Merge
diff --git a/.hgtags b/.hgtags
index 9eff39e..c9a4b07 100644
--- a/.hgtags
+++ b/.hgtags
@@ -314,3 +314,24 @@
dd229c5f57bff4e75a70908294a13072b9a48385 jdk8u20-b26
684a13a7d2ccc91d2ad709ecad1fddbcc992ee5a jdk8u20-b31
eb459e6ac74a7db7b49393e470d04b6d854dfa89 jdk8u20-b32
+abca9f6f1a10e9f91b2538bbe7870f54f550d986 jdk8u25-b00
+7d0627679c9fdeaaaa9fe15c7cc11af0763621ec jdk8u25-b01
+b0277ec994b751ebb761814675352506cd56bcd6 jdk8u25-b02
+5606d84f30bab5ed4bc5776572edd469fb013e13 jdk8u25-b03
+40630cd55da8a2db7980249dc31af285965cb5e9 jdk8u25-b04
+75b48287a1b3fc5757ac473f72c8918c7f345ffc jdk8u25-b05
+5b80b4b22b4ca0b630c7f1cec3605da7694168e2 jdk8u25-b06
+0e0a35b0bf0ff5852026c50038d5c2ecb26c075c jdk8u25-b07
+d7d221f56fd17b96bab4440448641a844f9e92cd jdk8u25-b08
+0c6cf43c5bcf0917d07a1bc94adb7a091f18f32c jdk8u25-b09
+1317d94e95861a47fee8258903b652af70a3493c jdk8u25-b10
+2104dfd9a4c2b519cdca019aec938db539bf4f3f jdk8u25-b11
+eaaa9a04b9fdcfa4a830b811ed209eb2c45a4a6b jdk8u25-b12
+c3a855402b923d3ba819b05292a971953fc8ed0b jdk8u25-b13
+2a6df63ca0f0f59bb730638b05c72d77a23f93c8 jdk8u25-b14
+412d9ade90401d098f3662bd688ab393008423bd jdk8u25-b15
+f07bc5dab84c67f5d1dccbab318ee1c5485c852d jdk8u25-b16
+0000000000000000000000000000000000000000 jdk8u25-b16
+0000000000000000000000000000000000000000 jdk8u25-b16
+d067890f970f3a712f870f6311d20f3359b6eaf0 jdk8u25-b16
+67b22a82345bfa1ae1492679bdf3c4d54f4eacde jdk8u25-b17
diff --git a/make/lib/CoreLibraries.gmk b/make/lib/CoreLibraries.gmk
index bc7f357..1eaea90 100644
--- a/make/lib/CoreLibraries.gmk
+++ b/make/lib/CoreLibraries.gmk
@@ -264,7 +264,7 @@
$(call SET_SHARED_LIBRARY_ORIGIN) \
$(EXPORT_ZIP_FUNCS), \
LDFLAGS_windows := -export:ZIP_Open -export:ZIP_Close -export:ZIP_FindEntry \
- -export:ZIP_ReadEntry -export:ZIP_GetNextEntry jvm.lib \
+ -export:ZIP_ReadEntry -export:ZIP_GetNextEntry -export:ZIP_CRC32 jvm.lib \
$(WIN_JAVA_LIB), \
LDFLAGS_SUFFIX_linux := -ljvm -ljava $(LIBZ), \
LDFLAGS_SUFFIX_solaris := -ljvm -ljava $(LIBZ) -lc, \
diff --git a/make/mapfiles/libnet/mapfile-vers b/make/mapfiles/libnet/mapfile-vers
index 1b6a148..9e07f44 100644
--- a/make/mapfiles/libnet/mapfile-vers
+++ b/make/mapfiles/libnet/mapfile-vers
@@ -28,6 +28,8 @@
SUNWprivate_1.1 {
global:
JNI_OnLoad;
+ Java_java_net_AbstractPlainDatagramSocketImpl_init;
+ Java_java_net_AbstractPlainDatagramSocketImpl_dataAvailable;
Java_java_net_PlainSocketImpl_socketListen;
Java_java_net_PlainDatagramSocketImpl_getTTL;
Java_java_net_PlainDatagramSocketImpl_init;
diff --git a/src/share/classes/com/sun/java/swing/plaf/motif/MotifScrollPaneUI.java b/src/share/classes/com/sun/java/swing/plaf/motif/MotifScrollPaneUI.java
index 2a12ed8..52bc738 100644
--- a/src/share/classes/com/sun/java/swing/plaf/motif/MotifScrollPaneUI.java
+++ b/src/share/classes/com/sun/java/swing/plaf/motif/MotifScrollPaneUI.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 2004, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -56,19 +56,22 @@
private PropertyChangeListener propertyChangeHandler;
+ @Override
protected void installListeners(JScrollPane scrollPane) {
super.installListeners(scrollPane);
propertyChangeHandler = createPropertyChangeHandler();
scrollPane.addPropertyChangeListener(propertyChangeHandler);
}
- protected void uninstallListeners(JScrollPane scrollPane) {
+ @Override
+ protected void uninstallListeners(JComponent scrollPane) {
super.uninstallListeners(scrollPane);
scrollPane.removePropertyChangeListener(propertyChangeHandler);
}
private PropertyChangeListener createPropertyChangeHandler() {
return new PropertyChangeListener() {
+ @Override
public void propertyChange(PropertyChangeEvent e) {
String propertyName = e.getPropertyName();
@@ -92,6 +95,7 @@
}};
}
+ @Override
protected void installDefaults(JScrollPane scrollpane) {
super.installDefaults(scrollpane);
@@ -115,7 +119,7 @@
}
}
-
+ @Override
protected void uninstallDefaults(JScrollPane c) {
super.uninstallDefaults(c);
diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/Init.java b/src/share/classes/com/sun/org/apache/xml/internal/security/Init.java
index 6176370..5f3b9f5 100644
--- a/src/share/classes/com/sun/org/apache/xml/internal/security/Init.java
+++ b/src/share/classes/com/sun/org/apache/xml/internal/security/Init.java
@@ -25,6 +25,8 @@
import java.io.InputStream;
import java.security.AccessController;
import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.List;
@@ -35,6 +37,7 @@
import com.sun.org.apache.xml.internal.security.algorithms.JCEMapper;
import com.sun.org.apache.xml.internal.security.algorithms.SignatureAlgorithm;
import com.sun.org.apache.xml.internal.security.c14n.Canonicalizer;
+import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolver;
import com.sun.org.apache.xml.internal.security.transforms.Transform;
import com.sun.org.apache.xml.internal.security.utils.ElementProxy;
@@ -118,43 +121,50 @@
log.log(java.util.logging.Level.FINE, "Registering default algorithms");
}
try {
- //
- // Bind the default prefixes
- //
- ElementProxy.registerDefaultPrefixes();
+ AccessController.doPrivileged(new PrivilegedExceptionAction<Void>(){
+ @Override public Void run() throws XMLSecurityException {
+ //
+ // Bind the default prefixes
+ //
+ ElementProxy.registerDefaultPrefixes();
- //
- // Set the default Transforms
- //
- Transform.registerDefaultAlgorithms();
+ //
+ // Set the default Transforms
+ //
+ Transform.registerDefaultAlgorithms();
- //
- // Set the default signature algorithms
- //
- SignatureAlgorithm.registerDefaultAlgorithms();
+ //
+ // Set the default signature algorithms
+ //
+ SignatureAlgorithm.registerDefaultAlgorithms();
- //
- // Set the default JCE algorithms
- //
- JCEMapper.registerDefaultAlgorithms();
+ //
+ // Set the default JCE algorithms
+ //
+ JCEMapper.registerDefaultAlgorithms();
- //
- // Set the default c14n algorithms
- //
- Canonicalizer.registerDefaultAlgorithms();
+ //
+ // Set the default c14n algorithms
+ //
+ Canonicalizer.registerDefaultAlgorithms();
- //
- // Register the default resolvers
- //
- ResourceResolver.registerDefaultResolvers();
+ //
+ // Register the default resolvers
+ //
+ ResourceResolver.registerDefaultResolvers();
- //
- // Register the default key resolvers
- //
- KeyResolver.registerDefaultResolvers();
- } catch (Exception ex) {
- log.log(java.util.logging.Level.SEVERE, ex.getMessage(), ex);
- ex.printStackTrace();
+ //
+ // Register the default key resolvers
+ //
+ KeyResolver.registerDefaultResolvers();
+
+ return null;
+ }
+ });
+ } catch (PrivilegedActionException ex) {
+ XMLSecurityException xse = (XMLSecurityException)ex.getException();
+ log.log(java.util.logging.Level.SEVERE, xse.getMessage(), xse);
+ xse.printStackTrace();
}
}
diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/JCEMapper.java b/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/JCEMapper.java
index ca7d42a..9fc3525 100644
--- a/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/JCEMapper.java
+++ b/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/JCEMapper.java
@@ -27,6 +27,7 @@
import com.sun.org.apache.xml.internal.security.encryption.XMLCipher;
import com.sun.org.apache.xml.internal.security.signature.XMLSignature;
+import com.sun.org.apache.xml.internal.security.utils.JavaUtils;
import org.w3c.dom.Element;
@@ -49,8 +50,11 @@
*
* @param id
* @param algorithm
+ * @throws SecurityException if a security manager is installed and the
+ * caller does not have permission to register the JCE algorithm
*/
public static void register(String id, Algorithm algorithm) {
+ JavaUtils.checkRegisterPermission();
algorithmsMap.put(id, algorithm);
}
@@ -292,8 +296,11 @@
/**
* Sets the default Provider for obtaining the security algorithms
* @param provider the default providerId.
+ * @throws SecurityException if a security manager is installed and the
+ * caller does not have permission to set the JCE provider
*/
public static void setProviderId(String provider) {
+ JavaUtils.checkRegisterPermission();
providerName = provider;
}
diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/SignatureAlgorithm.java b/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/SignatureAlgorithm.java
index 4748a6b..ada9ea5 100644
--- a/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/SignatureAlgorithm.java
+++ b/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/SignatureAlgorithm.java
@@ -37,6 +37,7 @@
import com.sun.org.apache.xml.internal.security.signature.XMLSignature;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException;
import com.sun.org.apache.xml.internal.security.utils.Constants;
+import com.sun.org.apache.xml.internal.security.utils.JavaUtils;
import org.w3c.dom.Attr;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -314,18 +315,21 @@
}
/**
- * Registers implementing class of the Transform algorithm with algorithmURI
+ * Registers implementing class of the SignatureAlgorithm with algorithmURI
*
- * @param algorithmURI algorithmURI URI representation of <code>Transform algorithm</code>.
+ * @param algorithmURI algorithmURI URI representation of <code>SignatureAlgorithm</code>.
* @param implementingClass <code>implementingClass</code> the implementing class of
* {@link SignatureAlgorithmSpi}
* @throws AlgorithmAlreadyRegisteredException if specified algorithmURI is already registered
* @throws XMLSignatureException
+ * @throws SecurityException if a security manager is installed and the
+ * caller does not have permission to register the signature algorithm
*/
@SuppressWarnings("unchecked")
public static void register(String algorithmURI, String implementingClass)
throws AlgorithmAlreadyRegisteredException, ClassNotFoundException,
XMLSignatureException {
+ JavaUtils.checkRegisterPermission();
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Try to register " + algorithmURI + " " + implementingClass);
}
@@ -352,15 +356,18 @@
/**
* Registers implementing class of the Transform algorithm with algorithmURI
*
- * @param algorithmURI algorithmURI URI representation of <code>Transform algorithm</code>.
+ * @param algorithmURI algorithmURI URI representation of <code>SignatureAlgorithm</code>.
* @param implementingClass <code>implementingClass</code> the implementing class of
* {@link SignatureAlgorithmSpi}
* @throws AlgorithmAlreadyRegisteredException if specified algorithmURI is already registered
* @throws XMLSignatureException
+ * @throws SecurityException if a security manager is installed and the
+ * caller does not have permission to register the signature algorithm
*/
public static void register(String algorithmURI, Class<? extends SignatureAlgorithmSpi> implementingClass)
throws AlgorithmAlreadyRegisteredException, ClassNotFoundException,
XMLSignatureException {
+ JavaUtils.checkRegisterPermission();
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Try to register " + algorithmURI + " " + implementingClass);
}
diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/Canonicalizer.java b/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/Canonicalizer.java
index 2f0b31f..ae33b72 100644
--- a/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/Canonicalizer.java
+++ b/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/Canonicalizer.java
@@ -41,6 +41,7 @@
import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315WithComments;
import com.sun.org.apache.xml.internal.security.c14n.implementations.CanonicalizerPhysical;
import com.sun.org.apache.xml.internal.security.exceptions.AlgorithmAlreadyRegisteredException;
+import com.sun.org.apache.xml.internal.security.utils.JavaUtils;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
@@ -142,10 +143,13 @@
* @param algorithmURI
* @param implementingClass
* @throws AlgorithmAlreadyRegisteredException
+ * @throws SecurityException if a security manager is installed and the
+ * caller does not have permission to register the canonicalizer
*/
@SuppressWarnings("unchecked")
public static void register(String algorithmURI, String implementingClass)
throws AlgorithmAlreadyRegisteredException, ClassNotFoundException {
+ JavaUtils.checkRegisterPermission();
// check whether URI is already registered
Class<? extends CanonicalizerSpi> registeredClass =
canonicalizerHash.get(algorithmURI);
@@ -166,9 +170,12 @@
* @param algorithmURI
* @param implementingClass
* @throws AlgorithmAlreadyRegisteredException
+ * @throws SecurityException if a security manager is installed and the
+ * caller does not have permission to register the canonicalizer
*/
- public static void register(String algorithmURI, Class<CanonicalizerSpi> implementingClass)
+ public static void register(String algorithmURI, Class<? extends CanonicalizerSpi> implementingClass)
throws AlgorithmAlreadyRegisteredException, ClassNotFoundException {
+ JavaUtils.checkRegisterPermission();
// check whether URI is already registered
Class<? extends CanonicalizerSpi> registeredClass = canonicalizerHash.get(algorithmURI);
diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolver.java b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolver.java
index fe541ff..e8622d9 100644
--- a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolver.java
+++ b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolver.java
@@ -42,6 +42,7 @@
import com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.X509SKIResolver;
import com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.X509SubjectNameResolver;
import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver;
+import com.sun.org.apache.xml.internal.security.utils.JavaUtils;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
@@ -175,9 +176,12 @@
* @throws InstantiationException
* @throws IllegalAccessException
* @throws ClassNotFoundException
+ * @throws SecurityException if a security manager is installed and the
+ * caller does not have permission to register the key resolver
*/
public static void register(String className, boolean globalResolver)
throws ClassNotFoundException, IllegalAccessException, InstantiationException {
+ JavaUtils.checkRegisterPermission();
KeyResolverSpi keyResolverSpi =
(KeyResolverSpi) Class.forName(className).newInstance();
keyResolverSpi.setGlobalResolver(globalResolver);
@@ -195,8 +199,11 @@
*
* @param className
* @param globalResolver Whether the KeyResolverSpi is a global resolver or not
+ * @throws SecurityException if a security manager is installed and the
+ * caller does not have permission to register the key resolver
*/
public static void registerAtStart(String className, boolean globalResolver) {
+ JavaUtils.checkRegisterPermission();
KeyResolverSpi keyResolverSpi = null;
Exception ex = null;
try {
@@ -228,11 +235,14 @@
*
* @param keyResolverSpi a KeyResolverSpi instance to register
* @param start whether to register the KeyResolverSpi at the start of the list or not
+ * @throws SecurityException if a security manager is installed and the
+ * caller does not have permission to register the key resolver
*/
public static void register(
KeyResolverSpi keyResolverSpi,
boolean start
) {
+ JavaUtils.checkRegisterPermission();
KeyResolver resolver = new KeyResolver(keyResolverSpi);
if (start) {
resolverVector.add(0, resolver);
@@ -254,9 +264,12 @@
* @throws InstantiationException
* @throws IllegalAccessException
* @throws ClassNotFoundException
+ * @throws SecurityException if a security manager is installed and the
+ * caller does not have permission to register the key resolver
*/
public static void registerClassNames(List<String> classNames)
throws ClassNotFoundException, IllegalAccessException, InstantiationException {
+ JavaUtils.checkRegisterPermission();
List<KeyResolver> keyResolverList = new ArrayList<KeyResolver>(classNames.size());
for (String className : classNames) {
KeyResolverSpi keyResolverSpi =
diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/Transform.java b/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/Transform.java
index 37d67ba..3fc1d21 100644
--- a/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/Transform.java
+++ b/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/Transform.java
@@ -46,6 +46,7 @@
import com.sun.org.apache.xml.internal.security.transforms.implementations.TransformXSLT;
import com.sun.org.apache.xml.internal.security.utils.Constants;
import com.sun.org.apache.xml.internal.security.utils.HelperNodeList;
+import com.sun.org.apache.xml.internal.security.utils.JavaUtils;
import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy;
import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
import org.w3c.dom.Document;
@@ -181,11 +182,14 @@
* class of {@link TransformSpi}
* @throws AlgorithmAlreadyRegisteredException if specified algorithmURI
* is already registered
+ * @throws SecurityException if a security manager is installed and the
+ * caller does not have permission to register the transform
*/
@SuppressWarnings("unchecked")
public static void register(String algorithmURI, String implementingClass)
throws AlgorithmAlreadyRegisteredException, ClassNotFoundException,
InvalidTransformException {
+ JavaUtils.checkRegisterPermission();
// are we already registered?
