# HG changeset patch # User Andrew John Hughes # Date 1239062537 -3600 # Node ID 3a122c249dda9449581e3f295cead8cdcdbf51fc # Parent 9933c527970bffcfb10e5898edb808cfccedc7c8 Port latest security fixes from IcedTea6. 2009-04-06 Andrew John Hughes * Makefile.am: Add new patches. * patches/security/icedtea-6536193.patch, * patches/security/icedtea-6610888.patch, * patches/security/icedtea-6610896.patch, * patches/security/icedtea-6630639.patch, * patches/security/icedtea-6632886.patch, * patches/security/icedtea-6636360.patch, * patches/security/icedtea-6652463.patch, * patches/security/icedtea-6656633.patch, * patches/security/icedtea-6658158.patch, * patches/security/icedtea-6691246.patch, * patches/security/icedtea-6717680.patch, * patches/security/icedtea-6721651.patch, * patches/security/icedtea-6737315.patch, * patches/security/icedtea-6792554.patch, * patches/security/icedtea-6804996.patch, * patches/security/icedtea-6804997.patch, * patches/security/icedtea-6804998.patch: Security patches ported from IcedTea6. diff -r 9933c527970b -r 3a122c249dda ChangeLog --- a/ChangeLog Fri Mar 20 11:42:36 2009 +0000 +++ b/ChangeLog Tue Apr 07 01:02:17 2009 +0100 @@ -1,3 +1,26 @@ +2009-04-06 Andrew John Hughes + + * Makefile.am: + Add new patches. + * patches/security/icedtea-6536193.patch, + * patches/security/icedtea-6610888.patch, + * patches/security/icedtea-6610896.patch, + * patches/security/icedtea-6630639.patch, + * patches/security/icedtea-6632886.patch, + * patches/security/icedtea-6636360.patch, + * patches/security/icedtea-6652463.patch, + * patches/security/icedtea-6656633.patch, + * patches/security/icedtea-6658158.patch, + * patches/security/icedtea-6691246.patch, + * patches/security/icedtea-6717680.patch, + * patches/security/icedtea-6721651.patch, + * patches/security/icedtea-6737315.patch, + * patches/security/icedtea-6792554.patch, + * patches/security/icedtea-6804996.patch, + * patches/security/icedtea-6804997.patch, + * patches/security/icedtea-6804998.patch: + Security patches ported from IcedTea6. + 2009-03-20 Andrew John Hughes * NEWS: Add release date for 1.9. diff -r 9933c527970b -r 3a122c249dda Makefile.am --- a/Makefile.am Fri Mar 20 11:42:36 2009 +0000 +++ b/Makefile.am Tue Apr 07 01:02:17 2009 +0100 @@ -1832,6 +1832,23 @@ patches/icedtea-jvmtiEnv.patch \ patches/icedtea-xml-encodinginfo.patch \ patches/icedtea-cc-interp-backedge.patch \ + patches/security/icedtea-6536193.patch \ + patches/security/icedtea-6610888.patch \ + patches/security/icedtea-6610896.patch \ + patches/security/icedtea-6630639.patch \ + patches/security/icedtea-6632886.patch \ + patches/security/icedtea-6636360.patch \ + patches/security/icedtea-6652463.patch \ + patches/security/icedtea-6656633.patch \ + patches/security/icedtea-6658158.patch \ + patches/security/icedtea-6691246.patch \ + patches/security/icedtea-6717680.patch \ + patches/security/icedtea-6721651.patch \ + patches/security/icedtea-6737315.patch \ + patches/security/icedtea-6792554.patch \ + patches/security/icedtea-6804996.patch \ + patches/security/icedtea-6804997.patch \ + patches/security/icedtea-6804998.patch \ $(DISTRIBUTION_PATCHES) if WITH_RHINO diff -r 9933c527970b -r 3a122c249dda patches/security/icedtea-6536193.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/icedtea-6536193.patch Tue Apr 07 01:02:17 2009 +0100 @@ -0,0 +1,74 @@ +diff -Nru openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/bind/v2/runtime/output/UTF8XmlOutput.java openjdk/jaxws/src/share/classes/com/sun/xml/internal/bind/v2/runtime/output/UTF8XmlOutput.java +--- openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/bind/v2/runtime/output/UTF8XmlOutput.java 2009-04-06 17:03:00.000000000 +0100 ++++ openjdk/jaxws/src/share/classes/com/sun/xml/internal/bind/v2/runtime/output/UTF8XmlOutput.java 2009-04-06 17:06:08.000000000 +0100 +@@ -33,6 +33,7 @@ + import com.sun.xml.internal.bind.DatatypeConverterImpl; + import com.sun.xml.internal.bind.v2.runtime.Name; + import com.sun.xml.internal.bind.v2.runtime.XMLSerializer; ++import com.sun.xml.internal.bind.v2.runtime.MarshallerImpl; + + import org.xml.sax.SAXException; + +@@ -82,6 +83,11 @@ + protected boolean closeStartTagPending = false; + + /** ++ * @see MarshallerImpl#header ++ */ ++ private String header; ++ ++ /** + * + * @param localNames + * local names encoded in UTF-8. +@@ -93,6 +99,9 @@ + prefixes[i] = new Encoded(); + } + ++ public void setHeader(String header) { ++ this.header = header; ++ } + + public void startDocument(XMLSerializer serializer, boolean fragment, int[] nsUriIndex2prefixIndex, NamespaceContextImpl nsContext) throws IOException, SAXException, XMLStreamException { + super.startDocument(serializer, fragment,nsUriIndex2prefixIndex,nsContext); +@@ -101,6 +110,10 @@ + if(!fragment) { + write(XML_DECL); + } ++ if(header!=null) { ++ textBuffer.set(header); ++ textBuffer.write(this); ++ } + } + + public void endDocument(boolean fragment) throws IOException, SAXException, XMLStreamException { +@@ -391,11 +404,23 @@ + return buf; + } + +- private static final byte[] XMLNS_EQUALS = toBytes(" xmlns=\""); +- private static final byte[] XMLNS_COLON = toBytes(" xmlns:"); +- private static final byte[] EQUALS = toBytes("=\""); +- private static final byte[] CLOSE_TAG = toBytes(""); ++ // per instance copy to prevent an attack where malicious OutputStream ++ // rewrites the byte array. ++ private final byte[] XMLNS_EQUALS = _XMLNS_EQUALS.clone(); ++ private final byte[] XMLNS_COLON = _XMLNS_COLON.clone(); ++ private final byte[] EQUALS = _EQUALS.clone(); ++ private final byte[] CLOSE_TAG = _CLOSE_TAG.clone(); ++ private final byte[] EMPTY_TAG = _EMPTY_TAG.clone(); ++ private final byte[] XML_DECL = _XML_DECL.clone(); ++ ++ // masters ++ private static final byte[] _XMLNS_EQUALS = toBytes(" xmlns=\""); ++ private static final byte[] _XMLNS_COLON = toBytes(" xmlns:"); ++ private static final byte[] _EQUALS = toBytes("=\""); ++ private static final byte[] _CLOSE_TAG = toBytes(""); ++ private static final byte[] _XML_DECL = toBytes(""); ++ ++ // no need to copy + private static final byte[] EMPTY_BYTE_ARRAY = new byte[0]; +- private static final byte[] XML_DECL = toBytes(""); + } diff -r 9933c527970b -r 3a122c249dda patches/security/icedtea-6610888.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/icedtea-6610888.patch Tue Apr 07 01:02:17 2009 +0100 @@ -0,0 +1,59 @@ +diff -Nru openjdk.orig/jdk/src/share/classes/javax/management/monitor/Monitor.java openjdk/jdk/src/share/classes/javax/management/monitor/Monitor.java +--- openjdk.orig/jdk/src/share/classes/javax/management/monitor/Monitor.java 2009-04-06 17:08:59.000000000 +0100 ++++ openjdk/jdk/src/share/classes/javax/management/monitor/Monitor.java 2009-04-06 17:10:45.000000000 +0100 +@@ -32,6 +32,7 @@ + import java.security.AccessControlContext; + import java.security.AccessController; + import java.security.PrivilegedAction; ++import java.security.ProtectionDomain; + import java.util.List; + import java.util.concurrent.CopyOnWriteArrayList; + import java.util.concurrent.Executors; +@@ -163,7 +164,10 @@ + /** + * AccessControlContext of the Monitor.start() caller. + */ +- private AccessControlContext acc; ++ private static final AccessControlContext noPermissionsACC = ++ new AccessControlContext( ++ new ProtectionDomain[] {new ProtectionDomain(null, null)}); ++ private volatile AccessControlContext acc = noPermissionsACC; + + /** + * Scheduler Service. +@@ -748,7 +752,7 @@ + + // Reset the AccessControlContext. + // +- acc = null; ++ acc = noPermissionsACC; + + // Reset the complex type attribute information + // such that it is recalculated again. +@@ -1517,10 +1521,12 @@ + + public void run() { + final ScheduledFuture sf; ++ final AccessControlContext ac; + synchronized (Monitor.this) { + sf = Monitor.this.schedulerFuture; ++ ac = Monitor.this.acc; + } +- AccessController.doPrivileged(new PrivilegedAction() { ++ PrivilegedAction action = new PrivilegedAction() { + public Void run() { + if (Monitor.this.isActive()) { + final int an[] = alreadyNotifieds; +@@ -1533,7 +1539,11 @@ + } + return null; + } +- }, Monitor.this.acc); ++ }; ++ if (ac == null) { ++ throw new SecurityException("AccessControlContext cannot be null"); ++ } ++ AccessController.doPrivileged(action, ac); + synchronized (Monitor.this) { + if (Monitor.this.isActive() && + Monitor.this.schedulerFuture == sf) { diff -r 9933c527970b -r 3a122c249dda patches/security/icedtea-6610896.