--- a/src/java.base/macosx/native/libosxsecurity/KeystoreImpl.m Mon Apr 23 16:00:56 2018 -0400
+++ b/src/java.base/macosx/native/libosxsecurity/KeystoreImpl.m Mon Apr 23 14:23:18 2018 -0700
@@ -438,12 +438,11 @@
if (passwordChars == NULL) {
goto errOut;
}
- passwordStrRef = CFStringCreateWithCharacters(kCFAllocatorDefault, passwordChars, passwordLen);
- // clear the password and release
- memset(passwordChars, 0, passwordLen);
- (*env)->ReleaseCharArrayElements(env, passwordObj, passwordChars,
- JNI_ABORT);
+ passwordStrRef = CFStringCreateWithCharactersNoCopy(NULL, passwordChars, passwordLen, kCFAllocatorNull);
+ if (passwordStrRef == NULL) {
+ goto errOut;
+ }
}
}
@@ -471,7 +470,12 @@
errOut:
if (exportedData) CFRelease(exportedData);
if (passwordStrRef) CFRelease(passwordStrRef);
-
+ if (passwordChars) {
+ // clear the password and release
+ memset(passwordChars, 0, passwordLen);
+ (*env)->ReleaseCharArrayElements(env, passwordObj, passwordChars,
+ JNI_ABORT);
+ }
return returnValue;
}
@@ -538,12 +542,11 @@
if (passwordChars == NULL) {
goto errOut;
}
- passwordStrRef = CFStringCreateWithCharacters(kCFAllocatorDefault, passwordChars, passwordLen);
- // clear the password and release
- memset(passwordChars, 0, passwordLen);
- (*env)->ReleaseCharArrayElements(env, passwordObj, passwordChars,
- JNI_ABORT);
+ passwordStrRef = CFStringCreateWithCharactersNoCopy(NULL, passwordChars, passwordLen, kCFAllocatorNull);
+ if (passwordStrRef == NULL) {
+ goto errOut;
+ }
}
}
@@ -581,7 +584,14 @@
CFRelease(createdItems);
}
-errOut: ;
+errOut:
+ if (passwordStrRef) CFRelease(passwordStrRef);
+ if (passwordChars) {
+ // clear the password and release
+ memset(passwordChars, 0, passwordLen);
+ (*env)->ReleaseCharArrayElements(env, passwordObj, passwordChars,
+ JNI_ABORT);
+ }
JNF_COCOA_EXIT(env);
--- a/src/java.base/share/classes/sun/security/provider/PolicyFile.java Mon Apr 23 16:00:56 2018 -0400
+++ b/src/java.base/share/classes/sun/security/provider/PolicyFile.java Mon Apr 23 14:23:18 2018 -0700
@@ -40,7 +40,7 @@
import java.io.FilePermission;
import java.net.SocketPermission;
import java.net.NetPermission;
-import java.util.concurrent.atomic.AtomicReference;
+import java.util.concurrent.ConcurrentHashMap;
import jdk.internal.misc.JavaSecurityAccess;
import static jdk.internal.misc.JavaSecurityAccess.ProtectionDomainCache;
import jdk.internal.misc.SharedSecrets;
@@ -248,7 +248,8 @@
private static final int DEFAULT_CACHE_SIZE = 1;
// contains the policy grant entries, PD cache, and alias mapping
- private AtomicReference<PolicyInfo> policyInfo = new AtomicReference<>();
+ // can be updated if refresh() is called
+ private volatile PolicyInfo policyInfo;
private boolean expandProperties = true;
private boolean allowSystemProperties = true;
@@ -268,8 +269,8 @@
* previously parsed and have syntax errors, so that they can be
* subsequently ignored.