Class<? extends TransformSpi> transformSpi = transformSpiHash.get(algorithmURI);
if (transformSpi != null) {
@@ -206,9 +210,12 @@
* class of {@link TransformSpi}
* @throws AlgorithmAlreadyRegisteredException if specified algorithmURI
* is already registered
+ * @throws SecurityException if a security manager is installed and the
+ * caller does not have permission to register the transform
*/
public static void register(String algorithmURI, Class<? extends TransformSpi> implementingClass)
throws AlgorithmAlreadyRegisteredException {
+ JavaUtils.checkRegisterPermission();
// are we already registered?
Class<? extends TransformSpi> transformSpi = transformSpiHash.get(algorithmURI);
if (transformSpi != null) {
diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/ElementProxy.java b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/ElementProxy.java
index ac7a53e..fe8bdb1 100644
--- a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/ElementProxy.java
+++ b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/ElementProxy.java
@@ -468,9 +468,12 @@
* @param namespace
* @param prefix
* @throws XMLSecurityException
+ * @throws SecurityException if a security manager is installed and the
+ * caller does not have permission to set the default prefix
*/
public static void setDefaultPrefix(String namespace, String prefix)
throws XMLSecurityException {
+ JavaUtils.checkRegisterPermission();
if (prefixMappings.containsValue(prefix)) {
String storedPrefix = prefixMappings.get(namespace);
if (!storedPrefix.equals(prefix)) {
diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/JavaUtils.java b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/JavaUtils.java
index cf55f40..ee3dfbe 100644
--- a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/JavaUtils.java
+++ b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/JavaUtils.java
@@ -28,6 +28,7 @@
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
+import java.security.SecurityPermission;
/**
* A collection of different, general-purpose methods for JAVA-specific things
@@ -39,6 +40,10 @@
private static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(JavaUtils.class.getName());
+ private static final SecurityPermission REGISTER_PERMISSION =
+ new SecurityPermission(
+ "com.sun.org.apache.xml.internal.security.register");
+
private JavaUtils() {
// we don't allow instantiation
}
@@ -145,4 +150,21 @@
return retBytes;
}
+
+ /**
+ * Throws a {@code SecurityException} if a security manager is installed
+ * and the caller is not allowed to register an implementation of an
+ * algorithm, transform, or other security sensitive XML Signature function.
+ *
+ * @throws SecurityException if a security manager is installed and the
+ * caller has not been granted the
+ * {@literal "com.sun.org.apache.xml.internal.security.register"}
+ * {@code SecurityPermission}
+ */
+ public static void checkRegisterPermission() {
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(REGISTER_PERMISSION);
+ }
+ }
}
diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/XMLUtils.java b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/XMLUtils.java
index 620b673..585f7f6 100644
--- a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/XMLUtils.java
+++ b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/XMLUtils.java
@@ -80,32 +80,44 @@
/**
* Set the prefix for the digital signature namespace
* @param prefix the new prefix for the digital signature namespace
+ * @throws SecurityException if a security manager is installed and the
+ * caller does not have permission to set the prefix
*/
public static void setDsPrefix(String prefix) {
+ JavaUtils.checkRegisterPermission();
dsPrefix = prefix;
}
/**
* Set the prefix for the digital signature 1.1 namespace
* @param prefix the new prefix for the digital signature 1.1 namespace
+ * @throws SecurityException if a security manager is installed and the
+ * caller does not have permission to set the prefix
*/
public static void setDs11Prefix(String prefix) {
+ JavaUtils.checkRegisterPermission();
ds11Prefix = prefix;
}
/**
* Set the prefix for the encryption namespace
* @param prefix the new prefix for the encryption namespace
+ * @throws SecurityException if a security manager is installed and the
+ * caller does not have permission to set the prefix
*/
public static void setXencPrefix(String prefix) {
+ JavaUtils.checkRegisterPermission();
xencPrefix = prefix;
}
/**
* Set the prefix for the encryption namespace 1.1
* @param prefix the new prefix for the encryption namespace 1.1
+ * @throws SecurityException if a security manager is installed and the
+ * caller does not have permission to set the prefix
*/
public static void setXenc11Prefix(String prefix) {
+ JavaUtils.checkRegisterPermission();
xenc11Prefix = prefix;
}
diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/ResourceResolver.java b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/ResourceResolver.java
index 7570a01..012d2fb 100644
--- a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/ResourceResolver.java
+++ b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/ResourceResolver.java
@@ -27,6 +27,7 @@
import java.util.Map;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput;
+import com.sun.org.apache.xml.internal.security.utils.JavaUtils;
import com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverDirectHTTP;
import com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment;
import com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverLocalFilesystem;
@@ -199,9 +200,12 @@
* the class cannot be registered.
*
* @param className the name of the ResourceResolverSpi class to be registered
+ * @throws SecurityException if a security manager is installed and the
+ * caller does not have permission to register a resource resolver
*/
@SuppressWarnings("unchecked")
public static void register(String className) {
+ JavaUtils.checkRegisterPermission();
try {
Class<ResourceResolverSpi> resourceResolverClass =
(Class<ResourceResolverSpi>) Class.forName(className);
@@ -216,9 +220,12 @@
* list. This method logs a warning if the class cannot be registered.
*
* @param className the name of the ResourceResolverSpi class to be registered
+ * @throws SecurityException if a security manager is installed and the
+ * caller does not have permission to register a resource resolver
*/
@SuppressWarnings("unchecked")
public static void registerAtStart(String className) {
+ JavaUtils.checkRegisterPermission();
try {
Class<ResourceResolverSpi> resourceResolverClass =
(Class<ResourceResolverSpi>) Class.forName(className);
@@ -233,8 +240,11 @@
* cannot be registered.
* @param className
* @param start
+ * @throws SecurityException if a security manager is installed and the
+ * caller does not have permission to register a resource resolver
*/
public static void register(Class<? extends ResourceResolverSpi> className, boolean start) {
+ JavaUtils.checkRegisterPermission();
try {
ResourceResolverSpi resourceResolverSpi = className.newInstance();
register(resourceResolverSpi, start);
@@ -250,8 +260,11 @@
* cannot be registered.
* @param resourceResolverSpi
* @param start
+ * @throws SecurityException if a security manager is installed and the
+ * caller does not have permission to register a resource resolver
*/
public static void register(ResourceResolverSpi resourceResolverSpi, boolean start) {
+ JavaUtils.checkRegisterPermission();
synchronized(resolverList) {
if (start) {
resolverList.add(0, new ResourceResolver(resourceResolverSpi));
diff --git a/src/share/classes/java/lang/Class.java b/src/share/classes/java/lang/Class.java
index eb2b8b8..d4c36bc 100644
--- a/src/share/classes/java/lang/Class.java
+++ b/src/share/classes/java/lang/Class.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1994, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1994, 2014, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -256,8 +256,8 @@
@CallerSensitive
public static Class<?> forName(String className)
throws ClassNotFoundException {
- return forName0(className, true,
- ClassLoader.getClassLoader(Reflection.getCallerClass()));
+ Class<?> caller = Reflection.getCallerClass();
+ return forName0(className, true, ClassLoader.getClassLoader(caller), caller);
}
@@ -327,22 +327,27 @@
ClassLoader loader)
throws ClassNotFoundException
{
- if (sun.misc.VM.isSystemDomainLoader(loader)) {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- ClassLoader ccl = ClassLoader.getClassLoader(Reflection.getCallerClass());
+ Class<?> caller = null;
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ // Reflective call to get caller class is only needed if a security manager
+ // is present. Avoid the overhead of making this call otherwise.
+ caller = Reflection.getCallerClass();
+ if (sun.misc.VM.isSystemDomainLoader(loader)) {
+ ClassLoader ccl = ClassLoader.getClassLoader(caller);
if (!sun.misc.VM.isSystemDomainLoader(ccl)) {
sm.checkPermission(
SecurityConstants.GET_CLASSLOADER_PERMISSION);
}
}
}
- return forName0(name, initialize, loader);
+ return forName0(name, initialize, loader, caller);
}
- /** Called after security checks have been made. */
+ /** Called after security check for system loader access checks have been made. */
private static native Class<?> forName0(String name, boolean initialize,
- ClassLoader loader)
+ ClassLoader loader,
+ Class<?> caller)
throws ClassNotFoundException;
/**
diff --git a/src/share/classes/java/lang/invoke/MethodType.java b/src/share/classes/java/lang/invoke/MethodType.java
index c264600..08c17d7 100644
--- a/src/share/classes/java/lang/invoke/MethodType.java
+++ b/src/share/classes/java/lang/invoke/MethodType.java
@@ -653,7 +653,7 @@
* @return the parameter types (as an immutable list)
*/
public List<Class<?>> parameterList() {
- return Collections.unmodifiableList(Arrays.asList(ptypes));
+ return Collections.unmodifiableList(Arrays.asList(ptypes.clone()));
}
/*non-public*/ Class<?> lastParameterType() {
diff --git a/src/share/classes/java/net/AbstractPlainDatagramSocketImpl.java b/src/share/classes/java/net/AbstractPlainDatagramSocketImpl.java
index 555ca84..1793cfc 100644
--- a/src/share/classes/java/net/AbstractPlainDatagramSocketImpl.java
+++ b/src/share/classes/java/net/AbstractPlainDatagramSocketImpl.java
@@ -68,6 +68,7 @@
return null;
}
});
+ init();
}
/**
@@ -362,4 +363,7 @@
protected boolean nativeConnectDisabled() {
return connectDisabled;
}
+
+ native int dataAvailable();
+ private static native void init();
}
diff --git a/src/share/classes/java/net/DatagramSocket.java b/src/share/classes/java/net/DatagramSocket.java
index 54799a8..2fdabb5 100644
--- a/src/share/classes/java/net/DatagramSocket.java
+++ b/src/share/classes/java/net/DatagramSocket.java
@@ -83,6 +83,17 @@
*/
boolean oldImpl = false;
+ /**
+ * Set when a socket is ST_CONNECTED until we are certain
+ * that any packets which might have been received prior
+ * to calling connect() but not read by the application
+ * have been read. During this time we check the source
+ * address of all packets received to be sure they are from
+ * the connected destination. Other packets are read but
+ * silently dropped.
+ */
+ private boolean explicitFilter = false;
+ private int bytesLeftToFilter;
/*
* Connection state:
* ST_NOT_CONNECTED = socket not connected
@@ -142,6 +153,15 @@
// socket is now connected by the impl
connectState = ST_CONNECTED;
+ // Do we need to filter some packets?
+ int avail = getImpl().dataAvailable();
+ if (avail == -1) {
+ throw new SocketException();
+ }
+ explicitFilter = avail > 0;
+ if (explicitFilter) {
+ bytesLeftToFilter = getReceiveBufferSize();
+ }
} catch (SocketException se) {
// connection will be emulated by DatagramSocket
@@ -490,6 +510,7 @@
connectedAddress = null;
connectedPort = -1;
connectState = ST_NOT_CONNECTED;
+ explicitFilter = false;
}
}
@@ -748,10 +769,13 @@
} // end of while
}
}
- if (connectState == ST_CONNECTED_NO_IMPL) {
+ DatagramPacket tmp = null;
+ if ((connectState == ST_CONNECTED_NO_IMPL) || explicitFilter) {
// We have to do the filtering the old fashioned way since
// the native impl doesn't support connect or the connect
- // via the impl failed.
+ // via the impl failed, or .. "explicitFilter" may be set when
+ // a socket is connected via the impl, for a period of time
+ // when packets from other sources might be queued on socket.
boolean stop = false;
while (!stop) {
InetAddress peekAddress = null;
@@ -770,8 +794,14 @@
if ((!connectedAddress.equals(peekAddress)) ||
(connectedPort != peekPort)) {
// throw the packet away and silently continue
- DatagramPacket tmp = new DatagramPacket(new byte[1], 1);
+ tmp = new DatagramPacket(
+ new byte[1024], 1024);
getImpl().receive(tmp);
+ if (explicitFilter) {
+ if (checkFiltering(tmp)) {
+ stop = true;
+ }
+ }
} else {
stop = true;
}
@@ -780,9 +810,22 @@
// If the security check succeeds, or the datagram is
// connected then receive the packet
getImpl().receive(p);
+ if (explicitFilter && tmp == null) {
+ // packet was not filtered, account for it here
+ checkFiltering(p);
+ }
}
}
+ private boolean checkFiltering(DatagramPacket p) throws SocketException {
+ bytesLeftToFilter -= p.getLength();
+ if (bytesLeftToFilter <= 0 || getImpl().dataAvailable() <= 0) {
+ explicitFilter = false;
+ return true;
+ }
+ return false;
+ }
+
/**
* Gets the local address to which the socket is bound.
