# HG changeset patch # User henryjen # Date 1563322862 0 # Node ID a5d52b0e3798d6ccfcc0eea599ce724419aba5f6 # Parent 20c686ec8135ae03c7b1f020cd5d38208a3572f4# Parent e2af6324d67cae337f862c53ad7d30ca8b6c41ff Merge diff -r 20c686ec8135 -r a5d52b0e3798 src/java.base/share/classes/com/sun/crypto/provider/ChaCha20Cipher.java --- a/src/java.base/share/classes/com/sun/crypto/provider/ChaCha20Cipher.java Tue Jul 16 15:15:45 2019 +0100 +++ b/src/java.base/share/classes/com/sun/crypto/provider/ChaCha20Cipher.java Wed Jul 17 00:21:02 2019 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -1363,8 +1363,11 @@ // Calculate and compare the tag. Only do the decryption // if and only if the tag matches. authFinalizeData(ctPlusTag, 0, ctLen, tag, 0); - if (Arrays.compare(ctPlusTag, ctLen, ctPlusTagLen, - tag, 0, tag.length) != 0) { + long tagCompare = ((long)asLongView.get(ctPlusTag, ctLen) ^ + (long)asLongView.get(tag, 0)) | + ((long)asLongView.get(ctPlusTag, ctLen + Long.BYTES) ^ + (long)asLongView.get(tag, Long.BYTES)); + if (tagCompare != 0) { throw new AEADBadTagException("Tag mismatch"); } chaCha20Transform(ctPlusTag, 0, ctLen, out, outOff); diff -r 20c686ec8135 -r a5d52b0e3798 src/java.base/share/classes/java/lang/Throwable.java --- a/src/java.base/share/classes/java/lang/Throwable.java Tue Jul 16 15:15:45 2019 +0100 +++ b/src/java.base/share/classes/java/lang/Throwable.java Wed Jul 17 00:21:02 2019 +0000 @@ -25,8 +25,8 @@ package java.lang; -import java.io.*; -import java.util.*; +import java.io.*; +import java.util.*; /** * The {@code Throwable} class is the superclass of all errors and @@ -904,24 +904,36 @@ private void readObject(ObjectInputStream s) throws IOException, ClassNotFoundException { s.defaultReadObject(); // read in all fields - if (suppressedExceptions != null) { - List suppressed = null; - if (suppressedExceptions.isEmpty()) { - // Use the sentinel for a zero-length list - suppressed = SUPPRESSED_SENTINEL; - } else { // Copy Throwables to new list - suppressed = new ArrayList<>(1); - for (Throwable t : suppressedExceptions) { + + // Set suppressed exceptions and stack trace elements fields + // to marker values until the contents from the serial stream + // are validated. + List candidateSuppressedExceptions = suppressedExceptions; + suppressedExceptions = SUPPRESSED_SENTINEL; + + StackTraceElement[] candidateStackTrace = stackTrace; + stackTrace = UNASSIGNED_STACK.clone(); + + if (candidateSuppressedExceptions != null) { + int suppressedSize = validateSuppressedExceptionsList(candidateSuppressedExceptions); + if (suppressedSize > 0) { // Copy valid Throwables to new list + var suppList = new ArrayList(Math.min(100, suppressedSize)); + + for (Throwable t : candidateSuppressedExceptions) { // Enforce constraints on suppressed exceptions in // case of corrupt or malicious stream. Objects.requireNonNull(t, NULL_CAUSE_MESSAGE); if (t == this) throw new IllegalArgumentException(SELF_SUPPRESSION_MESSAGE); - suppressed.add(t); + suppList.add(t); } + // If there are any invalid suppressed exceptions, + // implicitly use the sentinel value assigned earlier. + suppressedExceptions = suppList; } - suppressedExceptions = suppressed; - } // else a null suppressedExceptions field remains null + } else { + suppressedExceptions = null; + } /* * For zero-length stack traces, use a clone of @@ -932,24 +944,41 @@ * the stackTrace needs to be constructed from the information * in backtrace. */ - if (stackTrace != null) { - if (stackTrace.length == 0) { - stackTrace = UNASSIGNED_STACK.clone(); - } else if (stackTrace.length == 1 && + if (candidateStackTrace != null) { + // Work from a clone of the candidateStackTrace to ensure + // consistency of checks. + candidateStackTrace = candidateStackTrace.clone(); + if (candidateStackTrace.length >= 1) { + if (candidateStackTrace.length == 1 && // Check for the marker of an immutable stack trace - SentinelHolder.STACK_TRACE_ELEMENT_SENTINEL.equals(stackTrace[0])) { - stackTrace = null; - } else { // Verify stack trace elements are non-null. - for(StackTraceElement ste : stackTrace) { - Objects.requireNonNull(ste, "null StackTraceElement in serial stream."); + SentinelHolder.STACK_TRACE_ELEMENT_SENTINEL.equals(candidateStackTrace[0])) { + stackTrace = null; + } else { // Verify stack trace elements are non-null. + for (StackTraceElement ste : candidateStackTrace) { + Objects.requireNonNull(ste, "null StackTraceElement in serial stream."); + } + stackTrace = candidateStackTrace; } } + } + // A null stackTrace field in the serial form can result from + // an exception serialized without that field in older JDK + // releases; treat such exceptions as having empty stack + // traces by leaving stackTrace assigned to a clone of + // UNASSIGNED_STACK. + } + + private int validateSuppressedExceptionsList(List deserSuppressedExceptions) + throws IOException { + if (!Object.class.getModule(). + equals(deserSuppressedExceptions.getClass().getModule())) { + throw new StreamCorruptedException("List implementation not in base module."); } else { - // A null stackTrace field in the serial form can result - // from an exception serialized without that field in - // older JDK releases; treat such exceptions as having - // empty stack traces. - stackTrace = UNASSIGNED_STACK.clone(); + int size = deserSuppressedExceptions.size(); + if (size < 0) { + throw new StreamCorruptedException("Negative list size reported."); + } + return size; } } diff -r 20c686ec8135 -r a5d52b0e3798 src/java.base/share/classes/java/net/URL.java --- a/src/java.base/share/classes/java/net/URL.java Tue Jul 16 15:15:45 2019 +0100 +++ b/src/java.base/share/classes/java/net/URL.java Wed Jul 17 00:21:02 2019 +0000 @@ -45,6 +45,7 @@ import jdk.internal.access.JavaNetURLAccess; import