/java.naming/share/classes/com/sun/jndi/toolkit/url/Uri.java line 250:
> 248: URI u = new URI(uri);
> 249: scheme = u.getScheme();
> 250: if (scheme == null) throw newMalformedURLException("Invalid URI:", uri);
Suggestion:
if (scheme == null) throw newMalformedURLException("Invalid URI", uri);
src/java.naming/share/classes/com/sun/jndi/toolkit/url/Uri.java line 262:
> 260: if (!hostport.equals(auth)) {
> 261: // throw if we have user info or regname
> 262: throw newMalformedURLException("unsupported authority:", auth);
Suggestion:
throw newMalformedURLException("unsupported authority", auth);
src/java.naming/share/classes/com/sun/jndi/toolkit/url/Uri.java line 271:
> 269: if (u.getRawFragment() != null) {
> 270: if (!acceptsFragment()) {
> 271: throw newMalformedURLException("URI fragments not supported:", uri);
Suggestion:
throw newMalformedURLException("URI fragments not supported", uri);
src/java.naming/share/classes/com/sun/jndi/toolkit/url/Uri.java line 308:
> 306: int fmark = uri.indexOf('#');
> 307: if (i < 0 || slash > 0 && i > slash || qmark > 0 && i > qmark || fmark > 0 && i > fmark) {
> 308: throw newMalformedURLException("Invalid URI:", uri);
Suggestion:
throw newMalformedURLException("Invalid URI", uri);
src/java.naming/share/classes/com/sun/jndi/toolkit/url/Uri.java line 312:
> 310: if (fmark > -1) {
> 311: if (!acceptsFragment()) {
> 312: throw newMalformedURLException("URI fragments not supported:", uri);
Suggestion:
throw newMalformedURLException("URI fragments not supported", uri);
src/java.naming/share/classes/com/sun/jndi/toolkit/url/Uri.java line 358:
> 356: String ui = u.getRawUserInfo();
> 357: if (ui != null) {
> 358: throw newMalformedURLException("user info not supported in authority:", ui);
Suggestion:
throw newMalformedURLException("user info not supported in authority", ui);
src/java.naming/share/classes/com/sun/jndi/toolkit/url/Uri.java line 361:
> 359: }
> 360: if (!"/".equals(p)) {
> 361: throw newMalformedURLException("invalid authority:", auth);
Suggestion:
throw newMalformedURLException("invalid authority", auth);
src/java.naming/share/classes/com/sun/jndi/toolkit/url/Uri.java line 364:
> 362: }
> 363: if (q != null) {
> 364: throw newMalformedURLException("invalid trailing characters in authority: ?", q);
Suggestion:
throw new MalformedURLException("invalid trailing characters in authority: ?" + formatMsg(filterNonSocketInfo(q)));
src/java.naming/share/classes/com/sun/jndi/toolkit/url/Uri.java line 374:
> 372: // throw if we have user info or regname
> 373: throw newMalformedURLException("Authority component is not server-based, " +
> 374: "or contains user info. Unsupported authority:", auth);
Suggestion:
"or contains user info. Unsupported authority", auth);
src/java.rmi/share/classes/java/rmi/Naming.java line 227:
> 225:
> 226: private static MalformedURLException newMalformedURLException(String prefix, String msg) {
> 227: return new MalformedURLException(formatMsg(prefix + " %s", filterNonSocketInfo(msg)));
Suggestion:
return new MalformedURLException(prefix + formatMsg(filterNonSocketInfo(msg).prefixWith(": "));
src/java.rmi/share/classes/java/rmi/Naming.java line 250:
> 248: */
> 249: MalformedURLException mue = newMalformedURLException(
> 250: "invalid URL String:", str);
Suggestion:
"invalid URL String", str);
src/java.rmi/share/classes/java/rmi/Naming.java line 282:
> 280: if (uri.isOpaque()) {
> 281: throw newMalformedURLException(
> 282: "not a hierarchical URL:", str);
Suggestion:
"not a hierarchical URL", str);
src/java.rmi/share/classes/java/rmi/Naming.java line 286:
> 284: if (uri.getFragment() != null) {
> 285: throw newMalformedURLException(
> 286: "invalid character, '#', in URL name:", str);
Suggestion:
"invalid character, '#', in URL name", str);
src/java.rmi/share/classes/java/rmi/Naming.java line 289:
> 287: } else if (uri.getQuery() != null) {
> 288: throw newMalformedURLException(
> 289: "invalid character, '?', in URL name:", str);
Suggestion:
"invalid character, '?', in URL name", str);
src/java.rmi/share/classes/java/rmi/Naming.java line 292:
> 290: } else if (uri.getUserInfo() != null) {
> 291: throw newMalformedURLException(
> 292: "invalid character, '@', in URL host:", str);
Suggestion:
"invalid character, '@', in URL host", str);
src/java.rmi/share/classes/java/rmi/Naming.java line 296:
> 294: String scheme = uri.getScheme();
> 295: if (scheme != null && !scheme.equals("rmi")) {
> 296: throw newMalformedURLException("invalid URL scheme:", str);
Suggestion:
throw new MalformedURLException(formatMsg("invalid URL scheme%s", filterNonSocketInfo(str).prefixWith(": ").replaceWith(": rmi"));
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114314118
PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114338001
PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114341371
PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114325981
PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114336092
PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114343715
PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114344189
PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114344732
PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114349684
PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114360771
PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114361269
PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114361808
PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114372438
PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114373811
PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114380353
PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114381257
PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114381615
PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114381991
PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114382430
PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114382678
PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2114383025
More information about the nio-dev
mailing list