RFR: 8211752: JNU_ThrowIOExceptionWithLastErrorAndPath - enhance some IOExceptions with path causing the issue

Baesken, Matthias matthias.baesken at sap.com
Fri Oct 12 08:12:36 UTC 2018


Ping ...  any reviews / comments ?

Should I add  a category  , for example    "ioExceptionsWithPath"     to the java.security - file  to control  the enabling/disabling of the  enhanced exception ?

  java.security

#
# Enhanced exception message information
...
#jdk.includeInExceptions=hostInfo,jar,ioExceptionsWithPath


Thanks, Matthias


From: Baesken, Matthias
Sent: Dienstag, 9. Oktober 2018 14:12
To: security-dev at openjdk.java.net; core-libs-dev at openjdk.java.net
Cc: Alan Bateman (Alan.Bateman at oracle.com) <Alan.Bateman at oracle.com>
Subject: FW: RFR: 8211752: JNU_ThrowIOExceptionWithLastErrorAndPath - enhance some IOExceptions with path causing the issue

Hello, Alan commented on it :


  *   This proposal will require a security review as it leaks sensitive information into exceptions.

So I forward it to security-dev as well.

If needed,  we might  use something similar to  JDK-8207768  where a category  has been added  for  enhanced exception messages to the
java.security file .

Best regards, Matthias

From: Baesken, Matthias
Sent: Dienstag, 9. Oktober 2018 13:40
To: core-libs-dev at openjdk.java.net<mailto:core-libs-dev at openjdk.java.net>
Cc: Langer, Christoph <christoph.langer at sap.com<mailto:christoph.langer at sap.com>>; Lindenmaier, Goetz <goetz.lindenmaier at sap.com<mailto:goetz.lindenmaier at sap.com>>
Subject: RFR: 8211752: JNU_ThrowIOExceptionWithLastErrorAndPath - enhance some IOExceptions with path causing the issue


Hello, please review the following change .
It enhances a number of JNU_ThrowIOExceptionWithLastError  calls with path and current working directory information.
For this, a new function JNU_ThrowIOExceptionWithLastErrorAndPath is added.

bug and webrev :

https://bugs.openjdk.java.net/browse/JDK-8211752

http://cr.openjdk.java.net/~mbaesken/webrevs/8211752.0/

Thanks, Matthias
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20181012/4f097011/attachment.htm>


More information about the security-dev mailing list