RFR: 8280890: Cannot use '-Djava.system.class.loader' with class loader in signed JAR [v2]

Sean Mullan mullan at openjdk.java.net
Sun Feb 6 19:51:05 UTC 2022


On Sat, 5 Feb 2022 11:48:12 GMT, Jaikiran Pai <jpai at openjdk.org> wrote:

>> Sean Mullan has updated the pull request incrementally with one additional commit since the last revision:
>> 
>>   Check exit status of keytool and jarsigner in test.
>
> test/jdk/java/security/SignedJar/SignedJarWithCustomClassLoader.java line 65:
> 
>> 63: 
>> 64:         // create signer's keypair
>> 65:         SecurityTools.keytool("-genkeypair -keyalg RSA -keystore ks " +
> 
> Hello Sean,
> Looking at the `SecurityTools.keytool` and `SecurityTools.jarsigner` methods, they internally launch a process corresponding to these tools but do not check for the exit code of that process execution. Perhaps the calls to these methods in this test, should add a check to assert that the exit code is `0` by using the returned `OutputAnalyzer`?

Good catch - fixed in latest update.

-------------

PR: https://git.openjdk.java.net/jdk/pull/7316



More information about the security-dev mailing list