8138978: Examine usages of sun.misc.IOUtils
Reviewed-by: alanb, mullan, psandoz, rriggs, weijun
--- a/jdk/src/java.base/share/classes/java/util/jar/JarFile.java Fri Oct 09 09:33:54 2015 +0800
+++ b/jdk/src/java.base/share/classes/java/util/jar/JarFile.java Fri Oct 09 14:21:02 2015 +0100
@@ -37,7 +37,6 @@
import java.security.AccessController;
import java.security.CodeSource;
import jdk.internal.misc.SharedSecrets;
-import sun.misc.IOUtils;
import sun.security.action.GetPropertyAction;
import sun.security.util.ManifestEntryVerifier;
import sun.security.util.SignatureFileVerifier;
@@ -438,7 +437,12 @@
*/
private byte[] getBytes(ZipEntry ze) throws IOException {
try (InputStream is = super.getInputStream(ze)) {
- return IOUtils.readFully(is, (int)ze.getSize(), true);
+ int len = (int)ze.getSize();
+ byte[] b = is.readAllBytes();
+ if (len != -1 && b.length != len)
+ throw new EOFException("Expected:" + len + ", read:" + b.length);
+
+ return b;
}
}
--- a/jdk/src/java.base/share/classes/sun/invoke/anon/AnonymousClassLoader.java Fri Oct 09 09:33:54 2015 +0800
+++ b/jdk/src/java.base/share/classes/sun/invoke/anon/AnonymousClassLoader.java Fri Oct 09 14:21:02 2015 +0100
@@ -25,10 +25,10 @@
package sun.invoke.anon;
+import java.io.EOFException;
import java.io.IOException;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
-import sun.misc.IOUtils;
/**
* Anonymous class loader. Will load any valid classfile, producing
@@ -225,6 +225,10 @@
if (contentLength < 0)
throw new IOException("invalid content length "+contentLength);
- return IOUtils.readFully(connection.getInputStream(), contentLength, true);
+ byte[] b = connection.getInputStream().readAllBytes();
+ if (b.length != contentLength)
+ throw new EOFException("Expected:" + contentLength + ", read:" + b.length);
+
+ return b;
}
}
--- a/jdk/src/java.base/share/classes/sun/misc/IOUtils.java Fri Oct 09 09:33:54 2015 +0800
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,80 +0,0 @@
-/*
- * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation. Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-/**
- * IOUtils: A collection of IO-related public static methods.
- */
-
-package sun.misc;
-
-import java.io.EOFException;
-import java.io.IOException;
-import java.io.InputStream;
-import java.util.Arrays;
-
-public class IOUtils {
-
- /**
- * Read up to <code>length</code> of bytes from <code>in</code>
- * until EOF is detected.
- * @param is input stream, must not be null
- * @param length number of bytes to read, -1 or Integer.MAX_VALUE means
- * read as much as possible
- * @param readAll if true, an EOFException will be thrown if not enough
- * bytes are read. Ignored when length is -1 or Integer.MAX_VALUE
- * @return bytes read
- * @throws IOException Any IO error or a premature EOF is detected
- */
- public static byte[] readFully(InputStream is, int length, boolean readAll)
- throws IOException {
- byte[] output = {};
- if (length == -1) length = Integer.MAX_VALUE;
- int pos = 0;
- while (pos < length) {
- int bytesToRead;
- if (pos >= output.length) { // Only expand when there's no room
- bytesToRead = Math.min(length - pos, output.length + 1024);
- if (output.length < pos + bytesToRead) {
- output = Arrays.copyOf(output, pos + bytesToRead);
- }
- } else {
- bytesToRead = output.length - pos;
- }
- int cc = is.read(output, pos, bytesToRead);
- if (cc < 0) {
- if (readAll && length != Integer.MAX_VALUE) {
- throw new EOFException("Detect premature EOF");
- } else {
- if (output.length != pos) {
- output = Arrays.copyOf(output, pos);
- }
- break;
- }
- }
- pos += cc;
- }
- return output;
- }
-}