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/icedtea-6610896.patch Tue Apr 07 01:02:17 2009 +0100 @@ -0,0 +1,188 @@ +diff -Nru openjdk.orig/jdk/src/share/classes/javax/management/monitor/Monitor.java openjdk/jdk/src/share/classes/javax/management/monitor/Monitor.java +--- openjdk.orig/jdk/src/share/classes/javax/management/monitor/Monitor.java 2009-04-06 17:13:38.000000000 +0100 ++++ openjdk/jdk/src/share/classes/javax/management/monitor/Monitor.java 2009-04-06 17:18:07.000000000 +0100 +@@ -34,6 +34,8 @@ + import java.security.PrivilegedAction; + import java.security.ProtectionDomain; + import java.util.List; ++import java.util.Map; ++import java.util.WeakHashMap; + import java.util.concurrent.CopyOnWriteArrayList; + import java.util.concurrent.Executors; + import java.util.concurrent.Future; +@@ -177,14 +179,20 @@ + new DaemonThreadFactory("Scheduler")); + + /** +- * Maximum Pool Size ++ * Map containing the thread pool executor per thread group. + */ +- private static final int maximumPoolSize; ++ private static final Map executors = ++ new WeakHashMap(); ++ ++ /** ++ * Lock for executors map. ++ */ ++ private static final Object executorsLock = new Object(); + + /** +- * Executor Service. ++ * Maximum Pool Size + */ +- private static final ThreadPoolExecutor executor; ++ private static final int maximumPoolSize; + static { + final String maximumPoolSizeSysProp = "jmx.x.monitor.maximum.pool.size"; + final String maximumPoolSizeStr = AccessController.doPrivileged( +@@ -214,22 +222,9 @@ + maximumPoolSize = maximumPoolSizeTmp; + } + } +- executor = new ThreadPoolExecutor( +- maximumPoolSize, +- maximumPoolSize, +- 60L, +- TimeUnit.SECONDS, +- new LinkedBlockingQueue(), +- new DaemonThreadFactory("Executor")); +- executor.allowCoreThreadTimeOut(true); + } + + /** +- * Monitor task to be executed by the Executor Service. +- */ +- private final MonitorTask monitorTask = new MonitorTask(); +- +- /** + * Future associated to the current monitor task. + */ + private Future monitorFuture; +@@ -237,7 +232,7 @@ + /** + * Scheduler task to be executed by the Scheduler Service. + */ +- private final SchedulerTask schedulerTask = new SchedulerTask(monitorTask); ++ private final SchedulerTask schedulerTask = new SchedulerTask(); + + /** + * ScheduledFuture associated to the current scheduler task. +@@ -723,6 +718,7 @@ + // Start the scheduler. + // + cleanupFutures(); ++ schedulerTask.setMonitorTask(new MonitorTask()); + schedulerFuture = scheduler.schedule(schedulerTask, + getGranularityPeriod(), + TimeUnit.MILLISECONDS); +@@ -1471,7 +1467,7 @@ + */ + private class SchedulerTask implements Runnable { + +- private Runnable task = null; ++ private MonitorTask task; + + /* + * ------------------------------------------ +@@ -1479,7 +1475,16 @@ + * ------------------------------------------ + */ + +- public SchedulerTask(Runnable task) { ++ public SchedulerTask() { ++ } ++ ++ /* ++ * ------------------------------------------ ++ * GETTERS/SETTERS ++ * ------------------------------------------ ++ */ ++ ++ public void setMonitorTask(MonitorTask task) { + this.task = task; + } + +@@ -1491,7 +1496,7 @@ + + public void run() { + synchronized (Monitor.this) { +- Monitor.this.monitorFuture = executor.submit(task); ++ Monitor.this.monitorFuture = task.submit(); + } + } + } +@@ -1504,6 +1509,8 @@ + */ + private class MonitorTask implements Runnable { + ++ private ThreadPoolExecutor executor; ++ + /* + * ------------------------------------------ + * CONSTRUCTORS +@@ -1511,6 +1518,38 @@ + */ + + public MonitorTask() { ++ // Find out if there's already an existing executor for the calling ++ // thread and reuse it. Otherwise, create a new one and store it in ++ // the executors map. If there is a SecurityManager, the group of ++ // System.getSecurityManager() is used, else the group of the thread ++ // instantiating this MonitorTask, i.e. the group of the thread that ++ // calls "Monitor.start()". ++ SecurityManager s = System.getSecurityManager(); ++ ThreadGroup group = (s != null) ? s.getThreadGroup() : ++ Thread.currentThread().getThreadGroup(); ++ synchronized (executorsLock) { ++ for (ThreadPoolExecutor e : executors.keySet()) { ++ DaemonThreadFactory tf = ++ (DaemonThreadFactory) e.getThreadFactory(); ++ ThreadGroup tg = tf.getThreadGroup(); ++ if (tg == group) { ++ executor = e; ++ break; ++ } ++ } ++ if (executor == null) { ++ executor = new ThreadPoolExecutor( ++ maximumPoolSize, ++ maximumPoolSize, ++ 60L, ++ TimeUnit.SECONDS, ++ new LinkedBlockingQueue(), ++ new DaemonThreadFactory("ThreadGroup<" + ++ group.getName() + "> Executor", group)); ++ executor.allowCoreThreadTimeOut(true); ++ executors.put(executor, null); ++ } ++ } + } + + /* +@@ -1519,6 +1558,10 @@ + * ------------------------------------------ + */ + ++ public Future submit() { ++ return executor.submit(this); ++ } ++ + public void run() { + final ScheduledFuture sf; + final AccessControlContext ac; +@@ -1583,6 +1626,15 @@ + namePrefix = "JMX Monitor " + poolName + " Pool [Thread-"; + } + ++ public DaemonThreadFactory(String poolName, ThreadGroup threadGroup) { ++ group = threadGroup; ++ namePrefix = "JMX Monitor " + poolName + " Pool [Thread-"; ++ } ++ ++ public ThreadGroup getThreadGroup() { ++ return group; ++ } ++ + public Thread newThread(Runnable r) { + Thread t = new Thread(group, + r, diff -r 9933c527970b -r 3a122c249dda patches/security/icedtea-6630639.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/icedtea-6630639.patch Tue Apr 07 01:02:17 2009 +0100 @@ -0,0 +1,33 @@ +diff -Nru openjdk.orig/jdk/src/share/classes/sun/net/httpserver/Request.java openjdk/jdk/src/share/classes/sun/net/httpserver/Request.java +--- openjdk.orig/jdk/src/share/classes/sun/net/httpserver/Request.java 2009-04-06 17:19:49.000000000 +0100 ++++ openjdk/jdk/src/share/classes/sun/net/httpserver/Request.java 2009-04-06 17:23:16.000000000 +0100 +@@ -52,6 +52,9 @@ + os = rawout; + do { + startLine = readLine(); ++ if (startLine == null) { ++ return; ++ } + /* skip blank lines */ + } while (startLine == null ? false : startLine.equals ("")); + } +diff -Nru openjdk.orig/jdk/src/share/classes/sun/net/httpserver/ServerImpl.java openjdk/jdk/src/share/classes/sun/net/httpserver/ServerImpl.java +--- openjdk.orig/jdk/src/share/classes/sun/net/httpserver/ServerImpl.java 2009-04-06 17:19:49.000000000 +0100 ++++ openjdk/jdk/src/share/classes/sun/net/httpserver/ServerImpl.java 2009-04-06 17:23:16.000000000 +0100 +@@ -433,6 +433,7 @@ + rawin = sslStreams.getInputStream(); + rawout = sslStreams.getOutputStream(); + engine = sslStreams.getSSLEngine(); ++ connection.sslStreams = sslStreams; + } else { + rawin = new BufferedInputStream( + new Request.ReadStream ( +@@ -442,6 +443,8 @@ + ServerImpl.this, chan + ); + } ++ connection.raw = rawin; ++ connection.rawout = rawout; + } + Request req = new Request (rawin, rawout); + requestLine = req.requestLine(); diff -r 9933c527970b -r 3a122c249dda patches/security/icedtea-6632886.