*
diff --git a/src/share/classes/java/net/DatagramSocketImpl.java b/src/share/classes/java/net/DatagramSocketImpl.java
index c2b1158..537edfe 100644
--- a/src/share/classes/java/net/DatagramSocketImpl.java
+++ b/src/share/classes/java/net/DatagramSocketImpl.java
@@ -47,6 +47,12 @@
*/
protected FileDescriptor fd;
+ int dataAvailable() {
+ // default impl returns zero, which disables the calling
+ // functionality
+ return 0;
+ }
+
/**
* The DatagramSocket or MulticastSocket
* that owns this impl
diff --git a/src/share/classes/java/security/Signature.java b/src/share/classes/java/security/Signature.java
index 7c5bd96..9394284 100644
--- a/src/share/classes/java/security/Signature.java
+++ b/src/share/classes/java/security/Signature.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2014, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -590,6 +590,9 @@
if (outbuf == null) {
throw new IllegalArgumentException("No output buffer given");
}
+ if (offset < 0 || len < 0) {
+ throw new IllegalArgumentException("offset or len is less than 0");
+ }
if (outbuf.length - offset < len) {
throw new IllegalArgumentException
("Output buffer too small for specified offset and length");
@@ -658,9 +661,16 @@
public final boolean verify(byte[] signature, int offset, int length)
throws SignatureException {
if (state == VERIFY) {
- if ((signature == null) || (offset < 0) || (length < 0) ||
- (length > signature.length - offset)) {
- throw new IllegalArgumentException("Bad arguments");
+ if (signature == null) {
+ throw new IllegalArgumentException("signature is null");
+ }
+ if (offset < 0 || length < 0) {
+ throw new IllegalArgumentException
+ ("offset or length is less than 0");
+ }
+ if (signature.length - offset < length) {
+ throw new IllegalArgumentException
+ ("signature too small for specified offset and length");
}
return engineVerify(signature, offset, length);
@@ -713,6 +723,16 @@
public final void update(byte[] data, int off, int len)
throws SignatureException {
if (state == SIGN || state == VERIFY) {
+ if (data == null) {
+ throw new IllegalArgumentException("data is null");
+ }
+ if (off < 0 || len < 0) {
+ throw new IllegalArgumentException("off or len is less than 0");
+ }
+ if (data.length - off < len) {
+ throw new IllegalArgumentException
+ ("data too small for specified offset and length");
+ }
engineUpdate(data, off, len);
} else {
throw new SignatureException("object not initialized for "
diff --git a/src/share/classes/java/security/cert/CertificateRevokedException.java b/src/share/classes/java/security/cert/CertificateRevokedException.java
index a545627..505a007 100644
--- a/src/share/classes/java/security/cert/CertificateRevokedException.java
+++ b/src/share/classes/java/security/cert/CertificateRevokedException.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2007, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2007, 2014, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -94,7 +94,10 @@
this.revocationDate = new Date(revocationDate.getTime());
this.reason = reason;
this.authority = authority;
- this.extensions = new HashMap<String, Extension>(extensions);
+ // make sure Map only contains correct types
+ this.extensions = Collections.checkedMap(new HashMap<>(),
+ String.class, Extension.class);
+ this.extensions.putAll(extensions);
}
/**
@@ -172,7 +175,8 @@
public String getMessage() {
return "Certificate has been revoked, reason: "
+ reason + ", revocation date: " + revocationDate
- + ", authority: " + authority + ", extensions: " + extensions;
+ + ", authority: " + authority + ", extension OIDs: "
+ + extensions.keySet();
}
/**
diff --git a/src/share/classes/java/util/Collections.java b/src/share/classes/java/util/Collections.java
index 3e1d72f..1e2fbbe 100644
--- a/src/share/classes/java/util/Collections.java
+++ b/src/share/classes/java/util/Collections.java
@@ -3077,10 +3077,7 @@
public void remove() { it.remove(); }};
}
- public boolean add(E e) {
- typeCheck(e);
- return c.add(e);
- }
+ public boolean add(E e) { return c.add(typeCheck(e)); }
private E[] zeroLengthElementArray; // Lazily initialized
@@ -3187,11 +3184,7 @@
public E peek() {return queue.peek();}
public E poll() {return queue.poll();}
public E remove() {return queue.remove();}
-
- public boolean offer(E e) {
- typeCheck(e);
- return add(e);
- }
+ public boolean offer(E e) {return queue.offer(typeCheck(e));}
}
/**
@@ -3440,13 +3433,11 @@
public int lastIndexOf(Object o) { return list.lastIndexOf(o); }
public E set(int index, E element) {
- typeCheck(element);
- return list.set(index, element);
+ return list.set(index, typeCheck(element));
}
public void add(int index, E element) {
- typeCheck(element);
- list.add(index, element);
+ list.add(index, typeCheck(element));
}
public boolean addAll(int index, Collection<? extends E> c) {
@@ -3467,13 +3458,11 @@
public void remove() { i.remove(); }
public void set(E e) {
- typeCheck(e);
- i.set(e);
+ i.set(typeCheck(e));
}
public void add(E e) {
- typeCheck(e);
- i.add(e);
+ i.add(typeCheck(e));
}
@Override
diff --git a/src/share/classes/java/util/ResourceBundle.java b/src/share/classes/java/util/ResourceBundle.java
index d70b61a..134894c 100644
--- a/src/share/classes/java/util/ResourceBundle.java
+++ b/src/share/classes/java/util/ResourceBundle.java
@@ -2650,7 +2650,10 @@
} catch (ClassNotFoundException e) {
}
} else if (format.equals("java.properties")) {
- final String resourceName = toResourceName(bundleName, "properties");
+ final String resourceName = toResourceName0(bundleName, "properties");
+ if (resourceName == null) {
+ return bundle;
+ }
final ClassLoader classLoader = loader;
final boolean reloadFlag = reload;
InputStream stream = null;
@@ -2804,7 +2807,10 @@
}
boolean result = false;
try {
- String resourceName = toResourceName(toBundleName(baseName, locale), format);
+ String resourceName = toResourceName0(toBundleName(baseName, locale), format);
+ if (resourceName == null) {
+ return result;
+ }
URL url = loader.getResource(resourceName);
if (url != null) {
long lastModified = 0;
@@ -2938,6 +2944,15 @@
sb.append(bundleName.replace('.', '/')).append('.').append(suffix);
return sb.toString();
}
+
+ private String toResourceName0(String bundleName, String suffix) {
+ // application protocol check
+ if (bundleName.contains("://")) {
+ return null;
+ } else {
+ return toResourceName(bundleName, suffix);
+ }
+ }
}
private static class SingleFormatControl extends Control {
diff --git a/src/share/classes/java/util/logging/LogRecord.java b/src/share/classes/java/util/logging/LogRecord.java
index 50444f1..d9255f4 100644
--- a/src/share/classes/java/util/logging/LogRecord.java
+++ b/src/share/classes/java/util/logging/LogRecord.java
@@ -513,7 +513,13 @@
// If necessary, try to regenerate the resource bundle.
if (resourceBundleName != null) {
try {
- resourceBundle = ResourceBundle.getBundle(resourceBundleName);
+ // use system class loader to ensure the ResourceBundle
+ // instance is a different instance than null loader uses
+ final ResourceBundle bundle =
+ ResourceBundle.getBundle(resourceBundleName,
+ Locale.getDefault(),
+ ClassLoader.getSystemClassLoader());
+ resourceBundle = bundle;
} catch (MissingResourceException ex) {
// This is not a good place to throw an exception,
// so we simply leave the resourceBundle null.
diff --git a/src/share/classes/java/util/logging/Logger.java b/src/share/classes/java/util/logging/Logger.java
index 90cbb87..4629320 100644
--- a/src/share/classes/java/util/logging/Logger.java
+++ b/src/share/classes/java/util/logging/Logger.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -1934,6 +1934,9 @@
}
setCallersClassLoaderRef(callersClass);
+ if (isSystemLogger && getCallersClassLoader() != null) {
+ checkPermission();
+ }
if (findResourceBundle(name, true) == null) {
// We've failed to find an expected ResourceBundle.
// unset the caller's ClassLoader since we were unable to find the
@@ -2168,11 +2171,13 @@
return trb;
}
final String rbName = isSystemLogger
- ? trb.resourceBundleName
+ // ancestor of a system logger is expected to be a system logger.
+ // ignore resource bundle name if it's not.
+ ? (target.isSystemLogger ? trb.resourceBundleName : null)
: target.getResourceBundleName();
if (rbName != null) {
return LoggerBundle.get(rbName,
- findResourceBundle(rbName, true));
+ findResourceBundle(rbName, true));
}
target = isSystemLogger ? target.parent : target.getParent();
}
diff --git a/src/share/classes/javax/crypto/CipherInputStream.java b/src/share/classes/javax/crypto/CipherInputStream.java
index 0e80a60..d777ca0 100644
--- a/src/share/classes/javax/crypto/CipherInputStream.java
+++ b/src/share/classes/javax/crypto/CipherInputStream.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -88,6 +88,8 @@
private int ofinish = 0;
// stream status
private boolean closed = false;
+ // The stream has been read from. False if the stream has never been read.
+ private boolean read = false;
/**
* private convenience function.
@@ -103,13 +105,15 @@
private int getMoreData() throws IOException {
if (done) return -1;
int readin = input.read(ibuffer);
+ read = true;
if (readin == -1) {
done = true;
try {
obuffer = cipher.doFinal();
+ } catch (IllegalBlockSizeException | BadPaddingException e) {
+ obuffer = null;
+ throw new IOException(e);
}
- catch (IllegalBlockSizeException e) {obuffer = null;}
- catch (BadPaddingException e) {obuffer = null;}
if (obuffer == null)
return -1;
else {
@@ -120,7 +124,10 @@
}
try {
obuffer = cipher.update(ibuffer, 0, readin);
- } catch (IllegalStateException e) {obuffer = null;};
+ } catch (IllegalStateException e) {
+ obuffer = null;
+ throw e;
+ }
ostart = 0;
if (obuffer == null)
ofinish = 0;
@@ -308,6 +315,11 @@
}
}
catch (BadPaddingException | IllegalBlockSizeException ex) {
+ /* If no data has been read from the stream to be en/decrypted,
+ we supress any exceptions, and close quietly. */
+ if (read) {
+ throw new IOException(ex);
+ }
}
ostart = 0;
ofinish = 0;
diff --git a/src/share/classes/javax/swing/JDesktopPane.java b/src/share/classes/javax/swing/JDesktopPane.java
index b5945dd..0f05f79 100644
--- a/src/share/classes/javax/swing/JDesktopPane.java
+++ b/src/share/classes/javax/swing/JDesktopPane.java
@@ -43,6 +43,7 @@
import java.beans.PropertyVetoException;
import java.util.Set;
import java.util.TreeSet;
+import java.util.LinkedHashSet;
/**
* A container used to create a multiple-document interface or a virtual desktop.
* You create <code>JInternalFrame</code> objects and add them to the
@@ -266,7 +267,7 @@
private static Collection<JInternalFrame> getAllFrames(Container parent) {
int i, count;
- Collection<JInternalFrame> results = new ArrayList<JInternalFrame>();
+ Collection<JInternalFrame> results = new LinkedHashSet<>();
count = parent.getComponentCount();
for (i = 0; i < count; i++) {
Component next = parent.getComponent(i);
diff --git a/src/share/classes/sun/awt/ComponentFactory.java b/src/share/classes/sun/awt/ComponentFactory.java
index e1d616f..4d16780 100644
--- a/src/share/classes/sun/awt/ComponentFactory.java
+++ b/src/share/classes/sun/awt/ComponentFactory.java
@@ -25,6 +25,8 @@
package sun.awt;
+import sun.awt.datatransfer.DataTransferer;
+
import java.awt.*;
import java.awt.dnd.*;
import java.awt.dnd.peer.DragSourceContextPeer;
@@ -93,4 +95,6 @@
RobotPeer createRobot(Robot target, GraphicsDevice screen)
throws AWTException, HeadlessException;
+ DataTransferer getDataTransferer();
+
}
diff --git a/src/share/classes/sun/awt/HeadlessToolkit.java b/src/share/classes/sun/awt/HeadlessToolkit.java
index 9d68bd4..c0757be 100644
--- a/src/share/classes/sun/awt/HeadlessToolkit.java
+++ b/src/share/classes/sun/awt/HeadlessToolkit.java
@@ -25,6 +25,8 @@
package sun.awt;
+import sun.awt.datatransfer.DataTransferer;
+
import java.awt.*;
import java.awt.dnd.*;
import java.awt.dnd.peer.DragSourceContextPeer;
@@ -401,6 +403,11 @@
return null;
}
+ @Override
+ public DataTransferer getDataTransferer() {
+ return null;
+ }
+
@SuppressWarnings("deprecation")
public FontMetrics getFontMetrics(Font font) {
return tk.getFontMetrics(font);
diff --git a/src/share/classes/sun/awt/SunToolkit.java b/src/share/classes/sun/awt/SunToolkit.java
index 08c3615..03d6245 100644
--- a/src/share/classes/sun/awt/SunToolkit.java
+++ b/src/share/classes/sun/awt/SunToolkit.java
@@ -205,8 +205,6 @@
public abstract boolean isTraySupported();
- public abstract DataTransferer getDataTransferer();
-
@SuppressWarnings("deprecation")
public abstract FontPeer getFontPeer(String name, int style);
diff --git a/src/share/classes/sun/awt/datatransfer/DataTransferer.java b/src/share/classes/sun/awt/datatransfer/DataTransferer.java
index 2c4b75f..c5a7f59 100644
--- a/src/share/classes/sun/awt/datatransfer/DataTransferer.java
+++ b/src/share/classes/sun/awt/datatransfer/DataTransferer.java
@@ -86,6 +86,7 @@
import java.util.TreeMap;
import java.util.TreeSet;
+import sun.awt.ComponentFactory;
import sun.util.logging.PlatformLogger;
import sun.awt.AppContext;
@@ -272,7 +273,7 @@
* instead, null will be returned.
*/
public static synchronized DataTransferer getInstance() {
- return ((SunToolkit) Toolkit.getDefaultToolkit()).getDataTransferer();
+ return ((ComponentFactory) Toolkit.getDefaultToolkit()).getDataTransferer();
}
/**
diff --git a/src/share/classes/sun/awt/image/BytePackedRaster.java b/src/share/classes/sun/awt/image/BytePackedRaster.java
index bd3835d..3e60f19 100644
--- a/src/share/classes/sun/awt/image/BytePackedRaster.java
+++ b/src/share/classes/sun/awt/image/BytePackedRaster.java
@@ -1408,10 +1408,10 @@
}
}
- int lastbit = (dataBitOffset
- + (height-1) * scanlineStride * 8
- + (width-1) * pixelBitStride
- + pixelBitStride - 1);
+ long lastbit = (long) dataBitOffset
+ + (long) (height - 1) * (long) scanlineStride * 8
+ + (long) (width - 1) * (long) pixelBitStride
+ + (long) pixelBitStride - 1;
if (lastbit < 0 || lastbit / 8 >= data.length) {
throw new RasterFormatException("raster dimensions overflow " +
"array bounds");
diff --git a/src/share/classes/sun/invoke/util/VerifyAccess.java b/src/share/classes/sun/invoke/util/VerifyAccess.java
index a95aefb..fc870fc 100644
--- a/src/share/classes/sun/invoke/util/VerifyAccess.java
+++ b/src/share/classes/sun/invoke/util/VerifyAccess.java
@@ -102,19 +102,24 @@
case PUBLIC:
return true; // already checked above
case PROTECTED:
+ assert !defc.isInterface(); // protected members aren't allowed in interfaces
if ((allowedModes & PROTECTED_OR_PACKAGE_ALLOWED) != 0 &&
isSamePackage(defc, lookupClass))
return true;
if ((allowedModes & PROTECTED) == 0)
return false;
+ // Protected members are accessible by subclasses, which does not include interfaces.
+ // Interfaces are types, not classes. They should not have access to
+ // protected members in j.l.Object, even though it is their superclass.
if ((mods & STATIC) != 0 &&
!isRelatedClass(refc, lookupClass))
return false;
if ((allowedModes & PROTECTED) != 0 &&
- isSuperClass(defc, lookupClass))
+ isSubClass(lookupClass, defc))
return true;
return false;
case PACKAGE_ONLY: // That is, zero. Unmarked member is package-only access.
+ assert !defc.isInterface(); // package-private members aren't allowed in interfaces
return ((allowedModes & PACKAGE_ALLOWED) != 0 &&
isSamePackage(defc, lookupClass));
case PRIVATE:
@@ -129,12 +134,13 @@
static boolean isRelatedClass(Class<?> refc, Class<?> lookupClass) {
return (refc == lookupClass ||
- refc.isAssignableFrom(lookupClass) ||
- lookupClass.isAssignableFrom(refc));
+ isSubClass(refc, lookupClass) ||
+ isSubClass(lookupClass, refc));
}
- static boolean isSuperClass(Class<?> defc, Class<?> lookupClass) {
- return defc.isAssignableFrom(lookupClass);
+ static boolean isSubClass(Class<?> lookupClass, Class<?> defc) {
+ return defc.isAssignableFrom(lookupClass) &&
+ !lookupClass.isInterface(); // interfaces are types, not classes.
}
static int getClassModifiers(Class<?> c) {
diff --git a/src/share/classes/sun/nio/ch/DatagramChannelImpl.java b/src/share/classes/sun/nio/ch/DatagramChannelImpl.java
index fe32f63..0022e30 100644
--- a/src/share/classes/sun/nio/ch/DatagramChannelImpl.java
+++ b/src/share/classes/sun/nio/ch/DatagramChannelImpl.java
@@ -755,6 +755,26 @@
// set or refresh local address
localAddress = Net.localAddress(fd);
+
+ // flush any packets already received.
