8047795: Collections.checkedList checking bypassed by List.replaceAll
Reviewed-by: psandoz, chegar
--- a/jdk/src/share/classes/java/util/Collections.java Wed Jun 25 15:55:42 2014 +0100
+++ b/jdk/src/share/classes/java/util/Collections.java Wed Jun 25 12:36:03 2014 -0700
@@ -3031,9 +3031,11 @@
final Collection<E> c;
final Class<E> type;
- void typeCheck(Object o) {
+ @SuppressWarnings("unchecked")
+ E typeCheck(Object o) {
if (o != null && !type.isInstance(o))
throw new ClassCastException(badElementMsg(o));
+ return (E) o;
}
private String badElementMsg(Object o) {
@@ -3042,10 +3044,8 @@
}
CheckedCollection(Collection<E> c, Class<E> type) {
- if (c==null || type == null)
- throw new NullPointerException();
- this.c = c;
- this.type = type;
+ this.c = Objects.requireNonNull(c, "c");
+ this.type = Objects.requireNonNull(type, "type");
}
public int size() { return c.size(); }
@@ -3091,7 +3091,7 @@
@SuppressWarnings("unchecked")
Collection<E> checkedCopyOf(Collection<? extends E> coll) {
- Object[] a = null;
+ Object[] a;
try {
E[] z = zeroLengthElementArray();
a = coll.toArray(z);
@@ -3487,10 +3487,19 @@
return new CheckedList<>(list.subList(fromIndex, toIndex), type);
}
+ /**
+ * {@inheritDoc}
+ *
+ * @throws ClassCastException if the class of an element returned by the
+ * operator prevents it from being added to this collection. The
+ * exception may be thrown after some elements of the list have
+ * already been replaced.
+ */
@Override
public void replaceAll(UnaryOperator<E> operator) {
- list.replaceAll(operator);
- }
+ list.replaceAll(e -> typeCheck(operator.apply(e)));
+ }
+
@Override
public void sort(Comparator<? super E> c) {
list.sort(c);
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/java/util/Collections/CheckedListReplaceAll.java Wed Jun 25 12:36:03 2014 -0700
@@ -0,0 +1,50 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8047795
+ * @summary Ensure that replaceAll operator cannot add bad elements
+ * @author Mike Duigou
+ */
+
+import java.util.*;
+import java.util.function.UnaryOperator;
+
+public class CheckedListReplaceAll {
+ public static void main(String[] args) {
+ List unwrapped = Arrays.asList(new Object[]{1, 2, 3});
+ List<Object> wrapped = Collections.checkedList(unwrapped, Integer.class);
+
+ UnaryOperator evil = e -> (((int) e) % 2 != 0) ? e : "evil";
+
+ try {
+ wrapped.replaceAll(evil);
+ System.out.printf("Bwahaha! I have defeated you! %s\n", wrapped);
+ throw new RuntimeException("String added to checked List<Integer>");
+ } catch (ClassCastException thwarted) {
+ thwarted.printStackTrace(System.out);
+ System.out.println("Curses! Foiled again!");
+ }
+ }
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/java/util/Collections/CheckedMapReplaceAll.java Wed Jun 25 12:36:03 2014 -0700
@@ -0,0 +1,54 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8047795
+ * @summary Ensure that replaceAll operator cannot add bad elements
+ * @author Mike Duigou
+ */
+
+import java.util.*;
+import java.util.function.BiFunction;
+
+public class CheckedMapReplaceAll {
+ public static void main(String[] args) {
+ Map<Integer,Double> unwrapped = new HashMap<>();
+ unwrapped.put(1, 1.0);
+ unwrapped.put(2, 2.0);
+ unwrapped.put(3, 3.0);
+
+ Map<Integer,Double> wrapped = Collections.checkedMap(unwrapped, Integer.class, Double.class);
+
+ BiFunction evil = (k, v) -> (((int)k) % 2 != 0) ? v : "evil";
+
+ try {
+ wrapped.replaceAll(evil);
+ System.out.printf("Bwahaha! I have defeated you! %s\n", wrapped);
+ throw new RuntimeException("String added to checked Map<Integer,Double>");
+ } catch (ClassCastException thwarted) {
+ thwarted.printStackTrace(System.out);
+ System.out.println("Curses! Foiled again!");
+ }
+ }
+}