--- ./.hgtags Wed Jul 30 03:50:56 2014 -0700 +++ ./.hgtags Wed Sep 17 11:23:18 2014 -0700 @@ -313,3 +313,21 @@ b14daf2459c5430dfe5d435483d6f424cff09584 jdk8u20-b23 1710841b0229403f4af85eac8b68ea5065a26c81 jdk8u20-b24 1710841b0229403f4af85eac8b68ea5065a26c81 jdk8u20-b25 +d1a7ea2c3e1091e0df1285963328a96f475f240d jdk8u20-b26 +97c6d6a8e5bb3dfc24b9a32711aa0906ea110e23 jdk8u25-b00 +c4cfb4376f5916c5d7eb1f39a0e23402de0d9818 jdk8u25-b01 +b4d29a751077e5500e766b8104dd1cb7148a550f jdk8u25-b02 +d3df54be114a5c41d4881b61cd42fbb0e52aaf4a jdk8u25-b03 +64e7567a8539078a678853a384340eee469168b0 jdk8u25-b04 +6de13ae93be20b97f53e3837739947d59fb4fd65 jdk8u25-b05 +69d17ee59c0e77033aca293501a642d0abc20c85 jdk8u25-b06 +561d066eaa6428088b4f7e273a8caed90e8f6073 jdk8u25-b07 +c2a5ad21d01c5d921c4e928edcb14cc3d61eb62b jdk8u25-b08 +1249614d7f1d9bf8443f0abd0622b4d2a3ab0638 jdk8u25-b09 +0c5d41165be3f4bb989bd84283c2df3e37b9845d jdk8u25-b10 +cc5ab3e0fe815ae80bb52fa5affcb35ee0f51cff jdk8u25-b11 +c35e73e4acd8ed03e77e8e20023bac115c7dfe38 jdk8u25-b12 +5d990a43c996ef039c6619e55215d589e09d1022 jdk8u25-b13 +4429ea47ee6eca6b8a1dbda1950566ee821ba19d jdk8u25-b14 +09eaef69f384ecf8ec0342b87a8b150740941140 jdk8u25-b15 +f0a48c214c46b7351ff8e6d6b6dc533463a4be21 jdk8u25-b16 --- ./common/autoconf/generated-configure.sh Wed Jul 30 03:50:56 2014 -0700 +++ ./common/autoconf/generated-configure.sh Wed Sep 17 11:23:18 2014 -0700 @@ -3868,7 +3868,7 @@ #CUSTOM_AUTOCONF_INCLUDE # Do not change or remove the following line, it is needed for consistency checks: -DATE_WHEN_GENERATED=1397150809 +DATE_WHEN_GENERATED=1410971760 ############################################################################### # --- ./make/Jprt.gmk Wed Jul 30 03:50:56 2014 -0700 +++ ./make/Jprt.gmk Wed Sep 17 11:23:18 2014 -0700 @@ -145,6 +145,9 @@ ifdef ALT_INSTALL_UPX_FILENAME @$(ECHO) " --with-upx-filename=$(call UnixPath,$(ALT_INSTALL_UPX_FILENAME)) " >> $@.tmp endif + ifdef ALT_BSDIFF_DIR + @$(ECHO) " --with-bsdiff-dir=$(call UnixPath,$(ALT_BSDIFF_DIR)) " >> $@.tmp + endif ifdef ALT_CCSS_SIGNING_DIR @$(ECHO) " --with-ccss-signing=$(call UnixPath,$(ALT_CCSS_SIGNING_DIR)) " >> $@.tmp endif --- ./make/jprt.properties Wed Jul 30 03:50:56 2014 -0700 +++ ./make/jprt.properties Wed Sep 17 11:23:18 2014 -0700 @@ -25,8 +25,9 @@ # Properties for jprt -# Locked down to jdk8 -jprt.tools.default.release=jdk8 +# The current release name +my.jdk.update.version=25 +jprt.tools.default.release=jdk8u${my.jdk.update.version} # Unix toolkit to use for building on windows jprt.windows.jdk8.build.unix.toolkit=cygwin --- ./corba/.hgtags Wed Jul 30 03:51:08 2014 -0700 +++ ./corba/.hgtags Mon Sep 08 12:34:37 2014 -0700 @@ -311,3 +311,21 @@ 919405d7316dfcbddee5ad8dd08905916df88e04 jdk8u20-b23 34c930eaa6b591621afde05ca2e24571c91cdc9b jdk8u20-b24 34c930eaa6b591621afde05ca2e24571c91cdc9b jdk8u20-b25 +37bde23c96f66912c44b1b893c08d4ad4cff5f4e jdk8u20-b26 +08aa9f55fe5bce1f04cfd2958f71e8df18643e29 jdk8u25-b00 +31f50e3c0dcbdfa7f11a895179065e6888c2cf3c jdk8u25-b01 +162703b7c2f16ce00d1b54a8f95d12eda9753eba jdk8u25-b02 +ddaa2a3e452c8fbb1a7046e743096d0f9489290e jdk8u25-b03 +a76e6e02711edbfab4931dc679cbd3df6169ec84 jdk8u25-b04 +2fab01326282ee9033c089933b2dc46aef127abd jdk8u25-b05 +76068779ea16c40a9d3c14751a3bbd6c21f09cfd jdk8u25-b06 +db4d845d6a4d71ef5e48a8888f71375b0e21959f jdk8u25-b07 +afd9d9e1bbb5ab77c95a8750d2df164e05088d09 jdk8u25-b08 +1322b445ab39930c50c3901f6c439aad99a62fe8 jdk8u25-b09 +2e6da97d338ad5a65bf07f9d9648dcb74b5776b4 jdk8u25-b10 +11f77cdff0b2a07fd89f439b044d9f10a15f8fd5 jdk8u25-b11 +f560274aec4f42283c10070921afae403a153de2 jdk8u25-b12 +987bd55824c4794c8784a47fc45ecd18a9c2a5c8 jdk8u25-b13 +7e9a2027d0214019d66325fa7ca59cf8281fb43e jdk8u25-b14 +5b2cb4935667cd02d7974b3b6fb6bf4092b5acae jdk8u25-b15 +28d7f90e04e46ce8c633a2fbf0157d9e77db17c3 jdk8u25-b16 --- ./hotspot/.hgtags Wed Jul 30 03:51:43 2014 -0700 +++ ./hotspot/.hgtags Mon Sep 08 12:35:01 2014 -0700 @@ -500,3 +500,21 @@ 42ddd0bbcb6630fe463ec9bc1893c838d5edff1b jdk8u20-b24 00cf2b6f51b9560b01030e8f4c28c466f0b21fe3 hs25.20-b23 19408d5fd31c25ce60c43dd33e92b96e8df4a4ea jdk8u20-b25 +eaa4074a7e3975cd33ec55e6b584586e2ac681bd jdk8u20-b26 +a4d44dfb7d30eea54bc172e4429a655454ae0bbf jdk8u25-b00 +9a2152fbd929b0d8b2f5c326a5526214ae71731a jdk8u25-b01 +d3d5604ea0dea3812e87ba76ac199d0a8be6f49f jdk8u25-b02 +27348de6239bb527c37c0bf59e938ed127b619a7 jdk8u25-b03 +220eefb3609e250a0bb0ed26236c1213b8000050 jdk8u25-b04 +db8383148bc9417dd4c38fa4cea39510f17325f3 jdk8u25-b05 +605df8463453628df49351fa63632666f18698cd jdk8u25-b06 +520188d4bade17dbe75163d1f635c08168ea560c jdk8u25-b07 +f3f50c4f9ea5d3af40cb794b6f3f2a337c8873db jdk8u25-b08 +4f209b7a580c78bac255e69f4724c42584c32a7d jdk8u25-b09 +19c692f1e4c571a9285e33e7d3d15948769fcbdd jdk8u25-b10 +9e2bb00a81910776d5b16c49a3f4c5264ceab522 jdk8u25-b11 +2993491d47df8c4b096ea7fa534162bde8b53dcf jdk8u25-b12 +ca6d25be853b5c428c6228871316671843264666 jdk8u25-b13 +c77d5db189422e2eef0443ee212644e497113b18 jdk8u25-b14 +e62c06b887310b5bd23be9b817a9a6f0daf0d0e1 jdk8u25-b15 +6467bdd4d22d8b140844dc847c43b9ba7cb0bbd1 jdk8u25-b16 --- ./hotspot/make/bsd/makefiles/mapfile-vers-debug Wed Jul 30 03:51:43 2014 -0700 +++ ./hotspot/make/bsd/makefiles/mapfile-vers-debug Mon Sep 08 12:35:01 2014 -0700 @@ -1,5 +1,5 @@ # -# Copyright (c) 2002, 2013, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2002, 2014, Oracle and/or its affiliates. All rights reserved. # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. # # This code is free software; you can redistribute it and/or modify it @@ -82,6 +82,7 @@ _JVM_EnableCompiler _JVM_Exit _JVM_FillInStackTrace + _JVM_FindClassFromCaller _JVM_FindClassFromClass _JVM_FindClassFromClassLoader _JVM_FindClassFromBootLoader --- ./hotspot/make/bsd/makefiles/mapfile-vers-product Wed Jul 30 03:51:43 2014 -0700 +++ ./hotspot/make/bsd/makefiles/mapfile-vers-product Mon Sep 08 12:35:01 2014 -0700 @@ -1,5 +1,5 @@ # -# Copyright (c) 2002, 2013, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2002, 2014, Oracle and/or its affiliates. All rights reserved. # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. # # This code is free software; you can redistribute it and/or modify it @@ -82,6 +82,7 @@ _JVM_EnableCompiler _JVM_Exit _JVM_FillInStackTrace + _JVM_FindClassFromCaller _JVM_FindClassFromClass _JVM_FindClassFromClassLoader _JVM_FindClassFromBootLoader --- ./hotspot/make/hotspot_version Wed Jul 30 03:51:43 2014 -0700 +++ ./hotspot/make/hotspot_version Mon Sep 08 12:35:01 2014 -0700 @@ -34,8 +34,8 @@ HOTSPOT_VM_COPYRIGHT=Copyright 2014 HS_MAJOR_VER=25 -HS_MINOR_VER=20 -HS_BUILD_NUMBER=23 +HS_MINOR_VER=25 +HS_BUILD_NUMBER=02 JDK_MAJOR_VER=1 JDK_MINOR_VER=8 --- ./hotspot/make/linux/makefiles/mapfile-vers-debug Wed Jul 30 03:51:43 2014 -0700 +++ ./hotspot/make/linux/makefiles/mapfile-vers-debug Mon Sep 08 12:35:01 2014 -0700 @@ -1,5 +1,5 @@ # -# Copyright (c) 2002, 2013, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2002, 2014, Oracle and/or its affiliates. All rights reserved. # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. # # This code is free software; you can redistribute it and/or modify it @@ -84,6 +84,7 @@ JVM_EnableCompiler; JVM_Exit; JVM_FillInStackTrace; + JVM_FindClassFromCaller; JVM_FindClassFromClass; JVM_FindClassFromClassLoader; JVM_FindClassFromBootLoader; --- ./hotspot/make/linux/makefiles/mapfile-vers-product Wed Jul 30 03:51:43 2014 -0700 +++ ./hotspot/make/linux/makefiles/mapfile-vers-product Mon Sep 08 12:35:01 2014 -0700 @@ -1,5 +1,5 @@ # -# Copyright (c) 2002, 2013, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2002, 2014, Oracle and/or its affiliates. All rights reserved. # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. # # This code is free software; you can redistribute it and/or modify it @@ -84,6 +84,7 @@ JVM_EnableCompiler; JVM_Exit; JVM_FillInStackTrace; + JVM_FindClassFromCaller; JVM_FindClassFromClass; JVM_FindClassFromClassLoader; JVM_FindClassFromBootLoader; --- ./hotspot/make/solaris/makefiles/mapfile-vers Wed Jul 30 03:51:43 2014 -0700 +++ ./hotspot/make/solaris/makefiles/mapfile-vers Mon Sep 08 12:35:01 2014 -0700 @@ -1,5 +1,5 @@ # -# Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. # # This code is free software; you can redistribute it and/or modify it @@ -84,6 +84,7 @@ JVM_EnableCompiler; JVM_Exit; JVM_FillInStackTrace; + JVM_FindClassFromCaller; JVM_FindClassFromClass; JVM_FindClassFromClassLoader; JVM_FindClassFromBootLoader; --- ./hotspot/src/share/vm/classfile/classFileParser.cpp Wed Jul 30 03:51:43 2014 -0700 +++ ./hotspot/src/share/vm/classfile/classFileParser.cpp Mon Sep 08 12:35:01 2014 -0700 @@ -2780,11 +2780,6 @@ ClassFileStream* cfs = stream(); u1* current_start = cfs->current(); - guarantee_property(attribute_byte_length > sizeof(u2), - "Invalid BootstrapMethods attribute length %u in class file %s", - attribute_byte_length, - CHECK); - cfs->guarantee_more(attribute_byte_length, CHECK); int attribute_array_length = cfs->get_u2_fast(); @@ -2831,6 +2826,11 @@ "bootstrap_method_index %u has bad constant type in class file %s", bootstrap_method_index, CHECK); + + guarantee_property((operand_fill_index + 1 + argument_count) < operands->length(), + "Invalid BootstrapMethods num_bootstrap_methods or num_bootstrap_arguments value in class file %s", + CHECK); + operands->at_put(operand_fill_index++, bootstrap_method_index); operands->at_put(operand_fill_index++, argument_count); @@ -2848,7 +2848,6 @@ } assert(operand_fill_index == operands->length(), "exact fill"); - assert(ConstantPool::operand_array_length(operands) == attribute_array_length, "correct decode"); u1* current_end = cfs->current(); guarantee_property(current_end == current_start + attribute_byte_length, --- ./hotspot/src/share/vm/classfile/classLoader.cpp Wed Jul 30 03:51:43 2014 -0700 +++ ./hotspot/src/share/vm/classfile/classLoader.cpp Mon Sep 08 12:35:01 2014 -0700 @@ -84,6 +84,7 @@ typedef jboolean (JNICALL *ReadEntry_t)(jzfile *zip, jzentry *entry, unsigned char *buf, char *namebuf); typedef jboolean (JNICALL *ReadMappedEntry_t)(jzfile *zip, jzentry *entry, unsigned char **buf, char *namebuf); typedef jzentry* (JNICALL *GetNextEntry_t)(jzfile *zip, jint n); +typedef jint (JNICALL *Crc32_t)(jint crc, const jbyte *buf, jint len); static ZipOpen_t ZipOpen = NULL; static ZipClose_t ZipClose = NULL; @@ -92,6 +93,7 @@ static ReadMappedEntry_t ReadMappedEntry = NULL; static GetNextEntry_t GetNextEntry = NULL; static canonicalize_fn_t CanonicalizeEntry = NULL; +static Crc32_t Crc32 = NULL; // Globals @@ -632,9 +634,11 @@ ReadEntry = CAST_TO_FN_PTR(ReadEntry_t, os::dll_lookup(handle, "ZIP_ReadEntry")); ReadMappedEntry = CAST_TO_FN_PTR(ReadMappedEntry_t, os::dll_lookup(handle, "ZIP_ReadMappedEntry")); GetNextEntry = CAST_TO_FN_PTR(GetNextEntry_t, os::dll_lookup(handle, "ZIP_GetNextEntry")); + Crc32 = CAST_TO_FN_PTR(Crc32_t, os::dll_lookup(handle, "ZIP_CRC32")); // ZIP_Close is not exported on Windows in JDK5.0 so don't abort if ZIP_Close is NULL - if (ZipOpen == NULL || FindEntry == NULL || ReadEntry == NULL || GetNextEntry == NULL) { + if (ZipOpen == NULL || FindEntry == NULL || ReadEntry == NULL || + GetNextEntry == NULL || Crc32 == NULL) { vm_exit_during_initialization("Corrupted ZIP library", path); } @@ -644,6 +648,11 @@ // This lookup only works on 1.3. Do not check for non-null here } +int ClassLoader::crc32(int crc, const char* buf, int len) { + assert(Crc32 != NULL, "ZIP_CRC32 is not found"); + return (*Crc32)(crc, (const jbyte*)buf, len); +} + // PackageInfo data exists in order to support the java.lang.Package // class. A Package object provides information about a java package // (version, vendor, etc.) which originates in the manifest of the jar --- ./hotspot/src/share/vm/classfile/classLoader.hpp Wed Jul 30 03:51:43 2014 -0700 +++ ./hotspot/src/share/vm/classfile/classLoader.hpp Mon Sep 08 12:35:01 2014 -0700 @@ -215,6 +215,7 @@ // to avoid confusing the zip library static bool get_canonical_path(char* orig, char* out, int len); public: + static int crc32(int crc, const char* buf, int len); // Used by the kernel jvm. static void update_class_path_entry_list(char *path, bool check_for_duplicates); --- ./hotspot/src/share/vm/classfile/stackMapFrame.cpp Wed Jul 30 03:51:43 2014 -0700 +++ ./hotspot/src/share/vm/classfile/stackMapFrame.cpp Mon Sep 08 12:35:01 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -54,21 +54,6 @@ return frame; } -bool StackMapFrame::has_new_object() const { - int32_t i; - for (i = 0; i < _max_locals; i++) { - if (_locals[i].is_uninitialized()) { - return true; - } - } - for (i = 0; i < _stack_size; i++) { - if (_stack[i].is_uninitialized()) { - return true; - } - } - return false; -} - void StackMapFrame::initialize_object( VerificationType old_object, VerificationType new_object) { int32_t i; @@ -163,7 +148,7 @@ VerificationType* from, VerificationType* to, int32_t len, TRAPS) const { int32_t i = 0; for (i = 0; i < len; i++) { - if (!to[i].is_assignable_from(from[i], verifier(), THREAD)) { + if (!to[i].is_assignable_from(from[i], verifier(), false, THREAD)) { break; } } @@ -260,7 +245,7 @@ } VerificationType top = _stack[--_stack_size]; bool subtype = type.is_assignable_from( - top, verifier(), CHECK_(VerificationType::bogus_type())); + top, verifier(), false, CHECK_(VerificationType::bogus_type())); if (!subtype) { verifier()->verify_error( ErrorContext::bad_type(_offset, stack_top_ctx(), @@ -280,7 +265,7 @@ return VerificationType::bogus_type(); } bool subtype = type.is_assignable_from(_locals[index], - verifier(), CHECK_(VerificationType::bogus_type())); + verifier(), false, CHECK_(VerificationType::bogus_type())); if (!subtype) { verifier()->verify_error( ErrorContext::bad_type(_offset, @@ -303,14 +288,14 @@ "get long/double overflows locals"); return; } - bool subtype = type1.is_assignable_from(_locals[index], verifier(), CHECK); + bool subtype = type1.is_assignable_from(_locals[index], verifier(), false, CHECK); if (!subtype) { verifier()->verify_error( ErrorContext::bad_type(_offset, TypeOrigin::local(index, this), TypeOrigin::implicit(type1)), "Bad local variable type"); } else { - subtype = type2.is_assignable_from(_locals[index + 1], verifier(), CHECK); + subtype = type2.is_assignable_from(_locals[index + 1], verifier(), false, CHECK); if (!subtype) { /* Unreachable? All local store routines convert a split long or double * into a TOP during the store. So we should never end up seeing an --- ./hotspot/src/share/vm/classfile/stackMapFrame.hpp Wed Jul 30 03:51:43 2014 -0700 +++ ./hotspot/src/share/vm/classfile/stackMapFrame.hpp Mon Sep 08 12:35:01 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -155,10 +155,6 @@ const methodHandle m, VerificationType thisKlass, TRAPS); // Search local variable type array and stack type array. - // Return true if an uninitialized object is found. - bool has_new_object() const; - - // Search local variable type array and stack type array. // Set every element with type of old_object to new_object. void initialize_object( VerificationType old_object, VerificationType new_object); @@ -238,7 +234,7 @@ if (_stack_size != 0) { VerificationType top = _stack[_stack_size - 1]; bool subtype = type.is_assignable_from( - top, verifier(), CHECK_(VerificationType::bogus_type())); + top, verifier(), false, CHECK_(VerificationType::bogus_type())); if (subtype) { --_stack_size; return top; @@ -253,9 +249,9 @@ assert(type2.is_long() || type2.is_double(), "must be long/double_2"); if (_stack_size >= 2) { VerificationType top1 = _stack[_stack_size - 1]; - bool subtype1 = type1.is_assignable_from(top1, verifier(), CHECK); + bool subtype1 = type1.is_assignable_from(top1, verifier(), false, CHECK); VerificationType top2 = _stack[_stack_size - 2]; - bool subtype2 = type2.is_assignable_from(top2, verifier(), CHECK); + bool subtype2 = type2.is_assignable_from(top2, verifier(), false, CHECK); if (subtype1 && subtype2) { _stack_size -= 2; return; --- ./hotspot/src/share/vm/classfile/stackMapTable.cpp Wed Jul 30 03:51:43 2014 -0700 +++ ./hotspot/src/share/vm/classfile/stackMapTable.cpp Mon Sep 08 12:35:01 2014 -0700 @@ -70,24 +70,26 @@ bool StackMapTable::match_stackmap( StackMapFrame* frame, int32_t target, - bool match, bool update, ErrorContext* ctx, TRAPS) const { + bool match, bool update, bool handler, ErrorContext* ctx, TRAPS) const { int index = get_index_from_offset(target); - return match_stackmap(frame, target, index, match, update, ctx, THREAD); + return match_stackmap(frame, target, index, match, update, handler, ctx, THREAD); } // Match and/or update current_frame to the frame in stackmap table with // specified offset and frame index. Return true if the two frames match. +// handler is true if the frame in stackmap_table is for an exception handler. // -// The values of match and update are: _match__update_ +// The values of match and update are: _match__update__handler // -// checking a branch target/exception handler: true false +// checking a branch target: true false false +// checking an exception handler: true false true // linear bytecode verification following an -// unconditional branch: false true +// unconditional branch: false true false // linear bytecode verification not following an -// unconditional branch: true true +// unconditional branch: true true false bool StackMapTable::match_stackmap( StackMapFrame* frame, int32_t target, int32_t frame_index, - bool match, bool update, ErrorContext* ctx, TRAPS) const { + bool match, bool update, bool handler, ErrorContext* ctx, TRAPS) const { if (frame_index < 0 || frame_index >= _frame_count) { *ctx = ErrorContext::missing_stackmap(frame->offset()); frame->verifier()->verify_error( @@ -98,11 +100,9 @@ StackMapFrame *stackmap_frame = _frame_array[frame_index]; bool result = true; if (match) { - // when checking handler target, match == true && update == false - bool is_exception_handler = !update; // Has direct control flow from last instruction, need to match the two // frames. - result = frame->is_assignable_to(stackmap_frame, is_exception_handler, + result = frame->is_assignable_to(stackmap_frame, handler, ctx, CHECK_VERIFY_(frame->verifier(), result)); } if (update) { @@ -126,24 +126,10 @@ StackMapFrame* frame, int32_t target, TRAPS) const { ErrorContext ctx; bool match = match_stackmap( - frame, target, true, false, &ctx, CHECK_VERIFY(frame->verifier())); + frame, target, true, false, false, &ctx, CHECK_VERIFY(frame->verifier())); if (!match || (target < 0 || target >= _code_length)) { frame->verifier()->verify_error(ctx, "Inconsistent stackmap frames at branch target %d", target); - return; - } - // check if uninitialized objects exist on backward branches - check_new_object(frame, target, CHECK_VERIFY(frame->verifier())); - frame->verifier()->update_furthest_jump(target); -} - -void StackMapTable::check_new_object( - const StackMapFrame* frame, int32_t target, TRAPS) const { - if (frame->offset() > target && frame->has_new_object()) { - frame->verifier()->verify_error( - ErrorContext::bad_code(frame->offset()), - "Uninitialized object exists on backward branch %d", target); - return; } } --- ./hotspot/src/share/vm/classfile/stackMapTable.hpp Wed Jul 30 03:51:43 2014 -0700 +++ ./hotspot/src/share/vm/classfile/stackMapTable.hpp Mon Sep 08 12:35:01 2014 -0700 @@ -74,12 +74,12 @@ // specified offset. Return true if the two frames match. bool match_stackmap( StackMapFrame* current_frame, int32_t offset, - bool match, bool update, ErrorContext* ctx, TRAPS) const; + bool match, bool update, bool handler, ErrorContext* ctx, TRAPS) const; // Match and/or update current_frame to the frame in stackmap table with // specified offset and frame index. Return true if the two frames match. bool match_stackmap( StackMapFrame* current_frame, int32_t offset, int32_t frame_index, - bool match, bool update, ErrorContext* ctx, TRAPS) const; + bool match, bool update, bool handler, ErrorContext* ctx, TRAPS) const; // Check jump instructions. Make sure there are no uninitialized // instances on backward branch. @@ -90,10 +90,6 @@ // Returns the frame array index where the frame with offset is stored. int get_index_from_offset(int32_t offset) const; - // Make sure that there's no uninitialized object exist on backward branch. - void check_new_object( - const StackMapFrame* frame, int32_t target, TRAPS) const; - void print_on(outputStream* str) const; }; --- ./hotspot/src/share/vm/classfile/verificationType.cpp Wed Jul 30 03:51:43 2014 -0700 +++ ./hotspot/src/share/vm/classfile/verificationType.cpp Mon Sep 08 12:35:01 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -42,7 +42,8 @@ } bool VerificationType::is_reference_assignable_from( - const VerificationType& from, ClassVerifier* context, TRAPS) const { + const VerificationType& from, ClassVerifier* context, + bool from_field_is_protected, TRAPS) const { instanceKlassHandle klass = context->current_class(); if (from.is_null()) { // null is assignable to any reference @@ -62,9 +63,11 @@ Handle(THREAD, klass->protection_domain()), true, CHECK_false); KlassHandle this_class(THREAD, obj); - if (this_class->is_interface()) { - // We treat interfaces as java.lang.Object, including - // java.lang.Cloneable and java.io.Serializable + if (this_class->is_interface() && (!from_field_is_protected || + from.name() != vmSymbols::java_lang_Object())) { + // If we are not trying to access a protected field or method in + // java.lang.Object then we treat interfaces as java.lang.Object, + // including java.lang.Cloneable and java.io.Serializable. return true; } else if (from.is_object()) { Klass* from_class = SystemDictionary::resolve_or_fail( @@ -76,7 +79,8 @@ VerificationType comp_this = get_component(context, CHECK_false); VerificationType comp_from = from.get_component(context, CHECK_false); if (!comp_this.is_bogus() && !comp_from.is_bogus()) { - return comp_this.is_assignable_from(comp_from, context, CHECK_false); + return comp_this.is_assignable_from(comp_from, context, + from_field_is_protected, CHECK_false); } } return false; --- ./hotspot/src/share/vm/classfile/verificationType.hpp Wed Jul 30 03:51:43 2014 -0700 +++ ./hotspot/src/share/vm/classfile/verificationType.hpp Mon Sep 08 12:35:01 2014 -0700 @@ -265,7 +265,8 @@ // is assignable to another. Returns true if one can assign 'from' to // this. bool is_assignable_from( - const VerificationType& from, ClassVerifier* context, TRAPS) const { + const VerificationType& from, ClassVerifier* context, + bool from_field_is_protected, TRAPS) const { if (equals(from) || is_bogus()) { return true; } else { @@ -286,7 +287,9 @@ return from.is_integer(); default: if (is_reference() && from.is_reference()) { - return is_reference_assignable_from(from, context, CHECK_false); + return is_reference_assignable_from(from, context, + from_field_is_protected, + CHECK_false); } else { return false; } @@ -308,7 +311,8 @@ private: bool is_reference_assignable_from( - const VerificationType&, ClassVerifier*, TRAPS) const; + const VerificationType&, ClassVerifier*, bool from_field_is_protected, + TRAPS) const; }; #endif // SHARE_VM_CLASSFILE_VERIFICATIONTYPE_HPP --- ./hotspot/src/share/vm/classfile/verifier.cpp Wed Jul 30 03:51:43 2014 -0700 +++ ./hotspot/src/share/vm/classfile/verifier.cpp Mon Sep 08 12:35:01 2014 -0700 @@ -634,8 +634,6 @@ // flow from current instruction to the next // instruction in sequence - set_furthest_jump(0); - Bytecodes::Code opcode; while (!bcs.is_last_bytecode()) { // Check for recursive re-verification before each