+ boolean blocking = false;
+ synchronized (blockingLock()) {
+ try {
+ blocking = isBlocking();
+ // remainder of each packet thrown away
+ ByteBuffer tmpBuf = ByteBuffer.allocate(1);
+ if (blocking) {
+ configureBlocking(false);
+ }
+ do {
+ tmpBuf.clear();
+ } while (receive(tmpBuf) != null);
+ } finally {
+ if (blocking) {
+ configureBlocking(true);
+ }
+ }
+ }
}
}
}
diff --git a/src/share/classes/sun/reflect/annotation/AnnotationInvocationHandler.java b/src/share/classes/sun/reflect/annotation/AnnotationInvocationHandler.java
index 6e73de7..120fe7a 100644
--- a/src/share/classes/sun/reflect/annotation/AnnotationInvocationHandler.java
+++ b/src/share/classes/sun/reflect/annotation/AnnotationInvocationHandler.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -29,7 +29,6 @@
import java.lang.reflect.*;
import java.io.Serializable;
import java.util.*;
-import java.lang.annotation.*;
import java.security.AccessController;
import java.security.PrivilegedAction;
@@ -45,6 +44,11 @@
private final Map<String, Object> memberValues;
AnnotationInvocationHandler(Class<? extends Annotation> type, Map<String, Object> memberValues) {
+ Class<?>[] superInterfaces = type.getInterfaces();
+ if (!type.isAnnotation() ||
+ superInterfaces.length != 1 ||
+ superInterfaces[0] != java.lang.annotation.Annotation.class)
+ throw new AnnotationFormatError("Attempt to create proxy for a non-annotation type.");
this.type = type;
this.memberValues = memberValues;
}
@@ -57,13 +61,17 @@
if (member.equals("equals") && paramTypes.length == 1 &&
paramTypes[0] == Object.class)
return equalsImpl(args[0]);
- assert paramTypes.length == 0;
- if (member.equals("toString"))
+ if (paramTypes.length != 0)
+ throw new AssertionError("Too many parameters for an annotation method");
+
+ switch(member) {
+ case "toString":
return toStringImpl();
- if (member.equals("hashCode"))
+ case "hashCode":
return hashCodeImpl();
- if (member.equals("annotationType"))
+ case "annotationType":
return type;
+ }
// Handle annotation member accessors
Object result = memberValues.get(member);
@@ -129,7 +137,7 @@
* Implementation of dynamicProxy.toString()
*/
private String toStringImpl() {
- StringBuffer result = new StringBuffer(128);
+ StringBuilder result = new StringBuilder(128);
result.append('@');
result.append(type.getName());
result.append('(');
@@ -277,6 +285,7 @@
new PrivilegedAction<Method[]>() {
public Method[] run() {
final Method[] mm = type.getDeclaredMethods();
+ validateAnnotationMethods(mm);
AccessibleObject.setAccessible(mm, true);
return mm;
}
@@ -287,6 +296,94 @@
private transient volatile Method[] memberMethods = null;
/**
+ * Validates that a method is structurally appropriate for an
+ * annotation type. As of Java SE 8, annotation types cannot
+ * contain static methods and the declared methods of an
+ * annotation type must take zero arguments and there are
+ * restrictions on the return type.
+ */
+ private void validateAnnotationMethods(Method[] memberMethods) {
+ /*
+ * Specification citations below are from JLS
+ * 9.6.1. Annotation Type Elements
+ */
+ boolean valid = true;
+ for(Method method : memberMethods) {
+ /*
+ * "By virtue of the AnnotationTypeElementDeclaration
+ * production, a method declaration in an annotation type
+ * declaration cannot have formal parameters, type
+ * parameters, or a throws clause.
+ *
+ * "By virtue of the AnnotationTypeElementModifier
+ * production, a method declaration in an annotation type
+ * declaration cannot be default or static."
+ */
+ if (method.getModifiers() != (Modifier.PUBLIC | Modifier.ABSTRACT) ||
+ method.isDefault() ||
+ method.getParameterCount() != 0 ||
+ method.getExceptionTypes().length != 0) {
+ valid = false;
+ break;
+ }
+
+ /*
+ * "It is a compile-time error if the return type of a
+ * method declared in an annotation type is not one of the
+ * following: a primitive type, String, Class, any
+ * parameterized invocation of Class, an enum type
+ * (section 8.9), an annotation type, or an array type
+ * (chapter 10) whose element type is one of the preceding
+ * types."
+ */
+ Class<?> returnType = method.getReturnType();
+ if (returnType.isArray()) {
+ returnType = returnType.getComponentType();
+ if (returnType.isArray()) { // Only single dimensional arrays
+ valid = false;
+ break;
+ }
+ }
+
+ if (!((returnType.isPrimitive() && returnType != void.class) ||
+ returnType == java.lang.String.class ||
+ returnType == java.lang.Class.class ||
+ returnType.isEnum() ||
+ returnType.isAnnotation())) {
+ valid = false;
+ break;
+ }
+
+ /*
+ * "It is a compile-time error if any method declared in an
+ * annotation type has a signature that is
+ * override-equivalent to that of any public or protected
+ * method declared in class Object or in the interface
+ * java.lang.annotation.Annotation."
+ *
+ * The methods in Object or Annotation meeting the other
+ * criteria (no arguments, contrained return type, etc.)
+ * above are:
+ *
+ * String toString()
+ * int hashCode()
+ * Class<? extends Annotation> annotationType()
+ */
+ String methodName = method.getName();
+ if ((methodName.equals("toString") && returnType == java.lang.String.class) ||
+ (methodName.equals("hashCode") && returnType == int.class) ||
+ (methodName.equals("annotationType") && returnType == java.lang.Class.class)) {
+ valid = false;
+ break;
+ }
+ }
+ if (valid)
+ return;
+ else
+ throw new AnnotationFormatError("Malformed method on an annotation type");
+ }
+
+ /**
* Implementation of dynamicProxy.hashCode()
*/
private int hashCodeImpl() {
@@ -330,7 +427,6 @@
throws java.io.IOException, ClassNotFoundException {
s.defaultReadObject();
-
// Check to make sure that types have not evolved incompatibly
AnnotationType annotationType = null;
@@ -343,7 +439,6 @@
Map<String, Class<?>> memberTypes = annotationType.memberTypes();
-
// If there are annotation members without values, that
// situation is handled by the invoke method.
for (Map.Entry<String, Object> memberValue : memberValues.entrySet()) {
diff --git a/src/share/classes/sun/security/provider/SecureRandom.java b/src/share/classes/sun/security/provider/SecureRandom.java
index b0da8c5..4f7d7c3 100644
--- a/src/share/classes/sun/security/provider/SecureRandom.java
+++ b/src/share/classes/sun/security/provider/SecureRandom.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2014, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -29,6 +29,7 @@
import java.security.MessageDigest;
import java.security.SecureRandomSpi;
import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
/**
* <p>This class provides a crytpographically strong pseudo-random number
@@ -94,9 +95,19 @@
*/
private void init(byte[] seed) {
try {
- digest = MessageDigest.getInstance("SHA");
- } catch (NoSuchAlgorithmException e) {
- throw new InternalError("internal error: SHA-1 not available.", e);
+ /*
+ * Use the local SUN implementation to avoid native
+ * performance overhead.
+ */
+ digest = MessageDigest.getInstance("SHA", "SUN");
+ } catch (NoSuchProviderException | NoSuchAlgorithmException e) {
+ // Fallback to any available.
+ try {
+ digest = MessageDigest.getInstance("SHA");
+ } catch (NoSuchAlgorithmException exc) {
+ throw new InternalError(
+ "internal error: SHA-1 not available.", exc);
+ }
}
if (seed != null) {
@@ -265,9 +276,19 @@
s.defaultReadObject ();
try {
- digest = MessageDigest.getInstance("SHA");
- } catch (NoSuchAlgorithmException e) {
- throw new InternalError("internal error: SHA-1 not available.", e);
+ /*
+ * Use the local SUN implementation to avoid native
+ * performance overhead.
+ */
+ digest = MessageDigest.getInstance("SHA", "SUN");
+ } catch (NoSuchProviderException | NoSuchAlgorithmException e) {
+ // Fallback to any available.
+ try {
+ digest = MessageDigest.getInstance("SHA");
+ } catch (NoSuchAlgorithmException exc) {
+ throw new InternalError(
+ "internal error: SHA-1 not available.", exc);
+ }
}
}
}
diff --git a/src/share/classes/sun/security/ssl/CipherSuite.java b/src/share/classes/sun/security/ssl/CipherSuite.java
index 528b369..7035171 100644
--- a/src/share/classes/sun/security/ssl/CipherSuite.java
+++ b/src/share/classes/sun/security/ssl/CipherSuite.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2002, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2002, 2014, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -968,7 +968,7 @@
* 1. Prefer Suite B compliant cipher suites, see RFC6460 (To be
* changed later, see below).
* 2. Prefer the stronger bulk cipher, in the order of AES_256(GCM),
- * AES_128(GCM), AES_256, AES_128, RC-4, 3DES-EDE.
+ * AES_128(GCM), AES_256, AES_128, 3DES-EDE, RC-4.
* 3. Prefer the stronger MAC algorithm, in the order of SHA384,
* SHA256, SHA, MD5.
* 4. Prefer the better performance of key exchange and digital
@@ -1055,18 +1055,6 @@
add("TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
0x0032, --p, K_DHE_DSS, B_AES_128, T);
- // RC-4
- add("TLS_ECDHE_ECDSA_WITH_RC4_128_SHA",
- 0xC007, --p, K_ECDHE_ECDSA, B_RC4_128, N);
- add("TLS_ECDHE_RSA_WITH_RC4_128_SHA",
- 0xC011, --p, K_ECDHE_RSA, B_RC4_128, N);
- add("SSL_RSA_WITH_RC4_128_SHA",
- 0x0005, --p, K_RSA, B_RC4_128, N);
- add("TLS_ECDH_ECDSA_WITH_RC4_128_SHA",
- 0xC002, --p, K_ECDH_ECDSA, B_RC4_128, N);
- add("TLS_ECDH_RSA_WITH_RC4_128_SHA",
- 0xC00C, --p, K_ECDH_RSA, B_RC4_128, N);
-
// Cipher suites in GCM mode, see RFC 5288/5289.
//
// We may increase the priority of cipher suites in GCM mode when
@@ -1127,6 +1115,17 @@
add("SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA",
0x0013, --p, K_DHE_DSS, B_3DES, N);
+ // RC-4
+ add("TLS_ECDHE_ECDSA_WITH_RC4_128_SHA",
+ 0xC007, --p, K_ECDHE_ECDSA, B_RC4_128, N);
+ add("TLS_ECDHE_RSA_WITH_RC4_128_SHA",
+ 0xC011, --p, K_ECDHE_RSA, B_RC4_128, N);
+ add("SSL_RSA_WITH_RC4_128_SHA",
+ 0x0005, --p, K_RSA, B_RC4_128, N);
+ add("TLS_ECDH_ECDSA_WITH_RC4_128_SHA",
+ 0xC002, --p, K_ECDH_ECDSA, B_RC4_128, N);
+ add("TLS_ECDH_RSA_WITH_RC4_128_SHA",
+ 0xC00C, --p, K_ECDH_RSA, B_RC4_128, N);
add("SSL_RSA_WITH_RC4_128_MD5",
0x0004, --p, K_RSA, B_RC4_128, N);
@@ -1146,7 +1145,7 @@
* 2. If a cipher suite has been obsoleted, we put it at the end of
* the list.
* 3. Prefer the stronger bulk cipher, in the order of AES_256,
- * AES_128, RC-4, 3DES-EDE, DES, RC4_40, DES40, NULL.
+ * AES_128, 3DES-EDE, RC-4, DES, DES40, RC4_40, NULL.
* 4. Prefer the stronger MAC algorithm, in the order of SHA384,
* SHA256, SHA, MD5.
* 5. Prefer the better performance of key exchange and digital
@@ -1174,15 +1173,40 @@
add("TLS_DH_anon_WITH_AES_128_CBC_SHA",
0x0034, --p, K_DH_ANON, B_AES_128, N);
+ add("TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA",
+ 0xC017, --p, K_ECDH_ANON, B_3DES, N);
+ add("SSL_DH_anon_WITH_3DES_EDE_CBC_SHA",
+ 0x001b, --p, K_DH_ANON, B_3DES, N);
+
add("TLS_ECDH_anon_WITH_RC4_128_SHA",
0xC016, --p, K_ECDH_ANON, B_RC4_128, N);
add("SSL_DH_anon_WITH_RC4_128_MD5",
0x0018, --p, K_DH_ANON, B_RC4_128, N);
- add("TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA",
- 0xC017, --p, K_ECDH_ANON, B_3DES, N);
- add("SSL_DH_anon_WITH_3DES_EDE_CBC_SHA",
- 0x001b, --p, K_DH_ANON, B_3DES, N);
+ // weak cipher suites obsoleted in TLS 1.2
+ add("SSL_RSA_WITH_DES_CBC_SHA",
+ 0x0009, --p, K_RSA, B_DES, N, tls12);
+ add("SSL_DHE_RSA_WITH_DES_CBC_SHA",
+ 0x0015, --p, K_DHE_RSA, B_DES, N, tls12);
+ add("SSL_DHE_DSS_WITH_DES_CBC_SHA",
+ 0x0012, --p, K_DHE_DSS, B_DES, N, tls12);
+ add("SSL_DH_anon_WITH_DES_CBC_SHA",
+ 0x001a, --p, K_DH_ANON, B_DES, N, tls12);
+
+ // weak cipher suites obsoleted in TLS 1.1
+ add("SSL_RSA_EXPORT_WITH_DES40_CBC_SHA",
+ 0x0008, --p, K_RSA_EXPORT, B_DES_40, N, tls11);
+ add("SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
+ 0x0014, --p, K_DHE_RSA, B_DES_40, N, tls11);
+ add("SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA",
+ 0x0011, --p, K_DHE_DSS, B_DES_40, N, tls11);
+ add("SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA",
+ 0x0019, --p, K_DH_ANON, B_DES_40, N, tls11);
+
+ add("SSL_RSA_EXPORT_WITH_RC4_40_MD5",
+ 0x0003, --p, K_RSA_EXPORT, B_RC4_40, N, tls11);
+ add("SSL_DH_anon_EXPORT_WITH_RC4_40_MD5",
+ 0x0017, --p, K_DH_ANON, B_RC4_40, N, tls11);
add("TLS_RSA_WITH_NULL_SHA256",
0x003b, --p, K_RSA, B_NULL, N, max, tls12, P_SHA256);
@@ -1201,52 +1225,27 @@
add("SSL_RSA_WITH_NULL_MD5",
0x0001, --p, K_RSA, B_NULL, N);
- // weak cipher suites obsoleted in TLS 1.2
- add("SSL_RSA_WITH_DES_CBC_SHA",
- 0x0009, --p, K_RSA, B_DES, N, tls12);
- add("SSL_DHE_RSA_WITH_DES_CBC_SHA",
- 0x0015, --p, K_DHE_RSA, B_DES, N, tls12);
- add("SSL_DHE_DSS_WITH_DES_CBC_SHA",
- 0x0012, --p, K_DHE_DSS, B_DES, N, tls12);
- add("SSL_DH_anon_WITH_DES_CBC_SHA",
- 0x001a, --p, K_DH_ANON, B_DES, N, tls12);
-
- // weak cipher suites obsoleted in TLS 1.1
- add("SSL_RSA_EXPORT_WITH_RC4_40_MD5",
- 0x0003, --p, K_RSA_EXPORT, B_RC4_40, N, tls11);
- add("SSL_DH_anon_EXPORT_WITH_RC4_40_MD5",
- 0x0017, --p, K_DH_ANON, B_RC4_40, N, tls11);
-
- add("SSL_RSA_EXPORT_WITH_DES40_CBC_SHA",
- 0x0008, --p, K_RSA_EXPORT, B_DES_40, N, tls11);
- add("SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
- 0x0014, --p, K_DHE_RSA, B_DES_40, N, tls11);
- add("SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA",
- 0x0011, --p, K_DHE_DSS, B_DES_40, N, tls11);
- add("SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA",
- 0x0019, --p, K_DH_ANON, B_DES_40, N, tls11);
-
// Supported Kerberos ciphersuites from RFC2712
- add("TLS_KRB5_WITH_RC4_128_SHA",
- 0x0020, --p, K_KRB5, B_RC4_128, N);
- add("TLS_KRB5_WITH_RC4_128_MD5",
- 0x0024, --p, K_KRB5, B_RC4_128, N);
add("TLS_KRB5_WITH_3DES_EDE_CBC_SHA",
0x001f, --p, K_KRB5, B_3DES, N);
add("TLS_KRB5_WITH_3DES_EDE_CBC_MD5",
0x0023, --p, K_KRB5, B_3DES, N);
+ add("TLS_KRB5_WITH_RC4_128_SHA",
+ 0x0020, --p, K_KRB5, B_RC4_128, N);
+ add("TLS_KRB5_WITH_RC4_128_MD5",
+ 0x0024, --p, K_KRB5, B_RC4_128, N);
add("TLS_KRB5_WITH_DES_CBC_SHA",
0x001e, --p, K_KRB5, B_DES, N, tls12);
add("TLS_KRB5_WITH_DES_CBC_MD5",
0x0022, --p, K_KRB5, B_DES, N, tls12);
- add("TLS_KRB5_EXPORT_WITH_RC4_40_SHA",
- 0x0028, --p, K_KRB5_EXPORT, B_RC4_40, N, tls11);
- add("TLS_KRB5_EXPORT_WITH_RC4_40_MD5",
- 0x002b, --p, K_KRB5_EXPORT, B_RC4_40, N, tls11);
add("TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA",
0x0026, --p, K_KRB5_EXPORT, B_DES_40, N, tls11);
add("TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5",
0x0029, --p, K_KRB5_EXPORT, B_DES_40, N, tls11);
+ add("TLS_KRB5_EXPORT_WITH_RC4_40_SHA",
+ 0x0028, --p, K_KRB5_EXPORT, B_RC4_40, N, tls11);
+ add("TLS_KRB5_EXPORT_WITH_RC4_40_MD5",
+ 0x002b, --p, K_KRB5_EXPORT, B_RC4_40, N, tls11);
/*
* Other values from the TLS Cipher Suite Registry, as of August 2010.
