diff --git a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java --- a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java +++ b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java @@ -166,7 +166,7 @@ private ArrayList runtimePermissions = new ArrayList(); /** all jars not yet part of classloader or active */ - private List available = new ArrayList(); + private List available = Collections.synchronizedList(new ArrayList()); /** the jar cert verifier tool to verify our jars */ private final JarCertVerifier jcv; @@ -174,17 +174,17 @@ private boolean signing = false; /** ArrayList containing jar indexes for various jars available to this classloader */ - private ArrayList jarIndexes = new ArrayList(); + private List jarIndexes = Collections.synchronizedList(new ArrayList()); /** Set of classpath strings declared in the manifest.mf files */ - private Set classpaths = new HashSet(); + private Set classpaths = Collections.synchronizedSet(new HashSet()); /** File entries in the jar files available to this classloader */ - private TreeSet jarEntries = new TreeSet(); + private Set jarEntries = Collections.synchronizedSet(new TreeSet()); /** Map of specific original (remote) CodeSource Urls to securitydesc */ - private HashMap jarLocationSecurityMap = - new HashMap(); + private Map jarLocationSecurityMap = + Collections.synchronizedMap(new HashMap()); /*Set to prevent once tried-to-get resources to be tried again*/ private Set alreadyTried = Collections.synchronizedSet(new HashSet()); @@ -1173,12 +1173,14 @@ for (int i = 0; i < jars.size(); i++) { String part = jars.get(i).getPart(); - for (int a = 0; a < available.size(); a++) { - JARDesc jar = available.get(a); + synchronized (available) { + for (int a = 0; a < available.size(); a++) { + JARDesc jar = available.get(a); - if (part != null && part.equals(jar.getPart())) - if (!jars.contains(jar)) - jars.add(jar); + if (part != null && part.equals(jar.getPart())) + if (!jars.contains(jar)) + jars.add(jar); + } } } } @@ -1429,7 +1431,7 @@ * classloader, or one of the classloaders for the JNLP file's * extensions. */ - public synchronized Class loadClass(String name) throws ClassNotFoundException { + public Class loadClass(String name) throws ClassNotFoundException { Class result = findLoadedClassAll(name); @@ -1457,15 +1459,17 @@ // Look in 'Class-Path' as specified in the manifest file try { - for (String classpath: classpaths) { - JARDesc desc; - try { - URL jarUrl = new URL(file.getCodeBase(), classpath); - desc = new JARDesc(jarUrl, null, null, false, true, false, true); - } catch (MalformedURLException mfe) { - throw new ClassNotFoundException(name, mfe); + synchronized (classpaths) { + for (String classpath: classpaths) { + JARDesc desc; + try { + URL jarUrl = new URL(file.getCodeBase(), classpath); + desc = new JARDesc(jarUrl, null, null, false, true, false, true); + } catch (MalformedURLException mfe) { + throw new ClassNotFoundException(name, mfe); + } + addNewJar(desc); } - addNewJar(desc); } result = loadClassExt(name); @@ -1480,31 +1484,33 @@ // Currently this loads jars directly from the site. We cannot cache it because this // call is initiated from within the applet, which does not have disk read/write permissions - for (JarIndex index : jarIndexes) { - // Non-generic code in sun.misc.JarIndex - @SuppressWarnings("unchecked") - LinkedList jarList = index.get(name.replace('.', '/')); + synchronized (jarIndexes) { + for (JarIndex index : jarIndexes) { + // Non-generic code in sun.misc.JarIndex + @SuppressWarnings("unchecked") + LinkedList jarList = index.get(name.replace('.', '/')); - if (jarList != null) { - for (String jarName : jarList) { - JARDesc desc; - try { - desc = new JARDesc(new URL(file.getCodeBase(), jarName), - null, null, false, true, false, true); - } catch (MalformedURLException mfe) { - throw new ClassNotFoundException(name); - } - try { - addNewJar(desc); - } catch (Exception e) { - if (JNLPRuntime.isDebug()) { - e.printStackTrace(); + if (jarList != null) { + for (String jarName : jarList) { + JARDesc desc; + try { + desc = new JARDesc(new URL(file.getCodeBase(), jarName), + null, null, false, true, false, true); + } catch (MalformedURLException mfe) { + throw new ClassNotFoundException(name); + } + try { + addNewJar(desc); + } catch (Exception e) { + if (JNLPRuntime.isDebug()) { + e.printStackTrace(); + } } } + + // If it still fails, let it error out + result = loadClassExt(name); } - - // If it still fails, let it error out - result = loadClassExt(name); } } } @@ -1886,21 +1892,23 @@ protected SecurityDesc getCodeSourceSecurity(URL source) { SecurityDesc sec=jarLocationSecurityMap.get(source); - if (sec == null && !alreadyTried.contains(source)) { - alreadyTried.add(source); - //try to load the jar which is requesting the permissions, but was NOT downloaded by standard way - if (JNLPRuntime.isDebug()) { - System.out.println("Application is trying to get permissions for " + source.toString() + ", which was not added by standard way. Trying to download and verify!"); - } - try { - JARDesc des = new JARDesc(source, null, null, false, false, false, false); - addNewJar(des); - sec = jarLocationSecurityMap.get(source); - } catch (Throwable t) { + synchronized (alreadyTried) { + if (sec == null && !alreadyTried.contains(source)) { + alreadyTried.add(source); + //try to load the jar which is requesting the permissions, but was NOT downloaded by standard way if (JNLPRuntime.isDebug()) { - t.printStackTrace(); + System.out.println("Application is trying to get permissions for " + source.toString() + ", which was not added by standard way. Trying to download and verify!"); } - sec = null; + try { + JARDesc des = new JARDesc(source, null, null, false, false, false, false); + addNewJar(des); + sec = jarLocationSecurityMap.get(source); + } catch (Throwable t) { + if (JNLPRuntime.isDebug()) { + t.printStackTrace(); + } + sec = null; + } } } if (sec == null){ @@ -1936,8 +1944,10 @@ } // security descriptors - for (URL key : extLoader.jarLocationSecurityMap.keySet()) { - jarLocationSecurityMap.put(key, extLoader.jarLocationSecurityMap.get(key)); + synchronized (jarLocationSecurityMap) { + for (URL key : extLoader.jarLocationSecurityMap.keySet()) { + jarLocationSecurityMap.put(key, extLoader.jarLocationSecurityMap.get(key)); + } } } @@ -2186,9 +2196,11 @@ } // Permissions for all remote hosting urls - for (URL u: jarLocationSecurityMap.keySet()) { - permissions.add(new SocketPermission(u.getHost(), - "connect, accept")); + synchronized (jarLocationSecurityMap) { + for (URL u: jarLocationSecurityMap.keySet()) { + permissions.add(new SocketPermission(u.getHost(), + "connect, accept")); + } } // Permissions for codebase urls (if there is a loader)