jdk.internal.access.SharedSecrets; +import sun.net.util.IPAddressUtil; import sun.security.util.SecurityConstants; import sun.security.action.GetPropertyAction; @@ -466,13 +467,19 @@ this.file = path; } - // Note: we don't do validation of the URL here. Too risky to change + // Note: we don't do full validation of the URL here. Too risky to change // right now, but worth considering for future reference. -br if (handler == null && (handler = getURLStreamHandler(protocol)) == null) { throw new MalformedURLException("unknown protocol: " + protocol); } this.handler = handler; + if (host != null && isBuiltinStreamHandler(handler)) { + String s = IPAddressUtil.checkExternalForm(this); + if (s != null) { + throw new MalformedURLException(s); + } + } } /** @@ -1038,7 +1045,12 @@ * @since 1.5 */ public URI toURI() throws URISyntaxException { - return new URI (toString()); + URI uri = new URI(toString()); + if (authority != null && isBuiltinStreamHandler(handler)) { + String s = IPAddressUtil.checkAuthority(this); + if (s != null) throw new URISyntaxException(authority, s); + } + return uri; } /** @@ -1635,6 +1647,10 @@ return replacementURL; } + boolean isBuiltinStreamHandler(URLStreamHandler handler) { + return isBuiltinStreamHandler(handler.getClass().getName()); + } + private boolean isBuiltinStreamHandler(String handlerClassName) { return (handlerClassName.startsWith(BUILTIN_HANDLERS_PREFIX)); } diff -r 20c686ec8135 -r a5d52b0e3798 src/java.base/share/classes/java/net/URLStreamHandler.java --- a/src/java.base/share/classes/java/net/URLStreamHandler.java Tue Jul 16 15:15:45 2019 +0100 +++ b/src/java.base/share/classes/java/net/URLStreamHandler.java Wed Jul 17 00:21:02 2019 +0000 @@ -516,12 +516,15 @@ * different from this one * @since 1.3 */ - protected void setURL(URL u, String protocol, String host, int port, + protected void setURL(URL u, String protocol, String host, int port, String authority, String userInfo, String path, String query, String ref) { if (this != u.handler) { throw new SecurityException("handler for url different from " + "this handler"); + } else if (host != null && u.isBuiltinStreamHandler(this)) { + String s = IPAddressUtil.checkHostString(host); + if (s != null) throw new IllegalArgumentException(s); } // ensure that no one can reset the protocol on a given URL. u.set(u.getProtocol(), host, port, authority, userInfo, path, query, ref); diff -r 20c686ec8135 -r a5d52b0e3798 src/java.base/share/classes/java/security/AccessController.java --- a/src/java.base/share/classes/java/security/AccessController.java Tue Jul 16 15:15:45 2019 +0100 +++ b/src/java.base/share/classes/java/security/AccessController.java Wed Jul 17 00:21:02 2019 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -445,7 +445,8 @@ throw new NullPointerException("null permissions parameter"); } Class caller = Reflection.getCallerClass(); - return AccessController.doPrivileged(action, createWrapper(null, + DomainCombiner dc = (context == null) ? null : context.getCombiner(); + return AccessController.doPrivileged(action, createWrapper(dc, caller, parent, context, perms)); } @@ -860,7 +861,8 @@ throw new NullPointerException("null permissions parameter"); } Class caller = Reflection.getCallerClass(); - return AccessController.doPrivileged(action, createWrapper(null, caller, parent, context, perms)); + DomainCombiner dc = (context == null) ? null : context.getCombiner(); + return AccessController.doPrivileged(action, createWrapper(dc, caller, parent, context, perms)); } diff -r 20c686ec8135 -r a5d52b0e3798 src/java.base/share/classes/java/util/Collections.java --- a/src/java.base/share/classes/java/util/Collections.java Tue Jul 16 15:15:45 2019 +0100 +++ b/src/java.base/share/classes/java/util/Collections.java Wed Jul 17 00:21:02 2019 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -26,6 +26,7 @@ package java.util; import java.io.IOException; +import java.io.ObjectInputStream; import java.io.ObjectOutputStream; import java.io.Serializable; import java.lang.reflect.Array; @@ -39,6 +40,7 @@ import java.util.stream.IntStream; import java.util.stream.Stream; import java.util.stream.StreamSupport; +import jdk.internal.access.SharedSecrets; /** * This class consists exclusively of static methods that operate on or return @@ -5163,6 +5165,11 @@ public Spliterator spliterator() { return stream().spliterator(); } + + private void readObject(ObjectInputStream ois) throws IOException, ClassNotFoundException { + ois.defaultReadObject(); + SharedSecrets.getJavaObjectInputStreamAccess().checkArray(ois, Object[].class, n); + } } /** diff -r 20c686ec8135 -r a5d52b0e3798 src/java.base/share/classes/sun/net/util/IPAddressUtil.java --- a/src/java.base/share/classes/sun/net/util/IPAddressUtil.java Tue Jul 16 15:15:45 2019 +0100 +++ b/src/java.base/share/classes/sun/net/util/IPAddressUtil.java Wed Jul 17 00:21:02 2019 +0000 @@ -32,9 +32,11 @@ import java.net.InetSocketAddress; import java.net.NetworkInterface; import java.net.SocketException; +import java.net.URL; import java.security.AccessController; import java.security.PrivilegedExceptionAction; import java.security.PrivilegedActionException; +import java.util.Arrays; import java.util.List; import java.util.concurrent.ConcurrentHashMap; import java.util.stream.Collectors; @@ -372,4 +374,181 @@ return null; } } + + // See java.net.URI for more details on how to generate these + // masks. + // + // square brackets + private static final long L_IPV6_DELIMS = 0x0L; // "[]" + private static final long H_IPV6_DELIMS = 0x28000000L; // "[]" + // RFC 3986 gen-delims + private static final long L_GEN_DELIMS = 0x8400800800000000L; // ":/?#[]@" + private static final long H_GEN_DELIMS = 0x28000001L; // ":/?