6985453: Font.createFont may expose some system properties in exception text
Reviewed-by: prr, hawtin
--- a/jdk/src/share/classes/sun/font/FileFont.java Thu Mar 17 14:42:40 2011 -0700
+++ b/jdk/src/share/classes/sun/font/FileFont.java Sat Oct 30 00:24:45 2010 +0400
@@ -32,22 +32,13 @@
import java.awt.geom.Rectangle2D;
import java.io.File;
import java.nio.ByteBuffer;
-import java.nio.channels.FileChannel;
import sun.java2d.Disposer;
import sun.java2d.DisposerRecord;
-import java.lang.ref.WeakReference;
-import java.io.FileNotFoundException;
import java.io.IOException;
-import java.io.RandomAccessFile;
-import java.io.UnsupportedEncodingException;
-import java.nio.ByteOrder;
-import java.nio.MappedByteBuffer;
-import java.nio.BufferUnderflowException;
-import java.nio.channels.ClosedChannelException;
-import java.util.HashSet;
-import java.util.HashMap;
-import java.awt.Font;
+import java.security.AccessController;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
public abstract class FileFont extends PhysicalFont {
@@ -286,4 +277,49 @@
});
}
}
+
+ protected String getPublicFileName() {
+ SecurityManager sm = System.getSecurityManager();
+ if (sm == null) {
+ return platName;
+ }
+ boolean canReadProperty = true;
+
+ try {
+ sm.checkPropertyAccess("java.io.tmpdir");
+ } catch (SecurityException e) {
+ canReadProperty = false;
+ }
+
+ if (canReadProperty) {
+ return platName;
+ }
+
+ final File f = new File(platName);
+
+ Boolean isTmpFile = Boolean.FALSE;
+ try {
+ isTmpFile = AccessController.doPrivileged(
+ new PrivilegedExceptionAction<Boolean>() {
+ public Boolean run() {
+ File tmp = new File(System.getProperty("java.io.tmpdir"));
+ try {
+ String tpath = tmp.getCanonicalPath();
+ String fpath = f.getCanonicalPath();
+
+ return (fpath == null) || fpath.startsWith(tpath);
+ } catch (IOException e) {
+ return Boolean.TRUE;
+ }
+ }
+ }
+ );
+ } catch (PrivilegedActionException e) {
+ // unable to verify whether value of java.io.tempdir will be
+ // exposed, so return only a name of the font file.
+ isTmpFile = Boolean.TRUE;
+ }
+
+ return isTmpFile ? "temp file" : platName;
+ }
}
--- a/jdk/src/share/classes/sun/font/TrueTypeFont.java Thu Mar 17 14:42:40 2011 -0700
+++ b/jdk/src/share/classes/sun/font/TrueTypeFont.java Sat Oct 30 00:24:45 2010 +0400
@@ -519,7 +519,8 @@
break;
default:
- throw new FontFormatException("Unsupported sfnt " + platName);
+ throw new FontFormatException("Unsupported sfnt " +
+ getPublicFileName());
}
/* Now have the offset of this TT font (possibly within a TTC)
@@ -1680,7 +1681,6 @@
@Override
public String toString() {
return "** TrueType Font: Family="+familyName+ " Name="+fullName+
- " style="+style+" fileName="+platName;
+ " style="+style+" fileName="+getPublicFileName();
}
-
}
--- a/jdk/src/share/classes/sun/font/Type1Font.java Thu Mar 17 14:42:40 2011 -0700
+++ b/jdk/src/share/classes/sun/font/Type1Font.java Sat Oct 30 00:24:45 2010 +0400
@@ -677,6 +677,6 @@
public String toString() {
return "** Type1 Font: Family="+familyName+ " Name="+fullName+
- " style="+style+" fileName="+platName;
+ " style="+style+" fileName="+getPublicFileName();
}
}