--- a/jdk/src/java.base/share/classes/sun/reflect/misc/MethodUtil.java Fri Oct 09 09:33:54 2015 +0800
+++ b/jdk/src/java.base/share/classes/sun/reflect/misc/MethodUtil.java Fri Oct 09 14:21:02 2015 +0100
@@ -25,6 +25,7 @@
package sun.reflect.misc;
+import java.io.EOFException;
import java.security.AllPermission;
import java.security.AccessController;
import java.security.PermissionCollection;
@@ -43,7 +44,6 @@
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
-import sun.misc.IOUtils;
class Trampoline {
@@ -368,15 +368,12 @@
}
}
int len = uc.getContentLength();
- InputStream in = new BufferedInputStream(uc.getInputStream());
-
- byte[] b;
- try {
- b = IOUtils.readFully(in, len, true);
- } finally {
- in.close();
+ try (InputStream in = new BufferedInputStream(uc.getInputStream())) {
+ byte[] b = in.readAllBytes();
+ if (len != -1 && b.length != len)
+ throw new EOFException("Expected:" + len + ", read:" + b.length);
+ return b;
}
- return b;
}
--- a/jdk/src/java.base/share/classes/sun/security/provider/DomainKeyStore.java Fri Oct 09 09:33:54 2015 +0800
+++ b/jdk/src/java.base/share/classes/sun/security/provider/DomainKeyStore.java Fri Oct 09 14:21:02 2015 +0100
@@ -33,7 +33,6 @@
import java.security.cert.CertificateException;
import java.util.*;
-import sun.misc.IOUtils;
import sun.security.pkcs.EncryptedPrivateKeyInfo;
import sun.security.util.PolicyUtil;
--- a/jdk/src/java.base/share/classes/sun/security/provider/JavaKeyStore.java Fri Oct 09 09:33:54 2015 +0800
+++ b/jdk/src/java.base/share/classes/sun/security/provider/JavaKeyStore.java Fri Oct 09 14:21:02 2015 +0100
@@ -32,9 +32,9 @@
import java.security.cert.CertificateException;
import java.util.*;
-import sun.misc.IOUtils;
import sun.security.pkcs.EncryptedPrivateKeyInfo;
import sun.security.pkcs12.PKCS12KeyStore;
+import sun.security.util.IOUtils;
import sun.security.util.KeyStoreDelegator;
/**
--- a/jdk/src/java.base/share/classes/sun/security/timestamp/HttpTimestamper.java Fri Oct 09 09:33:54 2015 +0800
+++ b/jdk/src/java.base/share/classes/sun/security/timestamp/HttpTimestamper.java Fri Oct 09 14:21:02 2015 +0100
@@ -27,13 +27,13 @@
import java.io.BufferedInputStream;
import java.io.DataOutputStream;
+import java.io.EOFException;
import java.io.IOException;
import java.net.URI;
import java.net.URL;
import java.net.HttpURLConnection;
import java.util.*;
-import sun.misc.IOUtils;
import sun.security.util.Debug;
/**
@@ -147,8 +147,11 @@
}
verifyMimeType(connection.getContentType());
- int contentLength = connection.getContentLength();
- replyBuffer = IOUtils.readFully(input, contentLength, false);
+ int clen = connection.getContentLength();
+ replyBuffer = input.readAllBytes();
+ if (clen != -1 && replyBuffer.length != clen)
+ throw new EOFException("Expected:" + clen +
+ ", read:" + replyBuffer.length);
if (debug != null) {
debug.println("received timestamp response (length=" +
--- a/jdk/src/java.base/share/classes/sun/security/util/DerValue.java Fri Oct 09 09:33:54 2015 +0800
+++ b/jdk/src/java.base/share/classes/sun/security/util/DerValue.java Fri Oct 09 14:21:02 2015 +0100
@@ -28,7 +28,6 @@
import java.io.*;
import java.math.BigInteger;
import java.util.Date;
-import sun.misc.IOUtils;
/**
* Represents a single DER-encoded value. DER encoding rules are a subset
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/java.base/share/classes/sun/security/util/IOUtils.java Fri Oct 09 14:21:02 2015 +0100
@@ -0,0 +1,80 @@
+/*
+ * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation. Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/**
+ * IOUtils: A collection of IO-related public static methods.