#[]@" + // These gen-delims can appear in authority + private static final long L_AUTH_DELIMS = 0x400000000000000L; // "@[]:" + private static final long H_AUTH_DELIMS = 0x28000001L; // "@[]:" + // colon is allowed in userinfo + private static final long L_COLON = 0x400000000000000L; // ":" + private static final long H_COLON = 0x0L; // ":" + // slash should be encoded in authority + private static final long L_SLASH = 0x800000000000L; // "/" + private static final long H_SLASH = 0x0L; // "/" + // backslash should always be encoded + private static final long L_BACKSLASH = 0x0L; // "\" + private static final long H_BACKSLASH = 0x10000000L; // "\" + // ASCII chars 0-31 + 127 - various controls + CRLF + TAB + private static final long L_NON_PRINTABLE = 0xffffffffL; + private static final long H_NON_PRINTABLE = 0x8000000000000000L; + // All of the above + private static final long L_EXCLUDE = 0x84008008ffffffffL; + private static final long H_EXCLUDE = 0x8000000038000001L; + + private static final char[] OTHERS = { + 8263,8264,8265,8448,8449,8453,8454,10868, + 65109,65110,65119,65131,65283,65295,65306,65311,65312 + }; + + // Tell whether the given character is found by the given mask pair + public static boolean match(char c, long lowMask, long highMask) { + if (c < 64) + return ((1L << c) & lowMask) != 0; + if (c < 128) + return ((1L << (c - 64)) & highMask) != 0; + return false; // other non ASCII characters are not filtered + } + + // returns -1 if the string doesn't contain any characters + // from the mask, the index of the first such character found + // otherwise. + public static int scan(String s, long lowMask, long highMask) { + int i = -1, len; + if (s == null || (len = s.length()) == 0) return -1; + boolean match = false; + while (++i < len && !(match = match(s.charAt(i), lowMask, highMask))); + if (match) return i; + return -1; + } + + public static int scan(String s, long lowMask, long highMask, char[] others) { + int i = -1, len; + if (s == null || (len = s.length()) == 0) return -1; + boolean match = false; + char c, c0 = others[0]; + while (++i < len && !(match = match((c=s.charAt(i)), lowMask, highMask))) { + if (c >= c0 && (Arrays.binarySearch(others, c) > -1)) { + match = true; break; + } + } + if (match) return i; + + return -1; + } + + private static String describeChar(char c) { + if (c < 32 || c == 127) { + if (c == '\n') return "LF"; + if (c == '\r') return "CR"; + return "control char (code=" + (int)c + ")"; + } + if (c == '\\') return "'\\'"; + return "'" + c + "'"; + } + + private static String checkUserInfo(String str) { + // colon is permitted in user info + int index = scan(str, L_EXCLUDE & ~L_COLON, + H_EXCLUDE & ~H_COLON); + if (index >= 0) { + return "Illegal character found in user-info: " + + describeChar(str.charAt(index)); + } + return null; + } + + private static String checkHost(String str) { + int index; + if (str.startsWith("[") && str.endsWith("]")) { + str = str.substring(1, str.length() - 1); + if (isIPv6LiteralAddress(str)) { + index = str.indexOf('%'); + if (index >= 0) { + index = scan(str = str.substring(index), + L_NON_PRINTABLE | L_IPV6_DELIMS, + H_NON_PRINTABLE | H_IPV6_DELIMS); + if (index >= 0) { + return "Illegal character found in IPv6 scoped address: " + + describeChar(str.charAt(index)); + } + } + return null; + } + return "Unrecognized IPv6 address format"; + } else { + index = scan(str, L_EXCLUDE, H_EXCLUDE); + if (index >= 0) { + return "Illegal character found in host: " + + describeChar(str.charAt(index)); + } + } + return null; + } + + private static String checkAuth(String str) { + int index = scan(str, + L_EXCLUDE & ~L_AUTH_DELIMS, + H_EXCLUDE & ~H_AUTH_DELIMS); + if (index >= 0) { + return "Illegal character found in authority: " + + describeChar(str.charAt(index)); + } + return null; + } + + // check authority of hierarchical URL. Appropriate for + // HTTP-like protocol handlers + public static String checkAuthority(URL url) { + String s, u, h; + if (url == null) return null; + if ((s = checkUserInfo(u = url.getUserInfo())) != null) { + return s; + } + if ((s = checkHost(h = url.getHost())) != null) { + return s; + } + if (h == null && u == null) { + return checkAuth(url.getAuthority()); + } + return null; + } + + // minimal syntax checks - deeper check may be performed + // by the appropriate protocol handler + public static String checkExternalForm(URL url) { + String s; + if (url == null) return null; + int index = scan(s = url.getUserInfo(), + L_NON_PRINTABLE | L_SLASH, + H_NON_PRINTABLE | H_SLASH); + if (index >= 0) { + return "Illegal character found in authority: " + + describeChar(s.charAt(index)); + } + if ((s = checkHostString(url.getHost())) != null) { + return s; + } + return null; + } + + public static String checkHostString(String host) { + if (host == null) return null; + int index = scan(host, + L_NON_PRINTABLE | L_SLASH, + H_NON_PRINTABLE | H_SLASH, + OTHERS); + if (index >= 0) { + return "Illegal character found in host: " + + describeChar(host.charAt(index)); + } + return null; + } } diff -r 20c686ec8135 -r a5d52b0e3798 src/java.base/share/classes/sun/net/www/protocol/ftp/FtpURLConnection.java --- a/src/java.base/share/classes/sun/net/www/protocol/ftp/FtpURLConnection.java Tue Jul 16 15:15:45 2019 +0100 +++ b/src/java.base/share/classes/sun/net/www/protocol/ftp/FtpURLConnection.java Wed Jul 17 00:21:02 2019 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1994, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1994, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -36,6 +36,7 @@ import java.io.FilterInputStream; import java.io.FilterOutputStream; import java.io.FileNotFoundException; +import java.net.MalformedURLException; import java.net.URL; import java.net.SocketPermission; import java.net.UnknownHostException; @@ -48,6 +49,7 @@ import java.security.Permission; import