bytecode. @@ -1736,7 +1734,7 @@ VerificationType throwable = VerificationType::reference_type(vmSymbols::java_lang_Throwable()); bool is_subclass = throwable.is_assignable_from( - catch_type, this, CHECK_VERIFY(this)); + catch_type, this, false, CHECK_VERIFY(this)); if (!is_subclass) { // 4286534: should throw VerifyError according to recent spec change verify_error(ErrorContext::bad_type(handler_pc, @@ -1794,7 +1792,7 @@ // If matched, current_frame will be updated by this method. bool matches = stackmap_table->match_stackmap( current_frame, this_offset, stackmap_index, - !no_control_flow, true, &ctx, CHECK_VERIFY_(this, 0)); + !no_control_flow, true, false, &ctx, CHECK_VERIFY_(this, 0)); if (!matches) { // report type error verify_error(ctx, "Instruction type does not match stack map"); @@ -1841,7 +1839,7 @@ } ErrorContext ctx; bool matches = stackmap_table->match_stackmap( - new_frame, handler_pc, true, false, &ctx, CHECK_VERIFY(this)); + new_frame, handler_pc, true, false, true, &ctx, CHECK_VERIFY(this)); if (!matches) { verify_error(ctx, "Stack map does not match the one at " "exception handler %d", handler_pc); @@ -2191,7 +2189,7 @@ stack_object_type = current_type(); } is_assignable = target_class_type.is_assignable_from( - stack_object_type, this, CHECK_VERIFY(this)); + stack_object_type, this, false, CHECK_VERIFY(this)); if (!is_assignable) { verify_error(ErrorContext::bad_type(bci, current_frame->stack_top_ctx(), @@ -2218,7 +2216,7 @@ // It's protected access, check if stack object is assignable to // current class. is_assignable = current_type().is_assignable_from( - stack_object_type, this, CHECK_VERIFY(this)); + stack_object_type, this, true, CHECK_VERIFY(this)); if (!is_assignable) { verify_error(ErrorContext::bad_type(bci, current_frame->stack_top_ctx(), @@ -2233,6 +2231,181 @@ } } +// Look at the method's handlers. If the bci is in the handler's try block +// then check if the handler_pc is already on the stack. If not, push it. +void ClassVerifier::push_handlers(ExceptionTable* exhandlers, + GrowableArray* handler_stack, + u4 bci) { + int exlength = exhandlers->length(); + for(int x = 0; x < exlength; x++) { + if (bci >= exhandlers->start_pc(x) && bci < exhandlers->end_pc(x)) { + handler_stack->append_if_missing(exhandlers->handler_pc(x)); + } + } +} + +// Return TRUE if all code paths starting with start_bc_offset end in +// bytecode athrow or loop. +bool ClassVerifier::ends_in_athrow(u4 start_bc_offset) { + ResourceMark rm; + // Create bytecode stream. + RawBytecodeStream bcs(method()); + u4 code_length = method()->code_size(); + bcs.set_start(start_bc_offset); + u4 target; + // Create stack for storing bytecode start offsets for if* and *switch. + GrowableArray* bci_stack = new GrowableArray(30); + // Create stack for handlers for try blocks containing this handler. + GrowableArray* handler_stack = new GrowableArray(30); + // Create list of visited branch opcodes (goto* and if*). + GrowableArray* visited_branches = new GrowableArray(30); + ExceptionTable exhandlers(_method()); + + while (true) { + if (bcs.is_last_bytecode()) { + // if no more starting offsets to parse or if at the end of the + // method then return false. + if ((bci_stack->is_empty()) || ((u4)bcs.end_bci() == code_length)) + return false; + // Pop a bytecode starting offset and scan from there. + bcs.set_start(bci_stack->pop()); + } + Bytecodes::Code opcode = bcs.raw_next(); + u4 bci = bcs.bci(); + + // If the bytecode is in a TRY block, push its handlers so they + // will get parsed. + push_handlers(&exhandlers, handler_stack, bci); + + switch (opcode) { + case Bytecodes::_if_icmpeq: + case Bytecodes::_if_icmpne: + case Bytecodes::_if_icmplt: + case Bytecodes::_if_icmpge: + case Bytecodes::_if_icmpgt: + case Bytecodes::_if_icmple: + case Bytecodes::_ifeq: + case Bytecodes::_ifne: + case Bytecodes::_iflt: + case Bytecodes::_ifge: + case Bytecodes::_ifgt: + case Bytecodes::_ifle: + case Bytecodes::_if_acmpeq: + case Bytecodes::_if_acmpne: + case Bytecodes::_ifnull: + case Bytecodes::_ifnonnull: + target = bcs.dest(); + if (visited_branches->contains(bci)) { + if (bci_stack->is_empty()) return true; + // Pop a bytecode starting offset and scan from there. + bcs.set_start(bci_stack->pop()); + } else { + if (target > bci) { // forward branch + if (target >= code_length) return false; + // Push the branch target onto the stack. + bci_stack->push(target); + // then, scan bytecodes starting with next. + bcs.set_start(bcs.next_bci()); + } else { // backward branch + // Push bytecode offset following backward branch onto the stack. + bci_stack->push(bcs.next_bci()); + // Check bytecodes starting with branch target. + bcs.set_start(target); + } + // Record target so we don't branch here again. + visited_branches->append(bci); + } + break; + + case Bytecodes::_goto: + case Bytecodes::_goto_w: + target = (opcode == Bytecodes::_goto ? bcs.dest() : bcs.dest_w()); + if (visited_branches->contains(bci)) { + if (bci_stack->is_empty()) return true; + // Been here before, pop new starting offset from stack. + bcs.set_start(bci_stack->pop()); + } else { + if (target >= code_length) return false; + // Continue scanning from the target onward. + bcs.set_start(target); + // Record target so we don't branch here again. + visited_branches->append(bci); + } + break; + + // Check that all switch alternatives end in 'athrow' bytecodes. Since it + // is difficult to determine where each switch alternative ends, parse + // each switch alternative until either hit a 'return', 'athrow', or reach + // the end of the method's bytecodes. This is gross but should be okay + // because: + // 1. tableswitch and lookupswitch byte codes in handlers for ctor explicit + // constructor invocations should be rare. + // 2. if each switch alternative ends in an athrow then the parsing should be + // short. If there is no athrow then it is bogus code, anyway. + case Bytecodes::_lookupswitch: + case Bytecodes::_tableswitch: + { + address aligned_bcp = (address) round_to((intptr_t)(bcs.bcp() + 1), jintSize); + u4 default_offset = Bytes::get_Java_u4(aligned_bcp) + bci; + int keys, delta; + if (opcode == Bytecodes::_tableswitch) { + jint low = (jint)Bytes::get_Java_u4(aligned_bcp + jintSize); + jint high = (jint)Bytes::get_Java_u4(aligned_bcp + 2*jintSize); + // This is invalid, but let the regular bytecode verifier + // report this because the user will get a better error message. + if (low > high) return true; + keys = high - low + 1; + delta = 1; + } else { + keys = (int)Bytes::get_Java_u4(aligned_bcp + jintSize); + delta = 2; + } + // Invalid, let the regular bytecode verifier deal with it. + if (keys < 0) return true; + + // Push the offset of the next bytecode onto the stack. + bci_stack->push(bcs.next_bci()); + + // Push the switch alternatives onto the stack. + for (int i = 0; i < keys; i++) { + u4 target = bci + (jint)Bytes::get_Java_u4(aligned_bcp+(3+i*delta)*jintSize); + if (target > code_length) return false; + bci_stack->push(target); + } + + // Start bytecode parsing for the switch at the default alternative. + if (default_offset > code_length) return false; + bcs.set_start(default_offset); + break; + } + + case Bytecodes::_return: + return false; + + case Bytecodes::_athrow: + { + if (bci_stack->is_empty()) { + if (handler_stack->is_empty()) { + return true; + } else { + // Parse the catch handlers for try blocks containing athrow. + bcs.set_start(handler_stack->pop()); + } + } else { + // Pop a bytecode offset and starting scanning from there. + bcs.set_start(bci_stack->pop()); + } + } + break; + + default: + ; + } // end switch + } // end while loop + + return false; +} + void ClassVerifier::verify_invoke_init( RawBytecodeStream* bcs, u2 ref_class_index, VerificationType ref_class_type, StackMapFrame* current_frame, u4 code_length, bool *this_uninit, @@ -2252,25 +2425,26 @@ return; } - // Make sure that this call is not jumped over. - if (bci < furthest_jump()) { - verify_error(ErrorContext::bad_code(bci), - "Bad method call from inside of a branch"); - return; - } - - // Make sure that this call is not done from within a TRY block because - // that can result in returning an incomplete object. Simply checking - // (bci >= start_pc) also ensures that this call is not done after a TRY - // block. That is also illegal because this call must be the first Java - // statement in the constructor. + // Check if this call is done from inside of a TRY block. If so, make + // sure that all catch clause paths end in a throw. Otherwise, this + // can result in returning an incomplete object. ExceptionTable exhandlers(_method()); int exlength = exhandlers.length(); for(int i = 0; i < exlength; i++) { - if (bci >= exhandlers.start_pc(i)) { - verify_error(ErrorContext::bad_code(bci), - "Bad method call from after the start of a try block"); - return; + u2 start_pc = exhandlers.start_pc(i); + u2 end_pc = exhandlers.end_pc(i); + + if (bci >= start_pc && bci < end_pc) { + if (!ends_in_athrow(exhandlers.handler_pc(i))) { + verify_error(ErrorContext::bad_code(bci), + "Bad method call from after the start of a try block"); + return; + } else if (VerboseVerification) { + ResourceMark rm; + tty->print_cr( + "Survived call to ends_in_athrow(): %s", + current_class()->name()->as_C_string()); + } } } @@ -2315,7 +2489,7 @@ instanceKlassHandle mh(THREAD, m->method_holder()); if (m->is_protected() && !mh->is_same_class_package(_klass())) { bool assignable = current_type().is_assignable_from( - objectref_type, this, CHECK_VERIFY(this)); + objectref_type, this, true, CHECK_VERIFY(this)); if (!assignable) { verify_error(ErrorContext::bad_type(bci, TypeOrigin::cp(new_class_index, objectref_type), @@ -2490,11 +2664,11 @@ bool have_imr_indirect = cp->tag_at(index).value() == JVM_CONSTANT_InterfaceMethodref; if (!current_class()->is_anonymous()) { subtype = ref_class_type.is_assignable_from( - current_type(), this, CHECK_VERIFY(this)); + current_type(), this, false, CHECK_VERIFY(this)); } else { VerificationType host_klass_type = VerificationType::reference_type(current_class()->host_klass()->name()); - subtype = ref_class_type.is_assignable_from(host_klass_type, this, CHECK_VERIFY(this)); + subtype = ref_class_type.is_assignable_from(host_klass_type, this, false, CHECK_VERIFY(this)); // If invokespecial of IMR, need to recheck for same or // direct interface relative to the host class @@ -2538,7 +2712,7 @@ VerificationType top = current_frame->pop_stack(CHECK_VERIFY(this)); VerificationType hosttype = VerificationType::reference_type(current_class()->host_klass()->name()); - bool subtype = hosttype.is_assignable_from(top, this, CHECK_VERIFY(this)); + bool subtype = hosttype.is_assignable_from(top, this, false, CHECK_VERIFY(this)); if (!subtype) { verify_error( ErrorContext::bad_type(current_frame->offset(), current_frame->stack_top_ctx(), @@ -2563,7 +2737,7 @@ // It's protected access, check if stack object is // assignable to current class. bool is_assignable = current_type().is_assignable_from( - stack_object_type, this, CHECK_VERIFY(this)); + stack_object_type, this, true, CHECK_VERIFY(this)); if (!is_assignable) { if (ref_class_type.name() == vmSymbols::java_lang_Object() && stack_object_type.is_array() @@ -2746,7 +2920,7 @@ "Method expects a return value"); return; } - bool match = return_type.is_assignable_from(type, this, CHECK_VERIFY(this)); + bool match = return_type.is_assignable_from(type, this, false, CHECK_VERIFY(this)); if (!match) { verify_error(ErrorContext::bad_type(bci, current_frame->stack_top_ctx(), TypeOrigin::signature(return_type)), --- ./hotspot/src/share/vm/classfile/verifier.hpp Wed Jul 30 03:51:43 2014 -0700 +++ ./hotspot/src/share/vm/classfile/verifier.hpp Mon Sep 08 12:35:01 2014 -0700 @@ -30,6 +30,7 @@ #include "oops/klass.hpp" #include "oops/method.hpp" #include "runtime/handles.hpp" +#include "utilities/growableArray.hpp" #include "utilities/exceptions.hpp" // The verifier class @@ -258,9 +259,6 @@ ErrorContext _error_context; // contains information about an error - // Used to detect illegal jumps over calls to super() nd this() in ctors. - int32_t _furthest_jump; - void verify_method(methodHandle method, TRAPS); char* generate_code_data(methodHandle m, u4 code_length, TRAPS); void verify_exception_handler_table(u4 code_length, char* code_data, @@ -306,6 +304,16 @@ StackMapFrame* current_frame, u4 code_length, bool* this_uninit, constantPoolHandle cp, TRAPS); + // Used by ends_in_athrow() to push all handlers that contain bci onto + // the handler_stack, if the handler is not already on the stack. + void push_handlers(ExceptionTable* exhandlers, + GrowableArray* handler_stack, + u4 bci); + + // Returns true if all paths starting with start_bc_offset end in athrow + // bytecode or loop. + bool ends_in_athrow(u4 start_bc_offset); + void verify_invoke_instructions( RawBytecodeStream* bcs, u4 code_length, StackMapFrame* current_frame, bool* this_uninit, VerificationType return_type, @@ -407,19 +415,6 @@ TypeOrigin ref_ctx(const char* str, TRAPS); - // Keep track of the furthest branch done in a method to make sure that - // there are no branches over calls to super() or this() from inside of - // a constructor. - int32_t furthest_jump() { return _furthest_jump; } - - void set_furthest_jump(int32_t target) { - _furthest_jump = target; - } - - void update_furthest_jump(int32_t target) { - if (target > _furthest_jump) _furthest_jump = target; - } - }; inline int ClassVerifier::change_sig_to_verificationType( --- ./hotspot/src/share/vm/interpreter/linkResolver.cpp Wed Jul 30 03:51:43 2014 -0700 +++ ./hotspot/src/share/vm/interpreter/linkResolver.cpp Mon Sep 08 12:35:01 2014 -0700 @@ -246,6 +246,12 @@ // Ignore overpasses so statics can be found during resolution Method* result_oop = klass->uncached_lookup_method(name, signature, Klass::skip_overpass); + if (klass->oop_is_array()) { + // Only consider klass and super klass for arrays + result = methodHandle(THREAD, result_oop); + return; + } + // JDK 8, JVMS 5.4.3.4: Interface method resolution should // ignore static and non-public methods of java.lang.Object, // like clone, finalize, registerNatives. @@ -290,6 +296,11 @@ result = methodHandle(THREAD, super_klass->uncached_lookup_method(name, signature, Klass::normal)); } + if (klass->oop_is_array()) { + // Only consider klass and super klass for arrays + return; + } + if (result.is_null()) { Array* default_methods = InstanceKlass::cast(klass())->default_methods(); if (default_methods != NULL) { @@ -546,7 +557,7 @@ // 2. lookup method in resolved klass and its super klasses lookup_method_in_klasses(resolved_method, resolved_klass, method_name, method_signature, true, false, CHECK); - if (resolved_method.is_null()) { // not found in the class hierarchy + if (resolved_method.is_null() && !resolved_klass->oop_is_array()) { // not found in the class hierarchy // 3. lookup method in all the interfaces implemented by the resolved klass lookup_method_in_interfaces(resolved_method, resolved_klass, method_name, method_signature, CHECK); @@ -559,16 +570,16 @@ CLEAR_PENDING_EXCEPTION; } } + } - if (resolved_method.is_null()) { - // 4. method lookup failed - ResourceMark rm(THREAD); - THROW_MSG_CAUSE(vmSymbols::java_lang_NoSuchMethodError(), - Method::name_and_sig_as_C_string(resolved_klass(), - method_name, - method_signature), - nested_exception); - } + if (resolved_method.is_null()) { + // 4. method lookup failed + ResourceMark rm(THREAD); + THROW_MSG_CAUSE(vmSymbols::java_lang_NoSuchMethodError(), + Method::name_and_sig_as_C_string(resolved_klass(), + method_name, + method_signature), + nested_exception); } // 5. access checks, access checking may be turned off when calling from within the VM. @@ -634,17 +645,18 @@ // JDK8: also look for static methods lookup_method_in_klasses(resolved_method, resolved_klass, method_name, method_signature, false, true, CHECK); - if (resolved_method.is_null()) { + if (resolved_method.is_null() && !resolved_klass->oop_is_array()) { // lookup method in all the super-interfaces lookup_method_in_interfaces(resolved_method, resolved_klass, method_name, method_signature, CHECK); - if (resolved_method.is_null()) { - // no method found - ResourceMark rm(THREAD); - THROW_MSG(vmSymbols::java_lang_NoSuchMethodError(), - Method::name_and_sig_as_C_string(resolved_klass(), - method_name, - method_signature)); - } + } + + if (resolved_method.is_null()) { + // no method found + ResourceMark rm(THREAD); + THROW_MSG(vmSymbols::java_lang_NoSuchMethodError(), + Method::name_and_sig_as_C_string(resolved_klass(), + method_name, + method_signature)); } if (check_access) { @@ -776,7 +788,7 @@ } // Resolve instance field - KlassHandle sel_klass(THREAD, InstanceKlass::cast(resolved_klass())->find_field(field, sig, &fd)); + KlassHandle sel_klass(THREAD, resolved_klass->find_field(field, sig, &fd)); // check if field exists; i.e., if a klass containing the field def has been selected if (sel_klass.is_null()) { ResourceMark rm(THREAD); --- ./hotspot/src/share/vm/memory/filemap.cpp Wed Jul 30 03:51:43 2014 -0700 +++ ./hotspot/src/share/vm/memory/filemap.cpp Mon Sep 08 12:35:01 2014 -0700 @@ -177,7 +177,14 @@ fail_continue("The shared archive file has the wrong version."); return false; } - _file_offset = (long)n; + size_t len = lseek(fd, 0, SEEK_END); + struct FileMapInfo::FileMapHeader::space_info* si = + &_header._space[MetaspaceShared::mc]; + if (si->_file_offset >= len || len - si->_file_offset < si->_used) { + fail_continue("The shared archive file has been truncated."); + return false; + } + _file_offset = n; return true; } @@ -268,6 +275,7 @@ si->_capacity = capacity; si->_read_only = read_only; si->_allow_exec = allow_exec; + si->_crc = ClassLoader::crc32(0, base, (jint)size); write_bytes_aligned(base, (int)size); } @@ -292,14 +300,15 @@ // Align file position to an allocation unit boundary. void FileMapInfo::align_file_position() { - long new_file_offset = align_size_up(_file_offset, os::vm_allocation_granularity()); + size_t new_file_offset = align_size_up(_file_offset, + os::vm_allocation_granularity()); if (new_file_offset != _file_offset) { _file_offset = new_file_offset; if (_file_open) { // Seek one byte back from the target and write a byte to insure // that the written file is the correct length. _file_offset -= 1; - if (lseek(_fd, _file_offset, SEEK_SET) < 0) { + if (lseek(_fd, (long)_file_offset, SEEK_SET) < 0) { fail_stop("Unable to seek.", NULL); } char zero = 0; @@ -406,6 +415,19 @@ return base; } +bool FileMapInfo::verify_region_checksum(int i) { + if (!VerifySharedSpaces) { + return true; + } + const char* buf = _header._space[i]._base; + size_t sz = _header._space[i]._used; + int crc = ClassLoader::crc32(0, buf, (jint)sz); + if (crc != _header._space[i]._crc) { + fail_continue("Checksum verification failed."); + return false; + } + return true; +} // Unmap a memory region in the address space. @@ -457,8 +479,20 @@ return true; } +int FileMapInfo::compute_header_crc() { + char* header = (char*)&_header; + // start computing from the field after _crc + char* buf = (char*)&_header._crc + sizeof(int); + size_t sz = sizeof(FileMapInfo::FileMapHeader) - (buf - header); + int crc = ClassLoader::crc32(0, buf, (jint)sz); + return crc; +} bool FileMapInfo::validate() { + if (VerifySharedSpaces && compute_header_crc() != _header._crc) { + fail_continue("Header checksum verification failed."); + return false; + } if (_header._version != current_version()) { fail_continue("The shared archive file is the wrong version."); return false; --- ./hotspot/src/share/vm/memory/filemap.hpp Wed Jul 30 03:51:43 2014 -0700 +++ ./hotspot/src/share/vm/memory/filemap.hpp Mon Sep 08 12:35:01 2014 -0700 @@ -54,7 +54,7 @@ bool _file_open; int _fd; - long _file_offset; + size_t _file_offset; // FileMapHeader describes the shared space data in the file to be // mapped. This structure gets written to a file. It is not a class, so @@ -62,12 +62,14 @@ struct FileMapHeader { int _magic; // identify file type. + int _crc; // header crc checksum. int _version; // (from enum, above.) size_t _alignment; // how shared archive should be aligned int _obj_alignment; // value of ObjectAlignmentInBytes struct space_info { - int _file_offset; // sizeof(this) rounded to vm page size + int _crc; // crc checksum of the current space + size_t _file_offset; // sizeof(this) rounded to vm page size char* _base; // copy-on-write base address size_t _capacity; // for validity checking size_t _used; // for setting space top on read @@ -104,6 +106,8 @@ } static int current_version() { return _current_version; } + int compute_header_crc(); + void set_header_crc(int crc) { _header._crc = crc; } void populate_header(size_t alignment); bool validate(); void invalidate(); @@ -136,6 +140,7 @@ void write_bytes_aligned(const void* buffer, int count); char* map_region(int i); void unmap_region(int i); + bool verify_region_checksum(int i); void close(); bool is_open() { return _file_open; } ReservedSpace reserve_shared_memory(); --- ./hotspot/src/share/vm/memory/metaspaceShared.cpp Wed Jul 30 03:51:43 2014 -0700 +++ ./hotspot/src/share/vm/memory/metaspaceShared.cpp Mon Sep 08 12:35:01 2014 -0700 @@ -585,6 +585,7 @@ // Pass 2 - write data. mapinfo->open_for_write(); + mapinfo->set_header_crc(mapinfo->compute_header_crc()); mapinfo->write_header(); mapinfo->write_space(MetaspaceShared::ro, _loader_data->ro_metaspace(), true); mapinfo->write_space(MetaspaceShared::rw, _loader_data->rw_metaspace(), false); @@ -863,9 +864,13 @@ // Map each shared region if ((_ro_base = mapinfo->map_region(ro)) != NULL && + mapinfo->verify_region_checksum(ro) && (_rw_base = mapinfo->map_region(rw)) != NULL && + mapinfo->verify_region_checksum(rw) && (_md_base = mapinfo->map_region(md)) != NULL && + mapinfo->verify_region_checksum(md) && (_mc_base = mapinfo->map_region(mc)) != NULL && + mapinfo->verify_region_checksum(mc) && (image_alignment == (size_t)max_alignment())) { // Success (no need to do anything) return true; --- ./hotspot/src/share/vm/oops/arrayKlass.cpp Wed Jul 30 03:51:43 2014 -0700 +++ ./hotspot/src/share/vm/oops/arrayKlass.cpp Mon Sep 08 12:35:01 2014 -0700 @@ -64,6 +64,13 @@ return NULL; } +// find field according to JVM spec 5.4.3.2, returns the klass in which the field is defined +Klass* ArrayKlass::find_field(Symbol* name, Symbol* sig, fieldDescriptor* fd) const { + // There are no fields in an array klass but look to the super class (Object) + assert(super(), "super klass must be present"); + return super()->find_field(name, sig, fd); +} + Method* ArrayKlass::uncached_lookup_method(Symbol* name, Symbol* signature, MethodLookupMode mode) const { // There are no methods in an array klass but the super class (Object) has some assert(super(), "super klass must be present"); --- ./hotspot/src/share/vm/oops/arrayKlass.hpp Wed Jul 30 03:51:43 2014 -0700 +++ ./hotspot/src/share/vm/oops/arrayKlass.hpp Mon Sep 08 12:35:01 2014 -0700 @@ -28,6 +28,7 @@ #include "memory/universe.hpp" #include "oops/klass.hpp" +class fieldDescriptor; class klassVtable; // ArrayKlass is the abstract baseclass for all array classes @@ -85,6 +86,9 @@ virtual oop multi_allocate(int rank, jint* sizes, TRAPS); objArrayOop allocate_arrayArray(int n, int length, TRAPS); + // find field according to JVM spec 5.4.3.2, returns the klass in which the field is defined + Klass* find_field(Symbol* name, Symbol* sig, fieldDescriptor* fd) const; + // Lookup operations