diff --git a/src/share/classes/sun/security/ssl/ClientHandshaker.java b/src/share/classes/sun/security/ssl/ClientHandshaker.java
index 5c3abbc..5108528 100644
--- a/src/share/classes/sun/security/ssl/ClientHandshaker.java
+++ b/src/share/classes/sun/security/ssl/ClientHandshaker.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2014, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -36,6 +36,8 @@
import java.security.cert.X509Certificate;
import java.security.cert.CertificateException;
+import java.security.cert.CertificateParsingException;
+import javax.security.auth.x500.X500Principal;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
@@ -89,12 +91,66 @@
private final static boolean enableSNIExtension =
Debug.getBooleanProperty("jsse.enableSNIExtension", true);
+ /*
+ * Allow unsafe server certificate change?
+ *
+ * Server certificate change during SSL/TLS renegotiation may be considered
+ * unsafe, as described in the Triple Handshake attacks:
+ *
+ * https://secure-resumption.com/tlsauth.pdf
+ *
+ * Endpoint identification (See
+ * SSLParameters.getEndpointIdentificationAlgorithm()) is a pretty nice
+ * guarantee that the server certificate change in renegotiation is legal.
+ * However, endpoing identification is only enabled for HTTPS and LDAP
+ * over SSL/TLS by default. It is not enough to protect SSL/TLS
+ * connections other than HTTPS and LDAP.
+ *
+ * The renegotiation indication extension (See RFC 5764) is a pretty
+ * strong guarantee that the endpoints on both client and server sides
+ * are identical on the same connection. However, the Triple Handshake
+ * attacks can bypass this guarantee if there is a session-resumption
+ * handshake between the initial full handshake and the renegotiation
+ * full handshake.
+ *
+ * Server certificate change may be unsafe and should be restricted if
+ * endpoint identification is not enabled and the previous handshake is
+ * a session-resumption abbreviated initial handshake, unless the
+ * identities represented by both certificates can be regraded as the
+ * same (See isIdentityEquivalent()).
+ *
+ * Considering the compatibility impact and the actual requirements to
+ * support server certificate change in practice, the system property,
+ * jdk.tls.allowUnsafeServerCertChange, is used to define whether unsafe
+ * server certificate change in renegotiation is allowed or not. The
+ * default value of the system property is "false". To mitigate the
+ * compactibility impact, applications may want to set the system
+ * property to "true" at their own risk.
+ *
+ * If the value of the system property is "false", server certificate
+ * change in renegotiation after a session-resumption abbreviated initial
+ * handshake is restricted (See isIdentityEquivalent()).
+ *
+ * If the system property is set to "true" explicitly, the restriction on
+ * server certificate change in renegotiation is disabled.
+ */
+ private final static boolean allowUnsafeServerCertChange =
+ Debug.getBooleanProperty("jdk.tls.allowUnsafeServerCertChange", false);
+
private List<SNIServerName> requestedServerNames =
Collections.<SNIServerName>emptyList();
private boolean serverNamesAccepted = false;
/*
+ * the reserved server certificate chain in previous handshaking
+ *
+ * The server certificate chain is only reserved if the previous
+ * handshake is a session-resumption abbreviated initial handshake.
+ */
+ private X509Certificate[] reservedServerCerts = null;
+
+ /*
* Constructors
*/
ClientHandshaker(SSLSocketImpl socket, SSLContextImpl context,
@@ -555,14 +611,19 @@
// we wanted to resume, but the server refused
session = null;
if (!enableNewSession) {
- throw new SSLException
- ("New session creation is disabled");
+ throw new SSLException("New session creation is disabled");
}
}
}
if (resumingSession && session != null) {
setHandshakeSessionSE(session);
+ // Reserve the handshake state if this is a session-resumption
+ // abbreviated initial handshake.
+ if (isInitialHandshake) {
+ session.setAsSessionResumption(true);
+ }
+
return;
}
@@ -1064,6 +1125,13 @@
}
/*
+ * Reset the handshake state if this is not an initial handshake.
+ */
+ if (!isInitialHandshake) {
+ session.setAsSessionResumption(false);
+ }
+
+ /*
* OK, it verified. If we're doing the fast handshake, add that
* "Finished" message to the hash of handshake messages, then send
* our own change_cipher_spec and Finished message for the server
@@ -1161,8 +1229,23 @@
System.out.println("%% No cached client session");
}
}
- if ((session != null) && (session.isRejoinable() == false)) {
- session = null;
+ if (session != null) {
+ // If unsafe server certificate change is not allowed, reserve
+ // current server certificates if the previous handshake is a
+ // session-resumption abbreviated initial handshake.
+ if (!allowUnsafeServerCertChange && session.isSessionResumption()) {
+ try {
+ // If existing, peer certificate chain cannot be null.
+ reservedServerCerts =
+ (X509Certificate[])session.getPeerCertificates();
+ } catch (SSLPeerUnverifiedException puve) {
+ // Maybe not certificate-based, ignore the exception.
+ }
+ }
+
+ if (!session.isRejoinable()) {
+ session = null;
+ }
}
if (session != null) {
@@ -1331,9 +1414,28 @@
}
X509Certificate[] peerCerts = mesg.getCertificateChain();
if (peerCerts.length == 0) {
- fatalSE(Alerts.alert_bad_certificate,
- "empty certificate chain");
+ fatalSE(Alerts.alert_bad_certificate, "empty certificate chain");
}
+
+ // Allow server certificate change in client side during renegotiation
+ // after a session-resumption abbreviated initial handshake?
+ //
+ // DO NOT need to check allowUnsafeServerCertChange here. We only
+ // reserve server certificates when allowUnsafeServerCertChange is
+ // flase.
+ if (reservedServerCerts != null) {
+ // It is not necessary to check the certificate update if endpoint
+ // identification is enabled.
+ String identityAlg = getEndpointIdentificationAlgorithmSE();
+ if ((identityAlg == null || identityAlg.length() == 0) &&
+ !isIdentityEquivalent(peerCerts[0], reservedServerCerts[0])) {
+
+ fatalSE(Alerts.alert_bad_certificate,
+ "server certificate change is restricted " +
+ "during renegotiation");
+ }
+ }
+
// ask the trust manager to verify the chain
X509TrustManager tm = sslContext.getX509TrustManager();
try {
@@ -1370,4 +1472,81 @@
}
session.setPeerCertificates(peerCerts);
}
+
+ /*
+ * Whether the certificates can represent the same identity?
+ *
+ * The certificates can be used to represent the same identity:
+ * 1. If the subject alternative names of IP address are present in
+ * both certificates, they should be identical; otherwise,
+ * 2. if the subject alternative names of DNS name are present in
+ * both certificates, they should be identical; otherwise,
+ * 3. if the subject fields are present in both certificates, the
+ * certificate subjects and issuers should be identical.
+ */
+ private static boolean isIdentityEquivalent(X509Certificate thisCert,
+ X509Certificate prevCert) {
+ if (thisCert.equals(prevCert)) {
+ return true;
+ }
+
+ // check the iPAddress field in subjectAltName extension
+ Object thisIPAddress = getSubjectAltName(thisCert, 7); // 7: iPAddress
+ Object prevIPAddress = getSubjectAltName(prevCert, 7);
+ if (thisIPAddress != null && prevIPAddress!= null) {
+ // only allow the exactly match
+ return Objects.equals(thisIPAddress, prevIPAddress);
+ }
+
+ // check the dNSName field in subjectAltName extension
+ Object thisDNSName = getSubjectAltName(thisCert, 2); // 2: dNSName
+ Object prevDNSName = getSubjectAltName(prevCert, 2);
+ if (thisDNSName != null && prevDNSName!= null) {
+ // only allow the exactly match
+ return Objects.equals(thisDNSName, prevDNSName);
+ }
+
+ // check the certificate subject and issuer
+ X500Principal thisSubject = thisCert.getSubjectX500Principal();
+ X500Principal prevSubject = prevCert.getSubjectX500Principal();
+ X500Principal thisIssuer = thisCert.getIssuerX500Principal();
+ X500Principal prevIssuer = prevCert.getIssuerX500Principal();
+ if (!thisSubject.getName().isEmpty() &&
+ !prevSubject.getName().isEmpty() &&
+ thisSubject.equals(prevSubject) &&
+ thisIssuer.equals(prevIssuer)) {
+ return true;
+ }
+
+ return false;
+ }
+
+ /*
+ * Returns the subject alternative name of the specified type in the
+ * subjectAltNames extension of a certificate.
+ */
+ private static Object getSubjectAltName(X509Certificate cert, int type) {
+ Collection<List<?>> subjectAltNames;
+
+ try {
+ subjectAltNames = cert.getSubjectAlternativeNames();
+ } catch (CertificateParsingException cpe) {
+ if (debug != null && Debug.isOn("handshake")) {
+ System.out.println(
+ "Attempt to obtain subjectAltNames extension failed!");
+ }
+ return null;
+ }
+
+ if (subjectAltNames != null) {
+ for (List<?> subjectAltName : subjectAltNames) {
+ int subjectAltNameType = (Integer)subjectAltName.get(0);
+ if (subjectAltNameType == type) {
+ return subjectAltName.get(1);
+ }
+ }
+ }
+
+ return null;
+ }
}
diff --git a/src/share/classes/sun/security/ssl/Handshaker.java b/src/share/classes/sun/security/ssl/Handshaker.java
index 9fea3fa..ba65d96 100644
--- a/src/share/classes/sun/security/ssl/Handshaker.java
+++ b/src/share/classes/sun/security/ssl/Handshaker.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2014, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -359,6 +359,17 @@
}
}
+ String getEndpointIdentificationAlgorithmSE() {
+ SSLParameters paras;
+ if (conn != null) {
+ paras = conn.getSSLParameters();
+ } else {
+ paras = engine.getSSLParameters();
+ }
+
+ return paras.getEndpointIdentificationAlgorithm();
+ }
+
private void setVersionSE(ProtocolVersion protocolVersion) {
if (conn != null) {
conn.setVersion(protocolVersion);
diff --git a/src/share/classes/sun/security/ssl/SSLSessionImpl.java b/src/share/classes/sun/security/ssl/SSLSessionImpl.java
index 6cb4170..b5f304b 100644
--- a/src/share/classes/sun/security/ssl/SSLSessionImpl.java
+++ b/src/share/classes/sun/security/ssl/SSLSessionImpl.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2014, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -115,6 +115,14 @@
private Principal localPrincipal;
/*
+ * Is the session currently re-established with a session-resumption
+ * abbreviated initial handshake?
+ *
+ * Note that currently we only set this variable in client side.
+ */
+ private boolean isSessionResumption = false;
+
+ /*
* We count session creations, eventually for statistical data but
* also since counters make shorter debugging IDs than the big ones
* we use in the protocol for uniqueness-over-time.
@@ -325,6 +333,22 @@
}
/**
+ * Return true if the session is currently re-established with a
+ * session-resumption abbreviated initial handshake.
+ */
+ boolean isSessionResumption() {
+ return isSessionResumption;
+ }
+
+ /**
+ * Resets whether the session is re-established with a session-resumption
+ * abbreviated initial handshake.
+ */
+ void setAsSessionResumption(boolean flag) {
+ isSessionResumption = flag;
+ }
+
+ /**
* Returns the name of the cipher suite in use on this session
*/
@Override
diff --git a/src/share/classes/sun/tools/jconsole/resources/messages_ja.properties b/src/share/classes/sun/tools/jconsole/resources/messages_ja.properties
index 05f8b1b..a09ee8b 100644
--- a/src/share/classes/sun/tools/jconsole/resources/messages_ja.properties
+++ b/src/share/classes/sun/tools/jconsole/resources/messages_ja.properties
@@ -103,7 +103,7 @@
HELP_ABOUT_DIALOG_JAVA_VERSION=Java VM\u30D0\u30FC\u30B8\u30E7\u30F3:<br>{0}
HELP_ABOUT_DIALOG_MASTHEAD_ACCESSIBLE_NAME=\u30DE\u30B9\u30C8\u30D8\u30C3\u30C9\u56F3\u5F62
HELP_ABOUT_DIALOG_MASTHEAD_TITLE=JConsole\u306B\u3064\u3044\u3066
-HELP_ABOUT_DIALOG_TITLE=JConsole: \u8A73\u7D30
+HELP_ABOUT_DIALOG_TITLE=JConsole: \u60C5\u5831
HELP_ABOUT_DIALOG_USER_GUIDE_LINK_URL=http://docs.oracle.com/javase/{0}/docs/technotes/guides/management/jconsole.html
HELP_MENU_ABOUT_TITLE=JConsole\u306B\u3064\u3044\u3066(&A)
HELP_MENU_USER_GUIDE_TITLE=\u30AA\u30F3\u30E9\u30A4\u30F3\u30FB\u30E6\u30FC\u30B6\u30FC\u30FB\u30AC\u30A4\u30C9(&U)
diff --git a/src/share/classes/sun/util/locale/BaseLocale.java b/src/share/classes/sun/util/locale/BaseLocale.java
index 6eee582..e0e9ed0 100644
--- a/src/share/classes/sun/util/locale/BaseLocale.java
+++ b/src/share/classes/sun/util/locale/BaseLocale.java
@@ -31,6 +31,7 @@
*/
package sun.util.locale;
+import java.lang.ref.SoftReference;
public final class BaseLocale {
@@ -163,11 +164,11 @@
return h;
}
- private static final class Key implements Comparable<Key> {
- private final String lang;
- private final String scrt;
- private final String regn;
- private final String vart;
+ private static final class Key {
+ private final SoftReference<String> lang;
+ private final SoftReference<String> scrt;
+ private final SoftReference<String> regn;
+ private final SoftReference<String> vart;
private final boolean normalized;
private final int hash;
@@ -179,10 +180,10 @@
assert language.intern() == language
&& region.intern() == region;
- lang = language;
- scrt = "";
- regn = region;
- vart = "";
+ lang = new SoftReference(language);
+ scrt = new SoftReference("");
+ regn = new SoftReference(region);
+ vart = new SoftReference("");
this.normalized = true;
int h = language.hashCode();
@@ -203,40 +204,40 @@
String variant, boolean normalized) {
int h = 0;
if (language != null) {
- lang = language;
+ lang = new SoftReference(language);
int len = language.length();
for (int i = 0; i < len; i++) {
h = 31*h + LocaleUtils.toLower(language.charAt(i));
}
} else {
- lang = "";
+ lang = new SoftReference("");
}
if (script != null) {
- scrt = script;
+ scrt = new SoftReference(script);
int len = script.length();
for (int i = 0; i < len; i++) {
h = 31*h + LocaleUtils.toLower(script.charAt(i));
}
} else {
- scrt = "";
+ scrt = new SoftReference("");
}
if (region != null) {
- regn = region;
+ regn = new SoftReference(region);
int len = region.length();
for (int i = 0; i < len; i++) {
h = 31*h + LocaleUtils.toLower(region.charAt(i));
}
} else {
- regn = "";
+ regn = new SoftReference("");
}
if (variant != null) {
- vart = variant;
+ vart = new SoftReference(variant);
int len = variant.length();
for (int i = 0; i < len; i++) {
h = 31*h + variant.charAt(i);
}
} else {
- vart = "";
+ vart = new SoftReference("");
}
hash = h;
this.normalized = normalized;
@@ -244,28 +245,31 @@
@Override
public boolean equals(Object obj) {
- return (this == obj) ||
- (obj instanceof Key)
- && this.hash == ((Key)obj).hash
- && LocaleUtils.caseIgnoreMatch(((Key)obj).lang, this.lang)
- && LocaleUtils.caseIgnoreMatch(((Key)obj).scrt, this.scrt)
- && LocaleUtils.caseIgnoreMatch(((Key)obj).regn, this.regn)
- && ((Key)obj).vart.equals(vart); // variant is case sensitive in JDK!
