RFR 8194251: Deadlock between UsageTracker and System.getProperty() when using a malformed security policy

mandy chung mandy.chung at oracle.com
Mon Feb 5 23:35:57 UTC 2018


This looks fine to me.

Mandy


On 2/5/18 11:26 AM, Adam Petcher wrote:
> Please review the following change:
>
> JBS: https://bugs.openjdk.java.net/browse/JDK-8194251
> Webrev: http://cr.openjdk.java.net/~apetcher/8194251/webrev.00/
>
> We ran into a problem related to loading locale data when a security 
> policy file is malformed. The parse error is localized and printed, 
> which requires the locale data to be loaded, which triggers a security 
> policy check, which results in deadlock or infinite recursion.
>
> This change removes localization from all messages during policy file 
> parsing and loading. I believe that this behavior is acceptable 
> according to our localization requirements. I removed the code that 
> tried to determine whether localization would succeed, because making 
> it work reliably would be difficult. Now the client of 
> LocalizedMessage will need to explicitly state whether the message 
> should be localized or not.
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/security-dev/attachments/20180205/a6d29b66/attachment.html>


More information about the security-dev mailing list