*/
- private static AtomicReference<Set<URL>> badPolicyURLs =
- new AtomicReference<>(new HashSet<>());
+ private static Set<URL> badPolicyURLs =
+ Collections.newSetFromMap(new ConcurrentHashMap<URL,Boolean>());
// The default.policy file
private static final URL DEFAULT_POLICY_URL =
@@ -341,7 +342,7 @@
// System.out.println("number caches=" + numCaches);
PolicyInfo newInfo = new PolicyInfo(numCaches);
initPolicyFile(newInfo, url);
- policyInfo.set(newInfo);
+ policyInfo = newInfo;
}
private void initPolicyFile(final PolicyInfo newInfo, final URL url) {
@@ -498,7 +499,7 @@
// skip parsing policy file if it has been previously parsed and
// has syntax errors
- if (badPolicyURLs.get().contains(policy)) {
+ if (badPolicyURLs.contains(policy)) {
if (debug != null) {
debug.println("skipping bad policy file: " + policy);
}
@@ -539,10 +540,7 @@
throw new InternalError("Failed to load default.policy", pe);
}
// record bad policy file to avoid later reparsing it
- badPolicyURLs.updateAndGet(k -> {
- k.add(policy);
- return k;
- });
+ badPolicyURLs.add(policy);
Object[] source = {policy, pe.getNonlocalizedMessage()};
System.err.println(LocalizedMessage.getNonlocalized
(POLICY + ".error.parsing.policy.message", source));
@@ -991,9 +989,7 @@
*/
@Override
public boolean implies(ProtectionDomain pd, Permission p) {
- PolicyInfo pi = policyInfo.get();
- ProtectionDomainCache pdMap = pi.getPdMapping();
-
+ ProtectionDomainCache pdMap = policyInfo.getPdMapping();
PermissionCollection pc = pdMap.get(pd);
if (pc != null) {
@@ -1139,9 +1135,7 @@
private Permissions getPermissions(Permissions perms,
final CodeSource cs,
Principal[] principals) {
- PolicyInfo pi = policyInfo.get();
-
- for (PolicyEntry entry : pi.policyEntries) {
+ for (PolicyEntry entry : policyInfo.policyEntries) {
addPermissions(perms, cs, principals, entry);
}
--- a/src/java.xml/share/classes/com/sun/org/apache/xerces/internal/impl/xs/traversers/SchemaContentHandler.java Mon Apr 23 16:00:56 2018 -0400
+++ b/src/java.xml/share/classes/com/sun/org/apache/xerces/internal/impl/xs/traversers/SchemaContentHandler.java Mon Apr 23 14:23:18 2018 -0700
@@ -26,6 +26,7 @@
import com.sun.org.apache.xerces.internal.util.SAXLocatorWrapper;
import com.sun.org.apache.xerces.internal.util.SymbolTable;
import com.sun.org.apache.xerces.internal.util.XMLAttributesImpl;
+import com.sun.org.apache.xerces.internal.util.XMLStringBuffer;
import com.sun.org.apache.xerces.internal.util.XMLSymbols;
import com.sun.org.apache.xerces.internal.xni.NamespaceContext;
import com.sun.org.apache.xerces.internal.xni.QName;
@@ -78,6 +79,7 @@
private final QName fAttributeQName = new QName();
private final XMLAttributesImpl fAttributes = new XMLAttributesImpl();
private final XMLString fTempString = new XMLString();
+ private final XMLStringBuffer fStringBuffer = new XMLStringBuffer();
/**
* <p>Constructs an SchemaContentHandler.</p>
@@ -103,6 +105,7 @@
*/
public void startDocument() throws SAXException {
fNeedPushNSContext = true;
+ fNamespaceContext.reset();
try {
fSchemaDOMParser.startDocument(fSAXLocatorWrapper, null, fNamespaceContext, null);
}
@@ -326,7 +329,11 @@
if (nsPrefix.length() > 0) {
prefix = XMLSymbols.PREFIX_XMLNS;
localpart = nsPrefix;
- rawname = fSymbolTable.addSymbol(prefix + ":" + localpart);
+ fStringBuffer.clear();
+ fStringBuffer.append(prefix);
+ fStringBuffer.append(':');
+ fStringBuffer.append(localpart);
+ rawname = fSymbolTable.addSymbol(fStringBuffer.ch, fStringBuffer.offset, fStringBuffer.length);
}
else {
prefix = XMLSymbols.EMPTY_STRING;
@@ -334,7 +341,8 @@
rawname = XMLSymbols.PREFIX_XMLNS;
}
fAttributeQName.setValues(prefix, localpart, rawname, NamespaceContext.XMLNS_URI);
- fAttributes.addAttribute(fAttributeQName, XMLSymbols.fCDATASymbol, nsURI);
+ fAttributes.addAttribute(fAttributeQName, XMLSymbols.fCDATASymbol,
+ (nsURI != null) ? nsURI : XMLSymbols.EMPTY_STRING);
}
}
--- a/src/java.xml/share/classes/com/sun/org/apache/xerces/internal/impl/xs/traversers/XSDHandler.java Mon Apr 23 16:00:56 2018 -0400
+++ b/src/java.xml/share/classes/com/sun/org/apache/xerces/internal/impl/xs/traversers/XSDHandler.java Mon Apr 23 14:23:18 2018 -0700
@@ -2266,6 +2266,8 @@
fSecurityManager.isSecureProcessing());
try {
+ parser.setFeature(NAMESPACE_PREFIXES, true);
+ namespacePrefixes = true;
// If this is a Xerces SAX parser set the security manager if there is one
if (parser instanceof SAXParser) {
if (fSecurityManager != null) {