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/icedtea-6632886.patch Tue Apr 07 01:02:17 2009 +0100 @@ -0,0 +1,498 @@ +diff -Nru openjdk.orig/jdk/src/share/classes/java/awt/Font.java openjdk/jdk/src/share/classes/java/awt/Font.java +--- openjdk.orig/jdk/src/share/classes/java/awt/Font.java 2009-04-06 17:20:02.000000000 +0100 ++++ openjdk/jdk/src/share/classes/java/awt/Font.java 2009-04-06 17:24:48.000000000 +0100 +@@ -37,6 +37,8 @@ + import java.awt.peer.FontPeer; + import java.io.*; + import java.lang.ref.SoftReference; ++import java.security.AccessController; ++import java.security.PrivilegedExceptionAction; + import java.text.AttributedCharacterIterator.Attribute; + import java.text.CharacterIterator; + import java.text.StringCharacterIterator; +@@ -51,6 +53,7 @@ + import sun.font.AttributeValues; + import sun.font.EAttribute; + import sun.font.CompositeFont; ++import sun.font.CreatedFontTracker; + import sun.font.Font2D; + import sun.font.Font2DHandle; + import sun.font.FontManager; +@@ -575,14 +578,16 @@ + } + + /* used to implement Font.createFont */ +- private Font(File fontFile, int fontFormat, boolean isCopy) ++ private Font(File fontFile, int fontFormat, ++ boolean isCopy, CreatedFontTracker tracker) + throws FontFormatException { + this.createdFont = true; + /* Font2D instances created by this method track their font file + * so that when the Font2D is GC'd it can also remove the file. + */ + this.font2DHandle = +- FontManager.createFont2D(fontFile, fontFormat, isCopy).handle; ++ FontManager.createFont2D(fontFile, fontFormat, ++ isCopy, tracker).handle; + this.name = this.font2DHandle.font2D.getFontName(Locale.getDefault()); + this.style = Font.PLAIN; + this.size = 1; +@@ -788,6 +793,29 @@ + } + + /** ++ * Used with the byte count tracker for fonts created from streams. ++ * If a thread can create temp files anyway, no point in counting ++ * font bytes. ++ */ ++ private static boolean hasTempPermission() { ++ ++ if (System.getSecurityManager() == null) { ++ return true; ++ } ++ File f = null; ++ boolean hasPerm = false; ++ try { ++ f = File.createTempFile("+~JT", ".tmp", null); ++ f.delete(); ++ f = null; ++ hasPerm = true; ++ } catch (Throwable t) { ++ /* inc. any kind of SecurityException */ ++ } ++ return hasPerm; ++ } ++ ++ /** + * Returns a new Font using the specified font type + * and input data. The new Font is + * created with a point size of 1 and style {@link #PLAIN PLAIN}. +@@ -822,58 +850,96 @@ + fontFormat != Font.TYPE1_FONT) { + throw new IllegalArgumentException ("font format not recognized"); + } +- final InputStream fStream = fontStream; +- Object ret = java.security.AccessController.doPrivileged( +- new java.security.PrivilegedAction() { +- public Object run() { +- File tFile = null; +- FileOutputStream outStream = null; +- try { +- tFile = File.createTempFile("+~JF", ".tmp", null); +- /* Temp file deleted by font shutdown hook */ +- BufferedInputStream inStream = +- new BufferedInputStream(fStream); +- outStream = new FileOutputStream(tFile); +- int bytesRead = 0; +- int bufSize = 8192; +- byte [] buf = new byte[bufSize]; +- while (bytesRead != -1) { +- try { +- bytesRead = inStream.read(buf, 0, bufSize); +- } catch (Throwable t) { +- throw new IOException(); +- } +- if (bytesRead != -1) { +- outStream.write(buf, 0, bytesRead); +- } +- } +- /* don't close the input stream */ +- outStream.close(); +- } catch (IOException e) { +- if (outStream != null) { +- try { +- outStream.close(); +- } catch (Exception e1) { +- } +- } +- if (tFile != null) { +- try { +- tFile.delete(); +- } catch (Exception e2) { +- } +- } +- return e; +- } +- return tFile; +- } +- }); +- +- if (ret instanceof File) { +- return new Font((File)ret, fontFormat, true); +- } else if (ret instanceof IOException) { +- throw (IOException)ret; +- } else { +- throw new FontFormatException("Couldn't access font stream"); ++ boolean copiedFontData = false; ++ ++ try { ++ final File tFile = AccessController.doPrivileged( ++ new PrivilegedExceptionAction() { ++ public File run() throws IOException { ++ return File.createTempFile("+~JF", ".tmp", null); ++ } ++ } ++ ); ++ ++ int totalSize = 0; ++ CreatedFontTracker tracker = null; ++ try { ++ final OutputStream outStream = ++ AccessController.doPrivileged( ++ new PrivilegedExceptionAction() { ++ public OutputStream run() throws IOException { ++ return new FileOutputStream(tFile); ++ } ++ } ++ ); ++ if (!hasTempPermission()) { ++ tracker = CreatedFontTracker.getTracker(); ++ } ++ try { ++ byte[] buf = new byte[8192]; ++ for (;;) { ++ int bytesRead = fontStream.read(buf); ++ if (bytesRead < 0) { ++ break; ++ } ++ if (tracker != null) { ++ if (totalSize+bytesRead > tracker.MAX_FILE_SIZE) { ++ throw new IOException("File too big."); ++ } ++ if (totalSize+tracker.getNumBytes() > ++ tracker.MAX_TOTAL_BYTES) ++ { ++ throw new IOException("Total files too big."); ++ } ++ totalSize += bytesRead; ++ tracker.addBytes(bytesRead); ++ } ++ outStream.write(buf, 0, bytesRead); ++ } ++ /* don't close the input stream */ ++ } finally { ++ outStream.close(); ++ } ++ /* After all references to a Font2D are dropped, the file ++ * will be removed. To support long-lived AppContexts, ++ * we need to then decrement the byte count by the size ++ * of the file. ++ * If the data isn't a valid font, the implementation will ++ * delete the tmp file and decrement the byte count ++ * in the tracker object before returning from the ++ * constructor, so we can set 'copiedFontData' to true here ++ * without waiting for the results of that constructor. ++ */ ++ copiedFontData = true; ++ Font font = new Font(tFile, fontFormat, true, tracker); ++ return font; ++ } finally { ++ if (!copiedFontData) { ++ if (tracker != null) { ++ tracker.subBytes(totalSize); ++ } ++ AccessController.doPrivileged( ++ new PrivilegedExceptionAction() { ++ public Void run() { ++ tFile.delete(); ++ return null; ++ } ++ } ++ ); ++ } ++ } ++ } catch (Throwable t) { ++ if (t instanceof FontFormatException) { ++ throw (FontFormatException)t; ++ } ++ if (t instanceof IOException) { ++ throw (IOException)t; ++ } ++ Throwable cause = t.getCause(); ++ if (cause instanceof FontFormatException) { ++ throw (FontFormatException)cause; ++ } ++ throw new IOException("Problem reading font data."); + } + } + +@@ -913,6 +979,9 @@ + */ + public static Font createFont(int fontFormat, File fontFile) + throws java.awt.FontFormatException, java.io.IOException { ++ ++ fontFile = new File(fontFile.getPath()); ++ + if (fontFormat != Font.TRUETYPE_FONT && + fontFormat != Font.TYPE1_FONT) { + throw new IllegalArgumentException ("font format not recognized"); +@@ -926,7 +995,7 @@ + if (!fontFile.canRead()) { + throw new IOException("Can't read " + fontFile); + } +- return new Font(fontFile, fontFormat, false); ++ return new Font(fontFile, fontFormat, false, null); + } + + /** +diff -Nru openjdk.orig/jdk/src/share/classes/sun/font/CreatedFontTracker.java openjdk/jdk/src/share/classes/sun/font/CreatedFontTracker.java +--- openjdk.orig/jdk/src/share/classes/sun/font/CreatedFontTracker.java 1970-01-01 01:00:00.000000000 +0100 ++++ openjdk/jdk/src/share/classes/sun/font/CreatedFontTracker.java 2009-04-06 