Mercurial > hg > openjdk > bsd-port > jdk

changeset 6795:d23a877da2d5 jdk7u45-b02

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
8008589: Better MBean permission validation Summary: Better MBean permission validation Reviewed-by: skoivu, dfuchs, mchung, sjiang
author dsamersoff
date Mon, 08 Jul 2013 14:34:36 +0400
parents 0c8d67d9e6d3
children 34296e49d95f
files src/share/classes/javax/management/MBeanTrustPermission.java
diffstat 1 files changed, 25 insertions(+), 6 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/classes/javax/management/MBeanTrustPermission.java	Wed Jul 03 15:12:19 2013 -0700
+++ b/src/share/classes/javax/management/MBeanTrustPermission.java	Mon Jul 08 14:34:36 2013 +0400
@@ -26,6 +26,9 @@
 package javax.management;
 
 import java.security.BasicPermission;
+import java.io.IOException;
+import java.io.InvalidObjectException;
+import java.io.ObjectInputStream;
 
 /**
  * This permission represents "trust" in a signer or codebase.
@@ -75,15 +78,31 @@
      */
     public MBeanTrustPermission(String name, String actions) {
         super(name, actions);
+        validate(name,actions);
+    }
+
+    private static void validate(String name, String actions) {
         /* Check that actions is a null empty string */
-        if (actions != null && actions.length() > 0)
-            throw new IllegalArgumentException("MBeanTrustPermission " +
-                                               "actions must be null: " +
+        if (actions != null && actions.length() > 0) {
+            throw new IllegalArgumentException("MBeanTrustPermission actions must be null: " +
                                                actions);
+        }
 
-        if (!name.equals("register") && !name.equals("*"))
-            throw new IllegalArgumentException("MBeanTrustPermission: " +
-                                               "Unknown target name " +
+        if (!name.equals("register") && !name.equals("*")) {
+            throw new IllegalArgumentException("MBeanTrustPermission: Unknown target name " +
                                                "[" + name + "]");
+        }
+    }
+
+    private void readObject(ObjectInputStream in)
+         throws IOException, ClassNotFoundException {
+
+        // Reading private fields of base class
+        in.defaultReadObject();
+        try {
+            validate(super.getName(),super.getActions());
+        } catch (IllegalArgumentException e) {
+            throw new InvalidObjectException(e.getMessage());
+        }
     }
 }