java.util.Properties; import sun.net.NetworkClient; +import sun.net.util.IPAddressUtil; import sun.net.www.MessageHeader; import sun.net.www.MeteredStream; import sun.net.www.URLConnection; @@ -157,6 +159,21 @@ } } + static URL checkURL(URL u) throws IllegalArgumentException { + if (u != null) { + if (u.toExternalForm().indexOf('\n') > -1) { + Exception mfue = new MalformedURLException("Illegal character in URL"); + throw new IllegalArgumentException(mfue.getMessage(), mfue); + } + } + String s = IPAddressUtil.checkAuthority(u); + if (s != null) { + Exception mfue = new MalformedURLException(s); + throw new IllegalArgumentException(mfue.getMessage(), mfue); + } + return u; + } + /** * Creates an FtpURLConnection from a URL. * @@ -170,7 +187,7 @@ * Same as FtpURLconnection(URL) with a per connection proxy specified */ FtpURLConnection(URL url, Proxy p) { - super(url); + super(checkURL(url)); instProxy = p; host = url.getHost(); port = url.getPort(); diff -r 20c686ec8135 -r a5d52b0e3798 src/java.base/share/classes/sun/net/www/protocol/http/HttpURLConnection.java --- a/src/java.base/share/classes/sun/net/www/protocol/http/HttpURLConnection.java Tue Jul 16 15:15:45 2019 +0100 +++ b/src/java.base/share/classes/sun/net/www/protocol/http/HttpURLConnection.java Wed Jul 17 00:21:02 2019 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1995, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1995, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -68,6 +68,7 @@ import jdk.internal.access.JavaNetHttpCookieAccess; import jdk.internal.access.SharedSecrets; import sun.net.*; +import sun.net.util.IPAddressUtil; import sun.net.www.*; import sun.net.www.http.HttpClient; import sun.net.www.http.PosterOutputStream; @@ -868,8 +869,13 @@ throw new MalformedURLException("Illegal character in URL"); } } + String s = IPAddressUtil.checkAuthority(u); + if (s != null) { + throw new MalformedURLException(s); + } return u; } + protected HttpURLConnection(URL u, Proxy p, Handler handler) throws IOException { super(checkURL(u)); diff -r 20c686ec8135 -r a5d52b0e3798 src/java.base/share/classes/sun/net/www/protocol/https/HttpsURLConnectionImpl.java --- a/src/java.base/share/classes/sun/net/www/protocol/https/HttpsURLConnectionImpl.java Tue Jul 16 15:15:45 2019 +0100 +++ b/src/java.base/share/classes/sun/net/www/protocol/https/HttpsURLConnectionImpl.java Wed Jul 17 00:21:02 2019 +0000 @@ -37,6 +37,7 @@ import java.util.Map; import java.util.List; import java.util.Optional; +import sun.net.util.IPAddressUtil; import sun.net.www.http.HttpClient; /** @@ -69,6 +70,10 @@ throw new MalformedURLException("Illegal character in URL"); } } + String s = IPAddressUtil.checkAuthority(u); + if (s != null) { + throw new MalformedURLException(s); + } return u; } @@ -289,7 +294,7 @@ * @param key the keyword by which the request is known * (e.g., "accept"). * @param value the value associated with it. - * @see #getRequestProperties(java.lang.String) + * @see #getRequestProperty(java.lang.String) * @since 1.4 */ public void addRequestProperty(String key, String value) { diff -r 20c686ec8135 -r a5d52b0e3798 src/java.base/share/classes/sun/security/ssl/CertStatusExtension.java --- a/src/java.base/share/classes/sun/security/ssl/CertStatusExtension.java Tue Jul 16 15:15:45 2019 +0100 +++ b/src/java.base/share/classes/sun/security/ssl/CertStatusExtension.java Wed Jul 17 00:21:02 2019 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2015, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -724,12 +724,14 @@ // Update the context. chc.handshakeExtensions.put( SH_STATUS_REQUEST, CertStatusRequestSpec.DEFAULT); - chc.handshakeConsumers.put(SSLHandshake.CERTIFICATE_STATUS.id, - SSLHandshake.CERTIFICATE_STATUS); // Since we've received a legitimate status_request in the // ServerHello, stapling is active if it's been enabled. chc.staplingActive = chc.sslContext.isStaplingEnabled(true); + if (chc.staplingActive) { + chc.handshakeConsumers.put(SSLHandshake.CERTIFICATE_STATUS.id, + SSLHandshake.CERTIFICATE_STATUS); + } // No impact on session resumption. } @@ -1079,12 +1081,16 @@ // Update the context. chc.handshakeExtensions.put( SH_STATUS_REQUEST_V2, CertStatusRequestV2Spec.DEFAULT); - chc.handshakeConsumers.put(SSLHandshake.CERTIFICATE_STATUS.id, - SSLHandshake.CERTIFICATE_STATUS); // Since we've received a legitimate status_request in the - // ServerHello, stapling is active if it's been enabled. + // ServerHello, stapling is active if it's been enabled. If it + // is active, make sure we add the CertificateStatus message + // consumer. chc.staplingActive = chc.sslContext.isStaplingEnabled(true); + if (chc.staplingActive) { + chc.handshakeConsumers.put(SSLHandshake.CERTIFICATE_STATUS.id, + SSLHandshake.CERTIFICATE_STATUS); + } // No impact on session resumption. } diff -r 20c686ec8135 -r a5d52b0e3798 src/java.base/share/classes/sun/security/ssl/CertificateRequest.java --- a/src/java.base/share/classes/sun/security/ssl/CertificateRequest.java Tue Jul 16 15:15:45 2019 +0100 +++ b/src/java.base/share/classes/sun/security/ssl/CertificateRequest.java Wed Jul 17 00:21:02 2019 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2015, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -330,6 +330,15 @@ // clean up this consumer chc.handshakeConsumers.remove(SSLHandshake.CERTIFICATE_REQUEST.id); + SSLConsumer certStatCons = chc.handshakeConsumers.remove( + SSLHandshake.CERTIFICATE_STATUS.id); + if (certStatCons != null) { + // Stapling was active but no certificate status message + // was sent. We need to run the absence handler which will + // check the certificate chain. + CertificateStatus.handshakeAbsence.absent(context, null); + } + T10CertificateRequestMessage crm = new