Method* uncached_lookup_method(Symbol* name, Symbol* signature, MethodLookupMode mode) const; --- ./hotspot/src/share/vm/oops/klass.cpp Wed Jul 30 03:51:43 2014 -0700 +++ ./hotspot/src/share/vm/oops/klass.cpp Mon Sep 08 12:35:01 2014 -0700 @@ -128,6 +128,15 @@ return is_subclass_of(k); } +Klass* Klass::find_field(Symbol* name, Symbol* sig, fieldDescriptor* fd) const { +#ifdef ASSERT + tty->print_cr("Error: find_field called on a klass oop." + " Likely error: reflection method does not correctly" + " wrap return value in a mirror object."); +#endif + ShouldNotReachHere(); + return NULL; +} Method* Klass::uncached_lookup_method(Symbol* name, Symbol* signature, MethodLookupMode mode) const { #ifdef ASSERT --- ./hotspot/src/share/vm/oops/klass.hpp Wed Jul 30 03:51:43 2014 -0700 +++ ./hotspot/src/share/vm/oops/klass.hpp Mon Sep 08 12:35:01 2014 -0700 @@ -91,6 +91,7 @@ class klassVtable; class ParCompactionManager; class KlassSizeStats; +class fieldDescriptor; class Klass : public Metadata { friend class VMStructs; @@ -423,6 +424,7 @@ virtual void initialize(TRAPS); // lookup operation for MethodLookupCache friend class MethodLookupCache; + virtual Klass* find_field(Symbol* name, Symbol* signature, fieldDescriptor* fd) const; virtual Method* uncached_lookup_method(Symbol* name, Symbol* signature, MethodLookupMode mode) const; public: Method* lookup_method(Symbol* name, Symbol* signature) const { --- ./hotspot/src/share/vm/prims/jvm.cpp Wed Jul 30 03:51:43 2014 -0700 +++ ./hotspot/src/share/vm/prims/jvm.cpp Mon Sep 08 12:35:01 2014 -0700 @@ -803,6 +803,7 @@ return (jclass) JNIHandles::make_local(env, k->java_mirror()); JVM_END +// Not used; JVM_FindClassFromCaller replaces this. JVM_ENTRY(jclass, JVM_FindClassFromClassLoader(JNIEnv* env, const char* name, jboolean init, jobject loader, jboolean throwError)) @@ -829,6 +830,42 @@ return result; JVM_END +// Find a class with this name in this loader, using the caller's protection domain. +JVM_ENTRY(jclass, JVM_FindClassFromCaller(JNIEnv* env, const char* name, + jboolean init, jobject loader, + jclass caller)) + JVMWrapper2("JVM_FindClassFromCaller %s throws ClassNotFoundException", name); + // Java libraries should ensure that name is never null... + if (name == NULL || (int)strlen(name) > Symbol::max_length()) { + // It's impossible to create this class; the name cannot fit + // into the constant pool. + THROW_MSG_0(vmSymbols::java_lang_ClassNotFoundException(), name); + } + + TempNewSymbol h_name = SymbolTable::new_symbol(name, CHECK_NULL); + + oop loader_oop = JNIHandles::resolve(loader); + oop from_class = JNIHandles::resolve(caller); + oop protection_domain = NULL; + // If loader is null, shouldn't call ClassLoader.checkPackageAccess; otherwise get + // NPE. Put it in another way, the bootstrap class loader has all permission and + // thus no checkPackageAccess equivalence in the VM class loader. + // The caller is also passed as NULL by the java code if there is no security + // manager to avoid the performance cost of getting the calling class. + if (from_class != NULL && loader_oop != NULL) { + protection_domain = java_lang_Class::as_Klass(from_class)->protection_domain(); + } + + Handle h_loader(THREAD, loader_oop); + Handle h_prot(THREAD, protection_domain); + jclass result = find_class_from_class_loader(env, h_name, init, h_loader, + h_prot, false, THREAD); + + if (TraceClassResolution && result != NULL) { + trace_class_resolution(java_lang_Class::as_Klass(JNIHandles::resolve_non_null(result))); + } + return result; +JVM_END JVM_ENTRY(jclass, JVM_FindClassFromClass(JNIEnv *env, const char *name, jboolean init, jclass from)) @@ -3984,10 +4021,15 @@ // Shared JNI/JVM entry points ////////////////////////////////////////////////////////////// -jclass find_class_from_class_loader(JNIEnv* env, Symbol* name, jboolean init, Handle loader, Handle protection_domain, jboolean throwError, TRAPS) { +jclass find_class_from_class_loader(JNIEnv* env, Symbol* name, jboolean init, + Handle loader, Handle protection_domain, + jboolean throwError, TRAPS) { // Security Note: // The Java level wrapper will perform the necessary security check allowing - // us to pass the NULL as the initiating class loader. + // us to pass the NULL as the initiating class loader. The VM is responsible for + // the checkPackageAccess relative to the initiating class loader via the + // protection_domain. The protection_domain is passed as NULL by the java code + // if there is no security manager in 3-arg Class.forName(). Klass* klass = SystemDictionary::resolve_or_fail(name, loader, protection_domain, throwError != 0, CHECK_NULL); KlassHandle klass_handle(THREAD, klass); --- ./hotspot/src/share/vm/prims/jvm.h Wed Jul 30 03:51:43 2014 -0700 +++ ./hotspot/src/share/vm/prims/jvm.h Mon Sep 08 12:35:01 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -420,6 +420,19 @@ JVM_FindClassFromBootLoader(JNIEnv *env, const char *name); /* + * Find a class from a given class loader. Throws ClassNotFoundException. + * name: name of class + * init: whether initialization is done + * loader: class loader to look up the class. This may not be the same as the caller's + * class loader. + * caller: initiating class. The initiating class may be null when a security + * manager is not installed. + */ +JNIEXPORT jclass JNICALL +JVM_FindClassFromCaller(JNIEnv *env, const char *name, jboolean init, + jobject loader, jclass caller); + +/* * Find a class from a given class. */ JNIEXPORT jclass JNICALL --- ./hotspot/src/share/vm/runtime/arguments.cpp Wed Jul 30 03:51:43 2014 -0700 +++ ./hotspot/src/share/vm/runtime/arguments.cpp Mon Sep 08 12:35:01 2014 -0700 @@ -2387,6 +2387,10 @@ warning("The VM option CICompilerCountPerCPU overrides CICompilerCount."); } +#ifdef COMPILER1 + status &= verify_interval(SafepointPollOffset, 0, os::vm_page_size() - BytesPerWord, "SafepointPollOffset"); +#endif + return status; } @@ -3577,6 +3581,11 @@ return JNI_ENOMEM; } + // Set up VerifySharedSpaces + if (FLAG_IS_DEFAULT(VerifySharedSpaces) && SharedArchiveFile != NULL) { + VerifySharedSpaces = true; + } + // Delay warning until here so that we've had a chance to process // the -XX:-PrintWarnings flag if (needs_hotspotrc_warning) { --- ./hotspot/src/share/vm/runtime/globals.hpp Wed Jul 30 03:51:43 2014 -0700 +++ ./hotspot/src/share/vm/runtime/globals.hpp Mon Sep 08 12:35:01 2014 -0700 @@ -1142,11 +1142,11 @@ "Prevent spurious or premature wakeups from object.wait " \ "(Solaris only)") \ \ - product(intx, NativeMonitorTimeout, -1, "(Unstable)") \ - \ - product(intx, NativeMonitorFlags, 0, "(Unstable)") \ - \ - product(intx, NativeMonitorSpinLimit, 20, "(Unstable)") \ + experimental(intx, NativeMonitorTimeout, -1, "(Unstable)") \ + \ + experimental(intx, NativeMonitorFlags, 0, "(Unstable)") \ + \ + experimental(intx, NativeMonitorSpinLimit, 20, "(Unstable)") \ \ develop(bool, UsePthreads, false, \ "Use pthread-based instead of libthread-based synchronization " \ @@ -3745,6 +3745,10 @@ product(bool, UseSharedSpaces, true, \ "Use shared spaces for metadata") \ \ + product(bool, VerifySharedSpaces, false, \ + "Verify shared spaces (false for default archive, true for " \ + "archive specified by -XX:SharedArchiveFile)") \ + \ product(bool, RequireSharedSpaces, false, \ "Require shared spaces for metadata") \ \ --- ./hotspot/src/share/vm/runtime/reflection.cpp Wed Jul 30 03:51:43 2014 -0700 +++ ./hotspot/src/share/vm/runtime/reflection.cpp Mon Sep 08 12:35:01 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -482,7 +482,7 @@ ik = InstanceKlass::cast(hc); // There's no way to make a host class loop short of patching memory. - // Therefore there cannot be a loop here unles there's another bug. + // Therefore there cannot be a loop here unless there's another bug. // Still, let's check for it. assert(--inf_loop_check > 0, "no host_klass loop"); } @@ -551,7 +551,8 @@ if (access.is_protected()) { if (!protected_restriction) { // See if current_class (or outermost host class) is a subclass of field_class - if (host_class->is_subclass_of(field_class)) { + // An interface may not access protected members of j.l.Object + if (!host_class->is_interface() && host_class->is_subclass_of(field_class)) { if (access.is_static() || // static fields are ok, see 6622385 current_class == resolved_class || field_class == resolved_class || --- ./hotspot/test/runtime/7116786/Test7116786.java Wed Jul 30 03:51:43 2014 -0700 +++ ./hotspot/test/runtime/7116786/Test7116786.java Mon Sep 08 12:35:01 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -147,7 +147,8 @@ "no stackmap frame at jump location or bad jump", "Inconsistent stackmap frames at branch target "), - new Case("case15", "stackMapTable.cpp", true, "check_new_object", + /* Backward jump with uninit is allowed starting with JDK 8 */ + new Case("case15", "stackMapTable.cpp", false, "check_new_object", "backward jump with uninit", "Uninitialized object exists on backward branch "), --- ./jaxp/.hgtags Wed Jul 30 03:53:11 2014 -0700 +++ ./jaxp/.hgtags Mon Sep 08 12:36:00 2014 -0700 @@ -313,3 +313,21 @@ d6ded60cfdc53861ae7d1a010f95b5036d610e80 jdk8u20-b23 dd09d8b9edefb5684941941e5d9b35c84ee066f3 jdk8u20-b24 dd09d8b9edefb5684941941e5d9b35c84ee066f3 jdk8u20-b25 +938b9d502c2b0f9684151e1b1f47cf7052db1502 jdk8u20-b26 +65e5ee249ebc81c0ccfff23946a0a2a6d4becdcc jdk8u25-b00 +b29277565edfdece4e3928b135d4fd86ae141e4f jdk8u25-b01 +09df5bda467090041090873f71d418eebcadf516 jdk8u25-b02 +f3567e6bed22eaf89c3c7d64e0b1fa308707260f jdk8u25-b03 +a4d0f11cf08d5dae91c5e9ad387b1ff88388503d jdk8u25-b04 +0c4917cea678dc2a3745baca74016f0d6f169012 jdk8u25-b05 +e84d78dd9e0533eb11c26b69727c044898d19f60 jdk8u25-b06 +7aaaec31a0331ad091abedf81c928b47a982222d jdk8u25-b07 +e48a4594f19ad119bc27d89c53dd35d11ed6da7d jdk8u25-b08 +a09893b8f617912569196d7bd64a96c349796be0 jdk8u25-b09 +85de91b6e953c8c21ac5e6d9a5e284f86d759680 jdk8u25-b10 +5c1ac461fef7fe0f810bd9d6051db5a24247de1d jdk8u25-b11 +c078e904db0a7be650e4ba2d665277785e2216b0 jdk8u25-b12 +24184cfe0f8b0da0f349933ae7b5cc16455a52b8 jdk8u25-b13 +90f3b8b970a8bb3173083111248372afdc61652d jdk8u25-b14 +f5ac2e242bb95be0a3deddf37362178202086137 jdk8u25-b15 +df68b132a471ed1e825a79bd1d8acb47d2bcc04f jdk8u25-b16 --- ./jaxp/src/com/sun/org/apache/xalan/internal/xsltc/compiler/util/ErrorMessages_ja.java Wed Jul 30 03:53:11 2014 -0700 +++ ./jaxp/src/com/sun/org/apache/xalan/internal/xsltc/compiler/util/ErrorMessages_ja.java Mon Sep 08 12:36:00 2014 -0700 @@ -679,7 +679,7 @@ * documentation. */ {ErrorMsg.COMPILE_USAGE_STR, - "SYNOPSIS\n java com.sun.org.apache.xalan.internal.xsltc.cmdline.Compile [-o ]\n [-d ] [-j ] [-p ]\n [-n] [-x] [-u] [-v] [-h] { | -i }\n\nOPTIONS\n -o \u540D\u524D\u3092\u751F\u6210\u6E08translet\u306B\n \u5272\u308A\u5F53\u3066\u308B\u3002\u30C7\u30D5\u30A9\u30EB\u30C8\u3067\u306F\u3001translet\u540D\u306F\n \u540D\u306B\u7531\u6765\u3057\u307E\u3059\u3002\u3053\u306E\u30AA\u30D7\u30B7\u30E7\u30F3\u306F\n \u8907\u6570\u306E\u30B9\u30BF\u30A4\u30EB\u30B7\u30FC\u30C8\u3092\u30B3\u30F3\u30D1\u30A4\u30EB\u3059\u308B\u5834\u5408\u306F\u7121\u8996\u3055\u308C\u307E\u3059\u3002\n -d translet\u306E\u5B9B\u5148\u30C7\u30A3\u30EC\u30AF\u30C8\u30EA\u3092\u6307\u5B9A\u3059\u308B\n -j \u3067\u6307\u5B9A\u3055\u308C\u308B\u540D\u524D\u306Ejar\u30D5\u30A1\u30A4\u30EB\u306Btranslet\u30AF\u30E9\u30B9\u3092\n \u30D1\u30C3\u30B1\u30FC\u30B8\u3059\u308B\n -p \u751F\u6210\u3055\u308C\u308B\u3059\u3079\u3066\u306Etranslet\u30AF\u30E9\u30B9\u306E\u30D1\u30C3\u30B1\u30FC\u30B8\u540D\n \u63A5\u982D\u8F9E\u3092\u6307\u5B9A\u3059\u308B\u3002\n -n \u30C6\u30F3\u30D7\u30EC\u30FC\u30C8\u306E\u30A4\u30F3\u30E9\u30A4\u30F3\u5316\u3092\u6709\u52B9\u306B\u3059\u308B(\u5E73\u5747\u3057\u3066\u30C7\u30D5\u30A9\u30EB\u30C8\u52D5\u4F5C\u306E\u65B9\u304C\n \u512A\u308C\u3066\u3044\u307E\u3059)\u3002\n -x \u8FFD\u52A0\u306E\u30C7\u30D0\u30C3\u30B0\u30FB\u30E1\u30C3\u30BB\u30FC\u30B8\u51FA\u529B\u3092\u30AA\u30F3\u306B\u3059\u308B\n -u \u5F15\u6570\u3092URL\u3068\u3057\u3066\u89E3\u91C8\u3059\u308B\n -i \u30B9\u30BF\u30A4\u30EB\u30B7\u30FC\u30C8\u3092stdin\u304B\u3089\u8AAD\u307F\u8FBC\u3080\u3053\u3068\u3092\u30B3\u30F3\u30D1\u30A4\u30E9\u306B\u5F37\u5236\u3059\u308B\n -v \u30B3\u30F3\u30D1\u30A4\u30E9\u306E\u30D0\u30FC\u30B8\u30E7\u30F3\u3092\u51FA\u529B\u3059\u308B\n -h \u3053\u306E\u4F7F\u7528\u65B9\u6CD5\u306E\u6587\u3092\u51FA\u529B\u3059\u308B\n"}, + "\u5F62\u5F0F\n java com.sun.org.apache.xalan.internal.xsltc.cmdline.Compile [-o ]\n [-d ] [-j ] [-p ]\n [-n] [-x] [-u] [-v] [-h] { | -i }\n\nOPTIONS\n -o \u540D\u524D\u3092\u751F\u6210\u6E08translet\u306B\n \u5272\u308A\u5F53\u3066\u308B\u3002\u30C7\u30D5\u30A9\u30EB\u30C8\u3067\u306F\u3001translet\u540D\u306F\n \u540D\u306B\u7531\u6765\u3057\u307E\u3059\u3002\u3053\u306E\u30AA\u30D7\u30B7\u30E7\u30F3\u306F\n \u8907\u6570\u306E\u30B9\u30BF\u30A4\u30EB\u30B7\u30FC\u30C8\u3092\u30B3\u30F3\u30D1\u30A4\u30EB\u3059\u308B\u5834\u5408\u306F\u7121\u8996\u3055\u308C\u307E\u3059\u3002\n -d translet\u306E\u5B9B\u5148\u30C7\u30A3\u30EC\u30AF\u30C8\u30EA\u3092\u6307\u5B9A\u3059\u308B\n -j \u3067\u6307\u5B9A\u3055\u308C\u308B\u540D\u524D\u306Ejar\u30D5\u30A1\u30A4\u30EB\u306Btranslet\u30AF\u30E9\u30B9\u3092\n \u30D1\u30C3\u30B1\u30FC\u30B8\u3059\u308B\n -p \u751F\u6210\u3055\u308C\u308B\u3059\u3079\u3066\u306Etranslet\u30AF\u30E9\u30B9\u306E\u30D1\u30C3\u30B1\u30FC\u30B8\u540D\n \u63A5\u982D\u8F9E\u3092\u6307\u5B9A\u3059\u308B\u3002\n -n \u30C6\u30F3\u30D7\u30EC\u30FC\u30C8\u306E\u30A4\u30F3\u30E9\u30A4\u30F3\u5316\u3092\u6709\u52B9\u306B\u3059\u308B(\u5E73\u5747\u3057\u3066\u30C7\u30D5\u30A9\u30EB\u30C8\u52D5\u4F5C\u306E\u65B9\u304C\n \u512A\u308C\u3066\u3044\u307E\u3059)\u3002\n -x \u8FFD\u52A0\u306E\u30C7\u30D0\u30C3\u30B0\u30FB\u30E1\u30C3\u30BB\u30FC\u30B8\u51FA\u529B\u3092\u30AA\u30F3\u306B\u3059\u308B\n -u \u5F15\u6570\u3092URL\u3068\u3057\u3066\u89E3\u91C8\u3059\u308B\n -i \u30B9\u30BF\u30A4\u30EB\u30B7\u30FC\u30C8\u3092stdin\u304B\u3089\u8AAD\u307F\u8FBC\u3080\u3053\u3068\u3092\u30B3\u30F3\u30D1\u30A4\u30E9\u306B\u5F37\u5236\u3059\u308B\n -v \u30B3\u30F3\u30D1\u30A4\u30E9\u306E\u30D0\u30FC\u30B8\u30E7\u30F3\u3092\u51FA\u529B\u3059\u308B\n -h \u3053\u306E\u4F7F\u7528\u65B9\u6CD5\u306E\u6587\u3092\u51FA\u529B\u3059\u308B\n"}, /* * Note to translators: This message contains usage information for a @@ -691,7 +691,7 @@ * documentation. */ {ErrorMsg.TRANSFORM_USAGE_STR, - "SYNOPSIS \n java com.sun.org.apache.xalan.internal.xsltc.cmdline.Transform [-j ]\n [-x] [-n ] {-u | }\n [= ...]\n\n translet \u3092\u4F7F\u7528\u3057\u3066\u3001\u3067\u6307\u5B9A\u3055\u308C\u308B\n XML\u30C9\u30AD\u30E5\u30E1\u30F3\u30C8\u3092\u5909\u63DB\u3059\u308B\u3002translet \u306F\n \u30E6\u30FC\u30B6\u30FC\u306ECLASSPATH\u5185\u304B\u3001\u30AA\u30D7\u30B7\u30E7\u30F3\u3067\u6307\u5B9A\u3055\u308C\u305F\u5185\u306B\u3042\u308A\u307E\u3059\u3002\nOPTIONS\n -j translet\u3092\u30ED\u30FC\u30C9\u3059\u308Bjarfile\u3092\u6307\u5B9A\u3059\u308B\n -x \u8FFD\u52A0\u306E\u30C7\u30D0\u30C3\u30B0\u30FB\u30E1\u30C3\u30BB\u30FC\u30B8\u51FA\u529B\u3092\u30AA\u30F3\u306B\u3059\u308B\n -n \u5909\u63DB\u3092\u56DE\u5B9F\u884C\u3057\u3001\n \u30D7\u30ED\u30D5\u30A1\u30A4\u30EB\u60C5\u5831\u3092\u8868\u793A\u3059\u308B\n -u XML\u5165\u529B\u30C9\u30AD\u30E5\u30E1\u30F3\u30C8\u3092URL\u3068\u3057\u3066\u6307\u5B9A\u3059\u308B\n"}, + "\u5F62\u5F0F \n java com.sun.org.apache.xalan.internal.xsltc.cmdline.Transform [-j ]\n [-x] [-n ] {-u | }\n [= ...]\n\n translet \u3092\u4F7F\u7528\u3057\u3066\u3001\u3067\u6307\u5B9A\u3055\u308C\u308B\n XML\u30C9\u30AD\u30E5\u30E1\u30F3\u30C8\u3092\u5909\u63DB\u3059\u308B\u3002translet \u306F\n \u30E6\u30FC\u30B6\u30FC\u306ECLASSPATH\u5185\u304B\u3001\u30AA\u30D7\u30B7\u30E7\u30F3\u3067\u6307\u5B9A\u3055\u308C\u305F\u5185\u306B\u3042\u308A\u307E\u3059\u3002\nOPTIONS\n -j translet\u3092\u30ED\u30FC\u30C9\u3059\u308Bjarfile\u3092\u6307\u5B9A\u3059\u308B\n -x \u8FFD\u52A0\u306E\u30C7\u30D0\u30C3\u30B0\u30FB\u30E1\u30C3\u30BB\u30FC\u30B8\u51FA\u529B\u3092\u30AA\u30F3\u306B\u3059\u308B\n -n \u5909\u63DB\u3092\u56DE\u5B9F\u884C\u3057\u3001\n \u30D7\u30ED\u30D5\u30A1\u30A4\u30EA\u30F3\u30B0\u60C5\u5831\u3092\u8868\u793A\u3059\u308B\n -u XML\u5165\u529B\u30C9\u30AD\u30E5\u30E1\u30F3\u30C8\u3092URL\u3068\u3057\u3066\u6307\u5B9A\u3059\u308B\n"}, --- ./jaxp/src/com/sun/org/apache/xerces/internal/impl/XMLDocumentFragmentScannerImpl.java Wed Jul 30 03:53:11 2014 -0700 +++ ./jaxp/src/com/sun/org/apache/xerces/internal/impl/XMLDocumentFragmentScannerImpl.java Mon Sep 08 12:36:00 2014 -0700 @@ -612,9 +612,9 @@ //fElementStack2.clear(); //fReplaceEntityReferences = true; //fSupportExternalEntities = true; - Boolean bo = (Boolean)propertyManager.getProperty(XMLInputFactoryImpl.IS_REPLACING_ENTITY_REFERENCES); + Boolean bo = (Boolean)propertyManager.getProperty(XMLInputFactory.IS_REPLACING_ENTITY_REFERENCES); fReplaceEntityReferences = bo.booleanValue(); - bo = (Boolean)propertyManager.getProperty(XMLInputFactoryImpl.IS_SUPPORTING_EXTERNAL_ENTITIES); + bo = (Boolean)propertyManager.getProperty(XMLInputFactory.IS_SUPPORTING_EXTERNAL_ENTITIES); fSupportExternalEntities = bo.booleanValue(); Boolean cdata = (Boolean)propertyManager.getProperty(Constants.ZEPHYR_PROPERTY_PREFIX + Constants.STAX_REPORT_CDATA_EVENT) ; if(cdata != null) --- ./jaxp/src/com/sun/org/apache/xerces/internal/impl/XMLEntityManager.java Wed Jul 30 03:53:11 2014 -0700 +++ ./jaxp/src/com/sun/org/apache/xerces/internal/impl/XMLEntityManager.java Mon Sep 08 12:36:00 2014 -0700 @@ -53,6 +53,7 @@ import java.util.Map; import java.util.Stack; import javax.xml.XMLConstants; +import javax.xml.stream.XMLInputFactory; /** @@ -305,6 +306,11 @@ /** Property Manager. This is used from Stax */ protected PropertyManager fPropertyManager ; + /** StAX properties */ + boolean fSupportDTD = true; + boolean fReplaceEntityReferences = true; + boolean fSupportExternalEntities = true; + /** used to restrict external access */ protected String fAccessExternalDTD = EXTERNAL_ACCESS_DEFAULT; @@ -1136,7 +1142,8 @@ boolean parameter = entityName.startsWith("%"); boolean general = !parameter; if (unparsed || (general && !fExternalGeneralEntities) || - (parameter && !fExternalParameterEntities)) { + (parameter && !fExternalParameterEntities) || + !fSupportDTD || !fSupportExternalEntities) { if (fEntityHandler != null) { fResourceIdentifier.clear(); @@ -1431,6 +1438,10 @@ fStaxEntityResolver = null; } + fSupportDTD = ((Boolean)propertyManager.getProperty(XMLInputFactory.SUPPORT_DTD)).booleanValue(); + fReplaceEntityReferences = ((Boolean)propertyManager.getProperty(XMLInputFactory.IS_REPLACING_ENTITY_REFERENCES)).booleanValue(); + fSupportExternalEntities = ((Boolean)propertyManager.getProperty(XMLInputFactory.IS_SUPPORTING_EXTERNAL_ENTITIES)).booleanValue(); + // Zephyr feature ignore-external-dtd is the opposite of Xerces' load-external-dtd fLoadExternalDTD = !((Boolean)propertyManager.getProperty(Constants.ZEPHYR_PROPERTY_PREFIX + Constants.IGNORE_EXTERNAL_DTD)).booleanValue(); @@ -1502,6 +1513,11 @@ fSecurityManager = (XMLSecurityManager)componentManager.getProperty(SECURITY_MANAGER, null); entityExpansionIndex = fSecurityManager.getIndex(Constants.JDK_ENTITY_EXPANSION_LIMIT); + //StAX Property + fSupportDTD = true; + fReplaceEntityReferences = true; + fSupportExternalEntities = true; + // JAXP 1.5 feature XMLSecurityPropertyManager spm = (XMLSecurityPropertyManager) componentManager.getProperty(XML_SECURITY_PROPERTY_MANAGER, null); if (spm == null) { --- ./jaxp/src/com/sun/org/apache/xerces/internal/impl/msg/DOMMessages_de.properties Wed Jul 30 03:53:11 2014 -0700 +++ ./jaxp/src/com/sun/org/apache/xerces/internal/impl/msg/DOMMessages_de.properties Mon Sep 08 12:36:00 2014 -0700 @@ -26,7 +26,7 @@ SYNTAX_ERR = Ung\u00FCltige Zeichenfolge angegeben. VALIDATION_ERR = Aufruf einer Methode wie insertBefore oder removeChild w\u00FCrde die Dokumentgrammatik des Knotens ung\u00FCltig machen. WRONG_DOCUMENT_ERR = Ein Knoten wird in einem anderen Dokument verwendet als dem, von dem er erstellt wurde. -TYPE_MISMATCH_ERR = Der Wertetyp f\u00FCr diesen Parameternamen ist nicht mit dem erwarteten Wertetyp kompatibel. +TYPE_MISMATCH_ERR = Der Werttyp f\u00FCr diesen Parameternamen ist nicht mit dem erwarteten Werttyp kompatibel. #error messages or exceptions FEATURE_NOT_SUPPORTED = Parameter {0} wird erkannt, aber der angeforderte Wert kann nicht festgelegt werden. --- ./jaxp/src/com/sun/org/apache/xerces/internal/impl/msg/XIncludeMessages_de.properties Wed Jul 30 03:53:11 2014 -0700 +++ ./jaxp/src/com/sun/org/apache/xerces/internal/impl/msg/XIncludeMessages_de.properties Mon Sep 08 12:36:00 2014 -0700 @@ -27,7 +27,7 @@ UnexpandedEntityReferenceIllegal = Der Ersatz eines "include"-Elements, das als Dokumentelement im Quell-Infoset der obersten Ebene angezeigt wird, darf keine nicht erweiterten Entit\u00E4tsreferenzen enthalten. HrefFragmentIdentifierIllegal = Fragment-IDs d\u00FCrfen nicht verwendet werden. Der "href"-Attributwert "{0}" ist nicht zul\u00E4ssig. HrefSyntacticallyInvalid = "href"-Attributwert "{0}" hat eine ung\u00FCltige Syntax. Nach Anwenden der Escape-Regeln ist der Wert kein syntaktisch korrekter URI oder IRI. -XPointerStreamability = Es wurde ein xpointer angegeben, der auf eine Stelle im Quell-Infoset verweist. Auf diese Stelle kann aufgrund des Streaming-Charakters des Prozessors nicht zugegriffen werden. +XPointerStreamability = Es wurde ein xpointer angegeben, der auf eine Stelle im Quell-Infoset verweist. Auf diese Stelle kann aufgrund des Streamingcharakters des Prozessors nicht zugegriffen werden. XPointerResolutionUnsuccessful = XPointer-Aufl\u00F6sung nicht erfolgreich. --- ./jaxp/src/com/sun/org/apache/xpath/internal/res/XPATHErrorResources_de.java Wed Jul 30 03:53:11 2014 -0700 +++ ./jaxp/src/com/sun/org/apache/xpath/internal/res/XPATHErrorResources_de.java Mon Sep 08 12:36:00 2014 -0700 @@ -3,7 +3,7 @@ * DO NOT REMOVE OR ALTER! */ /* - * Copyright 1999-2004 The Apache Software Foundation. + * Copyright 1999-2005 The Apache Software Foundation. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -878,7 +878,7 @@ { "optionIN", " [-in inputXMLURL]"}, { "optionSelect", " [-select xpath expression]"}, { "optionMatch", " [-match match pattern (f\u00FCr Vergleichsdiagnose)]"}, - { "optionAnyExpr", "Oder nur ein XPath-Ausdruck f\u00FChrt einen Diagnose-Dump aus"}, + { "optionAnyExpr", "Oder nur ein XPath-Ausdruck f\u00FChrt einen Diagnosedump aus"}, { "noParsermsg1", "XSL-Prozess war nicht erfolgreich."}, { "noParsermsg2", "** Parser konnte nicht gefunden werden **"}, { "noParsermsg3", "Pr\u00FCfen Sie den Classpath."