RFR: 8280890: Cannot use '-Djava.system.class.loader' with class loader in signed JAR [v2]
Sean Mullan
mullan at openjdk.java.net
Sun Feb 6 19:51:05 UTC 2022
On Sat, 5 Feb 2022 11:48:12 GMT, Jaikiran Pai <jpai at openjdk.org> wrote:
>> Sean Mullan has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Check exit status of keytool and jarsigner in test.
>
> test/jdk/java/security/SignedJar/SignedJarWithCustomClassLoader.java line 65:
>
>> 63:
>> 64: // create signer's keypair
>> 65: SecurityTools.keytool("-genkeypair -keyalg RSA -keystore ks " +
>
> Hello Sean,
> Looking at the `SecurityTools.keytool` and `SecurityTools.jarsigner` methods, they internally launch a process corresponding to these tools but do not check for the exit code of that process execution. Perhaps the calls to these methods in this test, should add a check to assert that the exit code is `0` by using the returned `OutputAnalyzer`?
Good catch - fixed in latest update.
-------------
PR: https://git.openjdk.java.net/jdk/pull/7316
More information about the security-dev
mailing list