Mercurial > hg > openjdk > jdk9 > jdk
changeset 16269:20de79ba5b2f
8168979: @implNote for invalid FilePermission
Reviewed-by: xuelei
| author | weijun |
|---|---|
| date | Wed, 14 Dec 2016 10:40:59 +0800 |
| parents | 9626eb849b65 |
| children | 69472c65a323 |
| files | src/java.base/share/classes/java/io/FilePermission.java test/java/io/FilePermission/Invalid.java |
| diffstat | 2 files changed, 38 insertions(+), 22 deletions(-) [+] |
line wrap: on
line diff
--- a/src/java.base/share/classes/java/io/FilePermission.java Wed Dec 14 03:09:12 2016 +0100 +++ b/src/java.base/share/classes/java/io/FilePermission.java Wed Dec 14 10:40:59 2016 +0800 @@ -206,12 +206,6 @@ DefaultFileSystemProvider.create() .getFileSystem(URI.create("file:///")); - /** - * Creates FilePermission objects with special internals. - * See {@link FilePermCompat#newPermPlusAltPath(Permission)} and - * {@link FilePermCompat#newPermUsingAltPath(Permission)}. - */ - private static final Path here = builtInFS.getPath( GetPropertyAction.privilegedGetProperty("user.dir")); @@ -261,9 +255,14 @@ static { SharedSecrets.setJavaIOFilePermissionAccess( + /** + * Creates FilePermission objects with special internals. + * See {@link FilePermCompat#newPermPlusAltPath(Permission)} and + * {@link FilePermCompat#newPermUsingAltPath(Permission)}. + */ new JavaIOFilePermissionAccess() { public FilePermission newPermPlusAltPath(FilePermission input) { - if (input.npath2 == null && !input.allFiles) { + if (!input.invalid && input.npath2 == null && !input.allFiles) { Path npath2 = altPath(input.npath); if (npath2 != null) { // Please note the name of the new permission is @@ -281,7 +280,7 @@ return input; } public FilePermission newPermUsingAltPath(FilePermission input) { - if (!input.allFiles) { + if (!input.invalid && !input.allFiles) { Path npath2 = altPath(input.npath); if (npath2 != null) { // New name, see above. @@ -340,6 +339,16 @@ // Windows. Some JDK codes generate such illegal names. npath = builtInFS.getPath(new File(name).getPath()) .normalize(); + // lastName should always be non-null now + Path lastName = npath.getFileName(); + if (lastName != null && lastName.toString().equals("-")) { + directory = true; + recursive = !rememberStar; + npath = npath.getParent(); + } + if (npath == null) { + npath = builtInFS.getPath(""); + } invalid = false; } catch (InvalidPathException ipe) { // Still invalid. For compatibility reason, accept it @@ -348,16 +357,6 @@ invalid = true; } - // lastName should always be non-null now - Path lastName = npath.getFileName(); - if (lastName != null && lastName.toString().equals("-")) { - directory = true; - recursive = !rememberStar; - npath = npath.getParent(); - } - if (npath == null) { - npath = builtInFS.getPath(""); - } } else { if ((cpath = getName()) == null) throw new NullPointerException("name can't be null"); @@ -452,6 +451,8 @@ * is converted to a {@link java.nio.file.Path} object named {@code npath} * after {@link Path#normalize() normalization}. No canonicalization is * performed which means the underlying file system is not accessed. + * If an {@link InvalidPathException} is thrown during the conversion, + * this {@code FilePermission} will be labeled as invalid. * <P> * In either case, the "*" or "-" character at the end of a wildcard * {@code path} is removed before canonicalization or normalization. @@ -532,7 +533,12 @@ * {@code simple_npath.relativize(wildcard_npath)} is exactly "..", * a simple {@code npath} is recursively inside a wildcard {@code npath} * if and only if {@code simple_npath.relativize(wildcard_npath)} - * is a series of one or more "..". + * is a series of one or more "..". An invalid {@code FilePermission} does + * not imply any object except for itself. An invalid {@code FilePermission} + * is not implied by any object except for itself or a {@code FilePermission} + * on {@literal "<<ALL FILES>>"} whose actions is a superset of this + * invalid {@code FilePermission}. Even if two {@code FilePermission} + * are created with the same invalid path, one does not imply the other. * * @param p the permission to check against. * @@ -566,12 +572,12 @@ if (this == that) { return true; } + if (allFiles) { + return true; + } if (this.invalid || that.invalid) { return false; } - if (allFiles) { - return true; - } if (that.allFiles) { return false; } @@ -699,6 +705,10 @@ * (if {@code jdk.io.permissionsUseCanonicalPath} is {@code true}) or * {@code npath} (if {@code jdk.io.permissionsUseCanonicalPath} * is {@code false}) are equal. Or they are both {@literal "<<ALL FILES>>"}. + * <p> + * When {@code jdk.io.permissionsUseCanonicalPath} is {@code false}, an + * invalid {@code FilePermission} does not equal to any object except + * for itself, even if they are created using the same invalid path. * * @param obj the object we are testing for equality with this object. * @return <code>true</code> if obj is a FilePermission, and has the same
--- a/test/java/io/FilePermission/Invalid.java Wed Dec 14 03:09:12 2016 +0100 +++ b/test/java/io/FilePermission/Invalid.java Wed Dec 14 10:40:59 2016 +0800 @@ -37,6 +37,9 @@ public static void main(String args[]) throws Exception { + // Allmighty + FilePermission af = new FilePermission("<<ALL FILES>>", "read"); + // Normal FilePermission fp = new FilePermission("a", "read"); @@ -57,6 +60,9 @@ // Invalid implies itself Asserts.assertTrue(fp1.implies(fp1)); + // <<ALL FILES>> implies invalid + Asserts.assertTrue(af.implies(fp1)); + // and not implies or implied by anything else, including other // invalid ones Asserts.assertFalse(fp.implies(fp1));