+ if (this == obj) {
+ return true;
}
- @Override
- public int compareTo(Key other) {
- int res = LocaleUtils.caseIgnoreCompare(this.lang, other.lang);
- if (res == 0) {
- res = LocaleUtils.caseIgnoreCompare(this.scrt, other.scrt);
- if (res == 0) {
- res = LocaleUtils.caseIgnoreCompare(this.regn, other.regn);
- if (res == 0) {
- res = this.vart.compareTo(other.vart);
+ if (obj instanceof Key && this.hash == ((Key)obj).hash) {
+ String tl = this.lang.get();
+ String ol = ((Key)obj).lang.get();
+ if (tl != null && ol != null &&
+ LocaleUtils.caseIgnoreMatch(ol, tl)) {
+ String ts = this.scrt.get();
+ String os = ((Key)obj).scrt.get();
+ if (ts != null && os != null &&
+ LocaleUtils.caseIgnoreMatch(os, ts)) {
+ String tr = this.regn.get();
+ String or = ((Key)obj).regn.get();
+ if (tr != null && or != null &&
+ LocaleUtils.caseIgnoreMatch(or, tr)) {
+ String tv = this.vart.get();
+ String ov = ((Key)obj).vart.get();
+ return (ov != null && ov.equals(tv));
}
}
}
- return res;
+ }
+ return false;
}
@Override
@@ -278,10 +282,10 @@
return key;
}
- String lang = LocaleUtils.toLowerString(key.lang).intern();
- String scrt = LocaleUtils.toTitleString(key.scrt).intern();
- String regn = LocaleUtils.toUpperString(key.regn).intern();
- String vart = key.vart.intern(); // preserve upper/lower cases
+ String lang = LocaleUtils.toLowerString(key.lang.get()).intern();
+ String scrt = LocaleUtils.toTitleString(key.scrt.get()).intern();
+ String regn = LocaleUtils.toUpperString(key.regn.get()).intern();
+ String vart = key.vart.get().intern(); // preserve upper/lower cases
return new Key(lang, scrt, regn, vart, true);
}
@@ -294,12 +298,18 @@
@Override
protected Key normalizeKey(Key key) {
+ assert key.lang.get() != null &&
+ key.scrt.get() != null &&
+ key.regn.get() != null &&
+ key.vart.get() != null;
+
return Key.normalize(key);
}
@Override
protected BaseLocale createObject(Key key) {
- return new BaseLocale(key.lang, key.scrt, key.regn, key.vart);
+ return new BaseLocale(key.lang.get(), key.scrt.get(),
+ key.regn.get(), key.vart.get());
}
}
}
diff --git a/src/share/classes/sun/util/locale/LocaleObjectCache.java b/src/share/classes/sun/util/locale/LocaleObjectCache.java
index 88920aa..eae1480 100644
--- a/src/share/classes/sun/util/locale/LocaleObjectCache.java
+++ b/src/share/classes/sun/util/locale/LocaleObjectCache.java
@@ -57,8 +57,10 @@
value = entry.get();
}
if (value == null) {
- key = normalizeKey(key);
V newVal = createObject(key);
+ // make sure key is normalized *after* the object creation
+ // so that newVal is assured to be created from a valid key.
+ key = normalizeKey(key);
if (key == null || newVal == null) {
// subclass must return non-null key/value object
return null;
diff --git a/src/share/javavm/export/jvm.h b/src/share/javavm/export/jvm.h
index 2bef081..2d67c13 100644
--- a/src/share/javavm/export/jvm.h
+++ b/src/share/javavm/export/jvm.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -386,6 +386,19 @@
JVM_FindClassFromBootLoader(JNIEnv *env, const char *name);
/*
+ * Find a class from a given class loader. Throws ClassNotFoundException.
+ * name: name of class
+ * init: whether initialization is done
+ * loader: class loader to look up the class. This may not be the same as the caller's
+ * class loader.
+ * caller: initiating class. The initiating class may be null when a security
+ * manager is not installed.
+ */
+JNIEXPORT jclass JNICALL
+JVM_FindClassFromCaller(JNIEnv *env, const char *name, jboolean init,
+ jobject loader, jclass caller);
+
+/*
* Find a class from a given class loader. Throw ClassNotFoundException
* or NoClassDefFoundError depending on the value of the last
* argument.
diff --git a/src/share/native/java/lang/Class.c b/src/share/native/java/lang/Class.c
index b0ba343..2f5e6b5 100644
--- a/src/share/native/java/lang/Class.c
+++ b/src/share/native/java/lang/Class.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1994, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1994, 2014, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -97,7 +97,7 @@
JNIEXPORT jclass JNICALL
Java_java_lang_Class_forName0(JNIEnv *env, jclass this, jstring classname,
- jboolean initialize, jobject loader)
+ jboolean initialize, jobject loader, jclass caller)
{
char *clname;
jclass cls = 0;
@@ -135,8 +135,7 @@
goto done;
}
- cls = JVM_FindClassFromClassLoader(env, clname, initialize,
- loader, JNI_FALSE);
+ cls = JVM_FindClassFromCaller(env, clname, initialize, loader, caller);
done:
if (clname != buf) {
diff --git a/src/share/native/java/util/zip/CRC32.c b/src/share/native/java/util/zip/CRC32.c
index e9185b5..b03b2b9 100644
--- a/src/share/native/java/util/zip/CRC32.c
+++ b/src/share/native/java/util/zip/CRC32.c
@@ -54,7 +54,8 @@
return crc;
}
-JNIEXPORT jint ZIP_CRC32(jint crc, const jbyte *buf, jint len)
+JNIEXPORT jint JNICALL
+ZIP_CRC32(jint crc, const jbyte *buf, jint len)
{
return crc32(crc, (Bytef*)buf, len);
}
diff --git a/src/share/native/java/util/zip/ZipFile.c b/src/share/native/java/util/zip/ZipFile.c
index e2916c2..7b34f66 100644
--- a/src/share/native/java/util/zip/ZipFile.c
+++ b/src/share/native/java/util/zip/ZipFile.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2014, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -172,11 +172,7 @@
}
(*env)->GetByteArrayRegion(env, name, 0, ulen, (jbyte *)path);
path[ulen] = '\0';
- if (addSlash == JNI_FALSE) {
- ze = ZIP_GetEntry(zip, path, 0);
- } else {
- ze = ZIP_GetEntry(zip, path, (jint)ulen);
- }
+ ze = ZIP_GetEntry2(zip, path, (jint)ulen, addSlash);
if (path != buf) {
free(path);
}
@@ -269,7 +265,7 @@
switch (type) {
case java_util_zip_ZipFile_JZENTRY_NAME:
if (ze->name != 0) {
- len = (int)strlen(ze->name);
+ len = (int)ze->nlen;
if (len == 0 || (jba = (*env)->NewByteArray(env, len)) == NULL)
break;
(*env)->SetByteArrayRegion(env, jba, 0, len, (jbyte *)ze->name);
diff --git a/src/share/native/java/util/zip/zip_util.c b/src/share/native/java/util/zip/zip_util.c
index a072e66..b172cde 100644
--- a/src/share/native/java/util/zip/zip_util.c
+++ b/src/share/native/java/util/zip/zip_util.c
@@ -1021,6 +1021,7 @@
if ((ze->name = malloc(nlen + 1)) == NULL) goto Catch;
memcpy(ze->name, cen + CENHDR, nlen);
ze->name[nlen] = '\0';
+ ze->nlen = nlen;
if (elen > 0) {
char *extra = cen + CENHDR + nlen;
@@ -1118,7 +1119,34 @@
jzentry *
ZIP_GetEntry(jzfile *zip, char *name, jint ulen)
{
- unsigned int hsh = hash(name);
+ if (ulen == 0) {
+ return ZIP_GetEntry2(zip, name, strlen(name), JNI_FALSE);
+ }
+ return ZIP_GetEntry2(zip, name, ulen, JNI_TRUE);
+}
+
+jboolean equals(char* name1, int len1, char* name2, int len2) {
+ if (len1 != len2) {
+ return JNI_FALSE;
+ }
+ while (len1-- > 0) {
+ if (*name1++ != *name2++) {
+ return JNI_FALSE;
+ }
+ }
+ return JNI_TRUE;
+}
+
+/*
+ * Returns the zip entry corresponding to the specified name, or
+ * NULL if not found.
+ * This method supports embedded null character in "name", use ulen
+ * for the length of "name".
+ */
+jzentry *
+ZIP_GetEntry2(jzfile *zip, char *name, jint ulen, jboolean addSlash)
+{
+ unsigned int hsh = hashN(name, ulen);
jint idx;
jzentry *ze = 0;
@@ -1139,7 +1167,7 @@
/* Check the cached entry first */
ze = zip->cache;
- if (ze && strcmp(ze->name,name) == 0) {
+ if (ze && equals(ze->name, ze->nlen, name, ulen)) {
/* Cache hit! Remove and return the cached entry. */
zip->cache = 0;
ZIP_Unlock(zip);
@@ -1165,7 +1193,7 @@
* we keep searching.
*/
ze = newEntry(zip, zc, ACCESS_RANDOM);
- if (ze && strcmp(ze->name, name)==0) {
+ if (ze && equals(ze->name, ze->nlen, name, ulen)) {
break;
}
if (ze != 0) {
@@ -1184,8 +1212,8 @@
break;
}
- /* If no real length was passed in, we are done */
- if (ulen == 0) {
+ /* If no need to try appending slash, we are done */
+ if (!addSlash) {
break;
}
@@ -1195,11 +1223,11 @@
}
/* Add slash and try once more */
- name[ulen] = '/';
- name[ulen+1] = '\0';
+ name[ulen++] = '/';
+ name[ulen] = '\0';
hsh = hash_append(hsh, '/');
idx = zip->table[hsh % zip->tablelen];
- ulen = 0;
+ addSlash = JNI_FALSE;
}
Finally:
diff --git a/src/share/native/java/util/zip/zip_util.h b/src/share/native/java/util/zip/zip_util.h
index a4aaf83..a64668c 100644
--- a/src/share/native/java/util/zip/zip_util.h
+++ b/src/share/native/java/util/zip/zip_util.h
@@ -154,6 +154,7 @@
* - If pos <= 0 then it is the position of entry LOC header.
* If pos > 0 then it is the position of entry data.
* pos should not be accessed directly, but only by ZIP_GetEntryDataOffset.
+ * - entry name may include embedded null character, use nlen for length
*/
typedef struct jzentry { /* Zip file entry */
@@ -166,6 +167,7 @@
jbyte *extra; /* optional extra data */
jlong pos; /* position of LOC header or entry data */
jint flag; /* general purpose flag */
+ jint nlen; /* length of the entry name */
} jzentry;
/*
@@ -269,5 +271,5 @@
jint ZIP_Read(jzfile *zip, jzentry *entry, jlong pos, void *buf, jint len);
void ZIP_FreeEntry(jzfile *zip, jzentry *ze);
jlong ZIP_GetEntryDataOffset(jzfile *zip, jzentry *entry);
-
+jzentry * ZIP_GetEntry2(jzfile *zip, char *name, jint ulen, jboolean addSlash);
#endif /* !_ZIP_H_ */
diff --git a/src/share/native/sun/font/layout/ContextualSubstSubtables.cpp b/src/share/native/sun/font/layout/ContextualSubstSubtables.cpp
index 3707efd..e985b81 100644
--- a/src/share/native/sun/font/layout/ContextualSubstSubtables.cpp
+++ b/src/share/native/sun/font/layout/ContextualSubstSubtables.cpp
@@ -243,12 +243,22 @@
le_uint16 srSetCount = SWAPW(subRuleSetCount);
if (coverageIndex < srSetCount) {
+ LEReferenceToArrayOf<Offset> subRuleSetTableOffsetArrayRef(base, success,
+ &subRuleSetTableOffsetArray[coverageIndex], 1);
+ if (LE_FAILURE(success)) {
+ return 0;
+ }
Offset subRuleSetTableOffset = SWAPW(subRuleSetTableOffsetArray[coverageIndex]);
LEReferenceTo<SubRuleSetTable>
subRuleSetTable(base, success, (const SubRuleSetTable *) ((char *) this + subRuleSetTableOffset));
le_uint16 subRuleCount = SWAPW(subRuleSetTable->subRuleCount);
le_int32 position = glyphIterator->getCurrStreamPosition();
+ LEReferenceToArrayOf<Offset> subRuleTableOffsetArrayRef(base, success,
+ subRuleSetTable->subRuleTableOffsetArray, subRuleCount);
+ if (LE_FAILURE(success)) {
+ return 0;
+ }
for (le_uint16 subRule = 0; subRule < subRuleCount; subRule += 1) {
Offset subRuleTableOffset =
SWAPW(subRuleSetTable->subRuleTableOffsetArray[subRule]);
@@ -301,13 +311,22 @@
glyphIterator->getCurrGlyphID(),
success);
- if (setClass < scSetCount && subClassSetTableOffsetArray[setClass] != 0) {
+ if (setClass < scSetCount) {
+ LEReferenceToArrayOf<Offset>
+ subClassSetTableOffsetArrayRef(base, success, subClassSetTableOffsetArray, setClass);
+ if (LE_FAILURE(success)) { return 0; }
+ if (subClassSetTableOffsetArray[setClass] != 0) {
+
Offset subClassSetTableOffset = SWAPW(subClassSetTableOffsetArray[setClass]);
LEReferenceTo<SubClassSetTable>
subClassSetTable(base, success, (const SubClassSetTable *) ((char *) this + subClassSetTableOffset));
le_uint16 subClassRuleCount = SWAPW(subClassSetTable->subClassRuleCount);
le_int32 position = glyphIterator->getCurrStreamPosition();
-
+ LEReferenceToArrayOf<Offset>
+ subClassRuleTableOffsetArrayRef(base, success, subClassSetTable->subClassRuleTableOffsetArray, subClassRuleCount);
+ if (LE_FAILURE(success)) {
+ return 0;
+ }
for (le_uint16 scRule = 0; scRule < subClassRuleCount; scRule += 1) {
Offset subClassRuleTableOffset =
SWAPW(subClassSetTable->subClassRuleTableOffsetArray[scRule]);
@@ -331,6 +350,7 @@
glyphIterator->setCurrStreamPosition(position);
}
}
+ }
// XXX If we get here, the table is mal-formed...
