Mercurial > hg > icedtea8-forest > jdk
changeset 12949:50047f057dc1 jdk8u152-b14
Merge
author | asaha |
---|---|
date | Tue, 29 Aug 2017 14:49:43 -0700 |
parents | aad0b059fc06 (current diff) dde1361b0e56 (diff) |
children | 652167b5a47b |
files | .hgtags src/share/classes/java/util/ArrayList.java src/share/classes/sun/security/tools/keytool/Resources_sv.java |
diffstat | 13 files changed, 105 insertions(+), 23 deletions(-) [+] |
line wrap: on
line diff
--- a/.hgtags Tue Aug 29 10:12:48 2017 -0700 +++ b/.hgtags Tue Aug 29 14:49:43 2017 -0700 @@ -723,6 +723,7 @@ 8fd79358682edc86abaac1c839486834410be74b jdk8u151-b08 a487770409082a3d1c4be9264e8eb02b1a41fe41 jdk8u151-b09 7653488b327598fecd823b9b095a1c107b0a1429 jdk8u151-b10 +431c125e1231749e16427c280f115f93d699c0e1 jdk8u151-b11 1442bc728814af451e2dd1a6719a64485d27e3a0 jdk8u122-b00 f6030acfa5aec0e64d45adfac69b9e7e5c12bc74 jdk8u122-b01 6b072c3a6db7ab06804c91aab77431799dfb5d47 jdk8u122-b02
--- a/src/share/classes/java/io/ObjectInputStream.java Tue Aug 29 10:12:48 2017 -0700 +++ b/src/share/classes/java/io/ObjectInputStream.java Tue Aug 29 14:49:43 2017 -0700 @@ -43,9 +43,9 @@ import static java.io.ObjectStreamClass.processQueue; +import sun.misc.SharedSecrets; import sun.misc.ObjectInputFilter; import sun.misc.ObjectStreamClassValidator; -import sun.misc.SharedSecrets; import sun.reflect.misc.ReflectUtil; import sun.misc.JavaOISAccess; import sun.util.logging.PlatformLogger; @@ -254,6 +254,12 @@ public ObjectInputFilter getObjectInputFilter(ObjectInputStream stream) { return stream.getInternalObjectInputFilter(); } + + public void checkArray(ObjectInputStream stream, Class<?> arrayType, int arrayLength) + throws InvalidClassException + { + stream.checkArray(arrayType, arrayLength); + } }); } @@ -1257,6 +1263,33 @@ } /** + * Checks the given array type and length to ensure that creation of such + * an array is permitted by this ObjectInputStream. The arrayType argument + * must represent an actual array type. + * + * This private method is called via SharedSecrets. + * + * @param arrayType the array type + * @param arrayLength the array length + * @throws NullPointerException if arrayType is null + * @throws IllegalArgumentException if arrayType isn't actually an array type + * @throws NegativeArraySizeException if arrayLength is negative + * @throws InvalidClassException if the filter rejects creation + */ + private void checkArray(Class<?> arrayType, int arrayLength) throws InvalidClassException { + Objects.requireNonNull(arrayType); + if (! arrayType.isArray()) { + throw new IllegalArgumentException("not an array type"); + } + + if (arrayLength < 0) { + throw new NegativeArraySizeException(); + } + + filterCheck(arrayType, arrayLength); + } + + /** * Provide access to the persistent fields read from the input stream. */ public static abstract class GetField {
--- a/src/share/classes/java/util/ArrayDeque.java Tue Aug 29 10:12:48 2017 -0700 +++ b/src/share/classes/java/util/ArrayDeque.java Tue Aug 29 14:49:43 2017 -0700 @@ -36,6 +36,7 @@ import java.io.Serializable; import java.util.function.Consumer; +import sun.misc.SharedSecrets; /** * Resizable-array implementation of the {@link Deque} interface. Array @@ -118,12 +119,7 @@ // ****** Array allocation and resizing utilities ****** - /** - * Allocates empty array to hold the given number of elements. - * - * @param numElements the number of elements to hold - */ - private void allocateElements(int numElements) { + private static int calculateSize(int numElements) { int initialCapacity = MIN_INITIAL_CAPACITY; // Find the best power of two to hold elements. // Tests "<=" because arrays aren't kept full. @@ -139,7 +135,16 @@ if (initialCapacity < 0) // Too many elements, must back off initialCapacity >>>= 1;// Good luck allocating 2 ^ 30 elements } - elements = new Object[initialCapacity]; + return initialCapacity; + } + + /** + * Allocates empty array to hold the given number of elements. + * + * @param numElements the number of elements to hold + */ + private void allocateElements(int numElements) { + elements = new Object[calculateSize(numElements)]; } /** @@ -879,6 +884,8 @@ // Read in size and allocate array int size = s.readInt(); + int capacity = calculateSize(size); + SharedSecrets.getJavaOISAccess().checkArray(s, Object[].class, capacity); allocateElements(size); head = 0; tail = size;
--- a/src/share/classes/java/util/ArrayList.java Tue Aug 29 10:12:48 2017 -0700 +++ b/src/share/classes/java/util/ArrayList.java Tue Aug 29 14:49:43 2017 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -28,6 +28,7 @@ import java.util.function.Consumer; import java.util.function.Predicate; import java.util.function.UnaryOperator; +import sun.misc.SharedSecrets; /** * Resizable-array implementation of the <tt>List</tt> interface. Implements @@ -219,12 +220,15 @@ } } - private void ensureCapacityInternal(int minCapacity) { + private static int calculateCapacity(Object[] elementData, int minCapacity) { if (elementData == DEFAULTCAPACITY_EMPTY_ELEMENTDATA) { - minCapacity = Math.max(DEFAULT_CAPACITY, minCapacity); + return Math.max(DEFAULT_CAPACITY, minCapacity); + } + return minCapacity; } - ensureExplicitCapacity(minCapacity); + private void ensureCapacityInternal(int minCapacity) { + ensureExplicitCapacity(calculateCapacity(elementData, minCapacity)); } private void ensureExplicitCapacity(int minCapacity) { @@ -783,6 +787,8 @@ if (size > 0) { // be like clone(), allocate array based upon size not capacity + int capacity = calculateCapacity(elementData, size); + SharedSecrets.getJavaOISAccess().checkArray(s, Object[].class, capacity); ensureCapacityInternal(size); Object[] a = elementData;