}, --- ./jaxws/.hgtags Wed Jul 30 03:53:36 2014 -0700 +++ ./jaxws/.hgtags Mon Sep 08 12:36:09 2014 -0700 @@ -311,3 +311,21 @@ f3bf1b270fea8b17aa2846f962f7514b6f772ab4 jdk8u20-b23 1277c0d492fd9253f1ea2730eb160953397bd939 jdk8u20-b24 1277c0d492fd9253f1ea2730eb160953397bd939 jdk8u20-b25 +7025a2c10ea4116ce8f31bb1e305f732aa1025f0 jdk8u20-b26 +efc85d318f4697f40bdd1f3757677be97f1758d9 jdk8u25-b00 +a76779e1b0376650dfc29a1f3b14760f05e0fc6d jdk8u25-b01 +3d31955043b9f1807c9d695c7b5d604d11c132cf jdk8u25-b02 +c67cb85b249c69a96d7ac72734c35bc18644befe jdk8u25-b03 +81129354f0e821f3d41dbcf8a68ce82f9d776127 jdk8u25-b04 +5f78130b0a64df9568a827f9ea589fdc3a7c080c jdk8u25-b05 +433da54f73257545d95edbc356fdb0e37a9d95eb jdk8u25-b06 +cccfc3f8dec888c8fe86c212a51af2fba1e11aef jdk8u25-b07 +c758be4c3cac65a2744bf4e7ed9bdabb85234de2 jdk8u25-b08 +73423d29fe362e843cdccad510e2e44e2899bc9e jdk8u25-b09 +391b45e0081afcf3db709878916063a63dca7b05 jdk8u25-b10 +57cd66833abf44f499faaaed2c16bdf94b258ca9 jdk8u25-b11 +56b97127afa66fa01eec0fcf467a77cd2e445b4f jdk8u25-b12 +0ebb9d8c3dd49559b716f02825924801be55b3e7 jdk8u25-b13 +392a9579cc95d27806c1dde16eee776524a49761 jdk8u25-b14 +d3a96bbb88521188a3af1a34dd9523f13afa521d jdk8u25-b15 +4570a7d00aa9bd3df028f52d6f9d8c434163b689 jdk8u25-b16 --- ./jdk/.hgtags Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/.hgtags Tue Sep 09 12:00:58 2014 -0700 @@ -311,3 +311,24 @@ be30cb2a3088f2b7b334b499f7eddbd5312312a7 jdk8u20-b23 dfb9f24d56b51e5a2ca26e77fc69a2464d51a4d3 jdk8u20-b24 dfb9f24d56b51e5a2ca26e77fc69a2464d51a4d3 jdk8u20-b25 +dd229c5f57bff4e75a70908294a13072b9a48385 jdk8u20-b26 +abca9f6f1a10e9f91b2538bbe7870f54f550d986 jdk8u25-b00 +7d0627679c9fdeaaaa9fe15c7cc11af0763621ec jdk8u25-b01 +b0277ec994b751ebb761814675352506cd56bcd6 jdk8u25-b02 +5606d84f30bab5ed4bc5776572edd469fb013e13 jdk8u25-b03 +40630cd55da8a2db7980249dc31af285965cb5e9 jdk8u25-b04 +75b48287a1b3fc5757ac473f72c8918c7f345ffc jdk8u25-b05 +5b80b4b22b4ca0b630c7f1cec3605da7694168e2 jdk8u25-b06 +0e0a35b0bf0ff5852026c50038d5c2ecb26c075c jdk8u25-b07 +d7d221f56fd17b96bab4440448641a844f9e92cd jdk8u25-b08 +0c6cf43c5bcf0917d07a1bc94adb7a091f18f32c jdk8u25-b09 +1317d94e95861a47fee8258903b652af70a3493c jdk8u25-b10 +2104dfd9a4c2b519cdca019aec938db539bf4f3f jdk8u25-b11 +eaaa9a04b9fdcfa4a830b811ed209eb2c45a4a6b jdk8u25-b12 +c3a855402b923d3ba819b05292a971953fc8ed0b jdk8u25-b13 +2a6df63ca0f0f59bb730638b05c72d77a23f93c8 jdk8u25-b14 +412d9ade90401d098f3662bd688ab393008423bd jdk8u25-b15 +f07bc5dab84c67f5d1dccbab318ee1c5485c852d jdk8u25-b16 +0000000000000000000000000000000000000000 jdk8u25-b16 +0000000000000000000000000000000000000000 jdk8u25-b16 +d067890f970f3a712f870f6311d20f3359b6eaf0 jdk8u25-b16 --- ./jdk/make/lib/CoreLibraries.gmk Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/make/lib/CoreLibraries.gmk Tue Sep 09 12:00:58 2014 -0700 @@ -264,7 +264,7 @@ $(call SET_SHARED_LIBRARY_ORIGIN) \ $(EXPORT_ZIP_FUNCS), \ LDFLAGS_windows := -export:ZIP_Open -export:ZIP_Close -export:ZIP_FindEntry \ - -export:ZIP_ReadEntry -export:ZIP_GetNextEntry jvm.lib \ + -export:ZIP_ReadEntry -export:ZIP_GetNextEntry -export:ZIP_CRC32 jvm.lib \ $(WIN_JAVA_LIB), \ LDFLAGS_SUFFIX_linux := -ljvm -ljava $(LIBZ), \ LDFLAGS_SUFFIX_solaris := -ljvm -ljava $(LIBZ) -lc, \ --- ./jdk/make/mapfiles/libnet/mapfile-vers Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/make/mapfiles/libnet/mapfile-vers Tue Sep 09 12:00:58 2014 -0700 @@ -28,6 +28,8 @@ SUNWprivate_1.1 { global: JNI_OnLoad; + Java_java_net_AbstractPlainDatagramSocketImpl_init; + Java_java_net_AbstractPlainDatagramSocketImpl_dataAvailable; Java_java_net_PlainSocketImpl_socketListen; Java_java_net_PlainDatagramSocketImpl_getTTL; Java_java_net_PlainDatagramSocketImpl_init; --- ./jdk/src/macosx/classes/sun/lwawt/LWWindowPeer.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/macosx/classes/sun/lwawt/LWWindowPeer.java Tue Sep 09 12:00:58 2014 -0700 @@ -105,6 +105,8 @@ private final SecurityWarningWindow warningWindow; + private volatile boolean targetFocusable; + /** * Current modal blocker or null. * @@ -240,13 +242,12 @@ if (!visible && warningWindow != null) { warningWindow.setVisible(false, false); } - + updateFocusableWindowState(); super.setVisibleImpl(visible); // TODO: update graphicsConfig, see 4868278 platformWindow.setVisible(visible); if (isSimpleWindow()) { KeyboardFocusManagerPeer kfmPeer = LWKeyboardFocusManagerPeer.getInstance(); - if (visible) { if (!getTarget().isAutoRequestFocus()) { return; @@ -397,6 +398,7 @@ @Override public void updateFocusableWindowState() { + targetFocusable = getTarget().isFocusableWindow(); platformWindow.updateFocusableWindowState(); } @@ -1220,13 +1222,13 @@ } private boolean isFocusableWindow() { - boolean focusable = getTarget().isFocusableWindow(); + boolean focusable = targetFocusable; if (isSimpleWindow()) { LWWindowPeer ownerPeer = getOwnerFrameDialog(this); if (ownerPeer == null) { return false; } - return focusable && ownerPeer.getTarget().isFocusableWindow(); + return focusable && ownerPeer.targetFocusable; } return focusable; } --- ./jdk/src/share/classes/com/sun/java/swing/plaf/motif/MotifScrollPaneUI.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/com/sun/java/swing/plaf/motif/MotifScrollPaneUI.java Tue Sep 09 12:00:58 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2004, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -56,19 +56,22 @@ private PropertyChangeListener propertyChangeHandler; + @Override protected void installListeners(JScrollPane scrollPane) { super.installListeners(scrollPane); propertyChangeHandler = createPropertyChangeHandler(); scrollPane.addPropertyChangeListener(propertyChangeHandler); } - protected void uninstallListeners(JScrollPane scrollPane) { + @Override + protected void uninstallListeners(JComponent scrollPane) { super.uninstallListeners(scrollPane); scrollPane.removePropertyChangeListener(propertyChangeHandler); } private PropertyChangeListener createPropertyChangeHandler() { return new PropertyChangeListener() { + @Override public void propertyChange(PropertyChangeEvent e) { String propertyName = e.getPropertyName(); @@ -92,6 +95,7 @@ }}; } + @Override protected void installDefaults(JScrollPane scrollpane) { super.installDefaults(scrollpane); @@ -115,7 +119,7 @@ } } - + @Override protected void uninstallDefaults(JScrollPane c) { super.uninstallDefaults(c); --- ./jdk/src/share/classes/com/sun/org/apache/xml/internal/security/Init.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/com/sun/org/apache/xml/internal/security/Init.java Tue Sep 09 12:00:58 2014 -0700 @@ -25,6 +25,8 @@ import java.io.InputStream; import java.security.AccessController; import java.security.PrivilegedAction; +import java.security.PrivilegedActionException; +import java.security.PrivilegedExceptionAction; import java.util.ArrayList; import java.util.List; @@ -35,6 +37,7 @@ import com.sun.org.apache.xml.internal.security.algorithms.JCEMapper; import com.sun.org.apache.xml.internal.security.algorithms.SignatureAlgorithm; import com.sun.org.apache.xml.internal.security.c14n.Canonicalizer; +import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException; import com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolver; import com.sun.org.apache.xml.internal.security.transforms.Transform; import com.sun.org.apache.xml.internal.security.utils.ElementProxy; @@ -118,43 +121,50 @@ log.log(java.util.logging.Level.FINE, "Registering default algorithms"); } try { - // - // Bind the default prefixes - // - ElementProxy.registerDefaultPrefixes(); + AccessController.doPrivileged(new PrivilegedExceptionAction(){ + @Override public Void run() throws XMLSecurityException { + // + // Bind the default prefixes + // + ElementProxy.registerDefaultPrefixes(); - // - // Set the default Transforms - // - Transform.registerDefaultAlgorithms(); + // + // Set the default Transforms + // + Transform.registerDefaultAlgorithms(); - // - // Set the default signature algorithms - // - SignatureAlgorithm.registerDefaultAlgorithms(); + // + // Set the default signature algorithms + // + SignatureAlgorithm.registerDefaultAlgorithms(); - // - // Set the default JCE algorithms - // - JCEMapper.registerDefaultAlgorithms(); + // + // Set the default JCE algorithms + // + JCEMapper.registerDefaultAlgorithms(); - // - // Set the default c14n algorithms - // - Canonicalizer.registerDefaultAlgorithms(); + // + // Set the default c14n algorithms + // + Canonicalizer.registerDefaultAlgorithms(); - // - // Register the default resolvers - // - ResourceResolver.registerDefaultResolvers(); + // + // Register the default resolvers + // + ResourceResolver.registerDefaultResolvers(); - // - // Register the default key resolvers - // - KeyResolver.registerDefaultResolvers(); - } catch (Exception ex) { - log.log(java.util.logging.Level.SEVERE, ex.getMessage(), ex); - ex.printStackTrace(); + // + // Register the default key resolvers + // + KeyResolver.registerDefaultResolvers(); + + return null; + } + }); + } catch (PrivilegedActionException ex) { + XMLSecurityException xse = (XMLSecurityException)ex.getException(); + log.log(java.util.logging.Level.SEVERE, xse.getMessage(), xse); + xse.printStackTrace(); } } --- ./jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/JCEMapper.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/JCEMapper.java Tue Sep 09 12:00:58 2014 -0700 @@ -27,6 +27,7 @@ import com.sun.org.apache.xml.internal.security.encryption.XMLCipher; import com.sun.org.apache.xml.internal.security.signature.XMLSignature; +import com.sun.org.apache.xml.internal.security.utils.JavaUtils; import org.w3c.dom.Element; @@ -49,8 +50,11 @@ * * @param id * @param algorithm + * @throws SecurityException if a security manager is installed and the + * caller does not have permission to register the JCE algorithm */ public static void register(String id, Algorithm algorithm) { + JavaUtils.checkRegisterPermission(); algorithmsMap.put(id, algorithm); } @@ -292,8 +296,11 @@ /** * Sets the default Provider for obtaining the security algorithms * @param provider the default providerId. + * @throws SecurityException if a security manager is installed and the + * caller does not have permission to set the JCE provider */ public static void setProviderId(String provider) { + JavaUtils.checkRegisterPermission(); providerName = provider; } --- ./jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/SignatureAlgorithm.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/SignatureAlgorithm.java Tue Sep 09 12:00:58 2014 -0700 @@ -37,6 +37,7 @@ import com.sun.org.apache.xml.internal.security.signature.XMLSignature; import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException; import com.sun.org.apache.xml.internal.security.utils.Constants; +import com.sun.org.apache.xml.internal.security.utils.JavaUtils; import org.w3c.dom.Attr; import org.w3c.dom.Document; import org.w3c.dom.Element; @@ -314,18 +315,21 @@ } /** - * Registers implementing class of the Transform algorithm with algorithmURI + * Registers implementing class of the SignatureAlgorithm with algorithmURI * - * @param algorithmURI algorithmURI URI representation of Transform algorithm. + * @param algorithmURI algorithmURI URI representation of SignatureAlgorithm. * @param implementingClass implementingClass the implementing class of * {@link SignatureAlgorithmSpi} * @throws AlgorithmAlreadyRegisteredException if specified algorithmURI is already registered * @throws XMLSignatureException + * @throws SecurityException if a security manager is installed and the + * caller does not have permission to register the signature algorithm */ @SuppressWarnings("unchecked") public static void register(String algorithmURI, String implementingClass) throws AlgorithmAlreadyRegisteredException, ClassNotFoundException, XMLSignatureException { + JavaUtils.checkRegisterPermission(); if (log.isLoggable(java.util.logging.Level.FINE)) { log.log(java.util.logging.Level.FINE, "Try to register " + algorithmURI + " " + implementingClass); } @@ -352,15 +356,18 @@ /** * Registers implementing class of the Transform algorithm with algorithmURI * - * @param algorithmURI algorithmURI URI representation of Transform algorithm. + * @param algorithmURI algorithmURI URI representation of SignatureAlgorithm. * @param implementingClass implementingClass the implementing class of * {@link SignatureAlgorithmSpi} * @throws AlgorithmAlreadyRegisteredException if specified algorithmURI is already registered * @throws XMLSignatureException + * @throws SecurityException if a security manager is installed and the + * caller does not have permission to register the signature algorithm */ public static void register(String algorithmURI, Class implementingClass) throws AlgorithmAlreadyRegisteredException, ClassNotFoundException, XMLSignatureException { + JavaUtils.checkRegisterPermission(); if (log.isLoggable(java.util.logging.Level.FINE)) { log.log(java.util.logging.Level.FINE, "Try to register " + algorithmURI + " " + implementingClass); } --- ./jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/Canonicalizer.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/Canonicalizer.java Tue Sep 09 12:00:58 2014 -0700 @@ -41,6 +41,7 @@ import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315WithComments; import com.sun.org.apache.xml.internal.security.c14n.implementations.CanonicalizerPhysical; import com.sun.org.apache.xml.internal.security.exceptions.AlgorithmAlreadyRegisteredException; +import com.sun.org.apache.xml.internal.security.utils.JavaUtils; import org.w3c.dom.Document; import org.w3c.dom.Node; import org.w3c.dom.NodeList; @@ -142,10 +143,13 @@ * @param algorithmURI * @param implementingClass * @throws AlgorithmAlreadyRegisteredException + * @throws SecurityException if a security manager is installed and the + * caller does not have permission to register the canonicalizer */ @SuppressWarnings("unchecked") public static void register(String algorithmURI, String implementingClass) throws AlgorithmAlreadyRegisteredException, ClassNotFoundException { + JavaUtils.checkRegisterPermission(); // check whether URI is already registered Class registeredClass = canonicalizerHash.get(algorithmURI); @@ -166,9 +170,12 @@ * @param algorithmURI * @param implementingClass * @throws AlgorithmAlreadyRegisteredException + * @throws SecurityException if a security manager is installed and the + * caller does not have permission to register the canonicalizer */ - public static void register(String algorithmURI, Class implementingClass) + public static void register(String algorithmURI, Class implementingClass) throws AlgorithmAlreadyRegisteredException, ClassNotFoundException { + JavaUtils.checkRegisterPermission(); // check whether URI is already registered Class registeredClass = canonicalizerHash.get(algorithmURI); --- ./jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolver.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolver.java Tue Sep 09 12:00:58 2014 -0700 @@ -42,6 +42,7 @@ import com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.X509SKIResolver; import com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.X509SubjectNameResolver; import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver; +import com.sun.org.apache.xml.internal.security.utils.JavaUtils; import org.w3c.dom.Element; import org.w3c.dom.Node; @@ -175,9 +176,12 @@ * @throws InstantiationException * @throws IllegalAccessException * @throws ClassNotFoundException + * @throws SecurityException if a security manager is installed and the + * caller does not have permission to register the key resolver */ public static void register(String className, boolean globalResolver) throws ClassNotFoundException, IllegalAccessException, InstantiationException { + JavaUtils.checkRegisterPermission(); KeyResolverSpi keyResolverSpi = (KeyResolverSpi) Class.forName(className).newInstance(); keyResolverSpi.setGlobalResolver(globalResolver); @@ -195,8 +199,11 @@ * * @param className * @param globalResolver Whether the KeyResolverSpi is a global resolver or not + * @throws SecurityException if a security manager is installed and the + * caller does not have permission to register the key resolver */ public static void registerAtStart(String className, boolean globalResolver) { + JavaUtils.checkRegisterPermission(); KeyResolverSpi keyResolverSpi = null; Exception ex = null; try { @@ -228,11 +235,14 @@ * * @param keyResolverSpi a KeyResolverSpi instance to register * @param start whether to register the KeyResolverSpi at the start of the list or not + * @throws SecurityException if a security manager is installed and the + * caller does not have permission to register the key resolver */ public static void register( KeyResolverSpi keyResolverSpi, boolean start ) { + JavaUtils.checkRegisterPermission(); KeyResolver resolver = new KeyResolver(keyResolverSpi); if (start) { resolverVector.add(0, resolver); @@ -254,9 +264,12 @@ * @throws InstantiationException * @throws IllegalAccessException * @throws ClassNotFoundException + * @throws SecurityException if a security manager is installed and the + * caller does not have permission to register the key resolver */ public static void registerClassNames(List classNames) throws ClassNotFoundException, IllegalAccessException, InstantiationException { + JavaUtils.checkRegisterPermission(); List keyResolverList = new ArrayList(classNames.size()); for (String className : classNames) { KeyResolverSpi keyResolverSpi = --- ./jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/Transform.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/Transform.java Tue Sep 09 12:00:58 2014 -0700 @@ -46,6 +46,7 @@ import com.sun.org.apache.xml.internal.security.transforms.implementations.TransformXSLT; import com.sun.org.apache.xml.internal.security.utils.Constants; import com.sun.org.apache.xml.internal.security.utils.HelperNodeList; +import com.sun.org.apache.xml.internal.security.utils.JavaUtils; import com.sun.org.apache.xml.internal.security.utils.SignatureElementProxy; import com.sun.org.apache.xml.internal.security.utils.XMLUtils; import org.w3c.dom.Document; @@ -181,11 +182,14 @@ * class of {@link TransformSpi} * @throws AlgorithmAlreadyRegisteredException if specified algorithmURI * is already registered + * @throws SecurityException if a security manager is installed and the + * caller does not have permission to register the transform */ @SuppressWarnings("unchecked") public static void register(String algorithmURI, String implementingClass) throws AlgorithmAlreadyRegisteredException, ClassNotFoundException, InvalidTransformException { + JavaUtils.checkRegisterPermission(); // are we already registered? Class transformSpi = transformSpiHash.get(algorithmURI); if (transformSpi != null) { @@ -206,9 +210,12 @@ * class of {@link TransformSpi} * @throws AlgorithmAlreadyRegisteredException if specified algorithmURI * is already registered + * @throws SecurityException if a security manager is installed and the + * caller does not have permission to register the transform */ public static void register(String algorithmURI, Class implementingClass) throws AlgorithmAlreadyRegisteredException { + JavaUtils.checkRegisterPermission(); // are we already registered? Class transformSpi = transformSpiHash.get(algorithmURI); if (transformSpi != null) { --- ./jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/ElementProxy.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/ElementProxy.java Tue Sep 09 12:00:58 2014 -0700 @@ -468,9 +468,12 @@ * @param namespace * @param prefix * @throws XMLSecurityException + * @throws SecurityException if a security manager is installed and the + * caller does not have permission to set the default prefix */ public static void setDefaultPrefix(String namespace, String prefix) throws XMLSecurityException { + JavaUtils.checkRegisterPermission(); if (prefixMappings.containsValue(prefix)) { String storedPrefix = prefixMappings.get(namespace); if (!storedPrefix.equals(prefix)) { --- ./jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/JavaUtils.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/JavaUtils.java Tue Sep 09 12:00:58 2014 -0700 @@ -28,6 +28,7 @@ import java.io.FileOutputStream; import java.io.IOException; import java.io.InputStream; +import java.security.SecurityPermission; /** * A collection of different, general-purpose methods for JAVA-specific things @@ -39,6 +40,10 @@ private static java.util.logging.Logger log = java.util.logging.Logger.getLogger(JavaUtils.class.getName()); + private static final SecurityPermission REGISTER_PERMISSION = + new SecurityPermission( + "com.sun.org.apache.xml.internal.security.register"); + private JavaUtils() { // we don't allow instantiation } @@ -145,4 +150,21 @@ return retBytes; } + + /** + * Throws a {@code SecurityException} if a security manager is installed + * and the caller is not allowed to register an implementation of an + * algorithm, transform, or other security sensitive XML Signature function. + * + * @throws SecurityException if a security manager is installed and the + * caller has not been granted the + * {@literal "com.sun.org.apache.xml.internal.security.register"} + * {@code SecurityPermission} + */ + public static void checkRegisterPermission() { + SecurityManager sm = System.getSecurityManager(); + if (sm != null) { + sm.checkPermission(REGISTER_PERMISSION); + } + } } --- ./jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/XMLUtils.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/XMLUtils.java Tue Sep 09 12:00:58 2014 -0700 @@ -80,32 +80,44 @@ /** * Set the prefix for the digital signature namespace * @param prefix the new prefix for the digital signature namespace + * @throws SecurityException if a security manager is installed and the + * caller does not have permission to set the prefix */ public static void setDsPrefix(String prefix) { + JavaUtils.checkRegisterPermission(); dsPrefix = prefix; } /** * Set the prefix for the digital signature 1.1 namespace * @param prefix the new prefix for the digital signature 1.1 namespace + * @throws SecurityException if a security manager is installed and the + * caller does not have permission to set the prefix */ public static void setDs11Prefix(String prefix) { + JavaUtils.checkRegisterPermission(); ds11Prefix = prefix; } /** * Set the prefix for the encryption namespace * @param prefix the new prefix for the encryption namespace + * @throws SecurityException if a security manager is installed and the + * caller does not have permission to set the prefix */ public static void setXencPrefix(String prefix) { + JavaUtils.checkRegisterPermission(); xencPrefix = prefix; } /** * Set the prefix for the encryption namespace 1.1 * @param prefix the new prefix for the encryption namespace 1.1 + * @throws SecurityException if a security manager is installed and the + * caller does not have permission to set the prefix */ public static void setXenc11Prefix(String prefix) { + JavaUtils.checkRegisterPermission(); xenc11Prefix = prefix; } --- ./jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/ResourceResolver.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/ResourceResolver.java Tue Sep 09 12:00:58 2014 -0700 @@ -27,6 +27,7 @@ import java.util.Map; import com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput; +import com.sun.org.apache.xml.internal.security.utils.JavaUtils; import com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverDirectHTTP; import com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment; import com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverLocalFilesystem; @@ -199,9 +200,12 @@ * the class cannot be registered. * * @param className the name of the ResourceResolverSpi class to be registered + * @throws SecurityException if a security manager is installed and the + * caller does not have permission to register a resource resolver */ @SuppressWarnings("unchecked") public static void register(String className) { + JavaUtils.checkRegisterPermission(); try { Class resourceResolverClass = (Class) Class.forName(className); @@ -216,9 +220,12 @@ * list. This method logs a warning if the class cannot be registered. * * @param className the name of the ResourceResolverSpi class to be registered + * @throws SecurityException if a security manager is installed and the + * caller does not have permission to register a resource resolver */ @SuppressWarnings("unchecked") public static void registerAtStart(String className) { + JavaUtils.checkRegisterPermission(); try { Class resourceResolverClass = (Class) Class.forName(className); @@ -233,8 +240,11 @@ * cannot be registered. * @param className * @param start + * @throws SecurityException if a security manager is installed and the + * caller does not have permission to register a resource resolver */ public static void register(Class className, boolean start) { + JavaUtils.checkRegisterPermission(); try { ResourceResolverSpi resourceResolverSpi = className.newInstance(); register(resourceResolverSpi, start); @@ -250,8 +260,11 @@ * cannot be registered. * @param resourceResolverSpi * @param start + * @throws SecurityException if a security manager is installed and the + * caller does not have permission to register a resource resolver */ public static void register(ResourceResolverSpi resourceResolverSpi, boolean start) { + JavaUtils.checkRegisterPermission(); synchronized(resolverList) { if (start) { resolverList.add(0, new ResourceResolver(resourceResolverSpi)); --- ./jdk/src/share/classes/java/lang/Class.