}
@@ -442,13 +462,22 @@
le_uint16 srSetCount = SWAPW(chainSubRuleSetCount);
if (coverageIndex < srSetCount) {
+ LEReferenceToArrayOf<Offset>
+ chainSubRuleSetTableOffsetArrayRef(base, success, chainSubRuleSetTableOffsetArray, coverageIndex);
+ if (LE_FAILURE(success)) {
+ return 0;
+ }
Offset chainSubRuleSetTableOffset = SWAPW(chainSubRuleSetTableOffsetArray[coverageIndex]);
LEReferenceTo<ChainSubRuleSetTable>
chainSubRuleSetTable(base, success, (const ChainSubRuleSetTable *) ((char *) this + chainSubRuleSetTableOffset));
le_uint16 chainSubRuleCount = SWAPW(chainSubRuleSetTable->chainSubRuleCount);
le_int32 position = glyphIterator->getCurrStreamPosition();
GlyphIterator tempIterator(*glyphIterator, emptyFeatureList);
-
+ LEReferenceToArrayOf<Offset>
+ chainSubRuleTableOffsetArrayRef(base, success, chainSubRuleSetTable->chainSubRuleTableOffsetArray, chainSubRuleCount);
+ if (LE_FAILURE(success)) {
+ return 0;
+ }
for (le_uint16 subRule = 0; subRule < chainSubRuleCount; subRule += 1) {
Offset chainSubRuleTableOffset =
SWAPW(chainSubRuleSetTable->chainSubRuleTableOffsetArray[subRule]);
@@ -530,6 +559,11 @@
le_int32 setClass = inputClassDefinitionTable->getGlyphClass(inputClassDefinitionTable,
glyphIterator->getCurrGlyphID(),
success);
+ LEReferenceToArrayOf<Offset>
+ chainSubClassSetTableOffsetArrayRef(base, success, chainSubClassSetTableOffsetArray, setClass);
+ if (LE_FAILURE(success)) {
+ return 0;
+ }
if (setClass < scSetCount && chainSubClassSetTableOffsetArray[setClass] != 0) {
Offset chainSubClassSetTableOffset = SWAPW(chainSubClassSetTableOffsetArray[setClass]);
@@ -538,7 +572,11 @@
le_uint16 chainSubClassRuleCount = SWAPW(chainSubClassSetTable->chainSubClassRuleCount);
le_int32 position = glyphIterator->getCurrStreamPosition();
GlyphIterator tempIterator(*glyphIterator, emptyFeatureList);
-
+ LEReferenceToArrayOf<Offset>
+ chainSubClassRuleTableOffsetArrayRef(base, success, chainSubClassSetTable->chainSubClassRuleTableOffsetArray, chainSubClassRuleCount);
+ if (LE_FAILURE(success)) {
+ return 0;
+ }
for (le_uint16 scRule = 0; scRule < chainSubClassRuleCount; scRule += 1) {
Offset chainSubClassRuleTableOffset =
SWAPW(chainSubClassSetTable->chainSubClassRuleTableOffsetArray[scRule]);
@@ -603,12 +641,14 @@
}
le_uint16 backtrkGlyphCount = SWAPW(backtrackGlyphCount);
+ LEReferenceToArrayOf<Offset> backtrackGlyphArrayRef(base, success, backtrackCoverageTableOffsetArray, backtrkGlyphCount);
+ if (LE_FAILURE(success)) {
+ return 0;
+ }
le_uint16 inputGlyphCount = (le_uint16) SWAPW(backtrackCoverageTableOffsetArray[backtrkGlyphCount]);
LEReferenceToArrayOf<Offset> inputCoverageTableOffsetArray(base, success, &backtrackCoverageTableOffsetArray[backtrkGlyphCount + 1], inputGlyphCount+2); // offset
if (LE_FAILURE(success)) { return 0; }
const le_uint16 lookaheadGlyphCount = (le_uint16) SWAPW(inputCoverageTableOffsetArray[inputGlyphCount]);
-
- if( LE_FAILURE(success)) { return 0; }
LEReferenceToArrayOf<Offset> lookaheadCoverageTableOffsetArray(base, success, inputCoverageTableOffsetArray.getAlias(inputGlyphCount + 1, success), lookaheadGlyphCount+2);
if( LE_FAILURE(success) ) { return 0; }
diff --git a/src/solaris/classes/sun/awt/X11/XTextAreaPeer.java b/src/solaris/classes/sun/awt/X11/XTextAreaPeer.java
index 7c7b2d1..4092e85 100644
--- a/src/solaris/classes/sun/awt/X11/XTextAreaPeer.java
+++ b/src/solaris/classes/sun/awt/X11/XTextAreaPeer.java
@@ -1024,7 +1024,8 @@
}
}
- protected void uninstallListeners(JScrollPane scrollPane) {
+ @Override
+ protected void uninstallListeners(JComponent scrollPane) {
super.uninstallListeners(scrollPane);
scrollPane.removePropertyChangeListener(propertyChangeHandler);
}
diff --git a/src/solaris/classes/sun/print/CUPSPrinter.java b/src/solaris/classes/sun/print/CUPSPrinter.java
index a54316e..2899af8 100644
--- a/src/solaris/classes/sun/print/CUPSPrinter.java
+++ b/src/solaris/classes/sun/print/CUPSPrinter.java
@@ -126,7 +126,7 @@
/**
* Returns array of MediaSizeNames derived from PPD.
*/
- public MediaSizeName[] getMediaSizeNames() {
+ MediaSizeName[] getMediaSizeNames() {
initMedia();
return cupsMediaSNames;
}
@@ -135,7 +135,7 @@
/**
* Returns array of Custom MediaSizeNames derived from PPD.
*/
- public CustomMediaSizeName[] getCustomMediaSizeNames() {
+ CustomMediaSizeName[] getCustomMediaSizeNames() {
initMedia();
return cupsCustomMediaSNames;
}
@@ -144,7 +144,7 @@
/**
* Returns array of MediaPrintableArea derived from PPD.
*/
- public MediaPrintableArea[] getMediaPrintableArea() {
+ MediaPrintableArea[] getMediaPrintableArea() {
initMedia();
return cupsMediaPrintables;
}
@@ -152,7 +152,7 @@
/**
* Returns array of MediaTrays derived from PPD.
*/
- public MediaTray[] getMediaTrays() {
+ MediaTray[] getMediaTrays() {
initMedia();
return cupsMediaTrays;
}
diff --git a/src/solaris/classes/sun/print/IPPPrintService.java b/src/solaris/classes/sun/print/IPPPrintService.java
index 28d6e1c..b7acf6b 100644
--- a/src/solaris/classes/sun/print/IPPPrintService.java
+++ b/src/solaris/classes/sun/print/IPPPrintService.java
@@ -993,7 +993,9 @@
public synchronized Class[] getSupportedAttributeCategories() {
if (supportedCats != null) {
- return supportedCats;
+ Class<?> [] copyCats = new Class<?>[supportedCats.length];
+ System.arraycopy(supportedCats, 0, copyCats, 0, copyCats.length);
+ return copyCats;
}
initAttributes();
@@ -1050,7 +1052,9 @@
}
supportedCats = new Class[catList.size()];
catList.toArray(supportedCats);
- return supportedCats;
+ Class<?>[] copyCats = new Class<?>[supportedCats.length];
+ System.arraycopy(supportedCats, 0, copyCats, 0, copyCats.length);
+ return copyCats;
}
diff --git a/src/solaris/native/java/net/AbstractPlainDatagramSocketImpl.c b/src/solaris/native/java/net/AbstractPlainDatagramSocketImpl.c
new file mode 100644
index 0000000..075fffc
--- /dev/null
+++ b/src/solaris/native/java/net/AbstractPlainDatagramSocketImpl.c
@@ -0,0 +1,89 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation. Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+#include <sys/types.h>
+#include <sys/socket.h>
+
+#ifdef __solaris__
+#include <unistd.h>
+#include <stropts.h>
+
+#ifndef BSD_COMP
+#define BSD_COMP
+#endif
+
+#endif
+
+#include <sys/ioctl.h>
+
+#include "jvm.h"
+#include "jni_util.h"
+#include "net_util.h"
+
+#include "java_net_AbstractPlainDatagramSocketImpl.h"
+
+static jfieldID IO_fd_fdID;
+
+static jfieldID apdsi_fdID;
+
+
+/*
+ * Class: java_net_AbstractPlainDatagramSocketImpl
+ * Method: init
+ * Signature: ()V
+ */
+JNIEXPORT void JNICALL
+Java_java_net_AbstractPlainDatagramSocketImpl_init(JNIEnv *env, jclass cls) {
+
+ apdsi_fdID = (*env)->GetFieldID(env, cls, "fd",
+ "Ljava/io/FileDescriptor;");
+ CHECK_NULL(apdsi_fdID);
+
+ IO_fd_fdID = NET_GetFileDescriptorID(env);
+}
+
+/*
+ * Class: java_net_AbstractPlainDatagramSocketImpl
+ * Method: dataAvailable
+ * Signature: ()I
+ */
+JNIEXPORT jint JNICALL Java_java_net_AbstractPlainDatagramSocketImpl_dataAvailable
+(JNIEnv *env, jobject this) {
+ int fd, retval;
+
+ jobject fdObj = (*env)->GetObjectField(env, this, apdsi_fdID);
+
+ if (IS_NULL(fdObj)) {
+ JNU_ThrowByName(env, JNU_JAVANETPKG "SocketException",
+ "Socket closed");
+ return -1;
+ }
+ fd = (*env)->GetIntField(env, fdObj, IO_fd_fdID);
+
+ if (ioctl(fd, FIONREAD, &retval) < 0) {
+ return -1;
+ }
+ return retval;
+}
diff --git a/src/windows/native/java/net/AbstractPlainDatagramSocketImpl.c b/src/windows/native/java/net/AbstractPlainDatagramSocketImpl.c
new file mode 100644
index 0000000..dd2c7e8
--- /dev/null
+++ b/src/windows/native/java/net/AbstractPlainDatagramSocketImpl.c
@@ -0,0 +1,113 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation. Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+#include <windows.h>
+#include <winsock2.h>
+
+#include "jvm.h"
+#include "jni_util.h"
+#include "net_util.h"
+
+#include "java_net_AbstractPlainDatagramSocketImpl.h"
+
+static jfieldID IO_fd_fdID = NULL;
+static jfieldID apdsi_fdID = NULL;
+
+static jfieldID apdsi_fd1ID = NULL;
+static jclass two_stacks_clazz = NULL;
+
+
+/*
+ * Class: java_net_AbstractPlainDatagramSocketImpl
+ * Method: init
+ * Signature: ()V
+ */
+JNIEXPORT void JNICALL
+Java_java_net_AbstractPlainDatagramSocketImpl_init(JNIEnv *env, jclass cls) {
+
+ apdsi_fdID = (*env)->GetFieldID(env, cls, "fd",
+ "Ljava/io/FileDescriptor;");
+ CHECK_NULL(apdsi_fdID);
+ IO_fd_fdID = NET_GetFileDescriptorID(env);
+ CHECK_NULL(IO_fd_fdID);
+
+ two_stacks_clazz = (*env)->FindClass(env, "java/net/TwoStacksPlainDatagramSocketImpl");
+ CHECK_NULL(two_stacks_clazz);
+
+ /* Handle both TwoStacks and DualStack here */
+
+ if (JNU_Equals(env, cls, two_stacks_clazz)) {
+ /* fd1 present only in TwoStack.. */
+ apdsi_fd1ID = (*env)->GetFieldID(env, cls, "fd1",
+ "Ljava/io/FileDescriptor;");
+ CHECK_NULL(apdsi_fd1ID);
+ }
+
+ JNU_CHECK_EXCEPTION(env);
+}
+
+/*
+ * Class: java_net_AbstractPlainDatagramSocketImpl
+ * Method: dataAvailable
+ * Signature: ()I
+ */
+JNIEXPORT jint JNICALL Java_java_net_AbstractPlainDatagramSocketImpl_dataAvailable
+(JNIEnv *env, jobject this) {
+ SOCKET fd;
+ SOCKET fd1;
+ int rv = -1, rv1 = -1;
+ jobject fdObj = (*env)->GetObjectField(env, this, apdsi_fdID);
+
+ if (!IS_NULL(fdObj)) {
+ int retval = 0;
+ fd = (SOCKET)(*env)->GetIntField(env, fdObj, IO_fd_fdID);
+ rv = ioctlsocket(fd, FIONREAD, &retval);
+ if (retval > 0) {
+ return retval;
+ }
+ }
+
+ if (!IS_NULL(apdsi_fd1ID)) {
+ /* TwoStacks */
+ jobject fd1Obj = (*env)->GetObjectField(env, this, apdsi_fd1ID);
+ if (!IS_NULL(fd1Obj)) {
+ int retval = 0;
+ fd1 = (SOCKET)(*env)->GetIntField(env, fd1Obj, IO_fd_fdID);
+ rv1 = ioctlsocket(fd1, FIONREAD, &retval);
+ if (retval > 0) {
+ return retval;
+ }
+ }
+ }
+
+ if (rv < 0 && rv1 < 0) {
+ JNU_ThrowByName(env, JNU_JAVANETPKG "SocketException",
+ "Socket closed");
+ return -1;
+ }
+
+ return 0;
+}
+
diff --git a/src/windows/native/sun/awt/splashscreen/splashscreen_sys.c b/src/windows/native/sun/awt/splashscreen/splashscreen_sys.c
index ddbc006..8e02c18 100644
--- a/src/windows/native/sun/awt/splashscreen/splashscreen_sys.c
+++ b/src/windows/native/sun/awt/splashscreen/splashscreen_sys.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -213,6 +213,14 @@
void
SplashRedrawWindow(Splash * splash)
{
+ if (!SplashIsStillLooping(splash)) {
+ KillTimer(splash->hWnd, 0);
+ }
+
+ if (splash->currentFrame < 0) {
+ return;
+ }
+
SplashUpdateScreenData(splash);
if (splash->isLayered) {
BLENDFUNCTION bf;
@@ -303,9 +311,6 @@
time = 0;
SetTimer(splash->hWnd, 0, time, NULL);
}
- else {
- KillTimer(splash->hWnd, 0);
- }
}
void SplashReconfigureNow(Splash * splash) {
diff --git a/src/windows/native/sun/windows/awt_Component.cpp b/src/windows/native/sun/windows/awt_Component.cpp
index bb8015b..24a27ed 100644
--- a/src/windows/native/sun/windows/awt_Component.cpp
+++ b/src/windows/native/sun/windows/awt_Component.cpp
@@ -6930,9 +6930,9 @@
{
TRY;
- return JNI_IS_TRUE(AwtToolkit::GetInstance().SyncCall(
+ return (jboolean)AwtToolkit::GetInstance().SyncCall(
(void *(*)(void *))AwtComponent::_NativeHandlesWheelScrolling,
- env->NewGlobalRef(self)));
+ env->NewGlobalRef(self));
// global ref is deleted in _NativeHandlesWheelScrolling
CATCH_BAD_ALLOC_RET(NULL);
@@ -6951,9 +6951,9 @@
jobject selfGlobalRef = env->NewGlobalRef(self);
- return JNI_IS_TRUE(AwtToolkit::GetInstance().SyncCall(
+ return (jboolean)AwtToolkit::GetInstance().SyncCall(
(void*(*)(void*))AwtComponent::_IsObscured,
- (void *)selfGlobalRef));
+ (void *)selfGlobalRef);
// selfGlobalRef is deleted in _IsObscured
CATCH_BAD_ALLOC_RET(NULL);
diff --git a/src/windows/native/sun/windows/awt_List.cpp b/src/windows/native/sun/windows/awt_List.cpp
index c6cec8f..5188c85 100644
--- a/src/windows/native/sun/windows/awt_List.cpp
+++ b/src/windows/native/sun/windows/awt_List.cpp
@@ -1018,8 +1018,8 @@
ses->list = env->NewGlobalRef(self);
ses->index = index;
- return JNI_IS_TRUE(AwtToolkit::GetInstance().SyncCall(
- (void *(*)(void *))AwtList::_IsSelected, ses));
+ return (jboolean)AwtToolkit::GetInstance().SyncCall(
+ (void *(*)(void *))AwtList::_IsSelected, ses);
// global ref and ses are deleted in _IsSelected
CATCH_BAD_ALLOC_RET(FALSE);
diff --git a/test/java/util/Collections/CheckedQueue.java b/test/java/util/Collections/CheckedQueue.java
index 6f28e12..fb47e2e 100644
--- a/test/java/util/Collections/CheckedQueue.java
+++ b/test/java/util/Collections/CheckedQueue.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2014, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -23,55 +23,40 @@
/*
* @test
- * @bug 5020931
+ * @bug 5020931 8048207
* @summary Unit test for Collections.checkedQueue
+ * @run testng CheckedQueue
*/
-import java.lang.reflect.Method;
import java.util.Collections;
-import java.util.Iterator;
import java.util.Queue;
import java.util.concurrent.ArrayBlockingQueue;
+import org.testng.annotations.Test;
+import static org.testng.Assert.fail;
+import static org.testng.Assert.assertEquals;
+import static org.testng.Assert.assertTrue;
+import static org.testng.Assert.assertFalse;
+
+
public class CheckedQueue {
- static int status = 0;
-
- public static void main(String[] args) throws Exception {
- new CheckedQueue();
- }
-
- public CheckedQueue() throws Exception {
- run();
- }
-
- private void run() throws Exception {
- Method[] methods = this.getClass().getDeclaredMethods();
-
- for (int i = 0; i < methods.length; i++) {
- Method method = methods[i];
- String methodName = method.getName();
-
- if (methodName.startsWith("test")) {
- try {
- Object obj = method.invoke(this, new Object[0]);
- } catch(Exception e) {
- throw new Exception(this.getClass().getName() + "." +
- methodName + " test failed, test exception "
- + "follows\n" + e.getCause());
- }
- }
- }
- }
/**
* This test adds items to a queue.