17:24:48.000000000 +0100 +@@ -0,0 +1,54 @@ ++/* ++ * Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * ++ * This code is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License version 2 only, as ++ * published by the Free Software Foundation. Sun designates this ++ * particular file as subject to the "Classpath" exception as provided ++ * by Sun in the LICENSE file that accompanied this code. ++ * ++ * This code is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * version 2 for more details (a copy is included in the LICENSE file that ++ * accompanied this code). ++ * ++ * You should have received a copy of the GNU General Public License version ++ * 2 along with this work; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, ++ * CA 95054 USA or visit www.sun.com if you need additional information or ++ * have any questions. ++ */ ++ ++package sun.font; ++ ++public class CreatedFontTracker { ++ ++ public static final int MAX_FILE_SIZE = 32 * 1024 * 1024; ++ public static final int MAX_TOTAL_BYTES = 10 * MAX_FILE_SIZE; ++ ++ static int numBytes; ++ static CreatedFontTracker tracker; ++ ++ public static synchronized CreatedFontTracker getTracker() { ++ if (tracker == null) { ++ tracker = new CreatedFontTracker(); ++ } ++ return tracker; ++ } ++ ++ public synchronized int getNumBytes() { ++ return numBytes; ++ } ++ ++ public synchronized void addBytes(int sz) { ++ numBytes += sz; ++ } ++ ++ public synchronized void subBytes(int sz) { ++ numBytes -= sz; ++ } ++} +diff -Nru openjdk.orig/jdk/src/share/classes/sun/font/FileFont.java openjdk/jdk/src/share/classes/sun/font/FileFont.java +--- openjdk.orig/jdk/src/share/classes/sun/font/FileFont.java 2009-04-06 17:19:53.000000000 +0100 ++++ openjdk/jdk/src/share/classes/sun/font/FileFont.java 2009-04-06 17:24:48.000000000 +0100 +@@ -1,5 +1,5 @@ + /* +- * Copyright 2003-2006 Sun Microsystems, Inc. All Rights Reserved. ++ * Copyright 2003-2008 Sun Microsystems, Inc. All Rights Reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -125,9 +125,9 @@ + return true; + } + +- void setFileToRemove(File file) { ++ void setFileToRemove(File file, CreatedFontTracker tracker) { + Disposer.addObjectRecord(this, +- new CreatedFontFileDisposerRecord(file)); ++ new CreatedFontFileDisposerRecord(file, tracker)); + } + + /* This is called when a font scaler is determined to +@@ -246,12 +246,16 @@ + return getScaler().getUnitsPerEm(); + } + +- private static class CreatedFontFileDisposerRecord implements DisposerRecord { ++ private static class CreatedFontFileDisposerRecord ++ implements DisposerRecord { + + File fontFile = null; ++ CreatedFontTracker tracker; + +- private CreatedFontFileDisposerRecord(File file) { ++ private CreatedFontFileDisposerRecord(File file, ++ CreatedFontTracker tracker) { + fontFile = file; ++ this.tracker = tracker; + } + + public void dispose() { +@@ -260,6 +264,9 @@ + public Object run() { + if (fontFile != null) { + try { ++ if (tracker != null) { ++ tracker.subBytes((int)fontFile.length()); ++ } + /* REMIND: is it possible that the file is + * still open? It will be closed when the + * font2D is disposed but could this code +diff -Nru openjdk.orig/jdk/src/share/classes/sun/font/TrueTypeFont.java openjdk/jdk/src/share/classes/sun/font/TrueTypeFont.java +--- openjdk.orig/jdk/src/share/classes/sun/font/TrueTypeFont.java 2009-04-06 17:19:53.000000000 +0100 ++++ openjdk/jdk/src/share/classes/sun/font/TrueTypeFont.java 2009-04-06 17:24:48.000000000 +0100 +@@ -175,8 +175,17 @@ + super(platname, nativeNames); + useJavaRasterizer = javaRasterizer; + fontRank = Font2D.TTF_RANK; +- verify(); +- init(fIndex); ++ try { ++ verify(); ++ init(fIndex); ++ } catch (Throwable t) { ++ close(); ++ if (t instanceof FontFormatException) { ++ throw (FontFormatException)t; ++ } else { ++ throw new FontFormatException("Unexpected runtime exception."); ++ } ++ } + Disposer.addObjectRecord(this, disposerRecord); + } + +diff -Nru openjdk.orig/jdk/src/share/classes/sun/font/Type1Font.java openjdk/jdk/src/share/classes/sun/font/Type1Font.java +--- openjdk.orig/jdk/src/share/classes/sun/font/Type1Font.java 2009-04-06 17:19:53.000000000 +0100 ++++ openjdk/jdk/src/share/classes/sun/font/Type1Font.java 2009-04-06 17:24:48.000000000 +0100 +@@ -39,6 +39,7 @@ + import java.nio.channels.ClosedChannelException; + import java.nio.channels.FileChannel; + import sun.java2d.Disposer; ++import sun.java2d.DisposerRecord; + import java.util.HashSet; + import java.util.HashMap; + import java.awt.Font; +@@ -76,6 +77,27 @@ + */ + public class Type1Font extends FileFont { + ++ private static class T1DisposerRecord implements DisposerRecord { ++ String fileName = null; ++ ++ T1DisposerRecord(String name) { ++ fileName = name; ++ } ++ ++ public synchronized void dispose() { ++ java.security.AccessController.doPrivileged( ++ new java.security.PrivilegedAction() { ++ public Object run() { ++ ++ if (fileName != null) { ++ (new java.io.File(fileName)).delete(); ++ } ++ return null; ++ } ++ }); ++ } ++ } ++ + WeakReference bufferRef = new WeakReference(null); + + private String psName = null; +@@ -125,18 +147,42 @@ + + + /** ++ * Constructs a Type1 Font. ++ * @param platname - Platform identifier of the font. Typically file name. ++ * @param nativeNames - Native names - typically XLFDs on Unix. ++ */ ++ public Type1Font(String platname, Object nativeNames) ++ throws FontFormatException { ++ ++ this(platname, nativeNames, false); ++ } ++ ++ /** + * - does basic verification of the file + * - reads the names (full, family). + * - determines the style of the font. + * @throws FontFormatException - if the font can't be opened + * or fails verification, or there's no usable cmap + */ +- public Type1Font(String platname, Object nativeNames) ++ public Type1Font(String platname, Object nativeNames, boolean createdCopy) + throws FontFormatException { + super(platname, nativeNames); + fontRank = Font2D.TYPE1_RANK; + checkedNatives = true; +- verify(); ++ try { ++ verify(); ++ } catch (Throwable t) { ++ if (createdCopy) { ++ T1DisposerRecord ref = new T1DisposerRecord(platname); ++ Disposer.addObjectRecord(bufferRef, ref); ++ bufferRef = null; ++ } ++ if (t instanceof FontFormatException) { ++ throw (FontFormatException)t; ++ } else { ++ throw new FontFormatException("Unexpected runtime exception."); ++ } ++ } + } + + private synchronized ByteBuffer getBuffer() throws FontFormatException { +--- openjdk.orig/jdk/src/share/classes/sun/font/FontManager.java 2009-04-06 21:46:26.000000000 +0100 ++++ openjdk/jdk/src/share/classes/sun/font/FontManager.java 2009-04-06 21:48:08.000000000 +0100 +@@ -2348,19 +2348,21 @@ + static Vector tmpFontFiles = null; + + public static Font2D createFont2D(File fontFile, int fontFormat, +- boolean isCopy) ++ boolean isCopy, ++ CreatedFontTracker tracker) + throws FontFormatException { + + String fontFilePath = fontFile.getPath(); + FileFont font2D = null; + final File fFile = fontFile; ++ final CreatedFontTracker _tracker = tracker; + try { + switch (fontFormat) { + case Font.TRUETYPE_FONT: + font2D = new TrueTypeFont(fontFilePath, null, 0, true); + break; + case Font.TYPE1_FONT: +- font2D = new Type1Font(fontFilePath, null); ++ font2D = new Type1Font(fontFilePath, null, isCopy); + break; + default: + throw new FontFormatException("Unrecognised Font Format"); +@@ -2370,6 +2372,9 @@ + java.security.AccessController.doPrivileged( + new java.security.PrivilegedAction() { + public Object run() { ++ if (_tracker != null) { ++ _tracker.subBytes((int)fFile.length()); ++ } + fFile.delete(); + return null; + } +@@ -2378,7 +2383,7 @@ + throw(e); + } + if (isCopy) { +- font2D.setFileToRemove(fontFile); ++ font2D.setFileToRemove(fontFile, tracker); + synchronized (FontManager.class) { + + if (tmpFontFiles == null) { diff -r 9933c527970b -r 3a122c249dda patches/security/icedtea-6636360.