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/java/lang/Class.java Tue Sep 09 12:00:58 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1994, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1994, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -256,8 +256,8 @@ @CallerSensitive public static Class forName(String className) throws ClassNotFoundException { - return forName0(className, true, - ClassLoader.getClassLoader(Reflection.getCallerClass())); + Class caller = Reflection.getCallerClass(); + return forName0(className, true, ClassLoader.getClassLoader(caller), caller); } @@ -327,22 +327,27 @@ ClassLoader loader) throws ClassNotFoundException { - if (sun.misc.VM.isSystemDomainLoader(loader)) { - SecurityManager sm = System.getSecurityManager(); - if (sm != null) { - ClassLoader ccl = ClassLoader.getClassLoader(Reflection.getCallerClass()); + Class caller = null; + SecurityManager sm = System.getSecurityManager(); + if (sm != null) { + // Reflective call to get caller class is only needed if a security manager + // is present. Avoid the overhead of making this call otherwise. + caller = Reflection.getCallerClass(); + if (sun.misc.VM.isSystemDomainLoader(loader)) { + ClassLoader ccl = ClassLoader.getClassLoader(caller); if (!sun.misc.VM.isSystemDomainLoader(ccl)) { sm.checkPermission( SecurityConstants.GET_CLASSLOADER_PERMISSION); } } } - return forName0(name, initialize, loader); + return forName0(name, initialize, loader, caller); } - /** Called after security checks have been made. */ + /** Called after security check for system loader access checks have been made. */ private static native Class forName0(String name, boolean initialize, - ClassLoader loader) + ClassLoader loader, + Class caller) throws ClassNotFoundException; /** --- ./jdk/src/share/classes/java/lang/invoke/MethodType.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/java/lang/invoke/MethodType.java Tue Sep 09 12:00:58 2014 -0700 @@ -653,7 +653,7 @@ * @return the parameter types (as an immutable list) */ public List> parameterList() { - return Collections.unmodifiableList(Arrays.asList(ptypes)); + return Collections.unmodifiableList(Arrays.asList(ptypes.clone())); } /*non-public*/ Class lastParameterType() { --- ./jdk/src/share/classes/java/net/AbstractPlainDatagramSocketImpl.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/java/net/AbstractPlainDatagramSocketImpl.java Tue Sep 09 12:00:58 2014 -0700 @@ -68,6 +68,7 @@ return null; } }); + init(); } /** @@ -362,4 +363,7 @@ protected boolean nativeConnectDisabled() { return connectDisabled; } + + native int dataAvailable(); + private static native void init(); } --- ./jdk/src/share/classes/java/net/DatagramSocket.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/java/net/DatagramSocket.java Tue Sep 09 12:00:58 2014 -0700 @@ -83,6 +83,17 @@ */ boolean oldImpl = false; + /** + * Set when a socket is ST_CONNECTED until we are certain + * that any packets which might have been received prior + * to calling connect() but not read by the application + * have been read. During this time we check the source + * address of all packets received to be sure they are from + * the connected destination. Other packets are read but + * silently dropped. + */ + private boolean explicitFilter = false; + private int bytesLeftToFilter; /* * Connection state: * ST_NOT_CONNECTED = socket not connected @@ -142,6 +153,15 @@ // socket is now connected by the impl connectState = ST_CONNECTED; + // Do we need to filter some packets? + int avail = getImpl().dataAvailable(); + if (avail == -1) { + throw new SocketException(); + } + explicitFilter = avail > 0; + if (explicitFilter) { + bytesLeftToFilter = getReceiveBufferSize(); + } } catch (SocketException se) { // connection will be emulated by DatagramSocket @@ -490,6 +510,7 @@ connectedAddress = null; connectedPort = -1; connectState = ST_NOT_CONNECTED; + explicitFilter = false; } } @@ -748,10 +769,13 @@ } // end of while } } - if (connectState == ST_CONNECTED_NO_IMPL) { + DatagramPacket tmp = null; + if ((connectState == ST_CONNECTED_NO_IMPL) || explicitFilter) { // We have to do the filtering the old fashioned way since // the native impl doesn't support connect or the connect - // via the impl failed. + // via the impl failed, or .. "explicitFilter" may be set when + // a socket is connected via the impl, for a period of time + // when packets from other sources might be queued on socket. boolean stop = false; while (!stop) { InetAddress peekAddress = null; @@ -770,8 +794,14 @@ if ((!connectedAddress.equals(peekAddress)) || (connectedPort != peekPort)) { // throw the packet away and silently continue - DatagramPacket tmp = new DatagramPacket(new byte[1], 1); + tmp = new DatagramPacket( + new byte[1024], 1024); getImpl().receive(tmp); + if (explicitFilter) { + if (checkFiltering(tmp)) { + stop = true; + } + } } else { stop = true; } @@ -780,9 +810,22 @@ // If the security check succeeds, or the datagram is // connected then receive the packet getImpl().receive(p); + if (explicitFilter && tmp == null) { + // packet was not filtered, account for it here + checkFiltering(p); + } } } + private boolean checkFiltering(DatagramPacket p) throws SocketException { + bytesLeftToFilter -= p.getLength(); + if (bytesLeftToFilter <= 0 || getImpl().dataAvailable() <= 0) { + explicitFilter = false; + return true; + } + return false; + } + /** * Gets the local address to which the socket is bound. * --- ./jdk/src/share/classes/java/net/DatagramSocketImpl.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/java/net/DatagramSocketImpl.java Tue Sep 09 12:00:58 2014 -0700 @@ -47,6 +47,12 @@ */ protected FileDescriptor fd; + int dataAvailable() { + // default impl returns zero, which disables the calling + // functionality + return 0; + } + /** * The DatagramSocket or MulticastSocket * that owns this impl --- ./jdk/src/share/classes/java/security/Signature.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/java/security/Signature.java Tue Sep 09 12:00:58 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -590,6 +590,9 @@ if (outbuf == null) { throw new IllegalArgumentException("No output buffer given"); } + if (offset < 0 || len < 0) { + throw new IllegalArgumentException("offset or len is less than 0"); + } if (outbuf.length - offset < len) { throw new IllegalArgumentException ("Output buffer too small for specified offset and length"); @@ -658,9 +661,16 @@ public final boolean verify(byte[] signature, int offset, int length) throws SignatureException { if (state == VERIFY) { - if ((signature == null) || (offset < 0) || (length < 0) || - (length > signature.length - offset)) { - throw new IllegalArgumentException("Bad arguments"); + if (signature == null) { + throw new IllegalArgumentException("signature is null"); + } + if (offset < 0 || length < 0) { + throw new IllegalArgumentException + ("offset or length is less than 0"); + } + if (signature.length - offset < length) { + throw new IllegalArgumentException + ("signature too small for specified offset and length"); } return engineVerify(signature, offset, length); @@ -713,6 +723,16 @@ public final void update(byte[] data, int off, int len) throws SignatureException { if (state == SIGN || state == VERIFY) { + if (data == null) { + throw new IllegalArgumentException("data is null"); + } + if (off < 0 || len < 0) { + throw new IllegalArgumentException("off or len is less than 0"); + } + if (data.length - off < len) { + throw new IllegalArgumentException + ("data too small for specified offset and length"); + } engineUpdate(data, off, len); } else { throw new SignatureException("object not initialized for " --- ./jdk/src/share/classes/java/security/cert/CertificateRevokedException.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/java/security/cert/CertificateRevokedException.java Tue Sep 09 12:00:58 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2007, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2007, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -94,7 +94,10 @@ this.revocationDate = new Date(revocationDate.getTime()); this.reason = reason; this.authority = authority; - this.extensions = new HashMap(extensions); + // make sure Map only contains correct types + this.extensions = Collections.checkedMap(new HashMap<>(), + String.class, Extension.class); + this.extensions.putAll(extensions); } /** @@ -172,7 +175,8 @@ public String getMessage() { return "Certificate has been revoked, reason: " + reason + ", revocation date: " + revocationDate - + ", authority: " + authority + ", extensions: " + extensions; + + ", authority: " + authority + ", extension OIDs: " + + extensions.keySet(); } /** --- ./jdk/src/share/classes/java/util/Collections.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/java/util/Collections.java Tue Sep 09 12:00:58 2014 -0700 @@ -3077,10 +3077,7 @@ public void remove() { it.remove(); }}; } - public boolean add(E e) { - typeCheck(e); - return c.add(e); - } + public boolean add(E e) { return c.add(typeCheck(e)); } private E[] zeroLengthElementArray; // Lazily initialized @@ -3187,11 +3184,7 @@ public E peek() {return queue.peek();} public E poll() {return queue.poll();} public E remove() {return queue.remove();} - - public boolean offer(E e) { - typeCheck(e); - return add(e); - } + public boolean offer(E e) {return queue.offer(typeCheck(e));} } /** @@ -3440,13 +3433,11 @@ public int lastIndexOf(Object o) { return list.lastIndexOf(o); } public E set(int index, E element) { - typeCheck(element); - return list.set(index, element); + return list.set(index, typeCheck(element)); } public void add(int index, E element) { - typeCheck(element); - list.add(index, element); + list.add(index, typeCheck(element)); } public boolean addAll(int index, Collection c) { @@ -3467,13 +3458,11 @@ public void remove() { i.remove(); } public void set(E e) { - typeCheck(e); - i.set(e); + i.set(typeCheck(e)); } public void add(E e) { - typeCheck(e); - i.add(e); + i.add(typeCheck(e)); } @Override --- ./jdk/src/share/classes/java/util/ResourceBundle.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/java/util/ResourceBundle.java Tue Sep 09 12:00:58 2014 -0700 @@ -2650,7 +2650,10 @@ } catch (ClassNotFoundException e) { } } else if (format.equals("java.properties")) { - final String resourceName = toResourceName(bundleName, "properties"); + final String resourceName = toResourceName0(bundleName, "properties"); + if (resourceName == null) { + return bundle; + } final ClassLoader classLoader = loader; final boolean reloadFlag = reload; InputStream stream = null; @@ -2804,7 +2807,10 @@ } boolean result = false; try { - String resourceName = toResourceName(toBundleName(baseName, locale), format); + String resourceName = toResourceName0(toBundleName(baseName, locale), format); + if (resourceName == null) { + return result; + } URL url = loader.getResource(resourceName); if (url != null) { long lastModified = 0; @@ -2938,6 +2944,15 @@ sb.append(bundleName.replace('.', '/')).append('.').append(suffix); return sb.toString(); } + + private String toResourceName0(String bundleName, String suffix) { + // application protocol check + if (bundleName.contains("://")) { + return null; + } else { + return toResourceName(bundleName, suffix); + } + } } private static class SingleFormatControl extends Control { --- ./jdk/src/share/classes/java/util/logging/LogRecord.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/java/util/logging/LogRecord.java Tue Sep 09 12:00:58 2014 -0700 @@ -513,7 +513,13 @@ // If necessary, try to regenerate the resource bundle. if (resourceBundleName != null) { try { - resourceBundle = ResourceBundle.getBundle(resourceBundleName); + // use system class loader to ensure the ResourceBundle + // instance is a different instance than null loader uses + final ResourceBundle bundle = + ResourceBundle.getBundle(resourceBundleName, + Locale.getDefault(), + ClassLoader.getSystemClassLoader()); + resourceBundle = bundle; } catch (MissingResourceException ex) { // This is not a good place to throw an exception, // so we simply leave the resourceBundle null. --- ./jdk/src/share/classes/java/util/logging/Logger.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/java/util/logging/Logger.java Tue Sep 09 12:00:58 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -1934,6 +1934,9 @@ } setCallersClassLoaderRef(callersClass); + if (isSystemLogger && getCallersClassLoader() != null) { + checkPermission(); + } if (findResourceBundle(name, true) == null) { // We've failed to find an expected ResourceBundle. // unset the caller's ClassLoader since we were unable to find the @@ -2168,11 +2171,13 @@ return trb; } final String rbName = isSystemLogger - ? trb.resourceBundleName + // ancestor of a system logger is expected to be a system logger. + // ignore resource bundle name if it's not. + ? (target.isSystemLogger ? trb.resourceBundleName : null) : target.getResourceBundleName(); if (rbName != null) { return LoggerBundle.get(rbName, - findResourceBundle(rbName, true)); + findResourceBundle(rbName, true)); } target = isSystemLogger ? target.parent : target.getParent(); } --- ./jdk/src/share/classes/javax/crypto/CipherInputStream.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/javax/crypto/CipherInputStream.java Tue Sep 09 12:00:58 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -88,6 +88,8 @@ private int ofinish = 0; // stream status private boolean closed = false; + // The stream has been read from. False if the stream has never been read. + private boolean read = false; /** * private convenience function. @@ -103,13 +105,15 @@ private int getMoreData() throws IOException { if (done) return -1; int readin = input.read(ibuffer); + read = true; if (readin == -1) { done = true; try { obuffer = cipher.doFinal(); + } catch (IllegalBlockSizeException | BadPaddingException e) { + obuffer = null; + throw new IOException(e); } - catch (IllegalBlockSizeException e) {obuffer = null;} - catch (BadPaddingException e) {obuffer = null;} if (obuffer == null) return -1; else { @@ -120,7 +124,10 @@ } try { obuffer = cipher.update(ibuffer, 0, readin); - } catch (IllegalStateException e) {obuffer = null;}; + } catch (IllegalStateException e) { + obuffer = null; + throw e; + } ostart = 0; if (obuffer == null) ofinish = 0; @@ -308,6 +315,11 @@ } } catch (BadPaddingException | IllegalBlockSizeException ex) { + /* If no data has been read from the stream to be en/decrypted, + we supress any exceptions, and close quietly. */ + if (read) { + throw new IOException(ex); + } } ostart = 0; ofinish = 0; --- ./jdk/src/share/classes/javax/swing/JDesktopPane.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/javax/swing/JDesktopPane.java Tue Sep 09 12:00:58 2014 -0700 @@ -43,6 +43,7 @@ import java.beans.PropertyVetoException; import java.util.Set; import java.util.TreeSet; +import java.util.LinkedHashSet; /** * A container used to create a multiple-document interface or a virtual desktop. * You create JInternalFrame objects and add them to the @@ -266,7 +267,7 @@ private static Collection getAllFrames(Container parent) { int i, count; - Collection results = new ArrayList(); + Collection results = new LinkedHashSet<>(); count = parent.getComponentCount(); for (i = 0; i < count; i++) { Component next = parent.getComponent(i); --- ./jdk/src/share/classes/sun/awt/ComponentFactory.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/sun/awt/ComponentFactory.java Tue Sep 09 12:00:58 2014 -0700 @@ -25,6 +25,8 @@ package sun.awt; +import sun.awt.datatransfer.DataTransferer; + import java.awt.*; import java.awt.dnd.*; import java.awt.dnd.peer.DragSourceContextPeer; @@ -93,4 +95,6 @@ RobotPeer createRobot(Robot target, GraphicsDevice screen) throws AWTException, HeadlessException; + DataTransferer getDataTransferer(); + } --- ./jdk/src/share/classes/sun/awt/HeadlessToolkit.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/sun/awt/HeadlessToolkit.java Tue Sep 09 12:00:58 2014 -0700 @@ -25,6 +25,8 @@ package sun.awt; +import sun.awt.datatransfer.DataTransferer; + import java.awt.*; import java.awt.dnd.*; import java.awt.dnd.peer.DragSourceContextPeer; @@ -401,6 +403,11 @@ return null; } + @Override + public DataTransferer getDataTransferer() { + return null; + } + @SuppressWarnings("deprecation") public FontMetrics getFontMetrics(Font font) { return tk.getFontMetrics(font); --- ./jdk/src/share/classes/sun/awt/SunToolkit.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/sun/awt/SunToolkit.java Tue Sep 09 12:00:58 2014 -0700 @@ -205,8 +205,6 @@ public abstract boolean isTraySupported(); - public abstract DataTransferer getDataTransferer(); - @SuppressWarnings("deprecation") public abstract FontPeer getFontPeer(String name, int style); --- ./jdk/src/share/classes/sun/awt/datatransfer/DataTransferer.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/sun/awt/datatransfer/DataTransferer.java Tue Sep 09 12:00:58 2014 -0700 @@ -86,6 +86,7 @@ import java.util.TreeMap; import java.util.TreeSet; +import sun.awt.ComponentFactory; import sun.util.logging.PlatformLogger; import sun.awt.AppContext; @@ -272,7 +273,7 @@ * instead, null will be returned. */ public static synchronized DataTransferer getInstance() { - return ((SunToolkit) Toolkit.getDefaultToolkit()).getDataTransferer(); + return ((ComponentFactory) Toolkit.getDefaultToolkit()).getDataTransferer(); } /** --- ./jdk/src/share/classes/sun/awt/image/BytePackedRaster.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/sun/awt/image/BytePackedRaster.java Tue Sep 09 12:00:58 2014 -0700 @@ -1408,10 +1408,10 @@ } } - int lastbit = (dataBitOffset - + (height-1) * scanlineStride * 8 - + (width-1) * pixelBitStride - + pixelBitStride - 1); + long lastbit = (long) dataBitOffset + + (long) (height - 1) * (long) scanlineStride * 8 + + (long) (width - 1) * (long) pixelBitStride + + (long) pixelBitStride - 1; if (lastbit < 0 || lastbit / 8 >= data.length) { throw new RasterFormatException("raster dimensions overflow " + "array bounds"); --- ./jdk/src/share/classes/sun/invoke/util/VerifyAccess.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/sun/invoke/util/VerifyAccess.java Tue Sep 09 12:00:58 2014 -0700 @@ -102,19 +102,24 @@ case PUBLIC: return true; // already checked above case PROTECTED: + assert !defc.isInterface(); // protected members aren't allowed in interfaces if ((allowedModes & PROTECTED_OR_PACKAGE_ALLOWED) != 0 && isSamePackage(defc, lookupClass)) return true; if ((allowedModes & PROTECTED) == 0) return false; + // Protected members are accessible by subclasses, which does not include interfaces. + // Interfaces are types, not classes. They should not have access to + // protected members in j.l.Object, even though it is their superclass. if ((mods & STATIC) != 0 && !isRelatedClass(refc, lookupClass)) return false; if ((allowedModes & PROTECTED) != 0 && - isSuperClass(defc, lookupClass)) + isSubClass(lookupClass, defc)) return true; return false; case PACKAGE_ONLY: // That is, zero. Unmarked member is package-only access. + assert !defc.isInterface(); // package-private members aren't allowed in interfaces return ((allowedModes & PACKAGE_ALLOWED) != 0 && isSamePackage(defc, lookupClass)); case PRIVATE: @@ -129,12 +134,13 @@ static boolean isRelatedClass(Class refc, Class lookupClass) { return (refc == lookupClass || - refc.isAssignableFrom(lookupClass) || - lookupClass.isAssignableFrom(refc)); + isSubClass(refc, lookupClass) || + isSubClass(lookupClass, refc)); } - static boolean isSuperClass(Class defc, Class lookupClass) { - return defc.isAssignableFrom(lookupClass); + static boolean isSubClass(Class lookupClass, Class defc) { + return defc.isAssignableFrom(lookupClass) && + !lookupClass.isInterface(); // interfaces are types, not classes. } static int getClassModifiers(Class c) { --- ./jdk/src/share/classes/sun/nio/ch/DatagramChannelImpl.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/sun/nio/ch/DatagramChannelImpl.java Tue Sep 09 12:00:58 2014 -0700 @@ -755,6 +755,26 @@ // set or refresh local address localAddress = Net.localAddress(fd); + + // flush any packets already received. + boolean blocking = false; + synchronized (blockingLock()) { + try { + blocking = isBlocking(); + // remainder of each packet thrown away + ByteBuffer tmpBuf = ByteBuffer.allocate(1); + if (blocking) { + configureBlocking(false); + } + do { + tmpBuf.clear(); + } while (receive(tmpBuf) != null); + } finally { + if (blocking) { + configureBlocking(true); + } + } + } } } } --- ./jdk/src/share/classes/sun/reflect/annotation/AnnotationInvocationHandler.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/sun/reflect/annotation/AnnotationInvocationHandler.java Tue Sep 09 12:00:58 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -29,7 +29,6 @@ import java.lang.reflect.*; import java.io.Serializable; import java.util.*; -import java.lang.annotation.