*/
- private void test00() {
+ @Test
+ public void testAdd() {
int arrayLength = 10;
- ArrayBlockingQueue<String> abq = new ArrayBlockingQueue(arrayLength);
+ Queue<String> abq = Collections.checkedQueue(new ArrayBlockingQueue<>(arrayLength), String.class);
for (int i = 0; i < arrayLength; i++) {
- abq.add(new String(Integer.toString(i)));
+ abq.add(Integer.toString(i));
+ }
+
+ try {
+ abq.add("full");
+ } catch (IllegalStateException full) {
+
}
}
@@ -80,23 +65,17 @@
* {@code String}s gets the checked queue, and attempt to add an Integer to
* the checked queue.
*/
- private void test01() throws Exception {
+ @Test(expectedExceptions = ClassCastException.class)
+ public void testAddFail1() {
int arrayLength = 10;
ArrayBlockingQueue<String> abq = new ArrayBlockingQueue(arrayLength + 1);
for (int i = 0; i < arrayLength; i++) {
- abq.add(new String(Integer.toString(i)));
+ abq.add(Integer.toString(i));
}
Queue q = Collections.checkedQueue(abq, String.class);
-
- try {
- q.add(new Integer(0));
- throw new Exception(this.getClass().getName() + "." + "test01 test"
- + " failed, should throw ClassCastException.");
- } catch(ClassCastException cce) {
- // Do nothing.
- }
+ q.add(0);
}
/**
@@ -104,47 +83,40 @@
* {@code String}, gets the checked queue, and attempt to add an Integer to
* the checked queue.
*/
- private void test02() throws Exception {
+ @Test(expectedExceptions = ClassCastException.class)
+ public void testAddFail2() {
ArrayBlockingQueue<String> abq = new ArrayBlockingQueue(1);
Queue q = Collections.checkedQueue(abq, String.class);
- try {
- q.add(new Integer(0));
- throw new Exception(this.getClass().getName() + "." + "test02 test"
- + " failed, should throw ClassCastException.");
- } catch(ClassCastException e) {
- // Do nothing.
- }
+ q.add(0);
}
/**
* This test tests the Collections.checkedQueue method call for nulls in
* each and both of the parameters.
*/
- private void test03() throws Exception {
+ @Test
+ public void testArgs() {
ArrayBlockingQueue<String> abq = new ArrayBlockingQueue(1);
Queue q;
try {
q = Collections.checkedQueue(null, String.class);
- throw new Exception(this.getClass().getName() + "." + "test03 test"
- + " failed, should throw NullPointerException.");
+ fail( "should throw NullPointerException.");
} catch(NullPointerException npe) {
// Do nothing
}
try {
q = Collections.checkedQueue(abq, null);
- throw new Exception(this.getClass().getName() + "." + "test03 test"
- + " failed, should throw NullPointerException.");
+ fail( "should throw NullPointerException.");
} catch(Exception e) {
// Do nothing
}
try {
q = Collections.checkedQueue(null, null);
- throw new Exception(this.getClass().getName() + "." + "test03 test"
- + " failed, should throw NullPointerException.");
+ fail( "should throw NullPointerException.");
} catch(Exception e) {
// Do nothing
}
@@ -153,38 +125,28 @@
/**
* This test tests the CheckedQueue.offer method.
*/
- private void test04() throws Exception {
+ @Test
+ public void testOffer() {
ArrayBlockingQueue<String> abq = new ArrayBlockingQueue(1);
Queue q = Collections.checkedQueue(abq, String.class);
try {
q.offer(null);
- throw new Exception(this.getClass().getName() + "." + "test04 test"
- + " failed, should throw NullPointerException.");
+ fail("should throw NullPointerException.");
} catch (NullPointerException npe) {
// Do nothing
}
try {
- q.offer(new Integer(0));
- throw new Exception(this.getClass().getName() + "." + "test04 test"
- + " failed, should throw ClassCastException.");
+ q.offer(0);
+ fail("should throw ClassCastException.");
} catch (ClassCastException cce) {
// Do nothing
}
- q.offer(new String("0"));
+ assertTrue(q.offer("0"), "queue should have room");
- try {
- q.offer(new String("1"));
- throw new Exception(this.getClass().getName() + "." + "test04 test"
- + " failed, should throw IllegalStateException.");
- } catch(IllegalStateException ise) {
- // Do nothing
- }
- }
-
- private void test05() {
-
+ // no room at the inn!
+ assertFalse(q.offer("1"), "queue should be full");
}
}
diff --git a/test/sun/java2d/cmm/ColorConvertOp/ColConvCCMTest.java b/test/sun/java2d/cmm/ColorConvertOp/ColConvCCMTest.java
index 12139f6..a867e45 100644
--- a/test/sun/java2d/cmm/ColorConvertOp/ColConvCCMTest.java
+++ b/test/sun/java2d/cmm/ColorConvertOp/ColConvCCMTest.java
@@ -23,7 +23,7 @@
/**
* @test
- * @bug 6476665 7033534 6830714
+ * @bug 6476665 7033534 6830714 8052162
* @summary Verifies color conversion of Component Color Model based images
* @run main ColConvCCMTest
*/
diff --git a/test/sun/security/ssl/sanity/ciphersuites/CipherSuitesInOrder.java b/test/sun/security/ssl/sanity/ciphersuites/CipherSuitesInOrder.java
index 361ac86..69745aa 100644
--- a/test/sun/security/ssl/sanity/ciphersuites/CipherSuitesInOrder.java
+++ b/test/sun/security/ssl/sanity/ciphersuites/CipherSuitesInOrder.java
@@ -69,11 +69,6 @@
"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
"TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
"TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
- "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA",
- "TLS_ECDHE_RSA_WITH_RC4_128_SHA",
- "SSL_RSA_WITH_RC4_128_SHA",
- "TLS_ECDH_ECDSA_WITH_RC4_128_SHA",
- "TLS_ECDH_RSA_WITH_RC4_128_SHA",
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
@@ -97,6 +92,12 @@
"TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA",
"SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
"SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA",
+
+ "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA",
+ "TLS_ECDHE_RSA_WITH_RC4_128_SHA",
+ "SSL_RSA_WITH_RC4_128_SHA",
+ "TLS_ECDH_ECDSA_WITH_RC4_128_SHA",
+ "TLS_ECDH_RSA_WITH_RC4_128_SHA",
"SSL_RSA_WITH_RC4_128_MD5",
"TLS_EMPTY_RENEGOTIATION_INFO_SCSV",
@@ -110,10 +111,20 @@
"TLS_DH_anon_WITH_AES_128_CBC_SHA256",
"TLS_ECDH_anon_WITH_AES_128_CBC_SHA",
"TLS_DH_anon_WITH_AES_128_CBC_SHA",
- "TLS_ECDH_anon_WITH_RC4_128_SHA",
- "SSL_DH_anon_WITH_RC4_128_MD5",
"TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA",
"SSL_DH_anon_WITH_3DES_EDE_CBC_SHA",
+ "TLS_ECDH_anon_WITH_RC4_128_SHA",
+ "SSL_DH_anon_WITH_RC4_128_MD5",
+ "SSL_RSA_WITH_DES_CBC_SHA",
+ "SSL_DHE_RSA_WITH_DES_CBC_SHA",
+ "SSL_DHE_DSS_WITH_DES_CBC_SHA",
+ "SSL_DH_anon_WITH_DES_CBC_SHA",
+ "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA",
+ "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
+ "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA",
+ "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA",
+ "SSL_RSA_EXPORT_WITH_RC4_40_MD5",
+ "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5",
"TLS_RSA_WITH_NULL_SHA256",
"TLS_ECDHE_ECDSA_WITH_NULL_SHA",
"TLS_ECDHE_RSA_WITH_NULL_SHA",
@@ -122,26 +133,16 @@
"TLS_ECDH_RSA_WITH_NULL_SHA",
"TLS_ECDH_anon_WITH_NULL_SHA",
"SSL_RSA_WITH_NULL_MD5",
- "SSL_RSA_WITH_DES_CBC_SHA",
- "SSL_DHE_RSA_WITH_DES_CBC_SHA",
- "SSL_DHE_DSS_WITH_DES_CBC_SHA",
- "SSL_DH_anon_WITH_DES_CBC_SHA",
- "SSL_RSA_EXPORT_WITH_RC4_40_MD5",
- "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5",
- "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA",
- "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
- "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA",
- "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA",
- "TLS_KRB5_WITH_RC4_128_SHA",
- "TLS_KRB5_WITH_RC4_128_MD5",
"TLS_KRB5_WITH_3DES_EDE_CBC_SHA",
"TLS_KRB5_WITH_3DES_EDE_CBC_MD5",
+ "TLS_KRB5_WITH_RC4_128_SHA",
+ "TLS_KRB5_WITH_RC4_128_MD5",
"TLS_KRB5_WITH_DES_CBC_SHA",
"TLS_KRB5_WITH_DES_CBC_MD5",
- "TLS_KRB5_EXPORT_WITH_RC4_40_SHA",
- "TLS_KRB5_EXPORT_WITH_RC4_40_MD5",
"TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA",
- "TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5"
+ "TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5",
+ "TLS_KRB5_EXPORT_WITH_RC4_40_SHA",
+ "TLS_KRB5_EXPORT_WITH_RC4_40_MD5"
);
private final static String[] protocols = {
diff --git a/test/sun/tools/native2ascii/NativeErrors.java b/test/sun/tools/native2ascii/NativeErrors.java
index 77e6814..00493b8 100644
--- a/test/sun/tools/native2ascii/NativeErrors.java
+++ b/test/sun/tools/native2ascii/NativeErrors.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1998, 1999, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2014, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -25,12 +25,18 @@
* @test
* @bug 4136352
* @summary Test Native2ASCII error messages
- *
+ * @library /lib/testlibrary
+ * @build jdk.testlibrary.* NativeErrors
+ * @run main NativeErrors
*/
-import java.io.*;
-import sun.tools.native2ascii.*;
-import java.util.*;
+
+import java.io.File;
+import java.util.ResourceBundle;
+import java.util.MissingResourceException;
+import jdk.testlibrary.OutputAnalyzer;
+import jdk.testlibrary.JDKToolLauncher;
+import jdk.testlibrary.ProcessTools;
public class NativeErrors {
@@ -45,30 +51,18 @@
}
}
- public static void main(String args[]) throws Exception {
- String[] command;
- Process p = null;
- BufferedReader in = null;
+ public static void main(String args[]) throws Throwable {
+ // Execute command in another vm. Verify stdout for expected err msg.
- // Construct a command that runs the test in other vm
- // Exec another vm to run test in
- // Read the result to determine if test failed
-
- command = getComString("-encoding");
- p = Runtime.getRuntime().exec(command);
- in = new BufferedReader(new InputStreamReader(p.getInputStream()));
- checkResult(in, "err.bad.arg");
+ // Test with no input file given.
+ checkResult(executeCmd("-encoding"), "err.bad.arg");
File f0 = new File(System.getProperty("test.src", "."), "test123");
String path0 = f0.getPath();
if ( f0.exists() ) {
throw new Error("Input file should not exist: " + path0);
}
-
- command = getComString(path0);
- p = Runtime.getRuntime().exec(command);
- in = new BufferedReader(new InputStreamReader(p.getInputStream()));
- checkResult(in, "err.cannot.read");
+ checkResult(executeCmd(path0), "err.cannot.read");
File f1 = new File(System.getProperty("test.src", "."), "test1");
File f2 = File.createTempFile("test2", ".tmp");
@@ -81,71 +75,38 @@
throw new Error("Output file cannot be made read only: " + path2);
}
f2.deleteOnExit();
-
- command = getComString(path1, path2);
- p = Runtime.getRuntime().exec(command);
- in = new BufferedReader(new InputStreamReader(p.getInputStream()));
- checkResult(in, "err.cannot.write");
+ checkResult(executeCmd(path1, path2), "err.cannot.write");
}
-
- private static void checkResult(BufferedReader in, String errorExpected)
- throws Exception {
- String errorReceived;
- errorReceived = in.readLine();
- assert errorReceived != null : "First readline cannot be null";
- errorExpected = rsrc.getString(errorExpected);
- assert errorExpected != null : "Expected message cannot be null";
- StringBuffer error = new StringBuffer(errorExpected);
- int start = errorExpected.indexOf("{0}");
- if (start >= 0) {
- error.delete(start, start+3);
- errorExpected = error.toString();
+ private static String executeCmd(String... toolArgs) throws Throwable {
+ JDKToolLauncher cmd = JDKToolLauncher.createUsingTestJDK("native2ascii");
+ for (String s : toolArgs) {
+ cmd.addToolArg(s);
}
- //System.out.println("received: " + errorReceived);
- //System.out.println("expected: " + errorExpected);
- if (!errorReceived.endsWith(errorExpected))
+ OutputAnalyzer output = ProcessTools.executeProcess(cmd.getCommand());
+ if (output == null || output.getStdout() == null) {
+ throw new Exception("Output was null. Process did not finish correctly.");
+ }
+ if (output.getExitValue() == 0) {
+ throw new Exception("Process exit code was 0, but error was expected.");
+ }
+ return output.getStdout();
+ }
+
+ private static void checkResult(
+ String errorReceived, String errorKey) throws Exception {
+ String errorExpected = rsrc.getString(errorKey);
+ if (errorExpected == null) {
+ throw new Exception("No error message for key: " + errorKey);
+ }
+ // Remove template tag from error message.
+ errorExpected = errorExpected.replaceAll("\\{0\\}", "");
+
+ System.out.println("received: " + errorReceived);
+ System.out.println("expected: " + errorExpected);
+ if (errorReceived.indexOf(errorExpected) < 0) {
throw new RuntimeException("Native2ascii bad arg error broken.");
- }
-
- private static String[] getComString(String arg2) {
- String[] coms = new String[2];
- coms[0] = getPathString();
- coms[1] = arg2;
- return coms;
- }
-
- private static String[] getComString(String arg2, String arg3) {
- String[] coms = new String[3];
- coms[0] = getPathString();
- coms[1] = arg2;
- coms[2] = arg3;
- return coms;
- }
-
- /*
- * Search for path to native2ascii
- */
- private static String getPathString() {
- String path = System.getProperty("java.home") + File.separator +
- "bin" + File.separator + "native2ascii";
- if (File.separatorChar == '\\') {
- path = path + ".exe";
}
- File f = new File(path);
- if (!f.exists()) {
- System.out.println("Cannot find native2ascii at "+path);
- path = System.getProperty("java.home") + File.separator + ".." +
- File.separator + "bin" + File.separator + "native2ascii";
- if (File.separatorChar == '\\') {
- path = path + ".exe";
- }
- f = new File(path);
- if (!f.exists())
- throw new RuntimeException("Cannot find native2ascii at "+path);
- System.out.println("Using native2ascii at "+path);
- }
- return path;
}
}