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/icedtea-6636360.patch Tue Apr 07 01:02:17 2009 +0100 @@ -0,0 +1,35 @@ +diff -Nru openjdk.orig/hotspot/src/cpu/sparc/vm/vtableStubs_sparc.cpp openjdk/hotspot/src/cpu/sparc/vm/vtableStubs_sparc.cpp +--- openjdk.orig/hotspot/src/cpu/sparc/vm/vtableStubs_sparc.cpp 2009-03-05 08:25:29.000000000 +0000 ++++ openjdk/hotspot/src/cpu/sparc/vm/vtableStubs_sparc.cpp 2009-04-06 17:26:08.000000000 +0100 +@@ -190,12 +190,16 @@ + // Compute itableMethodEntry and get methodOop(G5_method) and entrypoint(L0) for compiler + const int method_offset = (itableMethodEntry::size() * wordSize * vtable_index) + itableMethodEntry::method_offset_in_bytes(); + __ add(G3_klassOop, L0, L1); +- __ ld_ptr(L1, method_offset, G5_method); ++ if (__ is_simm13(method_offset)) { ++ __ ld_ptr(L1, method_offset, G5_method); ++ } else { ++ __ set(method_offset, G5_method); ++ __ ld_ptr(L1, G5_method, G5_method); ++ } + + #ifndef PRODUCT + if (DebugVtables) { + Label L01; +- __ ld_ptr(L1, method_offset, G5_method); + __ bpr(Assembler::rc_nz, false, Assembler::pt, G5_method, L01); + __ delayed()->nop(); + __ stop("methodOop is null"); +@@ -243,10 +247,8 @@ + (UseCompressedOops ? 2*BytesPerInstWord : 0); + return basic + slop; + } else { +- // save, ld, ld, sll, and, add, add, ld, cmp, br, add, ld, add, ld, ld, jmp, restore, sethi, jmpl, restore +- const int basic = (20 LP64_ONLY(+ 6)) * BytesPerInstWord + +- // shift;add for load_klass +- (UseCompressedOops ? 2*BytesPerInstWord : 0); ++ // save, ld, ld, sll, and, add, add, ld, cmp, br, add, ld, add, sethi, add, ld, ld, jmp, restore, sethi, jmpl, restore ++ const int basic = (22 LP64_ONLY(+ 12)) * BytesPerInstWord; // worst case extra 6 bytes for each sethi in 64-bit mode + return (basic + slop); + } + } diff -r 9933c527970b -r 3a122c249dda patches/security/icedtea-6652463.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/icedtea-6652463.patch Tue Apr 07 01:02:17 2009 +0100 @@ -0,0 +1,28 @@ +--- old/src/share/classes/javax/print/attribute/standard/MediaSize.java Tue Mar 3 10:16:15 2009 ++++ openjdk/jdk/src/share/classes/javax/print/attribute/standard/MediaSize.java Tue Mar 3 10:16:14 2009 +@@ -123,8 +123,10 @@ + if (x > y) { + throw new IllegalArgumentException("X dimension > Y dimension"); + } +- mediaName = media; +- mediaMap.put(mediaName, this); ++ if (media != null && mediaMap.get(media) == null) { ++ mediaName = media; ++ mediaMap.put(mediaName, this); ++ } + sizeVector.add(this); + } + +@@ -147,8 +149,10 @@ + if (x > y) { + throw new IllegalArgumentException("X dimension > Y dimension"); + } +- mediaName = media; +- mediaMap.put(mediaName, this); ++ if (media != null && mediaMap.get(media) == null) { ++ mediaName = media; ++ mediaMap.put(mediaName, this); ++ } + sizeVector.add(this); + } + diff -r 9933c527970b -r 3a122c249dda patches/security/icedtea-6656633.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/icedtea-6656633.patch Tue Apr 07 01:02:17 2009 +0100 @@ -0,0 +1,54 @@ +diff -Nru openjdk.orig/jdk/src/share/classes/javax/management/monitor/CounterMonitor.java openjdk/jdk/src/share/classes/javax/management/monitor/CounterMonitor.java +--- openjdk.orig/jdk/src/share/classes/javax/management/monitor/CounterMonitor.java 2009-04-06 17:20:14.000000000 +0100 ++++ openjdk/jdk/src/share/classes/javax/management/monitor/CounterMonitor.java 2009-04-06 17:28:19.000000000 +0100 +@@ -599,7 +599,7 @@ + */ + + public MBeanNotificationInfo[] getNotificationInfo() { +- return notifsInfo; ++ return notifsInfo.clone(); + } + + /* +diff -Nru openjdk.orig/jdk/src/share/classes/javax/management/monitor/GaugeMonitor.java openjdk/jdk/src/share/classes/javax/management/monitor/GaugeMonitor.java +--- openjdk.orig/jdk/src/share/classes/javax/management/monitor/GaugeMonitor.java 2009-04-06 17:20:14.000000000 +0100 ++++ openjdk/jdk/src/share/classes/javax/management/monitor/GaugeMonitor.java 2009-04-06 17:28:19.000000000 +0100 +@@ -481,7 +481,7 @@ + */ + + public MBeanNotificationInfo[] getNotificationInfo() { +- return notifsInfo; ++ return notifsInfo.clone(); + } + + /* +diff -Nru openjdk.orig/jdk/src/share/classes/javax/management/monitor/StringMonitor.java openjdk/jdk/src/share/classes/javax/management/monitor/StringMonitor.java +--- openjdk.orig/jdk/src/share/classes/javax/management/monitor/StringMonitor.java 2009-04-06 17:20:14.000000000 +0100 ++++ openjdk/jdk/src/share/classes/javax/management/monitor/StringMonitor.java 2009-04-06 17:28:20.000000000 +0100 +@@ -184,6 +184,7 @@ + * @return The derived gauge of the specified object. + * + */ ++ @Override + public synchronized String getDerivedGauge(ObjectName object) { + return (String) super.getDerivedGauge(object); + } +@@ -199,6 +200,7 @@ + * @return The derived gauge timestamp of the specified object. + * + */ ++ @Override + public synchronized long getDerivedGaugeTimeStamp(ObjectName object) { + return super.getDerivedGaugeTimeStamp(object); + } +@@ -341,8 +343,9 @@ + * the Java class of the notification and the notification types sent by + * the string monitor. + */ ++ @Override + public MBeanNotificationInfo[] getNotificationInfo() { +- return notifsInfo; ++ return notifsInfo.clone(); + } + + /* diff -r 9933c527970b -r 3a122c249dda patches/security/icedtea-6658158.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/icedtea-6658158.patch Tue Apr 07 01:02:17 2009 +0100 @@ -0,0 +1,737 @@ +diff -Nru openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/client/p2p/HttpSOAPConnection.java openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/client/p2p/HttpSOAPConnection.java +--- openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/client/p2p/HttpSOAPConnection.java 2009-04-06 17:30:24.000000000 +0100 ++++ openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/client/p2p/HttpSOAPConnection.java 2009-04-06 18:03:31.000000000 +0100 +@@ -53,13 +53,20 @@ + * + */ + public class HttpSOAPConnection extends SOAPConnection { ++ ++ public static final String vmVendor = System.getProperty("java.vendor.url"); ++ private static final String sunVmVendor = "http://java.sun.com/"; ++ private static final String ibmVmVendor = "http://www.ibm.com/"; ++ private static final boolean isSunVM = sunVmVendor.equals(vmVendor) ? true: false; ++ private static final boolean isIBMVM = ibmVmVendor.equals(vmVendor) ? true : false; ++ private static final String JAXM_URLENDPOINT="javax.xml.messaging.URLEndpoint"; + +- protected static Logger log = ++ protected static final Logger log = + Logger.getLogger(LogDomainConstants.HTTP_CONN_DOMAIN, + "com.sun.xml.internal.messaging.saaj.client.p2p.LocalStrings"); + +- public static String defaultProxyHost = null; +- public static int defaultProxyPort = -1; ++ public static final String defaultProxyHost = null; ++ public static final int defaultProxyPort = -1; + + MessageFactory messageFactory = null; + +@@ -71,6 +78,9 @@ + + try { + messageFactory = MessageFactory.newInstance(SOAPConstants.DYNAMIC_SOAP_PROTOCOL); ++ } catch (NoSuchMethodError ex) { ++ //fallback to default SOAP 1.1 in this case for backward compatibility ++ messageFactory = MessageFactory.newInstance(); + } catch (Exception ex) { + log.log(Level.SEVERE, "SAAJ0001.p2p.cannot.create.msg.factory", ex); + throw