T10CertificateRequestMessage(chc, message); if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) { @@ -647,6 +656,15 @@ // clean up this consumer chc.handshakeConsumers.remove(SSLHandshake.CERTIFICATE_REQUEST.id); + SSLConsumer certStatCons = chc.handshakeConsumers.remove( + SSLHandshake.CERTIFICATE_STATUS.id); + if (certStatCons != null) { + // Stapling was active but no certificate status message + // was sent. We need to run the absence handler which will + // check the certificate chain. + CertificateStatus.handshakeAbsence.absent(context, null); + } + T12CertificateRequestMessage crm = new T12CertificateRequestMessage(chc, message); if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) { diff -r 20c686ec8135 -r a5d52b0e3798 src/java.base/share/classes/sun/security/ssl/CertificateStatus.java --- a/src/java.base/share/classes/sun/security/ssl/CertificateStatus.java Tue Jul 16 15:15:45 2019 +0100 +++ b/src/java.base/share/classes/sun/security/ssl/CertificateStatus.java Wed Jul 17 00:21:02 2019 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2015, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -287,12 +287,16 @@ } // Pin the received responses to the SSLSessionImpl. It will - // be retrieved by the X509TrustManagerImpl during the certficicate + // be retrieved by the X509TrustManagerImpl during the certificate // checking phase. chc.handshakeSession.setStatusResponses(cst.encodedResponses); // Now perform the check T12CertificateConsumer.checkServerCerts(chc, chc.deferredCerts); + + // Update the handshake consumers to remove this message, indicating + // that it has been processed. + chc.handshakeConsumers.remove(SSLHandshake.CERTIFICATE_STATUS.id); } } diff -r 20c686ec8135 -r a5d52b0e3798 src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java --- a/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java Tue Jul 16 15:15:45 2019 +0100 +++ b/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java Wed Jul 17 00:21:02 2019 +0000 @@ -1480,8 +1480,9 @@ checkAdditionalTrust(chain, authType, engine, false); } - private void checkAdditionalTrust(X509Certificate[] chain, String authType, - Socket socket, boolean isClient) throws CertificateException { + private void checkAdditionalTrust(X509Certificate[] chain, + String authType, Socket socket, + boolean checkClientTrusted) throws CertificateException { if (socket != null && socket.isConnected() && socket instanceof SSLSocket) { @@ -1495,9 +1496,8 @@ String identityAlg = sslSocket.getSSLParameters(). getEndpointIdentificationAlgorithm(); if (identityAlg != null && !identityAlg.isEmpty()) { - String hostname = session.getPeerHost(); - X509TrustManagerImpl.checkIdentity( - hostname, chain[0], identityAlg); + X509TrustManagerImpl.checkIdentity(session, chain, + identityAlg, checkClientTrusted); } // try the best to check the algorithm constraints @@ -1519,12 +1519,13 @@ constraints = new SSLAlgorithmConstraints(sslSocket, true); } - checkAlgorithmConstraints(chain, constraints, isClient); + checkAlgorithmConstraints(chain, constraints, checkClientTrusted); } } - private void checkAdditionalTrust(X509Certificate[] chain, String authType, - SSLEngine engine, boolean isClient) throws CertificateException { + private void checkAdditionalTrust(X509Certificate[] chain, + String authType, SSLEngine engine, + boolean checkClientTrusted) throws CertificateException { if (engine != null) { SSLSession session = engine.getHandshakeSession(); if (session == null) { @@ -1535,9 +1536,8 @@ String identityAlg = engine.getSSLParameters(). getEndpointIdentificationAlgorithm(); if (identityAlg != null && !identityAlg.isEmpty()) { - String hostname = session.getPeerHost(); - X509TrustManagerImpl.checkIdentity( - hostname, chain[0], identityAlg); + X509TrustManagerImpl.checkIdentity(session, chain, + identityAlg, checkClientTrusted); } // try the best to check the algorithm constraints @@ -1559,13 +1559,13 @@ constraints = new SSLAlgorithmConstraints(engine, true); } - checkAlgorithmConstraints(chain, constraints, isClient); + checkAlgorithmConstraints(chain, constraints, checkClientTrusted); } } private void checkAlgorithmConstraints(X509Certificate[] chain, AlgorithmConstraints constraints, - boolean isClient) throws CertificateException { + boolean checkClientTrusted) throws CertificateException { try { // Does the certificate chain end with a trusted certificate? int checkedLength = chain.length - 1; @@ -1584,7 +1584,7 @@ if (checkedLength >= 0) { AlgorithmChecker checker = new AlgorithmChecker(constraints, null, - (isClient ? Validator.VAR_TLS_CLIENT : + (checkClientTrusted ? Validator.VAR_TLS_CLIENT : Validator.VAR_TLS_SERVER)); checker.init(false); for (int i = checkedLength; i >= 0; i--) { diff -r 20c686ec8135 -r a5d52b0e3798 src/java.base/share/classes/sun/security/ssl/ServerHelloDone.java --- a/src/java.base/share/classes/sun/security/ssl/ServerHelloDone.java Tue Jul 16 15:15:45 2019 +0100 +++ b/src/java.base/share/classes/sun/security/ssl/ServerHelloDone.java Wed Jul 17 00:21:02 2019 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2015, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -133,6 +133,15 @@ // The consuming happens in client side only. ClientHandshakeContext chc = (ClientHandshakeContext)context; + SSLConsumer certStatCons = chc.handshakeConsumers.remove( + SSLHandshake.CERTIFICATE_STATUS.id); + if (certStatCons != null) { + // Stapling was active but no certificate status message + // was sent. We need to run the absence handler which will + // check the certificate chain. + CertificateStatus.handshakeAbsence.absent(context, null); + } + // clean up this consumer chc.handshakeConsumers.clear(); diff -r 20c686ec8135 -r a5d52b0e3798 src/java.base/share/classes/sun/security/ssl/ServerKeyExchange.java --- a/src/java.base/share/classes/sun/security/ssl/ServerKeyExchange.java