--- a/src/share/classes/java/util/HashMap.java Tue Aug 29 10:12:48 2017 -0700 +++ b/src/share/classes/java/util/HashMap.java Tue Aug 29 14:49:43 2017 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -34,6 +34,7 @@ import java.util.function.BiFunction; import java.util.function.Consumer; import java.util.function.Function; +import sun.misc.SharedSecrets; /** * Hash table based implementation of the <tt>Map</tt> interface. This @@ -1392,6 +1393,10 @@ float ft = (float)cap * lf; threshold = ((cap < MAXIMUM_CAPACITY && ft < MAXIMUM_CAPACITY) ? (int)ft : Integer.MAX_VALUE); + + // Check Map.Entry[].class since it's the nearest public type to + // what we're actually creating. + SharedSecrets.getJavaOISAccess().checkArray(s, Map.Entry[].class, cap); @SuppressWarnings({"rawtypes","unchecked"}) Node<K,V>[] tab = (Node<K,V>[])new Node[cap]; table = tab;
--- a/src/share/classes/java/util/HashSet.java Tue Aug 29 10:12:48 2017 -0700 +++ b/src/share/classes/java/util/HashSet.java Tue Aug 29 14:49:43 2017 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -26,6 +26,7 @@ package java.util; import java.io.InvalidObjectException; +import sun.misc.SharedSecrets; /** * This class implements the <tt>Set</tt> interface, backed by a hash table @@ -316,12 +317,19 @@ throw new InvalidObjectException("Illegal size: " + size); } - // Set the capacity according to the size and load factor ensuring that // the HashMap is at least 25% full but clamping to maximum capacity. capacity = (int) Math.min(size * Math.min(1 / loadFactor, 4.0f), HashMap.MAXIMUM_CAPACITY); + // Constructing the backing map will lazily create an array when the first element is + // added, so check it before construction. Call HashMap.tableSizeFor to compute the + // actual allocation size. Check Map.Entry[].class since it's the nearest public type to + // what is actually created. + + SharedSecrets.getJavaOISAccess() + .checkArray(s, Map.Entry[].class, HashMap.tableSizeFor(capacity)); + // Create backing HashMap map = (((HashSet<?>)this) instanceof LinkedHashSet ? new LinkedHashMap<E,Object>(capacity, loadFactor) :
--- a/src/share/classes/java/util/Hashtable.java Tue Aug 29 10:12:48 2017 -0700 +++ b/src/share/classes/java/util/Hashtable.java Tue Aug 29 14:49:43 2017 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1994, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1994, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -30,6 +30,7 @@ import java.util.function.BiConsumer; import java.util.function.Function; import java.util.function.BiFunction; +import sun.misc.SharedSecrets; /** * This class implements a hash table, which maps keys to values. Any @@ -1192,6 +1193,10 @@ if (length > elements && (length & 1) == 0) length--; length = Math.min(length, origlength); + + // Check Map.Entry[].class since it's the nearest public type to + // what we're actually creating. + SharedSecrets.getJavaOISAccess().checkArray(s, Map.Entry[].class, length); table = new Entry<?,?>[length]; threshold = (int)Math.min(length * loadFactor, MAX_ARRAY_SIZE + 1); count = 0;
--- a/src/share/classes/java/util/IdentityHashMap.java Tue Aug 29 10:12:48 2017 -0700 +++ b/src/share/classes/java/util/IdentityHashMap.java Tue Aug 29 14:49:43 2017 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -29,6 +29,7 @@ import java.util.function.BiConsumer; import java.util.function.BiFunction; import java.util.function.Consumer; +import sun.misc.SharedSecrets; /** * This class implements the <tt>Map</tt> interface with a hash table, using @@ -1304,7 +1305,9 @@ if (size < 0) throw new java.io.StreamCorruptedException ("Illegal mappings count: " + size); - init(capacity(size)); + int cap = capacity(size); + SharedSecrets.getJavaOISAccess().checkArray(s, Object[].class, cap); + init(cap); // Read the keys and values, and put the mappings in the table for (int i=0; i<size; i++) {
--- a/src/share/classes/java/util/PriorityQueue.java Tue Aug 29 10:12:48 2017 -0700 +++ b/src/share/classes/java/util/PriorityQueue.java Tue Aug 29 14:49:43 2017 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -26,6 +26,7 @@ package java.util; import java.util.function.Consumer; +import sun.misc.SharedSecrets; /** * An unbounded priority {@linkplain Queue queue} based on a priority heap. @@ -784,6 +785,7 @@ // Read in (and discard) array length s.readInt(); + SharedSecrets.getJavaOISAccess().checkArray(s, Object[].class, size); queue = new Object[size]; // Read in all elements.