new SOAPExceptionImpl("Unable to create message factory", ex); +@@ -94,14 +104,19 @@ + throw new SOAPExceptionImpl("Connection is closed"); + } + +- Class urlEndpointClass = null; ++ Class urlEndpointClass = null; ++ ClassLoader loader = Thread.currentThread().getContextClassLoader(); + + try { +- urlEndpointClass = Class.forName("javax.xml.messaging.URLEndpoint"); +- } catch (Exception ex) { +- //Do nothing. URLEndpoint is available only when JAXM is there. +- log.finest("SAAJ0090.p2p.endpoint.available.only.for.JAXM"); +- } ++ if (loader != null) { ++ urlEndpointClass = loader.loadClass(JAXM_URLENDPOINT); ++ } else { ++ urlEndpointClass = Class.forName(JAXM_URLENDPOINT); ++ } ++ } catch (ClassNotFoundException ex) { ++ //Do nothing. URLEndpoint is available only when JAXM is there. ++ log.finest("SAAJ0090.p2p.endpoint.available.only.for.JAXM"); ++ } + + if (urlEndpointClass != null) { + if (urlEndpointClass.isInstance(endPoint)) { +@@ -638,10 +653,23 @@ + + return ret; + } +- +- private static String SSL_PKG = "com.sun.net.ssl.internal.www.protocol"; +- private static String SSL_PROVIDER = +- "com.sun.net.ssl.internal.ssl.Provider"; ++ //private static String SSL_PKG = "com.sun.net.ssl.internal.www.protocol"; ++ //private static String SSL_PROVIDER = ++ // "com.sun.net.ssl.internal.ssl.Provider"; ++ private static final String SSL_PKG; ++ private static final String SSL_PROVIDER; ++ ++ ++ static { ++ if (isIBMVM) { ++ SSL_PKG ="com.ibm.net.ssl.internal.www.protocol"; ++ SSL_PROVIDER ="com.ibm.net.ssl.internal.ssl.Provider"; ++ } else { ++ //if not IBM VM default to Sun. ++ SSL_PKG = "com.sun.net.ssl.internal.www.protocol"; ++ SSL_PROVIDER ="com.sun.net.ssl.internal.ssl.Provider"; ++ } ++ } + private void initHttps() { + //if(!setHttps) { + String pkgs = System.getProperty("java.protocol.handler.pkgs"); +diff -Nru openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/AttachmentPartImpl.java openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/AttachmentPartImpl.java +--- openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/AttachmentPartImpl.java 2009-04-06 17:30:24.000000000 +0100 ++++ openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/AttachmentPartImpl.java 2009-04-06 18:03:31.000000000 +0100 +@@ -69,7 +69,7 @@ + */ + public class AttachmentPartImpl extends AttachmentPart { + +- protected static Logger log = ++ protected static final Logger log = + Logger.getLogger(LogDomainConstants.SOAP_DOMAIN, + "com.sun.xml.internal.messaging.saaj.soap.LocalStrings"); + +diff -Nru openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/EnvelopeFactory.java openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/EnvelopeFactory.java +--- openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/EnvelopeFactory.java 2009-04-06 17:30:24.000000000 +0100 ++++ openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/EnvelopeFactory.java 2009-04-06 18:16:24.000000000 +0100 +@@ -1,7 +1,7 @@ + /* +- * $Id: EnvelopeFactory.java,v 1.24 2006/01/27 12:49:26 vj135062 Exp $ +- * $Revision: 1.24 $ +- * $Date: 2006/01/27 12:49:26 $ ++ * ++ * ++ * + */ + + /* +@@ -54,7 +54,7 @@ + */ + public class EnvelopeFactory { + +- protected static Logger ++ protected static final Logger + log = Logger.getLogger(LogDomainConstants.SOAP_DOMAIN, + "com.sun.xml.internal.messaging.saaj.soap.LocalStrings"); + +diff -Nru openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ImageDataContentHandler.java openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ImageDataContentHandler.java +--- openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ImageDataContentHandler.java 2009-04-06 17:30:24.000000000 +0100 ++++ openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ImageDataContentHandler.java 2009-04-06 18:03:31.000000000 +0100 +@@ -48,7 +48,7 @@ + public class ImageDataContentHandler extends Component + implements DataContentHandler { + +- protected static Logger log = ++ protected static final Logger log = + Logger.getLogger(LogDomainConstants.SOAP_DOMAIN, + "com.sun.xml.internal.messaging.saaj.soap.LocalStrings"); + +diff -Nru openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/impl/CDATAImpl.java openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/impl/CDATAImpl.java +--- openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/impl/CDATAImpl.java 2009-04-06 17:30:24.000000000 +0100 ++++ openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/impl/CDATAImpl.java 2009-04-06 18:14:32.000000000 +0100 +@@ -1,7 +1,7 @@ + /* +- * $Id: CDATAImpl.java,v 1.19 2006/01/27 12:49:34 vj135062 Exp $ +- * $Revision: 1.19 $ +- * $Date: 2006/01/27 12:49:34 $ ++ * ++ * ++ * + */ + + /* +@@ -42,7 +42,7 @@ + extends com.sun.org.apache.xerces.internal.dom.CDATASectionImpl + implements javax.xml.soap.Text { + +- protected static Logger log = ++ protected static final Logger log = + Logger.getLogger(LogDomainConstants.SOAP_IMPL_DOMAIN, + "com.sun.xml.internal.messaging.saaj.soap.impl.LocalStrings"); + +diff -Nru openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/impl/CommentImpl.java openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/impl/CommentImpl.java +--- openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/impl/CommentImpl.java 2009-04-06 17:30:24.000000000 +0100 ++++ openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/impl/CommentImpl.java 2009-04-06 18:14:47.000000000 +0100 +@@ -1,7 +1,7 @@ + /* +- * $Id: CommentImpl.java,v 1.17 2006/01/27 12:49:34 vj135062 Exp $ +- * $Revision: 1.17 $ +- * $Date: 2006/01/27 12:49:34 $ ++ * ++ * ++ * + */ + + /* +@@ -46,7 +46,7 @@ + extends com.sun.org.apache.xerces.internal.dom.CommentImpl + implements javax.xml.soap.Text, org.w3c.dom.Comment { + +- protected static Logger log = ++ protected static final Logger log = + Logger.getLogger(LogDomainConstants.SOAP_IMPL_DOMAIN, + "com.sun.xml.internal.messaging.saaj.soap.impl.LocalStrings"); + protected static ResourceBundle rb = +diff -Nru openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/impl/ElementImpl.java openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/impl/ElementImpl.java +--- openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/impl/ElementImpl.java 2009-04-06 17:30:24.000000000 +0100 ++++ openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/impl/ElementImpl.java 2009-04-06 18:13:49.000000000 +0100 +@@ -1,7 +1,7 @@ + /* +- * $Id: ElementImpl.java,v 1.1.1.1 2006/01/27 13:10:57 kumarjayanti Exp $ +- * $Revision: 1.1.1.1 $ +- * $Date: 2006/01/27 13:10:57 $ ++ * ++ * ++ * + */ + + /* +@@ -59,7 +59,7 @@ + + protected QName elementQName; + +- protected static Logger log = ++ protected static final Logger log = + Logger.getLogger(LogDomainConstants.SOAP_IMPL_DOMAIN, + "com.sun.xml.internal.messaging.saaj.soap.impl.LocalStrings"); + +diff -Nru openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/impl/TextImpl.java openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/impl/TextImpl.java +--- openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/impl/TextImpl.java 2009-04-06 17:30:24.000000000 +0100 ++++ openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/impl/TextImpl.java 2009-04-06 18:14:14.000000000 +0100 +@@ -1,7 +1,7 @@ + /* +- * $Id: TextImpl.java,v 1.19 2006/01/27 12:49:36 vj135062 Exp $ +- * $Revision: 1.19 $ +- * $Date: 2006/01/27 12:49:36 $ ++ * ++ * ++ * + */ + + /* +@@ -42,7 +42,7 @@ + extends com.sun.org.apache.xerces.internal.dom.TextImpl + implements javax.xml.soap.Text, org.w3c.dom.Text { + +- protected static