+ */
+
+package sun.security.util;
+
+import java.io.EOFException;
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.Arrays;
+
+public class IOUtils {
+
+ /**
+ * Read up to <code>length</code> of bytes from <code>in</code>
+ * until EOF is detected.
+ * @param is input stream, must not be null
+ * @param length number of bytes to read, -1 or Integer.MAX_VALUE means
+ * read as much as possible
+ * @param readAll if true, an EOFException will be thrown if not enough
+ * bytes are read. Ignored when length is -1 or Integer.MAX_VALUE
+ * @return bytes read
+ * @throws IOException Any IO error or a premature EOF is detected
+ */
+ public static byte[] readFully(InputStream is, int length, boolean readAll)
+ throws IOException {
+ byte[] output = {};
+ if (length == -1) length = Integer.MAX_VALUE;
+ int pos = 0;
+ while (pos < length) {
+ int bytesToRead;
+ if (pos >= output.length) { // Only expand when there's no room
+ bytesToRead = Math.min(length - pos, output.length + 1024);
+ if (output.length < pos + bytesToRead) {
+ output = Arrays.copyOf(output, pos + bytesToRead);
+ }
+ } else {
+ bytesToRead = output.length - pos;
+ }
+ int cc = is.read(output, pos, bytesToRead);
+ if (cc < 0) {
+ if (readAll && length != Integer.MAX_VALUE) {
+ throw new EOFException("Detect premature EOF");
+ } else {
+ if (output.length != pos) {
+ output = Arrays.copyOf(output, pos);
+ }
+ break;
+ }
+ }
+ pos += cc;
+ }
+ return output;
+ }
+}
--- a/jdk/src/java.desktop/share/classes/sun/applet/AppletClassLoader.java Fri Oct 09 09:33:54 2015 +0800
+++ b/jdk/src/java.desktop/share/classes/sun/applet/AppletClassLoader.java Fri Oct 09 14:21:02 2015 +0100
@@ -33,6 +33,7 @@
import java.net.MalformedURLException;
import java.net.InetAddress;
import java.net.UnknownHostException;
+import java.io.EOFException;
import java.io.File;
import java.io.FilePermission;
import java.io.IOException;
@@ -51,7 +52,6 @@
import java.security.PermissionCollection;
import sun.awt.AppContext;
import sun.awt.SunToolkit;
-import sun.misc.IOUtils;
import sun.misc.ManagedLocalsThread;
import sun.net.www.ParseUtil;
import sun.security.util.SecurityConstants;
@@ -334,7 +334,9 @@
byte[] b;
try {
- b = IOUtils.readFully(in, len, true);
+ b = in.readAllBytes();
+ if (len != -1 && b.length != len)
+ throw new EOFException("Expected:" + len + ", read:" + b.length);
} finally {
in.close();
}
--- a/jdk/src/java.naming/share/classes/com/sun/jndi/ldap/Connection.java Fri Oct 09 09:33:54 2015 +0800
+++ b/jdk/src/java.naming/share/classes/com/sun/jndi/ldap/Connection.java Fri Oct 09 14:21:02 2015 +0100
@@ -45,7 +45,6 @@
import java.lang.reflect.Method;
import java.lang.reflect.InvocationTargetException;
import java.util.Arrays;
-import sun.misc.IOUtils;
import javax.net.SocketFactory;
/**
@@ -862,7 +861,7 @@
}
// read in seqlen bytes
- byte[] left = IOUtils.readFully(in, seqlen, false);
+ byte[] left = readFully(in, seqlen);
inbuf = Arrays.copyOf(inbuf, offset + left.length);
System.arraycopy(left, 0, inbuf, offset, left.length);
offset += left.length;
@@ -957,6 +956,31 @@
}
}
+ private static byte[] readFully(InputStream is, int length)
+ throws IOException
+ {
+ byte[] buf = new byte[Math.min(length, 8192)];
+ int nread = 0;
+ while (nread < length) {
+ int bytesToRead;
+ if (nread >= buf.length) { // need to allocate a larger buffer
+ bytesToRead = Math.min(length - nread, buf.length + 8192);
+ if (buf.length < nread + bytesToRead) {
+ buf = Arrays.copyOf(buf, nread + bytesToRead);
+ }
+ } else {
+ bytesToRead = buf.length - nread;
+ }
+ int count = is.read(buf, nread, bytesToRead);
+ if (count < 0) {
+ if (buf.length != nread)
+ buf = Arrays.copyOf(buf, nread);
+ break;
+ }
+ nread += count;
+ }
+ return buf;
+ }
// This code must be uncommented to run the LdapAbandonTest.