*; import java.security.AccessController; import java.security.PrivilegedAction; @@ -45,6 +44,11 @@ private final Map memberValues; AnnotationInvocationHandler(Class type, Map memberValues) { + Class[] superInterfaces = type.getInterfaces(); + if (!type.isAnnotation() || + superInterfaces.length != 1 || + superInterfaces[0] != java.lang.annotation.Annotation.class) + throw new AnnotationFormatError("Attempt to create proxy for a non-annotation type."); this.type = type; this.memberValues = memberValues; } @@ -57,13 +61,17 @@ if (member.equals("equals") && paramTypes.length == 1 && paramTypes[0] == Object.class) return equalsImpl(args[0]); - assert paramTypes.length == 0; - if (member.equals("toString")) + if (paramTypes.length != 0) + throw new AssertionError("Too many parameters for an annotation method"); + + switch(member) { + case "toString": return toStringImpl(); - if (member.equals("hashCode")) + case "hashCode": return hashCodeImpl(); - if (member.equals("annotationType")) + case "annotationType": return type; + } // Handle annotation member accessors Object result = memberValues.get(member); @@ -129,7 +137,7 @@ * Implementation of dynamicProxy.toString() */ private String toStringImpl() { - StringBuffer result = new StringBuffer(128); + StringBuilder result = new StringBuilder(128); result.append('@'); result.append(type.getName()); result.append('('); @@ -277,6 +285,7 @@ new PrivilegedAction() { public Method[] run() { final Method[] mm = type.getDeclaredMethods(); + validateAnnotationMethods(mm); AccessibleObject.setAccessible(mm, true); return mm; } @@ -287,6 +296,94 @@ private transient volatile Method[] memberMethods = null; /** + * Validates that a method is structurally appropriate for an + * annotation type. As of Java SE 8, annotation types cannot + * contain static methods and the declared methods of an + * annotation type must take zero arguments and there are + * restrictions on the return type. + */ + private void validateAnnotationMethods(Method[] memberMethods) { + /* + * Specification citations below are from JLS + * 9.6.1. Annotation Type Elements + */ + boolean valid = true; + for(Method method : memberMethods) { + /* + * "By virtue of the AnnotationTypeElementDeclaration + * production, a method declaration in an annotation type + * declaration cannot have formal parameters, type + * parameters, or a throws clause. + * + * "By virtue of the AnnotationTypeElementModifier + * production, a method declaration in an annotation type + * declaration cannot be default or static." + */ + if (method.getModifiers() != (Modifier.PUBLIC | Modifier.ABSTRACT) || + method.isDefault() || + method.getParameterCount() != 0 || + method.getExceptionTypes().length != 0) { + valid = false; + break; + } + + /* + * "It is a compile-time error if the return type of a + * method declared in an annotation type is not one of the + * following: a primitive type, String, Class, any + * parameterized invocation of Class, an enum type + * (section 8.9), an annotation type, or an array type + * (chapter 10) whose element type is one of the preceding + * types." + */ + Class returnType = method.getReturnType(); + if (returnType.isArray()) { + returnType = returnType.getComponentType(); + if (returnType.isArray()) { // Only single dimensional arrays + valid = false; + break; + } + } + + if (!((returnType.isPrimitive() && returnType != void.class) || + returnType == java.lang.String.class || + returnType == java.lang.Class.class || + returnType.isEnum() || + returnType.isAnnotation())) { + valid = false; + break; + } + + /* + * "It is a compile-time error if any method declared in an + * annotation type has a signature that is + * override-equivalent to that of any public or protected + * method declared in class Object or in the interface + * java.lang.annotation.Annotation." + * + * The methods in Object or Annotation meeting the other + * criteria (no arguments, contrained return type, etc.) + * above are: + * + * String toString() + * int hashCode() + * Class annotationType() + */ + String methodName = method.getName(); + if ((methodName.equals("toString") && returnType == java.lang.String.class) || + (methodName.equals("hashCode") && returnType == int.class) || + (methodName.equals("annotationType") && returnType == java.lang.Class.class)) { + valid = false; + break; + } + } + if (valid) + return; + else + throw new AnnotationFormatError("Malformed method on an annotation type"); + } + + /** * Implementation of dynamicProxy.hashCode() */ private int hashCodeImpl() { @@ -330,7 +427,6 @@ throws java.io.IOException, ClassNotFoundException { s.defaultReadObject(); - // Check to make sure that types have not evolved incompatibly AnnotationType annotationType = null; @@ -343,7 +439,6 @@ Map> memberTypes = annotationType.memberTypes(); - // If there are annotation members without values, that // situation is handled by the invoke method. for (Map.Entry memberValue : memberValues.entrySet()) { --- ./jdk/src/share/classes/sun/security/provider/SecureRandom.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/sun/security/provider/SecureRandom.java Tue Sep 09 12:00:58 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -29,6 +29,7 @@ import java.security.MessageDigest; import java.security.SecureRandomSpi; import java.security.NoSuchAlgorithmException; +import java.security.NoSuchProviderException; /** *

This class provides a crytpographically strong pseudo-random number @@ -94,9 +95,19 @@ */ private void init(byte[] seed) { try { - digest = MessageDigest.getInstance("SHA"); - } catch (NoSuchAlgorithmException e) { - throw new InternalError("internal error: SHA-1 not available.", e); + /* + * Use the local SUN implementation to avoid native + * performance overhead. + */ + digest = MessageDigest.getInstance("SHA", "SUN"); + } catch (NoSuchProviderException | NoSuchAlgorithmException e) { + // Fallback to any available. + try { + digest = MessageDigest.getInstance("SHA"); + } catch (NoSuchAlgorithmException exc) { + throw new InternalError( + "internal error: SHA-1 not available.", exc); + } } if (seed != null) { @@ -265,9 +276,19 @@ s.defaultReadObject (); try { - digest = MessageDigest.getInstance("SHA"); - } catch (NoSuchAlgorithmException e) { - throw new InternalError("internal error: SHA-1 not available.", e); + /* + * Use the local SUN implementation to avoid native + * performance overhead. + */ + digest = MessageDigest.getInstance("SHA", "SUN"); + } catch (NoSuchProviderException | NoSuchAlgorithmException e) { + // Fallback to any available. + try { + digest = MessageDigest.getInstance("SHA"); + } catch (NoSuchAlgorithmException exc) { + throw new InternalError( + "internal error: SHA-1 not available.", exc); + } } } } --- ./jdk/src/share/classes/sun/security/ssl/CipherSuite.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/sun/security/ssl/CipherSuite.java Tue Sep 09 12:00:58 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2002, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2002, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -968,7 +968,7 @@ * 1. Prefer Suite B compliant cipher suites, see RFC6460 (To be * changed later, see below). * 2. Prefer the stronger bulk cipher, in the order of AES_256(GCM), - * AES_128(GCM), AES_256, AES_128, RC-4, 3DES-EDE. + * AES_128(GCM), AES_256, AES_128, 3DES-EDE, RC-4. * 3. Prefer the stronger MAC algorithm, in the order of SHA384, * SHA256, SHA, MD5. * 4. Prefer the better performance of key exchange and digital @@ -1055,18 +1055,6 @@ add("TLS_DHE_DSS_WITH_AES_128_CBC_SHA", 0x0032, --p, K_DHE_DSS, B_AES_128, T); - // RC-4 - add("TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", - 0xC007, --p, K_ECDHE_ECDSA, B_RC4_128, N); - add("TLS_ECDHE_RSA_WITH_RC4_128_SHA", - 0xC011, --p, K_ECDHE_RSA, B_RC4_128, N); - add("SSL_RSA_WITH_RC4_128_SHA", - 0x0005, --p, K_RSA, B_RC4_128, N); - add("TLS_ECDH_ECDSA_WITH_RC4_128_SHA", - 0xC002, --p, K_ECDH_ECDSA, B_RC4_128, N); - add("TLS_ECDH_RSA_WITH_RC4_128_SHA", - 0xC00C, --p, K_ECDH_RSA, B_RC4_128, N); - // Cipher suites in GCM mode, see RFC 5288/5289. // // We may increase the priority of cipher suites in GCM mode when @@ -1127,6 +1115,17 @@ add("SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA", 0x0013, --p, K_DHE_DSS, B_3DES, N); + // RC-4 + add("TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + 0xC007, --p, K_ECDHE_ECDSA, B_RC4_128, N); + add("TLS_ECDHE_RSA_WITH_RC4_128_SHA", + 0xC011, --p, K_ECDHE_RSA, B_RC4_128, N); + add("SSL_RSA_WITH_RC4_128_SHA", + 0x0005, --p, K_RSA, B_RC4_128, N); + add("TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + 0xC002, --p, K_ECDH_ECDSA, B_RC4_128, N); + add("TLS_ECDH_RSA_WITH_RC4_128_SHA", + 0xC00C, --p, K_ECDH_RSA, B_RC4_128, N); add("SSL_RSA_WITH_RC4_128_MD5", 0x0004, --p, K_RSA, B_RC4_128, N); @@ -1146,7 +1145,7 @@ * 2. If a cipher suite has been obsoleted, we put it at the end of * the list. * 3. Prefer the stronger bulk cipher, in the order of AES_256, - * AES_128, RC-4, 3DES-EDE, DES, RC4_40, DES40, NULL. + * AES_128, 3DES-EDE, RC-4, DES, DES40, RC4_40, NULL. * 4. Prefer the stronger MAC algorithm, in the order of SHA384, * SHA256, SHA, MD5. * 5. Prefer the better performance of key exchange and digital @@ -1174,15 +1173,40 @@ add("TLS_DH_anon_WITH_AES_128_CBC_SHA", 0x0034, --p, K_DH_ANON, B_AES_128, N); + add("TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + 0xC017, --p, K_ECDH_ANON, B_3DES, N); + add("SSL_DH_anon_WITH_3DES_EDE_CBC_SHA", + 0x001b, --p, K_DH_ANON, B_3DES, N); + add("TLS_ECDH_anon_WITH_RC4_128_SHA", 0xC016, --p, K_ECDH_ANON, B_RC4_128, N); add("SSL_DH_anon_WITH_RC4_128_MD5", 0x0018, --p, K_DH_ANON, B_RC4_128, N); - add("TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", - 0xC017, --p, K_ECDH_ANON, B_3DES, N); - add("SSL_DH_anon_WITH_3DES_EDE_CBC_SHA", - 0x001b, --p, K_DH_ANON, B_3DES, N); + // weak cipher suites obsoleted in TLS 1.2 + add("SSL_RSA_WITH_DES_CBC_SHA", + 0x0009, --p, K_RSA, B_DES, N, tls12); + add("SSL_DHE_RSA_WITH_DES_CBC_SHA", + 0x0015, --p, K_DHE_RSA, B_DES, N, tls12); + add("SSL_DHE_DSS_WITH_DES_CBC_SHA", + 0x0012, --p, K_DHE_DSS, B_DES, N, tls12); + add("SSL_DH_anon_WITH_DES_CBC_SHA", + 0x001a, --p, K_DH_ANON, B_DES, N, tls12); + + // weak cipher suites obsoleted in TLS 1.1 + add("SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", + 0x0008, --p, K_RSA_EXPORT, B_DES_40, N, tls11); + add("SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + 0x0014, --p, K_DHE_RSA, B_DES_40, N, tls11); + add("SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", + 0x0011, --p, K_DHE_DSS, B_DES_40, N, tls11); + add("SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + 0x0019, --p, K_DH_ANON, B_DES_40, N, tls11); + + add("SSL_RSA_EXPORT_WITH_RC4_40_MD5", + 0x0003, --p, K_RSA_EXPORT, B_RC4_40, N, tls11); + add("SSL_DH_anon_EXPORT_WITH_RC4_40_MD5", + 0x0017, --p, K_DH_ANON, B_RC4_40, N, tls11); add("TLS_RSA_WITH_NULL_SHA256", 0x003b, --p, K_RSA, B_NULL, N, max, tls12, P_SHA256); @@ -1201,52 +1225,27 @@ add("SSL_RSA_WITH_NULL_MD5", 0x0001, --p, K_RSA, B_NULL, N); - // weak cipher suites obsoleted in TLS 1.2 - add("SSL_RSA_WITH_DES_CBC_SHA", - 0x0009, --p, K_RSA, B_DES, N, tls12); - add("SSL_DHE_RSA_WITH_DES_CBC_SHA", - 0x0015, --p, K_DHE_RSA, B_DES, N, tls12); - add("SSL_DHE_DSS_WITH_DES_CBC_SHA", - 0x0012, --p, K_DHE_DSS, B_DES, N, tls12); - add("SSL_DH_anon_WITH_DES_CBC_SHA", - 0x001a, --p, K_DH_ANON, B_DES, N, tls12); - - // weak cipher suites obsoleted in TLS 1.1 - add("SSL_RSA_EXPORT_WITH_RC4_40_MD5", - 0x0003, --p, K_RSA_EXPORT, B_RC4_40, N, tls11); - add("SSL_DH_anon_EXPORT_WITH_RC4_40_MD5", - 0x0017, --p, K_DH_ANON, B_RC4_40, N, tls11); - - add("SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", - 0x0008, --p, K_RSA_EXPORT, B_DES_40, N, tls11); - add("SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", - 0x0014, --p, K_DHE_RSA, B_DES_40, N, tls11); - add("SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", - 0x0011, --p, K_DHE_DSS, B_DES_40, N, tls11); - add("SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA", - 0x0019, --p, K_DH_ANON, B_DES_40, N, tls11); - // Supported Kerberos ciphersuites from RFC2712 + add("TLS_KRB5_WITH_3DES_EDE_CBC_SHA", + 0x001f, --p, K_KRB5, B_3DES, N); + add("TLS_KRB5_WITH_3DES_EDE_CBC_MD5", + 0x0023, --p, K_KRB5, B_3DES, N); add("TLS_KRB5_WITH_RC4_128_SHA", 0x0020, --p, K_KRB5, B_RC4_128, N); add("TLS_KRB5_WITH_RC4_128_MD5", 0x0024, --p, K_KRB5, B_RC4_128, N); - add("TLS_KRB5_WITH_3DES_EDE_CBC_SHA", - 0x001f, --p, K_KRB5, B_3DES, N); - add("TLS_KRB5_WITH_3DES_EDE_CBC_MD5", - 0x0023, --p, K_KRB5, B_3DES, N); add("TLS_KRB5_WITH_DES_CBC_SHA", 0x001e, --p, K_KRB5, B_DES, N, tls12); add("TLS_KRB5_WITH_DES_CBC_MD5", 0x0022, --p, K_KRB5, B_DES, N, tls12); + add("TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA", + 0x0026, --p, K_KRB5_EXPORT, B_DES_40, N, tls11); + add("TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5", + 0x0029, --p, K_KRB5_EXPORT, B_DES_40, N, tls11); add("TLS_KRB5_EXPORT_WITH_RC4_40_SHA", 0x0028, --p, K_KRB5_EXPORT, B_RC4_40, N, tls11); add("TLS_KRB5_EXPORT_WITH_RC4_40_MD5", 0x002b, --p, K_KRB5_EXPORT, B_RC4_40, N, tls11); - add("TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA", - 0x0026, --p, K_KRB5_EXPORT, B_DES_40, N, tls11); - add("TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5", - 0x0029, --p, K_KRB5_EXPORT, B_DES_40, N, tls11); /* * Other values from the TLS Cipher Suite Registry, as of August 2010. --- ./jdk/src/share/classes/sun/security/ssl/ClientHandshaker.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/sun/security/ssl/ClientHandshaker.java Tue Sep 09 12:00:58 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -36,6 +36,8 @@ import java.security.cert.X509Certificate; import java.security.cert.CertificateException; +import java.security.cert.CertificateParsingException; +import javax.security.auth.x500.X500Principal; import javax.crypto.SecretKey; import javax.crypto.spec.SecretKeySpec; @@ -89,12 +91,66 @@ private final static boolean enableSNIExtension = Debug.getBooleanProperty("jsse.enableSNIExtension", true); + /* + * Allow unsafe server certificate change? + * + * Server certificate change during SSL/TLS renegotiation may be considered + * unsafe, as described in the Triple Handshake attacks: + * + * https://secure-resumption.com/tlsauth.pdf + * + * Endpoint identification (See + * SSLParameters.getEndpointIdentificationAlgorithm()) is a pretty nice + * guarantee that the server certificate change in renegotiation is legal. + * However, endpoing identification is only enabled for HTTPS and LDAP + * over SSL/TLS by default. It is not enough to protect SSL/TLS + * connections other than HTTPS and LDAP. + * + * The renegotiation indication extension (See RFC 5764) is a pretty + * strong guarantee that the endpoints on both client and server sides + * are identical on the same connection. However, the Triple Handshake + * attacks can bypass this guarantee if there is a session-resumption + * handshake between the initial full handshake and the renegotiation + * full handshake. + * + * Server certificate change may be unsafe and should be restricted if + * endpoint identification is not enabled and the previous handshake is + * a session-resumption abbreviated initial handshake, unless the + * identities represented by both certificates can be regraded as the + * same (See isIdentityEquivalent()). + * + * Considering the compatibility impact and the actual requirements to + * support server certificate change in practice, the system property, + * jdk.tls.allowUnsafeServerCertChange, is used to define whether unsafe + * server certificate change in renegotiation is allowed or not. The + * default value of the system property is "false". To mitigate the + * compactibility impact, applications may want to set the system + * property to "true" at their own risk. + * + * If the value of the system property is "false", server certificate + * change in renegotiation after a session-resumption abbreviated initial + * handshake is restricted (See isIdentityEquivalent()). + * + * If the system property is set to "true" explicitly, the restriction on + * server certificate change in renegotiation is disabled. + */ + private final static boolean allowUnsafeServerCertChange = + Debug.getBooleanProperty("jdk.tls.allowUnsafeServerCertChange", false); + private List requestedServerNames = Collections.emptyList(); private boolean serverNamesAccepted = false; /* + * the reserved server certificate chain in previous handshaking + * + * The server certificate chain is only reserved if the previous + * handshake is a session-resumption abbreviated initial handshake. + */ + private X509Certificate[] reservedServerCerts = null; + + /* * Constructors */ ClientHandshaker(SSLSocketImpl socket, SSLContextImpl context, @@ -555,14 +611,19 @@ // we wanted to resume, but the server refused session = null; if (!enableNewSession) { - throw new SSLException - ("New session creation is disabled"); + throw new SSLException("New session creation is disabled"); } } } if (resumingSession && session != null) { setHandshakeSessionSE(session); + // Reserve the handshake state if this is a session-resumption + // abbreviated initial handshake. + if (isInitialHandshake) { + session.setAsSessionResumption(true); + } + return; } @@ -1064,6 +1125,13 @@ } /* + * Reset the handshake state if this is not an initial handshake. + */ + if (!isInitialHandshake) { + session.setAsSessionResumption(false); + } + + /* * OK, it verified. If we're doing the fast handshake, add that * "Finished" message to the hash of handshake messages, then send * our own change_cipher_spec and Finished message for the server @@ -1161,8 +1229,23 @@ System.out.println("%% No cached client session"); } } - if ((session != null) && (session.isRejoinable() == false)) { - session = null; + if (session != null) { + // If unsafe server certificate change is not allowed, reserve + // current server certificates if the previous handshake is a + // session-resumption abbreviated initial handshake. + if (!allowUnsafeServerCertChange && session.isSessionResumption()) { + try { + // If existing, peer certificate chain cannot be null. + reservedServerCerts = + (X509Certificate[])session.getPeerCertificates(); + } catch (SSLPeerUnverifiedException puve) { + // Maybe not certificate-based, ignore the exception. + } + } + + if (!session.isRejoinable()) { + session = null; + } } if (session != null) { @@ -1331,9 +1414,28 @@ } X509Certificate[] peerCerts = mesg.getCertificateChain(); if (peerCerts.length == 0) { - fatalSE(Alerts.alert_bad_certificate, - "empty certificate chain"); + fatalSE(Alerts.alert_bad_certificate, "empty certificate chain"); } + + // Allow server certificate change in client side during renegotiation + // after a session-resumption abbreviated initial handshake? + // + // DO NOT need to check allowUnsafeServerCertChange here. We only + // reserve server certificates when allowUnsafeServerCertChange is + // flase. + if (reservedServerCerts != null) { + // It is not necessary to check the certificate update if endpoint + // identification is enabled. + String identityAlg = getEndpointIdentificationAlgorithmSE(); + if ((identityAlg == null || identityAlg.length() == 0) && + !isIdentityEquivalent(peerCerts[0], reservedServerCerts[0])) { + + fatalSE(Alerts.alert_bad_certificate, + "server certificate change is restricted " + + "during renegotiation"); + } + } + // ask the trust manager to verify the chain X509TrustManager tm = sslContext.getX509TrustManager(); try { @@ -1370,4 +1472,81 @@ } session.setPeerCertificates(peerCerts); } + + /* + * Whether the certificates can represent the same identity? + * + * The certificates can be used to represent the same identity: + * 1. If the subject alternative names of IP address are present in + * both certificates, they should be identical; otherwise, + * 2. if the subject alternative names of DNS name are present in + * both certificates, they should be identical; otherwise, + * 3. if the subject fields are present in both certificates, the + * certificate subjects and issuers should be identical. + */ + private static boolean isIdentityEquivalent(X509Certificate thisCert, + X509Certificate prevCert) { + if (thisCert.equals(prevCert)) { + return true; + } + + // check the iPAddress field in subjectAltName extension + Object thisIPAddress = getSubjectAltName(thisCert, 7); // 7: iPAddress + Object prevIPAddress = getSubjectAltName(prevCert, 7); + if (thisIPAddress != null && prevIPAddress!= null) { + // only allow the exactly match + return Objects.equals(thisIPAddress, prevIPAddress); + } + + // check the dNSName field in subjectAltName extension + Object thisDNSName = getSubjectAltName(thisCert, 2); // 2: dNSName + Object prevDNSName = getSubjectAltName(prevCert, 2); + if (thisDNSName != null && prevDNSName!= null) { + // only allow the exactly match + return Objects.equals(thisDNSName, prevDNSName); + } + + // check the certificate subject and issuer + X500Principal thisSubject = thisCert.getSubjectX500Principal(); + X500Principal prevSubject = prevCert.getSubjectX500Principal(); + X500Principal thisIssuer = thisCert.getIssuerX500Principal(); + X500Principal prevIssuer = prevCert.getIssuerX500Principal(); + if (!thisSubject.getName().isEmpty() && + !prevSubject.getName().isEmpty() && + thisSubject.equals(prevSubject) && + thisIssuer.equals(prevIssuer)) { + return true; + } + + return false; + } + + /* + * Returns the subject alternative name of the specified type in the + * subjectAltNames extension of a certificate. + */ + private static Object getSubjectAltName(X509Certificate cert, int type) { + Collection> subjectAltNames; + + try { + subjectAltNames = cert.getSubjectAlternativeNames(); + } catch (CertificateParsingException cpe) { + if (debug != null && Debug.isOn("handshake")) { + System.out.println( + "Attempt to obtain subjectAltNames extension failed!"); + } + return null; + } + + if (subjectAltNames != null) { + for (List subjectAltName : subjectAltNames) { + int subjectAltNameType = (Integer)subjectAltName.get(0); + if (subjectAltNameType == type) { + return subjectAltName.get(1); + } + } + } + + return null; + } } --- ./jdk/src/share/classes/sun/security/ssl/Handshaker.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/sun/security/ssl/Handshaker.java Tue Sep 09 12:00:58 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -359,6 +359,17 @@ } } + String getEndpointIdentificationAlgorithmSE() { + SSLParameters paras; + if (conn != null) { + paras = conn.getSSLParameters(); + } else { + paras = engine.getSSLParameters(); + } + + return paras.getEndpointIdentificationAlgorithm(); + } + private void setVersionSE(ProtocolVersion protocolVersion) { if (conn != null) { conn.setVersion(protocolVersion); --- ./jdk/src/share/classes/sun/security/ssl/SSLSessionImpl.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/sun/security/ssl/SSLSessionImpl.java Tue Sep 09 12:00:58 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -115,6 +115,14 @@ private Principal localPrincipal; /* + * Is the session currently re-established with a session-resumption + * abbreviated initial handshake? + * + * Note that currently we only set this variable in client side. + */ + private boolean isSessionResumption = false; + + /* * We count session creations, eventually for statistical data but * also since counters make shorter debugging IDs than the big ones * we use in the protocol for uniqueness-over-time. @@ -325,6 +333,22 @@ } /** + * Return true if the session is currently re-established with a + * session-resumption abbreviated initial handshake. + */ + boolean isSessionResumption() { + return isSessionResumption; + } + + /** + * Resets whether the session is re-established with a session-resumption + * abbreviated initial handshake. + */ + void setAsSessionResumption(boolean flag) { + isSessionResumption = flag; + } + + /** * Returns the name of the cipher suite in use on this session */ @Override --- ./jdk/src/share/classes/sun/tools/jconsole/resources/messages_ja.properties Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/sun/tools/jconsole/resources/messages_ja.properties Tue Sep 09 12:00:58 2014 -0700 @@ -103,7 +103,7 @@ HELP_ABOUT_DIALOG_JAVA_VERSION=Java VM\u30D0\u30FC\u30B8\u30E7\u30F3:
{0} HELP_ABOUT_DIALOG_MASTHEAD_ACCESSIBLE_NAME=\u30DE\u30B9\u30C8\u30D8\u30C3\u30C9\u56F3\u5F62 HELP_ABOUT_DIALOG_MASTHEAD_TITLE=JConsole\u306B\u3064\u3044\u3066 -HELP_ABOUT_DIALOG_TITLE=JConsole: \u8A73\u7D30 +HELP_ABOUT_DIALOG_TITLE=JConsole: \u60C5\u5831 HELP_ABOUT_DIALOG_USER_GUIDE_LINK_URL=http://docs.oracle.com/javase/{0}/docs/technotes/guides/management/jconsole.html HELP_MENU_ABOUT_TITLE=JConsole\u306B\u3064\u3044\u3066(&A) HELP_MENU_USER_GUIDE_TITLE=\u30AA\u30F3\u30E9\u30A4\u30F3\u30FB\u30E6\u30FC\u30B6\u30FC\u30FB\u30AC\u30A4\u30C9(&U) --- ./jdk/src/share/classes/sun/util/locale/BaseLocale.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/sun/util/locale/BaseLocale.java Tue Sep 09 12:00:58 2014 -0700 @@ -31,6 +31,7 @@ */ package sun.util.locale; +import java.lang.ref.SoftReference; public final class BaseLocale { @@ -163,11 +164,11 @@ return h; } - private static final class Key implements Comparable { - private final String lang; - private final String scrt; - private final String regn; - private final String vart; + private static final class Key { + private final SoftReference lang; + private final SoftReference scrt; + private final SoftReference regn; + private final SoftReference vart; private final boolean normalized; private final int hash; @@ -179,10 +180,10 @@ assert language.intern() == language && region.intern() == region; - lang = language; - scrt = ""; - regn = region; - vart = ""; + lang = new SoftReference(language); + scrt = new SoftReference(""); + regn = new SoftReference(region); + vart = new SoftReference(""); this.normalized = true; int h = language.hashCode(); @@ -203,40 +204,40 @@ String variant, boolean normalized) { int h = 0; if (language != null) { - lang = language; + lang = new SoftReference(language); int len = language.length(); for (int i = 0; i < len; i++) { h = 31*h + LocaleUtils.toLower(language.charAt(i)); } } else { - lang = ""; + lang = new SoftReference(""); } if (script != null) { - scrt = script; + scrt = new SoftReference(script); int len = script.length(); for (int i = 0; i < len; i++) { h = 31*h + LocaleUtils.toLower(script.charAt(i)); } } else { - scrt = ""; + scrt = new SoftReference(""); } if (region != null) { - regn = region; + regn = new SoftReference(region); int len = region.length(); for (int i = 0; i < len; i++) { h = 31*h + LocaleUtils.toLower(region.charAt(i)); } } else { - regn = ""; + regn = new SoftReference(""); } if (variant != null) { - vart = variant; + vart = new SoftReference(variant); int len = variant.length(); for (int i = 0; i < len; i++) { h = 31*h + variant.charAt(i); } } else { - vart = ""; + vart = new SoftReference(""); } hash = h; this.normalized = normalized; @@ -244,28 +245,31 @@ @Override public boolean equals(Object obj) { - return (this == obj) || - (obj instanceof Key) - && this.hash == ((Key)obj).hash - && LocaleUtils.caseIgnoreMatch(((Key)obj).lang, this.lang) - && LocaleUtils.caseIgnoreMatch(((Key)obj).scrt, this.scrt) - && LocaleUtils.caseIgnoreMatch(((Key)obj).regn, this.regn) - && ((Key)obj).vart.equals(vart); // variant is case sensitive in JDK! + if (this == obj) { + return true; } - @Override - public int compareTo(Key other) { - int res = LocaleUtils.caseIgnoreCompare(this.lang, other.lang); - if (res == 0) { - res = LocaleUtils.caseIgnoreCompare(this.scrt, other.scrt); - if (res == 0) { - res = LocaleUtils.caseIgnoreCompare(this.regn, other.regn); - if (res == 0) { - res = this.vart.compareTo(other.vart); + if (obj instanceof Key && this.hash == ((Key)obj).hash) { + String tl = this.lang.get(); + String ol = ((Key)obj).lang.get(); + if (tl != null && ol != null && + LocaleUtils.caseIgnoreMatch(ol, tl)) { + String ts = this.scrt.get(); + String os = ((Key)obj).scrt.get(); + if (ts != null && os != null && + LocaleUtils.caseIgnoreMatch(os, ts)) { + String tr = this.regn.get(); + String or = ((Key)obj).regn.get(); + if (tr != null && or != null && + LocaleUtils.caseIgnoreMatch(or, tr)) { + String tv = this.vart.get(); + String ov = ((Key)obj).vart.get(); + return (ov != null && ov.equals(tv)); } } } - return res; + } + return false; } @Override @@ -278,10 +282,10 @@ return key; } - String lang = LocaleUtils.toLowerString(key.lang).intern(); - String scrt = LocaleUtils.toTitleString(key.scrt).intern(); - String regn = LocaleUtils.toUpperString(key.regn).intern(); - String vart = key.vart.intern(); // preserve upper/lower cases + String lang = LocaleUtils.toLowerString(key.lang.get()).intern(); + String scrt = LocaleUtils.toTitleString(key.scrt.get()).intern(); + String regn = LocaleUtils.toUpperString(key.regn.get()).intern(); + String vart = key.vart.get().intern(); // preserve upper/lower cases return new Key(lang, scrt, regn, vart, true); } @@ -294,12 +298,18 @@ @Override protected Key normalizeKey(Key key) { + assert key.lang.get() != null && + key.scrt.get() != null && + key.regn.get() != null && + key.vart.get() != null; + return Key.normalize(key); } @Override protected BaseLocale createObject(Key key) { - return new BaseLocale(key.lang, key.scrt, key.regn, key.vart); + return new BaseLocale(key.lang.get(), key.scrt.get(), + key.regn.get(), key.vart.get()); } } } --- ./jdk/src/share/classes/sun/util/locale/LocaleObjectCache.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/classes/sun/util/locale/LocaleObjectCache.java Tue Sep 09 12:00:58 2014 -0700 @@ -57,8 +57,10 @@ value = entry.get(); } if (value == null) { + V newVal = createObject(key); + // make sure key is normalized *after* the object creation + // so that newVal is assured to be created from a valid key. key = normalizeKey(key); - V newVal = createObject(key); if (key == null || newVal == null) { // subclass must return non-null key/value object return null; --- ./jdk/src/share/javavm/export/jvm.h Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/javavm/export/jvm.h Tue Sep 09 12:00:58 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -386,6 +386,19 @@ JVM_FindClassFromBootLoader(JNIEnv *env, const char *name); /* + * Find a class from a given class loader. Throws ClassNotFoundException. + * name: name of class + * init: whether initialization is done + * loader: class loader to look up the class. This may not be the same as the caller's + * class loader. + * caller: initiating class. The initiating class may be null when a security + * manager is not installed. + */ +JNIEXPORT jclass JNICALL +JVM_FindClassFromCaller(JNIEnv *env, const char *name, jboolean init, + jobject loader, jclass caller); + +/* * Find a class from a given class loader. Throw ClassNotFoundException * or NoClassDefFoundError depending on the value of the last * argument. --- ./jdk/src/share/native/java/lang/Class.c Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/native/java/lang/Class.c Tue Sep 09 12:00:58 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1994, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1994, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -97,7 +97,7 @@ JNIEXPORT jclass JNICALL Java_java_lang_Class_forName0(JNIEnv *env, jclass this, jstring classname, - jboolean initialize, jobject loader) + jboolean initialize, jobject loader, jclass caller) { char *clname; jclass cls = 0; @@ -135,8 +135,7 @@ goto done; } - cls = JVM_FindClassFromClassLoader(env, clname, initialize, - loader, JNI_FALSE); + cls = JVM_FindClassFromCaller(env, clname, initialize, loader, caller); done: if (clname != buf) { --- ./jdk/src/share/native/java/util/zip/CRC32.c Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/native/java/util/zip/CRC32.c Tue Sep 09 12:00:58 2014 -0700 @@ -54,7 +54,8 @@ return crc; } -JNIEXPORT jint ZIP_CRC32(jint crc, const jbyte *buf, jint len) +JNIEXPORT jint JNICALL +ZIP_CRC32(jint crc, const jbyte *buf, jint len) { return crc32(crc, (Bytef*)buf, len); } --- ./jdk/src/share/native/java/util/zip/ZipFile.c Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/native/java/util/zip/ZipFile.c Tue Sep 09 12:00:58 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -172,11 +172,7 @@ } (*env)->GetByteArrayRegion(env, name, 0, ulen, (jbyte *)path); path[ulen] = '\0'; - if (addSlash == JNI_FALSE) { - ze = ZIP_GetEntry(zip, path, 0); - } else { - ze = ZIP_GetEntry(zip, path, (jint)ulen); - } + ze = ZIP_GetEntry2(zip, path, (jint)ulen, addSlash); if (path != buf) { free(path); } @@ -269,7 +265,7 @@ switch (type) { case java_util_zip_ZipFile_JZENTRY_NAME: if (ze->name != 0) { - len = (int)strlen(ze->name); + len = (int)ze->nlen; if (len == 0 || (jba = (*env)->NewByteArray(env, len)) == NULL) break; (*env)->SetByteArrayRegion(env, jba, 0, len, (jbyte *)ze->name); --- ./jdk/src/share/native/java/util/zip/zip_util.c Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/native/java/util/zip/zip_util.c Tue Sep 09 12:00:58 2014 -0700 @@ -1021,6 +1021,7 @@ if ((ze->name = malloc(nlen + 1)) == NULL) goto Catch; memcpy(ze->name, cen + CENHDR, nlen); ze->name[nlen] = '\0'; + ze->nlen = nlen; if (elen > 0) { char *extra = cen + CENHDR + nlen; @@ -1118,7 +1119,34 @@ jzentry * ZIP_GetEntry(jzfile *zip, char *name, jint ulen) { - unsigned int hsh = hash(name); + if (ulen == 0) { + return ZIP_GetEntry2(zip, name, strlen(name), JNI_FALSE); + } + return ZIP_GetEntry2(zip, name, ulen, JNI_TRUE); +} + +jboolean equals(char* name1, int len1, char* name2, int len2) { + if (len1 != len2) { + return JNI_FALSE; + } + while (len1-- > 0) { + if (*name1++ != *name2++) { + return JNI_FALSE; + } + } + return JNI_TRUE; +} + +/* + * Returns the zip entry corresponding to the specified name, or + * NULL if not found. + * This method supports embedded null character in "name", use ulen + * for the length of "name". + */ +jzentry * +ZIP_GetEntry2(jzfile *zip, char *name, jint ulen, jboolean addSlash) +{ + unsigned int hsh = hashN(name, ulen); jint idx; jzentry *ze = 0; @@ -1139,7 +1167,7 @@ /* Check the cached entry first */ ze = zip->cache; - if (ze && strcmp(ze->name,name) == 0) { + if (ze && equals(ze->name, ze->nlen, name, ulen)) { /* Cache hit! Remove and return the cached entry. */ zip->cache = 0; ZIP_Unlock(zip); @@ -1165,7 +1193,7 @@ * we keep searching. */ ze = newEntry(zip, zc, ACCESS_RANDOM); - if (ze && strcmp(ze->name, name)==0) { + if (ze && equals(ze->name, ze->nlen, name, ulen)) { break; } if (ze != 0) { @@ -1184,8 +1212,8 @@ break; } - /* If no real length was passed in, we are done */ - if (ulen == 0) { + /* If no need to try appending slash, we are done */ + if (!addSlash) { break; } @@ -1195,11 +1223,11 @@ } /* Add slash and try once more */ - name[ulen] = '/'; - name[ulen+1] = '\0'; + name[ulen++] = '/'; + name[ulen] = '\0'; hsh = hash_append(hsh, '/'); idx = zip->table[hsh % zip->tablelen]; - ulen = 0; + addSlash = JNI_FALSE; } Finally: --- ./jdk/src/share/native/java/util/zip/zip_util.h Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/native/java/util/zip/zip_util.h Tue Sep 09 12:00:58 2014 -0700 @@ -154,6 +154,7 @@ * - If pos <= 0 then it is the position of entry LOC header. * If pos > 0 then it is the position of entry data. * pos should not be accessed directly, but only by ZIP_GetEntryDataOffset. + * - entry name may include embedded null character, use nlen for length */ typedef struct jzentry { /* Zip file entry */ @@ -166,6 +167,7 @@ jbyte *extra; /* optional extra data */ jlong pos; /* position of LOC header or entry data */ jint flag; /* general purpose flag */ + jint nlen; /* length of the entry name */ } jzentry; /* @@ -269,5 +271,5 @@ jint ZIP_Read(jzfile *zip, jzentry *entry, jlong pos, void *buf, jint len); void ZIP_FreeEntry(jzfile *zip, jzentry *ze); jlong ZIP_GetEntryDataOffset(jzfile *zip, jzentry *entry); - +jzentry * ZIP_GetEntry2(jzfile *zip, char *name, jint ulen, jboolean addSlash); #endif /* !_ZIP_H_ */ --- ./jdk/src/share/native/sun/font/layout/ContextualSubstSubtables.cpp Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/share/native/sun/font/layout/ContextualSubstSubtables.cpp Tue Sep 09 12:00:58 2014 -0700 @@ -243,12 +243,22 @@ le_uint16 srSetCount = SWAPW(subRuleSetCount); if (coverageIndex < srSetCount) { + LEReferenceToArrayOf subRuleSetTableOffsetArrayRef(base, success, + &subRuleSetTableOffsetArray[coverageIndex], 1); + if (LE_FAILURE(success)) { + return 0; + } Offset subRuleSetTableOffset = SWAPW(subRuleSetTableOffsetArray[coverageIndex]); LEReferenceTo subRuleSetTable(base, success, (const SubRuleSetTable *) ((char *) this + subRuleSetTableOffset)); le_uint16 subRuleCount = SWAPW(subRuleSetTable->subRuleCount); le_int32 position = glyphIterator->getCurrStreamPosition(); + LEReferenceToArrayOf subRuleTableOffsetArrayRef(base, success, + subRuleSetTable->subRuleTableOffsetArray, subRuleCount); + if (LE_FAILURE(success)) { + return 0; + } for (le_uint16 subRule = 0; subRule < subRuleCount; subRule += 1) { Offset subRuleTableOffset = SWAPW(subRuleSetTable->subRuleTableOffsetArray[subRule]); @@ -301,13 +311,22 @@ glyphIterator->getCurrGlyphID(), success); - if (setClass < scSetCount && subClassSetTableOffsetArray[setClass] != 0) { + if (setClass < scSetCount) { + LEReferenceToArrayOf + subClassSetTableOffsetArrayRef(base, success, subClassSetTableOffsetArray, setClass); + if (LE_FAILURE(success)) { return 0; } + if (subClassSetTableOffsetArray[setClass] != 0) { + Offset subClassSetTableOffset = SWAPW(subClassSetTableOffsetArray[setClass]); LEReferenceTo subClassSetTable(base, success, (const SubClassSetTable *) ((char *) this + subClassSetTableOffset)); le_uint16 subClassRuleCount = SWAPW(subClassSetTable->subClassRuleCount); le_int32 position = glyphIterator->getCurrStreamPosition(); - + LEReferenceToArrayOf + subClassRuleTableOffsetArrayRef(base, success, subClassSetTable->subClassRuleTableOffsetArray, subClassRuleCount); + if (LE_FAILURE(success)) { + return 0; + } for (le_uint16 scRule = 0; scRule < subClassRuleCount; scRule += 1) { Offset subClassRuleTableOffset = SWAPW(subClassSetTable->subClassRuleTableOffsetArray[scRule]); @@ -331,6 +350,7 @@ glyphIterator->setCurrStreamPosition(position); } } + } // XXX If we get here, the table is mal-formed... } @@ -442,13 +462,22 @@ le_uint16 srSetCount = SWAPW(chainSubRuleSetCount); if (coverageIndex < srSetCount) { + LEReferenceToArrayOf + chainSubRuleSetTableOffsetArrayRef(base, success, chainSubRuleSetTableOffsetArray, coverageIndex); + if (LE_FAILURE(success)) { + return 0; + } Offset chainSubRuleSetTableOffset = SWAPW(chainSubRuleSetTableOffsetArray[coverageIndex]); LEReferenceTo chainSubRuleSetTable(base, success, (const ChainSubRuleSetTable *) ((char *) this + chainSubRuleSetTableOffset)); le_uint16 chainSubRuleCount = SWAPW(chainSubRuleSetTable->chainSubRuleCount); le_int32 position = glyphIterator->getCurrStreamPosition(); GlyphIterator tempIterator(*glyphIterator, emptyFeatureList); - + LEReferenceToArrayOf + chainSubRuleTableOffsetArrayRef(base, success, chainSubRuleSetTable->chainSubRuleTableOffsetArray, chainSubRuleCount); + if (LE_FAILURE(success)) { + return 0; + } for (le_uint16 subRule = 0; subRule < chainSubRuleCount; subRule += 1) { Offset chainSubRuleTableOffset = SWAPW(chainSubRuleSetTable->chainSubRuleTableOffsetArray[subRule]); @@ -530,6 +559,11 @@ le_int32 setClass = inputClassDefinitionTable->getGlyphClass(inputClassDefinitionTable, glyphIterator->getCurrGlyphID(), success); + LEReferenceToArrayOf + chainSubClassSetTableOffsetArrayRef(base, success, chainSubClassSetTableOffsetArray, setClass); + if (LE_FAILURE(success)) { + return 0; + } if (setClass < scSetCount && chainSubClassSetTableOffsetArray[setClass] != 0) { Offset chainSubClassSetTableOffset = SWAPW(chainSubClassSetTableOffsetArray[setClass]); @@ -538,7 +572,11 @@ le_uint16 chainSubClassRuleCount = SWAPW(chainSubClassSetTable->chainSubClassRuleCount); le_int32 position = glyphIterator->getCurrStreamPosition(); GlyphIterator tempIterator(*glyphIterator, emptyFeatureList); - + LEReferenceToArrayOf + chainSubClassRuleTableOffsetArrayRef(base, success, chainSubClassSetTable->chainSubClassRuleTableOffsetArray, chainSubClassRuleCount); + if (LE_FAILURE(success)) { + return 0; + } for (le_uint16 scRule = 0; scRule < chainSubClassRuleCount; scRule += 1) { Offset chainSubClassRuleTableOffset = SWAPW(chainSubClassSetTable->chainSubClassRuleTableOffsetArray[scRule]); @@ -603,12 +641,14 @@ } le_uint16 backtrkGlyphCount = SWAPW(backtrackGlyphCount); + LEReferenceToArrayOf backtrackGlyphArrayRef(base, success, backtrackCoverageTableOffsetArray, backtrkGlyphCount); + if (LE_FAILURE(success)) { + return 0; + } le_uint16 inputGlyphCount = (le_uint16) SWAPW(backtrackCoverageTableOffsetArray[backtrkGlyphCount]); LEReferenceToArrayOf inputCoverageTableOffsetArray(base, success, &backtrackCoverageTableOffsetArray[backtrkGlyphCount + 1], inputGlyphCount+2); // offset if (LE_FAILURE(success)) { return 0; } const le_uint16 lookaheadGlyphCount = (le_uint16) SWAPW(inputCoverageTableOffsetArray[inputGlyphCount]); - - if( LE_FAILURE(success)) { return 0; } LEReferenceToArrayOf lookaheadCoverageTableOffsetArray(base, success, inputCoverageTableOffsetArray.getAlias(inputGlyphCount + 1, success), lookaheadGlyphCount+2); if( LE_FAILURE(success) ) { return 0; } --- ./jdk/src/solaris/classes/sun/awt/X11/XTextAreaPeer.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/solaris/classes/sun/awt/X11/XTextAreaPeer.java Tue Sep 09 12:00:58 2014 -0700 @@ -1024,7 +1024,8 @@ } } - protected void uninstallListeners(JScrollPane scrollPane) { + @Override + protected void uninstallListeners(JComponent scrollPane) { super.uninstallListeners(scrollPane); scrollPane.removePropertyChangeListener(propertyChangeHandler); } --- ./jdk/src/solaris/classes/sun/print/CUPSPrinter.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/solaris/classes/sun/print/CUPSPrinter.java Tue Sep 09 12:00:58 2014 -0700 @@ -126,7 +126,7 @@ /** * Returns array of MediaSizeNames derived from PPD. */ - public MediaSizeName[] getMediaSizeNames() { + MediaSizeName[] getMediaSizeNames() { initMedia(); return cupsMediaSNames; } @@ -135,7 +135,7 @@ /** * Returns array of Custom MediaSizeNames derived from PPD. */ - public CustomMediaSizeName[] getCustomMediaSizeNames() { + CustomMediaSizeName[] getCustomMediaSizeNames() { initMedia(); return cupsCustomMediaSNames; } @@ -144,7 +144,7 @@ /** * Returns array of MediaPrintableArea derived from PPD. */ - public MediaPrintableArea[] getMediaPrintableArea() { + MediaPrintableArea[] getMediaPrintableArea() { initMedia(); return cupsMediaPrintables; } @@ -152,7 +152,7 @@ /** * Returns array of MediaTrays derived from PPD. */ - public MediaTray[] getMediaTrays() { + MediaTray[] getMediaTrays() { initMedia(); return cupsMediaTrays; } --- ./jdk/src/solaris/classes/sun/print/IPPPrintService.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/solaris/classes/sun/print/IPPPrintService.java Tue Sep 09 12:00:58 2014 -0700 @@ -993,7 +993,9 @@ public synchronized Class[] getSupportedAttributeCategories() { if (supportedCats != null) { - return supportedCats; + Class [] copyCats = new Class[supportedCats.length]; + System.arraycopy(supportedCats, 0, copyCats, 0, copyCats.length); + return copyCats; } initAttributes(); @@ -1050,7 +1052,9 @@ } supportedCats = new Class[catList.size()]; catList.toArray(supportedCats); - return supportedCats; + Class[] copyCats = new Class[supportedCats.length]; + System.arraycopy(supportedCats, 0, copyCats, 0, copyCats.length); + return copyCats; } --- ./jdk/src/solaris/native/java/net/AbstractPlainDatagramSocketImpl.c Thu Jan 01 00:00:00 1970 +0000 +++ ./jdk/src/solaris/native/java/net/AbstractPlainDatagramSocketImpl.c Tue Sep 09 12:00:58 2014 -0700 @@ -0,0 +1,89 @@ +/* + * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Oracle designates this + * particular file as subject to the "Classpath" exception as provided + * by Oracle in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +#include +#include + +#ifdef __solaris__ +#include +#include + +#ifndef BSD_COMP +#define BSD_COMP +#endif + +#endif + +#include + +#include "jvm.h" +#include "jni_util.h" +#include "net_util.h" + +#include "java_net_AbstractPlainDatagramSocketImpl.h" + +static jfieldID IO_fd_fdID; + +static jfieldID apdsi_fdID; + + +/* + * Class: java_net_AbstractPlainDatagramSocketImpl + * Method: init + * Signature: ()V + */ +JNIEXPORT void JNICALL +Java_java_net_AbstractPlainDatagramSocketImpl_init(JNIEnv *env, jclass cls) { + + apdsi_fdID = (*env)->GetFieldID(env, cls, "fd", + "Ljava/io/FileDescriptor;"); + CHECK_NULL(apdsi_fdID); + + IO_fd_fdID = NET_GetFileDescriptorID(env); +} + +/* + * Class: java_net_AbstractPlainDatagramSocketImpl + * Method: dataAvailable + * Signature: ()I + */ +JNIEXPORT jint JNICALL Java_java_net_AbstractPlainDatagramSocketImpl_dataAvailable +(JNIEnv *env, jobject this) { + int fd, retval; + + jobject fdObj = (*env)->GetObjectField(env, this, apdsi_fdID); + + if (IS_NULL(fdObj)) { + JNU_ThrowByName(env, JNU_JAVANETPKG "SocketException", + "Socket closed"); + return -1; + } + fd = (*env)->GetIntField(env, fdObj, IO_fd_fdID); + + if (ioctl(fd, FIONREAD, &retval) < 0) { + return -1; + } + return retval; +} --- ./jdk/src/windows/native/java/net/AbstractPlainDatagramSocketImpl.c Thu Jan 01 00:00:00 1970 +0000 +++ ./jdk/src/windows/native/java/net/AbstractPlainDatagramSocketImpl.c Tue Sep 09 12:00:58 2014 -0700 @@ -0,0 +1,113 @@ +/* + * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Oracle designates this + * particular file as subject to the "Classpath" exception as provided + * by Oracle in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +#include +#include + +#include "jvm.h" +#include "jni_util.h" +#include "net_util.h" + +#include "java_net_AbstractPlainDatagramSocketImpl.h" + +static jfieldID IO_fd_fdID = NULL; +static jfieldID apdsi_fdID = NULL; + +static jfieldID apdsi_fd1ID = NULL; +static jclass two_stacks_clazz = NULL; + + +/* + * Class: java_net_AbstractPlainDatagramSocketImpl + * Method: init + * Signature: ()V + */ +JNIEXPORT void JNICALL +Java_java_net_AbstractPlainDatagramSocketImpl_init(JNIEnv *env, jclass cls) { + + apdsi_fdID = (*env)->GetFieldID(env, cls, "fd", + "Ljava/io/FileDescriptor;"); + CHECK_NULL(apdsi_fdID); + IO_fd_fdID = NET_GetFileDescriptorID(env); + CHECK_NULL(IO_fd_fdID); + + two_stacks_clazz = (*env)->FindClass(env, "java/net/TwoStacksPlainDatagramSocketImpl"); + CHECK_NULL(two_stacks_clazz); + + /* Handle both TwoStacks and DualStack here */ + + if (JNU_Equals(env, cls, two_stacks_clazz)) { + /* fd1 present only in TwoStack.. */ + apdsi_fd1ID = (*env)->GetFieldID(env, cls, "fd1", + "Ljava/io/FileDescriptor;"); + CHECK_NULL(apdsi_fd1ID); + } + + JNU_CHECK_EXCEPTION(env); +} + +/* + * Class: java_net_AbstractPlainDatagramSocketImpl + * Method: dataAvailable + * Signature: ()I + */ +JNIEXPORT jint JNICALL Java_java_net_AbstractPlainDatagramSocketImpl_dataAvailable +(JNIEnv *env, jobject this) { + SOCKET fd; + SOCKET fd1; + int rv = -1, rv1 = -1; + jobject fdObj = (*env)->GetObjectField(env, this, apdsi_fdID); + + if (!IS_NULL(fdObj)) { + int retval = 0; + fd = (SOCKET)(*env)->GetIntField(env, fdObj, IO_fd_fdID); + rv = ioctlsocket(fd, FIONREAD, &retval); + if (retval > 0) { + return retval; + } + } + + if (!IS_NULL(apdsi_fd1ID)) { + /* TwoStacks */ + jobject fd1Obj = (*env)->GetObjectField(env, this, apdsi_fd1ID); + if (!IS_NULL(fd1Obj)) { + int retval = 0; + fd1 = (SOCKET)(*env)->GetIntField(env, fd1Obj, IO_fd_fdID); + rv1 = ioctlsocket(fd1, FIONREAD, &retval); + if (retval > 0) { + return retval; + } + } + } + + if (rv < 0 && rv1 < 0) { + JNU_ThrowByName(env, JNU_JAVANETPKG "SocketException", + "Socket closed"); + return -1; + } + + return 0; +} + --- ./jdk/src/windows/native/sun/awt/splashscreen/splashscreen_sys.c Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/windows/native/sun/awt/splashscreen/splashscreen_sys.c Tue Sep 09 12:00:58 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -213,6 +213,14 @@ void SplashRedrawWindow(Splash * splash) { + if (!SplashIsStillLooping(splash)) { + KillTimer(splash->hWnd, 0); + } + + if (splash->currentFrame < 0) { + return; + } + SplashUpdateScreenData(splash); if (splash->isLayered) { BLENDFUNCTION bf; @@ -303,9 +311,6 @@ time = 0; SetTimer(splash->hWnd, 0, time, NULL); } - else { - KillTimer(splash->hWnd, 0); - } } void SplashReconfigureNow(Splash * splash) { --- ./jdk/src/windows/native/sun/windows/awt_Component.cpp Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/windows/native/sun/windows/awt_Component.cpp Tue Sep 09 12:00:58 2014 -0700 @@ -6930,9 +6930,9 @@ { TRY; - return JNI_IS_TRUE(AwtToolkit::GetInstance().SyncCall( + return (jboolean)AwtToolkit::GetInstance().SyncCall( (void *(*)(void *))AwtComponent::_NativeHandlesWheelScrolling, - env->NewGlobalRef(self))); + env->NewGlobalRef(self)); // global ref is deleted in _NativeHandlesWheelScrolling CATCH_BAD_ALLOC_RET(NULL); @@ -6951,9 +6951,9 @@ jobject selfGlobalRef = env->NewGlobalRef(self); - return JNI_IS_TRUE(AwtToolkit::GetInstance().SyncCall( + return (jboolean)AwtToolkit::GetInstance().SyncCall( (void*(*)(void*))AwtComponent::_IsObscured, - (void *)selfGlobalRef)); + (void *)selfGlobalRef); // selfGlobalRef is deleted in _IsObscured CATCH_BAD_ALLOC_RET(NULL); --- ./jdk/src/windows/native/sun/windows/awt_List.cpp Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/src/windows/native/sun/windows/awt_List.cpp Tue Sep 09 12:00:58 2014 -0700 @@ -1018,8 +1018,8 @@ ses->list = env->NewGlobalRef(self); ses->index = index; - return JNI_IS_TRUE(AwtToolkit::GetInstance().SyncCall( - (void *(*)(void *))AwtList::_IsSelected, ses)); + return (jboolean)AwtToolkit::GetInstance().SyncCall( + (void *(*)(void *))AwtList::_IsSelected, ses); // global ref and ses are deleted in _IsSelected CATCH_BAD_ALLOC_RET(FALSE); --- ./jdk/test/java/awt/Focus/WindowIsFocusableAccessByThreadsTest/WindowIsFocusableAccessByThreadsTest.java Thu Jan 01 00:00:00 1970 +0000 +++ ./jdk/test/java/awt/Focus/WindowIsFocusableAccessByThreadsTest/WindowIsFocusableAccessByThreadsTest.java Tue Sep 09 12:00:58 2014 -0700 @@ -0,0 +1,113 @@ +/* + * Copyright (c) 2014 Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + @test + @bug 8047288 + @summary Tests method isFocusable of Window component. It should be accessed only from EDT + @author artem.malinko@oracle.com + @library ../../regtesthelpers + @build Util + @run main WindowIsFocusableAccessByThreadsTest +*/ + +import test.java.awt.regtesthelpers.Util; + +import javax.swing.