Logger log = ++ protected static final Logger log = + Logger.getLogger(LogDomainConstants.SOAP_IMPL_DOMAIN, + "com.sun.xml.internal.messaging.saaj.soap.impl.LocalStrings"); + +diff -Nru openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/MessageFactoryImpl.java openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/MessageFactoryImpl.java +--- openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/MessageFactoryImpl.java 2009-04-06 17:30:24.000000000 +0100 ++++ openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/MessageFactoryImpl.java 2009-04-06 18:08:37.000000000 +0100 +@@ -1,7 +1,7 @@ + /* +- * $Id: MessageFactoryImpl.java,v 1.23 2006/01/27 12:49:27 vj135062 Exp $ +- * $Revision: 1.23 $ +- * $Date: 2006/01/27 12:49:27 $ ++ * ++ * ++ * + */ + + /* +@@ -53,15 +53,15 @@ + */ + public class MessageFactoryImpl extends MessageFactory { + +- protected static Logger log = ++ protected static final Logger log = + Logger.getLogger(LogDomainConstants.SOAP_DOMAIN, + "com.sun.xml.internal.messaging.saaj.soap.LocalStrings"); + +- protected static OutputStream listener; ++ protected OutputStream listener; + + protected boolean lazyAttachments = false; + +- public static OutputStream listen(OutputStream newListener) { ++ public OutputStream listen(OutputStream newListener) { + OutputStream oldListener = listener; + listener = newListener; + return oldListener; +diff -Nru openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/MessageImpl.java openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/MessageImpl.java +--- openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/MessageImpl.java 2009-04-06 17:30:24.000000000 +0100 ++++ openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/MessageImpl.java 2009-04-06 18:09:47.000000000 +0100 +@@ -1,7 +1,7 @@ + /* +- * $Id: MessageImpl.java,v 1.3 2006/08/04 09:24:24 ashutoshshahi Exp $ +- * $Revision: 1.3 $ +- * $Date: 2006/08/04 09:24:24 $ ++ * ++ * ++ * + */ + + /* +@@ -68,7 +68,7 @@ + public static final String CONTENT_ID = "Content-ID"; + public static final String CONTENT_LOCATION = "Content-Location"; + +- protected static Logger log = ++ protected static final Logger log = + Logger.getLogger(LogDomainConstants.SOAP_DOMAIN, + "com.sun.xml.internal.messaging.saaj.soap.LocalStrings"); + +diff -Nru openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/name/NameImpl.java openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/name/NameImpl.java +--- openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/name/NameImpl.java 2009-04-06 17:30:24.000000000 +0100 ++++ openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/name/NameImpl.java 2009-04-06 18:25:32.000000000 +0100 +@@ -1,7 +1,7 @@ + /* +- * $Id: NameImpl.java,v 1.48 2006/01/27 12:49:38 vj135062 Exp $ +- * $Revision: 1.48 $ +- * $Date: 2006/01/27 12:49:38 $ ++ * ++ * ++ * + */ + + /* +@@ -62,7 +62,7 @@ + protected String prefix = ""; + private String qualifiedName = null; + +- protected static Logger log = ++ protected static final Logger log = + Logger.getLogger(LogDomainConstants.NAMING_DOMAIN, + "com.sun.xml.internal.messaging.saaj.soap.name.LocalStrings"); + +diff -Nru openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/SAAJMetaFactoryImpl.java openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/SAAJMetaFactoryImpl.java +--- openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/SAAJMetaFactoryImpl.java 2009-04-06 17:30:24.000000000 +0100 ++++ openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/SAAJMetaFactoryImpl.java 2009-04-06 18:03:31.000000000 +0100 +@@ -38,7 +38,7 @@ + + public class SAAJMetaFactoryImpl extends SAAJMetaFactory { + +- protected static Logger log = ++ protected static final Logger log = + Logger.getLogger(LogDomainConstants.SOAP_DOMAIN, + "com.sun.xml.internal.messaging.saaj.soap.LocalStrings"); + +diff -Nru openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/SOAPDocumentImpl.java openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/SOAPDocumentImpl.java +--- openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/SOAPDocumentImpl.java 2009-04-06 17:30:24.000000000 +0100 ++++ openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/SOAPDocumentImpl.java 2009-04-06 18:24:54.000000000 +0100 +@@ -1,5 +1,5 @@ + /* +- * $Id: SOAPDocumentImpl.java,v 1.15 2006/01/27 12:49:29 vj135062 Exp $ ++ * + */ + + /* +@@ -44,7 +44,7 @@ + + public class SOAPDocumentImpl extends DocumentImpl implements SOAPDocument { + +- protected static Logger log = ++ protected static final Logger log = + Logger.getLogger(LogDomainConstants.SOAP_DOMAIN, + "com.sun.xml.internal.messaging.saaj.soap.LocalStrings"); + +diff -Nru openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/SOAPFactoryImpl.java openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/SOAPFactoryImpl.java +--- openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/SOAPFactoryImpl.java 2009-04-06 17:30:24.000000000 +0100 ++++ openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/SOAPFactoryImpl.java 2009-04-06 18:10:50.000000000 +0100 +@@ -1,7 +1,7 @@ + /* +- * $Id: SOAPFactoryImpl.java,v 1.21 2006/01/27 12:49:29 vj135062 Exp $ +- * $Revision: 1.21 $ +- * $Date: 2006/01/27 12:49:29 $ ++ * ++ * ++ * + */ + + /* +@@ -49,7 +49,7 @@ + + public abstract class SOAPFactoryImpl extends SOAPFactory { + +- protected static Logger ++ protected static final Logger + log = Logger.getLogger(LogDomainConstants.SOAP_DOMAIN, + "com.sun.xml.internal.messaging.saaj.soap.LocalStrings"); + +diff -Nru openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/SOAPPartImpl.java openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/SOAPPartImpl.java +--- openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/SOAPPartImpl.java 2009-04-06 17:30:24.000000000 +0100 ++++ openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/SOAPPartImpl.java 2009-04-06 18:24:42.000000000 +0100 +@@ -1,7 +1,7 @@ + /* +- * $Id: SOAPPartImpl.java,v 1.1.1.1 2006/01/27 13:10:55 kumarjayanti Exp $ +- * $Revision: 1.1.1.1 $ +- * $Date: 2006/01/27 13:10:55 $ ++ * ++ * ++ * + */ + + /* +@@ -58,7 +58,7 @@ + * @author Anil Vijendran (anil@sun.com) + */ + public abstract class SOAPPartImpl extends SOAPPart implements SOAPDocument { +- protected static Logger log = ++ protected static final Logger log = + Logger.getLogger(LogDomainConstants.SOAP_DOMAIN, + "com.sun.xml.internal.messaging.saaj.soap.LocalStrings"); + +diff -Nru openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_1/Fault1_1Impl.java openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_1/Fault1_1Impl.java +--- openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_1/Fault1_1Impl.java 2009-04-06 17:30:24.000000000 +0100 ++++ openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_1/Fault1_1Impl.java 2009-04-06 18:29:04.000000000 +0100 +@@ -1,5 +1,5 @@ + /* +- * $Id: Fault1_1Impl.java,v 1.20 2006/01/27 12:49:41 vj135062 Exp $ ++ * + */ + + /* +@@ -56,7 +56,7 @@ + + public class Fault1_1Impl extends FaultImpl { + +- protected static Logger log = ++ protected static final Logger log = + Logger.getLogger( + LogDomainConstants.SOAP_VER1_1_DOMAIN, + "com.sun.xml.internal.messaging.saaj.soap.ver1_1.LocalStrings"); +diff -Nru openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_1/Header1_1Impl.java openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_1/Header1_1Impl.java +--- openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_1/Header1_1Impl.java 2009-04-06 17:30:24.000000000 +0100 ++++ openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_1/Header1_1Impl.java 