--- a/src/share/classes/java/util/concurrent/CopyOnWriteArrayList.java Tue Aug 29 10:12:48 2017 -0700 +++ b/src/share/classes/java/util/concurrent/CopyOnWriteArrayList.java Tue Aug 29 14:49:43 2017 -0700 @@ -50,6 +50,7 @@ import java.util.function.Consumer; import java.util.function.Predicate; import java.util.function.UnaryOperator; +import sun.misc.SharedSecrets; /** * A thread-safe variant of {@link java.util.ArrayList} in which all mutative @@ -989,6 +990,7 @@ // Read in array length and allocate array int len = s.readInt(); + SharedSecrets.getJavaOISAccess().checkArray(s, Object[].class, len); Object[] elements = new Object[len]; // Read in all elements in the proper order.
--- a/src/share/classes/sun/misc/JavaOISAccess.java Tue Aug 29 10:12:48 2017 -0700 +++ b/src/share/classes/sun/misc/JavaOISAccess.java Tue Aug 29 14:49:43 2017 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2016, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,9 +25,12 @@ package sun.misc; +import java.io.InvalidClassException; import java.io.ObjectInputStream; public interface JavaOISAccess { void setObjectInputFilter(ObjectInputStream stream, ObjectInputFilter filter); ObjectInputFilter getObjectInputFilter(ObjectInputStream stream); + void checkArray(ObjectInputStream stream, Class<?> arrayType, int arrayLength) + throws InvalidClassException; }
--- a/src/share/classes/sun/security/tools/keytool/Main.java Tue Aug 29 10:12:48 2017 -0700 +++ b/src/share/classes/sun/security/tools/keytool/Main.java Tue Aug 29 14:49:43 2017 -0700 @@ -1714,7 +1714,8 @@ // hardcode for now as DEF_RSA_KEY_SIZE is still 1024 keysize = 2048; // SecurityProviderConstants.DEF_RSA_KEY_SIZE; } else if ("DSA".equalsIgnoreCase(keyAlgName)) { - keysize = SecurityProviderConstants.DEF_DSA_KEY_SIZE; + // hardcode for now as DEF_DSA_KEY_SIZE is still 1024 + keysize = 2048; } }
--- a/test/java/io/Serializable/serialFilter/SerialFilterTest.java Tue Aug 29 10:12:48 2017 -0700 +++ b/test/java/io/Serializable/serialFilter/SerialFilterTest.java Tue Aug 29 14:49:43 2017 -0700 @@ -35,9 +35,11 @@ import java.lang.reflect.Proxy; import java.util.ArrayList; import java.util.Arrays; +import java.util.Collections; import java.util.HashSet; import java.util.Hashtable; import java.util.List; +import java.util.Map; import java.util.concurrent.atomic.LongAdder; import sun.misc.ObjectInputFilter; @@ -154,6 +156,11 @@ interfaces, (p, m, args) -> p); Runnable runnable = (Runnable & Serializable) SerialFilterTest::noop; + + List<Class<?>> classList = new ArrayList<>(); + classList.add(HashSet.class); + classList.addAll(Collections.nCopies(21, Map.Entry[].class)); + Object[][] objects = { { null, 0, -1, 0, 0, 0, Arrays.asList()}, // no callback, no values @@ -173,8 +180,7 @@ objArray.getClass(), SerialFilterTest.class, java.lang.invoke.SerializedLambda.class)}, - { deepHashSet(10), 48, -1, 50, 11, 619, - Arrays.asList(HashSet.class)}, + { deepHashSet(10), 69, 4, 50, 11, 619, classList }, { proxy.getClass(), 3, -1, 2, 2, 112, Arrays.asList(Runnable.class, java.lang.reflect.Proxy.class,