*; +import java.awt.*; +import java.util.concurrent.atomic.AtomicBoolean; + +public class WindowIsFocusableAccessByThreadsTest { + private static AtomicBoolean testPassed = new AtomicBoolean(true); + private static volatile TestFrame frame; + private static volatile TestWindow window; + private static volatile Button openWindowBtn; + + public static void main(String[] args) { + frame = new TestFrame("Test EDT access to Window components"); + window = new TestWindow(frame); + + SwingUtilities.invokeLater(WindowIsFocusableAccessByThreadsTest::init); + + Util.waitTillShown(frame); + Robot robot = Util.createRobot(); + Util.clickOnComp(frame, robot, 100); + Util.clickOnComp(openWindowBtn, robot, 100); + + Util.waitTillShown(window); + + if (!testPassed.get()) { + throw new RuntimeException("Window component methods has been accessed not " + + "from Event Dispatching Thread"); + } + } + + private static void init() { + frame.setSize(400, 400); + frame.setLayout(new FlowLayout()); + openWindowBtn = new Button("open window"); + openWindowBtn.addActionListener(e -> { + window.setSize(100, 100); + window.setLocation(400, 100); + window.setVisible(true); + }); + frame.add(openWindowBtn); + frame.setVisible(true); + } + + private static void testThread() { + if (!SwingUtilities.isEventDispatchThread()) { + testPassed.set(false); + } + } + + private static class TestWindow extends Window { + public TestWindow(Frame owner) { + super(owner); + } + + // isFocusable method is final and we can't add this test to it. + // But it invokes getFocusableWindowState and here we can check + // if thread is EDT. + @Override + public boolean getFocusableWindowState() { + testThread(); + return super.getFocusableWindowState(); + } + } + + private static class TestFrame extends Frame { + private TestFrame(String title) throws HeadlessException { + super(title); + } + + // isFocusable method is final and we can't add this test to it. + // But it invokes getFocusableWindowState and here we can check + // if thread is EDT. + @Override + public boolean getFocusableWindowState() { + testThread(); + return super.getFocusableWindowState(); + } + } +} --- ./jdk/test/java/util/Collections/CheckedQueue.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/test/java/util/Collections/CheckedQueue.java Tue Sep 09 12:00:58 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2011, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -23,55 +23,40 @@ /* * @test - * @bug 5020931 + * @bug 5020931 8048207 * @summary Unit test for Collections.checkedQueue + * @run testng CheckedQueue */ -import java.lang.reflect.Method; import java.util.Collections; -import java.util.Iterator; import java.util.Queue; import java.util.concurrent.ArrayBlockingQueue; +import org.testng.annotations.Test; +import static org.testng.Assert.fail; +import static org.testng.Assert.assertEquals; +import static org.testng.Assert.assertTrue; +import static org.testng.Assert.assertFalse; + + public class CheckedQueue { - static int status = 0; - - public static void main(String[] args) throws Exception { - new CheckedQueue(); - } - - public CheckedQueue() throws Exception { - run(); - } - - private void run() throws Exception { - Method[] methods = this.getClass().getDeclaredMethods(); - - for (int i = 0; i < methods.length; i++) { - Method method = methods[i]; - String methodName = method.getName(); - - if (methodName.startsWith("test")) { - try { - Object obj = method.invoke(this, new Object[0]); - } catch(Exception e) { - throw new Exception(this.getClass().getName() + "." + - methodName + " test failed, test exception " - + "follows\n" + e.getCause()); - } - } - } - } /** * This test adds items to a queue. */ - private void test00() { + @Test + public void testAdd() { int arrayLength = 10; - ArrayBlockingQueue abq = new ArrayBlockingQueue(arrayLength); + Queue abq = Collections.checkedQueue(new ArrayBlockingQueue<>(arrayLength), String.class); for (int i = 0; i < arrayLength; i++) { - abq.add(new String(Integer.toString(i))); + abq.add(Integer.toString(i)); + } + + try { + abq.add("full"); + } catch (IllegalStateException full) { + } } @@ -80,23 +65,17 @@ * {@code String}s gets the checked queue, and attempt to add an Integer to * the checked queue. */ - private void test01() throws Exception { + @Test(expectedExceptions = ClassCastException.class) + public void testAddFail1() { int arrayLength = 10; ArrayBlockingQueue abq = new ArrayBlockingQueue(arrayLength + 1); for (int i = 0; i < arrayLength; i++) { - abq.add(new String(Integer.toString(i))); + abq.add(Integer.toString(i)); } Queue q = Collections.checkedQueue(abq, String.class); - - try { - q.add(new Integer(0)); - throw new Exception(this.getClass().getName() + "." + "test01 test" - + " failed, should throw ClassCastException."); - } catch(ClassCastException cce) { - // Do nothing. - } + q.add(0); } /** @@ -104,47 +83,40 @@ * {@code String}, gets the checked queue, and attempt to add an Integer to * the checked queue. */ - private void test02() throws Exception { + @Test(expectedExceptions = ClassCastException.class) + public void testAddFail2() { ArrayBlockingQueue abq = new ArrayBlockingQueue(1); Queue q = Collections.checkedQueue(abq, String.class); - try { - q.add(new Integer(0)); - throw new Exception(this.getClass().getName() + "." + "test02 test" - + " failed, should throw ClassCastException."); - } catch(ClassCastException e) { - // Do nothing. - } + q.add(0); } /** * This test tests the Collections.checkedQueue method call for nulls in * each and both of the parameters. */ - private void test03() throws Exception { + @Test + public void testArgs() { ArrayBlockingQueue abq = new ArrayBlockingQueue(1); Queue q; try { q = Collections.checkedQueue(null, String.class); - throw new Exception(this.getClass().getName() + "." + "test03 test" - + " failed, should throw NullPointerException."); + fail( "should throw NullPointerException."); } catch(NullPointerException npe) { // Do nothing } try { q = Collections.checkedQueue(abq, null); - throw new Exception(this.getClass().getName() + "." + "test03 test" - + " failed, should throw NullPointerException."); + fail( "should throw NullPointerException."); } catch(Exception e) { // Do nothing } try { q = Collections.checkedQueue(null, null); - throw new Exception(this.getClass().getName() + "." + "test03 test" - + " failed, should throw NullPointerException."); + fail( "should throw NullPointerException."); } catch(Exception e) { // Do nothing } @@ -153,38 +125,28 @@ /** * This test tests the CheckedQueue.offer method. */ - private void test04() throws Exception { + @Test + public void testOffer() { ArrayBlockingQueue abq = new ArrayBlockingQueue(1); Queue q = Collections.checkedQueue(abq, String.class); try { q.offer(null); - throw new Exception(this.getClass().getName() + "." + "test04 test" - + " failed, should throw NullPointerException."); + fail("should throw NullPointerException."); } catch (NullPointerException npe) { // Do nothing } try { - q.offer(new Integer(0)); - throw new Exception(this.getClass().getName() + "." + "test04 test" - + " failed, should throw ClassCastException."); + q.offer(0); + fail("should throw ClassCastException."); } catch (ClassCastException cce) { // Do nothing } - q.offer(new String("0")); + assertTrue(q.offer("0"), "queue should have room"); - try { - q.offer(new String("1")); - throw new Exception(this.getClass().getName() + "." + "test04 test" - + " failed, should throw IllegalStateException."); - } catch(IllegalStateException ise) { - // Do nothing - } - } - - private void test05() { - + // no room at the inn! + assertFalse(q.offer("1"), "queue should be full"); } } --- ./jdk/test/sun/java2d/cmm/ColorConvertOp/ColConvCCMTest.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/test/sun/java2d/cmm/ColorConvertOp/ColConvCCMTest.java Tue Sep 09 12:00:58 2014 -0700 @@ -23,7 +23,7 @@ /** * @test - * @bug 6476665 7033534 6830714 + * @bug 6476665 7033534 6830714 8052162 * @summary Verifies color conversion of Component Color Model based images * @run main ColConvCCMTest */ --- ./jdk/test/sun/security/ssl/sanity/ciphersuites/CipherSuitesInOrder.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/test/sun/security/ssl/sanity/ciphersuites/CipherSuitesInOrder.java Tue Sep 09 12:00:58 2014 -0700 @@ -69,11 +69,6 @@ "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", - "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", - "TLS_ECDHE_RSA_WITH_RC4_128_SHA", - "SSL_RSA_WITH_RC4_128_SHA", - "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", - "TLS_ECDH_RSA_WITH_RC4_128_SHA", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", @@ -97,6 +92,12 @@ "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA", "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA", + + "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + "SSL_RSA_WITH_RC4_128_SHA", + "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + "TLS_ECDH_RSA_WITH_RC4_128_SHA", "SSL_RSA_WITH_RC4_128_MD5", "TLS_EMPTY_RENEGOTIATION_INFO_SCSV", @@ -110,10 +111,20 @@ "TLS_DH_anon_WITH_AES_128_CBC_SHA256", "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", "TLS_DH_anon_WITH_AES_128_CBC_SHA", + "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA", "TLS_ECDH_anon_WITH_RC4_128_SHA", "SSL_DH_anon_WITH_RC4_128_MD5", - "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", - "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA", + "SSL_RSA_WITH_DES_CBC_SHA", + "SSL_DHE_RSA_WITH_DES_CBC_SHA", + "SSL_DHE_DSS_WITH_DES_CBC_SHA", + "SSL_DH_anon_WITH_DES_CBC_SHA", + "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", + "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", + "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", + "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + "SSL_RSA_EXPORT_WITH_RC4_40_MD5", + "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5", "TLS_RSA_WITH_NULL_SHA256", "TLS_ECDHE_ECDSA_WITH_NULL_SHA", "TLS_ECDHE_RSA_WITH_NULL_SHA", @@ -122,26 +133,16 @@ "TLS_ECDH_RSA_WITH_NULL_SHA", "TLS_ECDH_anon_WITH_NULL_SHA", "SSL_RSA_WITH_NULL_MD5", - "SSL_RSA_WITH_DES_CBC_SHA", - "SSL_DHE_RSA_WITH_DES_CBC_SHA", - "SSL_DHE_DSS_WITH_DES_CBC_SHA", - "SSL_DH_anon_WITH_DES_CBC_SHA", - "SSL_RSA_EXPORT_WITH_RC4_40_MD5", - "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5", - "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", - "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", - "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", - "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + "TLS_KRB5_WITH_3DES_EDE_CBC_SHA", + "TLS_KRB5_WITH_3DES_EDE_CBC_MD5", "TLS_KRB5_WITH_RC4_128_SHA", "TLS_KRB5_WITH_RC4_128_MD5", - "TLS_KRB5_WITH_3DES_EDE_CBC_SHA", - "TLS_KRB5_WITH_3DES_EDE_CBC_MD5", "TLS_KRB5_WITH_DES_CBC_SHA", "TLS_KRB5_WITH_DES_CBC_MD5", + "TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA", + "TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5", "TLS_KRB5_EXPORT_WITH_RC4_40_SHA", - "TLS_KRB5_EXPORT_WITH_RC4_40_MD5", - "TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA", - "TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5" + "TLS_KRB5_EXPORT_WITH_RC4_40_MD5" ); private final static String[] protocols = { --- ./jdk/test/sun/tools/native2ascii/NativeErrors.java Wed Jul 30 18:42:59 2014 +0100 +++ ./jdk/test/sun/tools/native2ascii/NativeErrors.java Tue Sep 09 12:00:58 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 1999, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,12 +25,18 @@ * @test * @bug 4136352 * @summary Test Native2ASCII error messages - * + * @library /lib/testlibrary + * @build jdk.testlibrary.* NativeErrors + * @run main NativeErrors */ -import java.io.*; -import sun.tools.native2ascii.*; -import java.util.*; + +import java.io.File; +import java.util.ResourceBundle; +import java.util.MissingResourceException; +import jdk.testlibrary.OutputAnalyzer; +import jdk.testlibrary.JDKToolLauncher; +import jdk.testlibrary.ProcessTools; public class NativeErrors { @@ -45,30 +51,18 @@ } } - public static void main(String args[]) throws Exception { - String[] command; - Process p = null; - BufferedReader in = null; + public static void main(String args[]) throws Throwable { + // Execute command in another vm. Verify stdout for expected err msg. - // Construct a command that runs the test in other vm - // Exec another vm to run test in - // Read the result to determine if test failed - - command = getComString("-encoding"); - p = Runtime.getRuntime().exec(command); - in = new BufferedReader(new InputStreamReader(p.getInputStream())); - checkResult(in, "err.bad.arg"); + // Test with no input file given. + checkResult(executeCmd("-encoding"), "err.bad.arg"); File f0 = new File(System.getProperty("test.src", "."), "test123"); String path0 = f0.getPath(); if ( f0.exists() ) { throw new Error("Input file should not exist: " + path0); } - - command = getComString(path0); - p = Runtime.getRuntime().exec(command); - in = new BufferedReader(new InputStreamReader(p.getInputStream())); - checkResult(in, "err.cannot.read"); + checkResult(executeCmd(path0), "err.cannot.read"); File f1 = new File(System.getProperty("test.src", "."), "test1"); File f2 = File.createTempFile("test2", ".tmp"); @@ -81,71 +75,38 @@ throw new Error("Output file cannot be made read only: " + path2); } f2.deleteOnExit(); - - command = getComString(path1, path2); - p = Runtime.getRuntime().exec(command); - in = new BufferedReader(new InputStreamReader(p.getInputStream())); - checkResult(in, "err.cannot.write"); + checkResult(executeCmd(path1, path2), "err.cannot.write"); } - - private static void checkResult(BufferedReader in, String errorExpected) - throws Exception { - String errorReceived; - errorReceived = in.readLine(); - assert errorReceived != null : "First readline cannot be null"; - errorExpected = rsrc.getString(errorExpected); - assert errorExpected != null : "Expected message cannot be null"; - StringBuffer error = new StringBuffer(errorExpected); - int start = errorExpected.indexOf("{0}"); - if (start >= 0) { - error.delete(start, start+3); - errorExpected = error.toString(); + private static String executeCmd(String... toolArgs) throws Throwable { + JDKToolLauncher cmd = JDKToolLauncher.createUsingTestJDK("native2ascii"); + for (String s : toolArgs) { + cmd.addToolArg(s); } - //System.out.println("received: " + errorReceived); - //System.out.println("expected: " + errorExpected); - if (!errorReceived.endsWith(errorExpected)) - throw new RuntimeException("Native2ascii bad arg error broken."); + OutputAnalyzer output = ProcessTools.executeProcess(cmd.getCommand()); + if (output == null || output.getStdout() == null) { + throw new Exception("Output was null. Process did not finish correctly."); + } + if (output.getExitValue() == 0) { + throw new Exception("Process exit code was 0, but error was expected."); + } + return output.getStdout(); } - private static String[] getComString(String arg2) { - String[] coms = new String[2]; - coms[0] = getPathString(); - coms[1] = arg2; - return coms; - } + private static void checkResult( + String errorReceived, String errorKey) throws Exception { + String errorExpected = rsrc.getString(errorKey); + if (errorExpected == null) { + throw new Exception("No error message for key: " + errorKey); + } + // Remove template tag from error message. + errorExpected = errorExpected.replaceAll("\\{0\\}", ""); - private static String[] getComString(String arg2, String arg3) { - String[] coms = new String[3]; - coms[0] = getPathString(); - coms[1] = arg2; - coms[2] = arg3; - return coms; - } - - /* - * Search for path to native2ascii - */ - private static String getPathString() { - String path = System.getProperty("java.home") + File.separator + - "bin" + File.separator + "native2ascii"; - if (File.separatorChar == '\\') { - path = path + ".exe"; + System.out.println("received: " + errorReceived); + System.out.println("expected: " + errorExpected); + if (errorReceived.indexOf(errorExpected) < 0) { + throw new RuntimeException("Native2ascii bad arg error broken."); } - File f = new File(path); - if (!f.exists()) { - System.out.println("Cannot find native2ascii at "+path); - path = System.getProperty("java.home") + File.separator + ".." + - File.separator + "bin" + File.separator + "native2ascii"; - if (File.separatorChar == '\\') { - path = path + ".exe"; - } - f = new File(path); - if (!f.exists()) - throw new RuntimeException("Cannot find native2ascii at "+path); - System.out.println("Using native2ascii at "+path); - } - return path; } } --- ./langtools/.hgtags Wed Jul 30 03:55:11 2014 -0700 +++ ./langtools/.hgtags Mon Sep 08 12:38:00 2014 -0700 @@ -311,3 +311,21 @@ 5c1d6da1445aa3a2e5cf6101c70e79bfbe2745a5 jdk8u20-b23 9239118487dfb47ee850d2cc9b10a0a2e510da3c jdk8u20-b24 9239118487dfb47ee850d2cc9b10a0a2e510da3c jdk8u20-b25 +5e6d409a72327a31b8a8f9aa0b32ef213c8b629c jdk8u20-b26 +f491f1581f196950c2cb858508dd06601968c417 jdk8u25-b00 +5bc865e0a2e3c59c1c8bc41e731509e1737ddea1 jdk8u25-b01 +4dec0c684a9ead80ea2bca6b042682367c1abf90 jdk8u25-b02 +1d039298d33f8062a0aa75442bd39434e16ee2df jdk8u25-b03 +5c806c4b2830056caaca3329e634ff040bfe1c7b jdk8u25-b04 +f1625806cabab809993fbc650b77c5a28d70035d jdk8u25-b05 +7a6309461a7294cc78789f547b0a652757d17156 jdk8u25-b06 +aad835b33337c22f4d632c2531c453de00a8f778 jdk8u25-b07 +224b8260b2c72e2902e48522240c97de11b3570a jdk8u25-b08 +a5fa1a2bd63cfcce67dae074c07cd0f2baa8ddc0 jdk8u25-b09 +0dfd4099658397efa118918cd43f79e194c320ea jdk8u25-b10 +eee8277448304f5d785310edff072d993a0c1868 jdk8u25-b11 +664a10268f61616b682985855015663c30d0476f jdk8u25-b12 +89b2f04998c7a1f987cadb4c42801d1ec500a870 jdk8u25-b13 +a340d68b020585cad7aa6e38d1aafb19ad0e4e07 jdk8u25-b14 +6e0c19cd42d7c4d307bea26840ee831cbd14e2fc jdk8u25-b15 +7fa6fa7cc204de988e224c6f8f75e62128fa84cd jdk8u25-b16 --- ./langtools/src/share/classes/com/sun/tools/javac/resources/compiler_ja.properties Wed Jul 30 03:55:11 2014 -0700 +++ ./langtools/src/share/classes/com/sun/tools/javac/resources/compiler_ja.properties Mon Sep 08 12:38:00 2014 -0700 @@ -1677,6 +1677,9 @@ # 0: string compiler.err.static.intf.methods.not.supported.in.source=static\u30A4\u30F3\u30BF\u30D5\u30A7\u30FC\u30B9\u306F-source {0}\u3067\u30B5\u30DD\u30FC\u30C8\u3055\u308C\u3066\u3044\u307E\u305B\u3093\n(static\u30A4\u30F3\u30BF\u30D5\u30A7\u30FC\u30B9\u3092\u4F7F\u7528\u53EF\u80FD\u306B\u3059\u308B\u306B\u306F\u3001-source 8\u4EE5\u4E0A\u3092\u4F7F\u7528\u3057\u3066\u304F\u3060\u3055\u3044) +# 0: string +compiler.err.static.intf.method.invoke.not.supported.in.source=static\u30A4\u30F3\u30BF\u30D5\u30A7\u30FC\u30B9\u30FB\u30E1\u30BD\u30C3\u30C9\u547C\u51FA\u3057\u306F-source {0}\u3067\u30B5\u30DD\u30FC\u30C8\u3055\u308C\u3066\u3044\u307E\u305B\u3093\n(static\u30A4\u30F3\u30BF\u30D5\u30A7\u30FC\u30B9\u30FB\u30E1\u30BD\u30C3\u30C9\u547C\u51FA\u3057\u3092\u4F7F\u7528\u53EF\u80FD\u306B\u3059\u308B\u306B\u306F\u3001-source 8\u4EE5\u4E0A\u3092\u4F7F\u7528\u3057\u3066\u304F\u3060\u3055\u3044) + ######################################## # Diagnostics for verbose resolution # used by Resolve (debug only) --- ./langtools/src/share/classes/com/sun/tools/javac/resources/compiler_zh_CN.properties Wed Jul 30 03:55:11 2014 -0700 +++ ./langtools/src/share/classes/com/sun/tools/javac/resources/compiler_zh_CN.properties Mon Sep 08 12:38:00 2014 -0700 @@ -1677,6 +1677,9 @@ # 0: string compiler.err.static.intf.methods.not.supported.in.source=-source {0} \u4E2D\u4E0D\u652F\u6301\u9759\u6001\u63A5\u53E3\u65B9\u6CD5\n(\u8BF7\u4F7F\u7528 -source 8 \u6216\u66F4\u9AD8\u7248\u672C\u4EE5\u542F\u7528\u9759\u6001\u63A5\u53E3\u65B9\u6CD5) +# 0: string +compiler.err.static.intf.method.invoke.not.supported.in.source=-source {0} \u4E2D\u4E0D\u652F\u6301\u9759\u6001\u63A5\u53E3\u65B9\u6CD5\u8C03\u7528\n(\u8BF7\u4F7F\u7528 -source 8 \u6216\u66F4\u9AD8\u7248\u672C\u4EE5\u542F\u7528\u9759\u6001\u63A5\u53E3\u65B9\u6CD5\u8C03\u7528) + ######################################## # Diagnostics for verbose resolution # used by Resolve (debug only) --- ./nashorn/.hgtags Wed Jul 30 03:55:26 2014 -0700 +++ ./nashorn/.hgtags Mon Sep 08 12:38:15 2014 -0700 @@ -299,3 +299,21 @@ ad36f9454ce38d78be39fc819902e1223765ee5e jdk8u20-b23 d3da140e179343011017669a6dbfcc52b0e56f52 jdk8u20-b24 d3da140e179343011017669a6dbfcc52b0e56f52 jdk8u20-b25 +a23ac9db4227d78b3389e01fa94a8cb695a8fb0a jdk8u20-b26 +7001e9f95b443a75e432205a29974c05b88e0fdc jdk8u25-b00 +a9f77bd14874d5f8fdf935704dd54a0451f2bc69 jdk8u25-b01 +895e47783e2ee6823496a5ae84039a4f50311c7d jdk8u25-b02 +b84d92194c367411fcd8b5f510d4589709a8e71e jdk8u25-b03 +894ab2f06c93987f8596f5906985ff0a452f2fb2 jdk8u25-b04 +25b89ca363c41e1a1d90d7e95d5227d23e4292f3 jdk8u25-b05 +0a50d568a901700213fe40c38089748ca1d1af88 jdk8u25-b06 +25b719b33ac8f8ffb7e4353fddcda93ca6027b0d jdk8u25-b07 +0f74f65763a300cfe5f897b6b21f36d64f9d2115 jdk8u25-b08 +158837f537e45fc4664a56ad4759f8a1b30cab73 jdk8u25-b09 +7e00c05fc54b0404bf2eedda35dd38ae1ad23e50 jdk8u25-b10 +8cd6af10dd4de9e28ffe30c9107954fffd15dc99 jdk8u25-b11 +f76715cd4e902602bdbb4ba9a3774c10afeee012 jdk8u25-b12 +34c95bcacff79a5794416a8e715a8e63bfe7fc58 jdk8u25-b13 +6a93467eaa36f732b84ecd463e046c4066fef40c jdk8u25-b14 +71e8403a2f8279315419adf5f4e9d6b232b6835c jdk8u25-b15 +1500138ce513600457be6bfa10979ecce6515aa6 jdk8u25-b16