Tue Jul 16 15:15:45 2019 +0100 +++ b/src/java.base/share/classes/sun/security/ssl/ServerKeyExchange.java Wed Jul 17 00:21:02 2019 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -92,6 +92,15 @@ // clean up this consumer chc.handshakeConsumers.remove(SSLHandshake.SERVER_KEY_EXCHANGE.id); + SSLConsumer certStatCons = chc.handshakeConsumers.remove( + SSLHandshake.CERTIFICATE_STATUS.id); + if (certStatCons != null) { + // Stapling was active but no certificate status message + // was sent. We need to run the absence handler which will + // check the certificate chain. + CertificateStatus.handshakeAbsence.absent(context, null); + } + SSLKeyExchange ke = SSLKeyExchange.valueOf( chc.negotiatedCipherSuite.keyExchange, chc.negotiatedProtocol); diff -r 20c686ec8135 -r a5d52b0e3798 src/java.base/share/classes/sun/security/ssl/X509TrustManagerImpl.java --- a/src/java.base/share/classes/sun/security/ssl/X509TrustManagerImpl.java Tue Jul 16 15:15:45 2019 +0100 +++ b/src/java.base/share/classes/sun/security/ssl/X509TrustManagerImpl.java Wed Jul 17 00:21:02 2019 +0000 @@ -145,7 +145,7 @@ } private Validator checkTrustedInit(X509Certificate[] chain, - String authType, boolean isClient) { + String authType, boolean checkClientTrusted) { if (chain == null || chain.length == 0) { throw new IllegalArgumentException( "null or zero-length certificate chain"); @@ -157,7 +157,7 @@ } Validator v = null; - if (isClient) { + if (checkClientTrusted) { v = clientValidator; if (v == null) { validatorLock.lock(); @@ -192,9 +192,10 @@ return v; } - private void checkTrusted(X509Certificate[] chain, String authType, - Socket socket, boolean isClient) throws CertificateException { - Validator v = checkTrustedInit(chain, authType, isClient); + private void checkTrusted(X509Certificate[] chain, + String authType, Socket socket, + boolean checkClientTrusted) throws CertificateException { + Validator v = checkTrustedInit(chain, authType, checkClientTrusted); X509Certificate[] trustedChain = null; if ((socket != null) && socket.isConnected() && @@ -223,28 +224,23 @@ // Grab any stapled OCSP responses for use in validation List responseList = Collections.emptyList(); - if (!isClient && isExtSession) { + if (!checkClientTrusted && isExtSession) { responseList = ((ExtendedSSLSession)session).getStatusResponses(); } trustedChain = v.validate(chain, null, responseList, - constraints, isClient ? null : authType); - - // check if EE certificate chains to a public root CA (as - // pre-installed in cacerts) - boolean chainsToPublicCA = AnchorCertificates.contains( - trustedChain[trustedChain.length-1]); + constraints, checkClientTrusted ? null : authType); // check endpoint identity String identityAlg = sslSocket.getSSLParameters(). getEndpointIdentificationAlgorithm(); if (identityAlg != null && !identityAlg.isEmpty()) { - checkIdentity(session, trustedChain[0], identityAlg, isClient, - getRequestedServerNames(socket), chainsToPublicCA); + checkIdentity(session, + trustedChain, identityAlg, checkClientTrusted); } } else { trustedChain = v.validate(chain, null, Collections.emptyList(), - null, isClient ? null : authType); + null, checkClientTrusted ? null : authType); } if (SSLLogger.isOn && SSLLogger.isOn("ssl,trustmanager")) { @@ -253,9 +249,10 @@ } } - private void checkTrusted(X509Certificate[] chain, String authType, - SSLEngine engine, boolean isClient) throws CertificateException { - Validator v = checkTrustedInit(chain, authType, isClient); + private void checkTrusted(X509Certificate[] chain, + String authType, SSLEngine engine, + boolean checkClientTrusted) throws CertificateException { + Validator v = checkTrustedInit(chain, authType, checkClientTrusted); X509Certificate[] trustedChain = null; if (engine != null) { @@ -281,28 +278,23 @@ // Grab any stapled OCSP responses for use in validation List responseList = Collections.emptyList(); - if (!isClient && isExtSession) { + if (!checkClientTrusted && isExtSession) { responseList = ((ExtendedSSLSession)session).getStatusResponses(); } trustedChain = v.validate(chain, null, responseList, - constraints, isClient ? null : authType); - - // check if EE certificate chains to a public root CA (as - // pre-installed in cacerts) - boolean chainsToPublicCA = AnchorCertificates.contains( - trustedChain[trustedChain.length-1]); + constraints, checkClientTrusted ? null : authType); // check endpoint identity String identityAlg = engine.getSSLParameters(). getEndpointIdentificationAlgorithm(); if (identityAlg != null && !identityAlg.isEmpty()) { - checkIdentity(session, trustedChain[0], identityAlg, isClient, - getRequestedServerNames(engine), chainsToPublicCA); + checkIdentity(session, trustedChain, + identityAlg, checkClientTrusted); } } else { trustedChain = v.validate(chain, null, Collections.emptyList(), - null, isClient ? null : authType); + null, checkClientTrusted ? null : authType); } if (SSLLogger.isOn && SSLLogger.isOn("ssl,trustmanager")) { @@ -360,14 +352,8 @@ static List getRequestedServerNames(Socket socket) { if (socket != null && socket.isConnected() && socket instanceof SSLSocket) { - - SSLSocket sslSocket = (SSLSocket)socket; - SSLSession session = sslSocket.getHandshakeSession(); - - if (session != null && (session instanceof ExtendedSSLSession)) { - ExtendedSSLSession extSession = (ExtendedSSLSession)session; - return extSession.getRequestedServerNames(); - } + return getRequestedServerNames( + ((SSLSocket)socket).getHandshakeSession()); } return Collections.emptyList(); @@ -376,12 +362,16 @@ // Also used by X509KeyManagerImpl static List getRequestedServerNames(SSLEngine engine) { if (engine != null) { - SSLSession session = engine.getHandshakeSession(); + return getRequestedServerNames(engine.getHandshakeSession()); + } - if (session != null && (session instanceof ExtendedSSLSession)) { - ExtendedSSLSession extSession = (ExtendedSSLSession)session; - return extSession.getRequestedServerNames(); - } + return Collections.emptyList(); + } + + private static List getRequestedServerNames( + SSLSession session) { + if (session != null && (session instanceof ExtendedSSLSession)) { + return ((ExtendedSSLSession)session).getRequestedServerNames(); } return Collections.emptyList(); @@ -402,23 +392,28 @@ * the identity checking aginst the server_name extension if present, and * may failove to peer host checking. */ - private static void checkIdentity(SSLSession session, - X509Certificate cert, + static void checkIdentity(SSLSession session, + X509Certificate[] trustedChain, String algorithm, - boolean isClient, - List sniNames, - boolean chainsToPublicCA) throws CertificateException { + boolean checkClientTrusted) throws CertificateException { + + // check if EE certificate chains to a public root CA (as + // pre-installed in cacerts) + boolean chainsToPublicCA = AnchorCertificates.contains( + trustedChain[trustedChain.length - 1]); boolean identifiable = false; String peerHost = session.getPeerHost(); - if (isClient) { - String hostname = getHostNameInSNI(sniNames); - if (hostname != null) { + if (!checkClientTrusted) { + List sniNames = getRequestedServerNames(session); + String sniHostName = getHostNameInSNI(sniNames); + if (sniHostName != null) { try { - checkIdentity(hostname, cert, algorithm, chainsToPublicCA); + checkIdentity(sniHostName, + trustedChain[0], algorithm, chainsToPublicCA); identifiable = true; } catch (CertificateException ce) { - if (hostname.equalsIgnoreCase(peerHost)) { + if (sniHostName.equalsIgnoreCase(peerHost)) { throw ce; } @@ -428,7 +423,8 @@ } if (!identifiable) { - checkIdentity(peerHost, cert, algorithm, chainsToPublicCA); + checkIdentity(peerHost, + trustedChain[0], algorithm, chainsToPublicCA); } } diff -r 20c686ec8135 -r a5d52b0e3798 src/java.base/share/classes/sun/security/util/DerIndefLenConverter.java --- a/src/java.base/share/classes/sun/security/util/DerIndefLenConverter.java Tue Jul 16 15:15:45 2019 +0100 +++ b/src/java.base/share/classes/sun/security/util/DerIndefLenConverter.java Wed Jul 17 00:21:02 2019 +0000 @@ -92,8 +92,6 @@ * add the current position to the eocList vector. */ private void parseTag() throws IOException { - if (dataPos == dataSize) - return; if (isEOC(data[dataPos]) && (data[dataPos + 1] == 0)) { int numOfEncapsulatedLenBytes = 0; Object elem = null; @@ -332,6 +330,10 @@ // parse and set up the vectors of all the indefinite-lengths while (dataPos < dataSize) { + if (dataPos + 2 > dataSize) { + // There should be at least one tag and one length + return null; + } parseTag(); len = parseLength(); if (len < 0) { diff -r 20c686ec8135 -r a5d52b0e3798 src/java.base/share/classes/sun/security/util/HostnameChecker.java --- a/src/java.base/share/classes/sun/security/util/HostnameChecker.java Tue Jul 16 15:15:45 2019 +0100 +++ b/src/java.base/share/classes/sun/security/util/HostnameChecker.java Wed Jul 17 00:21:02 2019 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2002, 2017, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2002, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -260,28 +260,35 @@ * The matching is performed as per RFC 2818 rules for TLS and * RFC 2830 rules for LDAP.

* - * The name parameter should represent a DNS name. - * The template parameter - * may contain the wildcard character * + * The name parameter should represent a DNS name. The + * template parameter may contain the wildcard character '*'. */ private boolean isMatched(String name, String template, boolean chainsToPublicCA) { // Normalize to Unicode, because PSL is in Unicode. - name = IDN.toUnicode(IDN.toASCII(name)); - template = IDN.toUnicode(IDN.toASCII(template)); + try { + name = IDN.toUnicode(IDN.toASCII(name)); + template = IDN.toUnicode(IDN.toASCII(template)); + } catch (RuntimeException re) { + if (SSLLogger.isOn) { + SSLLogger.fine("Failed to normalize to Unicode: " + re); + } - if (hasIllegalWildcard(name, template, chainsToPublicCA)) { + return false; + } + + if (hasIllegalWildcard(template, chainsToPublicCA)) { return false; } // check the validity of the domain name template. try { - // Replacing wildcard character '*' with 'x' so as to check + // Replacing wildcard character '*' with 'z' so as to check // the domain name template validity. // // Using the checking implemented in SNIHostName - new SNIHostName(template.replace('*', 'x')); + new SNIHostName(template.replace('*', 'z')); } catch (IllegalArgumentException iae) { // It would be nice to add debug log if not matching. return false; @@ -299,8 +306,8 @@ /** * Returns true if the template contains an illegal wildcard character. */ - private static boolean hasIllegalWildcard(String domain, String template, - boolean chainsToPublicCA) { + private static boolean hasIllegalWildcard( + String template, boolean chainsToPublicCA) { // not ok if it is a single wildcard character or "*." if (template.equals("*") || template.equals("*.")) { if (SSLLogger.isOn) { @@ -331,25 +338,29 @@ return true; } - // If the wildcarded domain is a top-level domain under which names - // can be registered, then a wildcard is not allowed. - if (!chainsToPublicCA) { return false; // skip check for non-public certificates } - Optional rd = RegisteredDomain.from(domain) - .filter(d -> d.type() == RegisteredDomain.Type.ICANN); - if (rd.isPresent()) { - String wDomain = afterWildcard.substring(firstDotIndex + 1); - if (rd.get().publicSuffix().equalsIgnoreCase(wDomain)) { - if (SSLLogger.isOn) { - SSLLogger.fine( - "Certificate domain name has illegal " + - "wildcard for public suffix: " + template); - } - return true; + // If