/*public void sendSearchReqs(String dn, int numReqs) {
--- a/jdk/src/java.security.jgss/share/classes/sun/security/krb5/internal/NetClient.java Fri Oct 09 09:33:54 2015 +0800
+++ b/jdk/src/java.security.jgss/share/classes/sun/security/krb5/internal/NetClient.java Fri Oct 09 14:21:02 2015 +0100
@@ -31,10 +31,9 @@
package sun.security.krb5.internal;
-import sun.misc.IOUtils;
-
import java.io.*;
import java.net.*;
+import sun.security.util.IOUtils;
public abstract class NetClient implements AutoCloseable {
public static NetClient getInstance(String protocol, String hostname, int port,
--- a/jdk/src/java.security.jgss/share/classes/sun/security/krb5/internal/ccache/CCacheInputStream.java Fri Oct 09 09:33:54 2015 +0800
+++ b/jdk/src/java.security.jgss/share/classes/sun/security/krb5/internal/ccache/CCacheInputStream.java Fri Oct 09 14:21:02 2015 +0100
@@ -36,10 +36,10 @@
import java.util.List;
import java.util.StringTokenizer;
-import sun.misc.IOUtils;
import sun.security.krb5.*;
import sun.security.krb5.internal.*;
import sun.security.krb5.internal.util.KrbDataInputStream;
+import sun.security.util.IOUtils;
/**
* This class extends KrbDataInputStream. It is used for parsing FCC-format
--- a/jdk/test/sun/security/tools/jarsigner/TimestampCheck.java Fri Oct 09 09:33:54 2015 +0800
+++ b/jdk/test/sun/security/tools/jarsigner/TimestampCheck.java Fri Oct 09 14:21:02 2015 +0100
@@ -40,7 +40,6 @@
import java.util.jar.JarEntry;
import java.util.jar.JarFile;
-import sun.misc.IOUtils;
import sun.security.pkcs.ContentInfo;
import sun.security.pkcs.PKCS7;
import sun.security.pkcs.PKCS9Attribute;
@@ -343,7 +342,7 @@
try (JarFile jf = new JarFile(file)) {
JarEntry je = jf.getJarEntry("META-INF/OLD.RSA");
try (InputStream is = jf.getInputStream(je)) {
- byte[] content = IOUtils.readFully(is, -1, true);
+ byte[] content = is.readAllBytes();
PKCS7 p7 = new PKCS7(content);
SignerInfo[] si = p7.getSignerInfos();
if (si == null || si.length == 0) {
--- a/jdk/test/sun/security/util/DerValue/BadValue.java Fri Oct 09 09:33:54 2015 +0800
+++ b/jdk/test/sun/security/util/DerValue/BadValue.java Fri Oct 09 14:21:02 2015 +0100
@@ -25,13 +25,11 @@
* @test
* @bug 6864911
* @summary ASN.1/DER input stream parser needs more work
- * @modules java.base/sun.misc
- * java.base/sun.security.util
+ * @modules java.base/sun.security.util
*/
import java.io.*;
import sun.security.util.*;
-import sun.misc.IOUtils;
public class BadValue {