the wildcarded domain is a top-level domain under which names + // can be registered, then a wildcard is not allowed. + String wildcardedDomain = afterWildcard.substring(firstDotIndex + 1); + String templateDomainSuffix = + RegisteredDomain.from("z." + wildcardedDomain) + .filter(d -> d.type() == RegisteredDomain.Type.ICANN) + .map(RegisteredDomain::publicSuffix).orElse(null); + if (templateDomainSuffix == null) { + return false; // skip check if not known public suffix + } + + // Is it a top-level domain? + if (wildcardedDomain.equalsIgnoreCase(templateDomainSuffix)) { + if (SSLLogger.isOn) { + SSLLogger.fine( + "Certificate domain name has illegal " + + "wildcard for top-level public suffix: " + template); } + return true; } return false; diff -r 20c686ec8135 -r a5d52b0e3798 src/java.base/share/classes/sun/security/util/KeyStoreDelegator.java --- a/src/java.base/share/classes/sun/security/util/KeyStoreDelegator.java Tue Jul 16 15:15:45 2019 +0100 +++ b/src/java.base/share/classes/sun/security/util/KeyStoreDelegator.java Wed Jul 17 00:21:02 2019 +0000 @@ -269,6 +269,8 @@ throw (CertificateException)e; } else if (e instanceof NoSuchAlgorithmException) { throw (NoSuchAlgorithmException)e; + } else if (e instanceof RuntimeException){ + throw (RuntimeException)e; } } } diff -r 20c686ec8135 -r a5d52b0e3798 src/java.base/windows/classes/sun/net/www/protocol/file/Handler.java --- a/src/java.base/windows/classes/sun/net/www/protocol/file/Handler.java Tue Jul 16 15:15:45 2019 +0100 +++ b/src/java.base/windows/classes/sun/net/www/protocol/file/Handler.java Wed Jul 17 00:21:02 2019 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -95,7 +95,7 @@ path = "\\\\" + host + path; File f = new File(path); if (f.exists()) { - return createFileURLConnection(url, f); + return new UNCFileURLConnection(url, f, path); } /* diff -r 20c686ec8135 -r a5d52b0e3798 src/java.base/windows/classes/sun/net/www/protocol/file/UNCFileURLConnection.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/java.base/windows/classes/sun/net/www/protocol/file/UNCFileURLConnection.java Wed Jul 17 00:21:02 2019 +0000 @@ -0,0 +1,52 @@ +/* + * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Oracle designates this + * particular file as subject to the "Classpath" exception as provided + * by Oracle in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +package sun.net.www.protocol.file; + +import java.io.File; +import java.io.FilePermission; +import java.net.URL; +import java.security.Permission; + +final class UNCFileURLConnection extends FileURLConnection { + + private final String effectivePath; + private volatile Permission permission; + + UNCFileURLConnection(URL u, File file, String effectivePath) { + super(u, file); + this.effectivePath = effectivePath; + } + + @Override + public Permission getPermission() { + Permission perm = permission; + if (perm == null) { + permission = perm = new FilePermission(effectivePath, "read"); + } + return perm; + } +} + diff -r 20c686ec8135 -r a5d52b0e3798 src/java.desktop/macosx/native/libsplashscreen/splashscreen_sys.m --- a/src/java.desktop/macosx/native/libsplashscreen/splashscreen_sys.m Tue Jul 16 15:15:45 2019 +0100 +++ b/src/java.desktop/macosx/native/libsplashscreen/splashscreen_sys.m Wed Jul 17 00:21:02 2019 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2011, 2017, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2011, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -214,7 +214,7 @@ splash->maskRequired = 0; - + //TODO: the following is too much of a hack but should work in 90% cases. // besides we don't use device-dependent drawing, so probably // that's very fine indeed @@ -282,9 +282,11 @@ SplashRedrawWindow(Splash * splash) { NSAutoreleasePool *pool = [[NSAutoreleasePool alloc] init]; - SplashUpdateScreenData(splash); + [JNFRunLoop performOnMainThreadWaiting:YES withBlock:^(){ + // drop the reference to the old view and image + [splash->window setContentView: nil]; + SplashUpdateScreenData(splash); - [JNFRunLoop performOnMainThreadWaiting:YES withBlock:^(){ // NSDeviceRGBColorSpace vs. NSCalibratedRGBColorSpace ? NSBitmapImageRep * rep = [[NSBitmapImageRep alloc] initWithBitmapDataPlanes: (unsigned char**)&splash->screenData @@ -311,7 +313,7 @@ size.height /= scaleFactor; [image setSize: size]; } - + NSImageView * view = [[NSImageView alloc] init]; [view setImage: image]; diff -r 20c686ec8135 -r a5d52b0e3798 src/java.desktop/share/native/libsplashscreen/libpng/png.c --- a/src/java.desktop/share/native/libsplashscreen/libpng/png.c Tue Jul 16 15:15:45 2019 +0100 +++ b/src/java.desktop/share/native/libsplashscreen/libpng/png.c Wed Jul 17 00:21:02 2019 +0000 @@ -4622,8 +4622,7 @@ if (image != NULL && image->opaque != NULL && image->opaque->error_buf == NULL) { - /* Ignore errors here: */ - (void)png_safe_execute(image, png_image_free_function, image); + png_image_free_function(image); image->opaque = NULL; } } diff -r 20c686ec8135 -r a5d52b0e3798 src/java.security.jgss/macosx/native/libosxkrb5/SCDynamicStoreConfig.m --- a/src/java.security.jgss/macosx/native/libosxkrb5/SCDynamicStoreConfig.m Tue Jul 16 15:15:45 2019 +0100 +++ b/src/java.security.jgss/macosx/native/libosxkrb5/SCDynamicStoreConfig.m Wed Jul 17 00:21:02 2019 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2011, 2012, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2011, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -102,7 +102,8 @@ for (NSString *realm in realms) { CFTypeRef realmInfo = SCDynamicStoreCopyValue(store, (CFStringRef) [NSString stringWithFormat:@"Kerberos:%@", realm]); - if (CFGetTypeID(realmInfo) != CFDictionaryGetTypeID()) { + if (realmInfo == NULL || CFGetTypeID(realmInfo) != CFDictionaryGetTypeID()) { + if (realmInfo) CFRelease(realmInfo); return nil; }