2009-04-06 18:29:14.000000000 +0100 +@@ -1,5 +1,5 @@ + /* +- * $Id: Header1_1Impl.java,v 1.29 2006/01/27 12:49:41 vj135062 Exp $ ++ * + */ + + /* +diff -Nru openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_1/HeaderElement1_1Impl.java openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_1/HeaderElement1_1Impl.java +--- openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_1/HeaderElement1_1Impl.java 2009-04-06 17:30:24.000000000 +0100 ++++ openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_1/HeaderElement1_1Impl.java 2009-04-06 18:29:28.000000000 +0100 +@@ -1,5 +1,5 @@ + /* +- * $Id: HeaderElement1_1Impl.java,v 1.29 2006/01/27 12:49:41 vj135062 Exp $ ++ * + */ + + /* +diff -Nru openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_1/Message1_1Impl.java openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_1/Message1_1Impl.java +--- openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_1/Message1_1Impl.java 2009-04-06 17:30:24.000000000 +0100 ++++ openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_1/Message1_1Impl.java 2009-04-06 18:29:37.000000000 +0100 +@@ -1,5 +1,5 @@ + /* +- * $Id: Message1_1Impl.java,v 1.24 2006/01/27 12:49:41 vj135062 Exp $ ++ * + */ + + /* +diff -Nru openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_1/SOAPPart1_1Impl.java openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_1/SOAPPart1_1Impl.java +--- openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_1/SOAPPart1_1Impl.java 2009-04-06 17:30:24.000000000 +0100 ++++ openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_1/SOAPPart1_1Impl.java 2009-04-06 18:29:51.000000000 +0100 +@@ -1,5 +1,5 @@ + /* +- * $Id: SOAPPart1_1Impl.java,v 1.1.1.1 2006/01/27 13:10:57 kumarjayanti Exp $ ++ * + */ + + /* +@@ -47,7 +47,7 @@ + + public class SOAPPart1_1Impl extends SOAPPartImpl implements SOAPConstants { + +- protected static Logger log = ++ protected static final Logger log = + Logger.getLogger(LogDomainConstants.SOAP_VER1_1_DOMAIN, + "com.sun.xml.internal.messaging.saaj.soap.ver1_1.LocalStrings"); + +diff -Nru openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_2/Body1_2Impl.java openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_2/Body1_2Impl.java +--- openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_2/Body1_2Impl.java 2009-04-06 17:30:24.000000000 +0100 ++++ openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_2/Body1_2Impl.java 2009-04-06 18:27:36.000000000 +0100 +@@ -1,5 +1,5 @@ + /* +- * $Id: Body1_2Impl.java,v 1.32 2006/01/27 12:49:44 vj135062 Exp $ ++ * + */ + + /* +diff -Nru openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_2/Detail1_2Impl.java openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_2/Detail1_2Impl.java +--- openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_2/Detail1_2Impl.java 2009-04-06 17:30:24.000000000 +0100 ++++ openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_2/Detail1_2Impl.java 2009-04-06 18:27:47.000000000 +0100 +@@ -1,5 +1,5 @@ + /* +- * $Id: Detail1_2Impl.java,v 1.24 2006/01/27 12:49:45 vj135062 Exp $ ++ * + */ + + /* +@@ -46,7 +46,7 @@ + + public class Detail1_2Impl extends DetailImpl { + +- protected static Logger log = ++ protected static final Logger log = + Logger.getLogger(Detail1_2Impl.class.getName(), + "com.sun.xml.internal.messaging.saaj.soap.ver1_2.LocalStrings"); + +diff -Nru openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_2/Envelope1_2Impl.java openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_2/Envelope1_2Impl.java +--- openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_2/Envelope1_2Impl.java 2009-04-06 17:30:24.000000000 +0100 ++++ openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_2/Envelope1_2Impl.java 2009-04-06 18:27:55.000000000 +0100 +@@ -1,5 +1,5 @@ + /* +- * $Id: Envelope1_2Impl.java,v 1.26 2006/01/27 12:49:47 vj135062 Exp $ ++ * + */ + + /* +@@ -46,7 +46,7 @@ + + public class Envelope1_2Impl extends EnvelopeImpl { + +- protected static Logger log = ++ protected static final Logger log = + Logger.getLogger(Envelope1_2Impl.class.getName(), + "com.sun.xml.internal.messaging.saaj.soap.ver1_2.LocalStrings"); + +diff -Nru openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_2/Fault1_2Impl.java openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_2/Fault1_2Impl.java +--- openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_2/Fault1_2Impl.java 2009-04-06 17:30:24.000000000 +0100 ++++ openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_2/Fault1_2Impl.java 2009-04-06 18:28:07.000000000 +0100 +@@ -1,5 +1,5 @@ + /* +- * $Id: Fault1_2Impl.java,v 1.45 2006/01/27 12:49:47 vj135062 Exp $ ++ * + */ + + /* +diff -Nru openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_2/Header1_2Impl.java openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_2/Header1_2Impl.java +--- openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_2/Header1_2Impl.java 2009-04-06 17:30:24.000000000 +0100 ++++ openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_2/Header1_2Impl.java 2009-04-06 18:28:16.000000000 +0100 +@@ -1,5 +1,5 @@ + /* +- * $Id: Header1_2Impl.java,v 1.36 2006/01/27 12:49:48 vj135062 Exp $ ++ * + */ + + /* +diff -Nru openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_2/HeaderElement1_2Impl.java openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_2/HeaderElement1_2Impl.java +--- openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_2/HeaderElement1_2Impl.java 2009-04-06 17:30:24.000000000 +0100 ++++ openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_2/HeaderElement1_2Impl.java 2009-04-06 18:28:27.000000000 +0100 +@@ -1,5 +1,5 @@ + /* +- * $Id: HeaderElement1_2Impl.java,v 1.29 2006/01/27 12:49:48 vj135062 Exp $ ++ * + */ + + /* +@@ -46,7 +46,7 @@ + + public class HeaderElement1_2Impl extends HeaderElementImpl { + +- private static Logger log = ++ private static final Logger log = + Logger.getLogger(HeaderElement1_2Impl.class.getName(), + "com.sun.xml.internal.messaging.saaj.soap.ver1_2.LocalStrings"); + +diff -Nru openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_2/SOAPPart1_2Impl.java openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_2/SOAPPart1_2Impl.java +--- openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_2/SOAPPart1_2Impl.java 2009-04-06 17:30:24.000000000 +0100 ++++ openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/soap/ver1_2/SOAPPart1_2Impl.java 2009-04-06 18:28:40.000000000 +0100 +@@ -1,5 +1,5 @@ + /* +- * $Id: SOAPPart1_2Impl.java,v 1.1.1.1 2006/01/27 13:10:57 kumarjayanti Exp $ ++ * + */ + + /* +@@ -46,7 +46,7 @@ + + public class SOAPPart1_2Impl extends SOAPPartImpl implements SOAPConstants{ + +- protected static Logger log = ++ protected static final Logger log = + Logger.getLogger(SOAPPart1_2Impl.class.getName(), + "com.sun.xml.internal.messaging.saaj.soap.ver1_2.LocalStrings"); + +diff -Nru openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/util/RejectDoctypeSaxFilter.java openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/util/RejectDoctypeSaxFilter.java +--- openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/util/RejectDoctypeSaxFilter.java 2009-04-06 17:30:24.000000000 +0100 ++++ openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/util/RejectDoctypeSaxFilter.java 2009-04-06 18:03:31.000000000 +0100 +@@ -44,12 +44,12 @@ + * because they are not legal in SOAP. If the user of this class sets a + * LexicalHandler, then it forwards events to that handler. + * +- * $Id: RejectDoctypeSaxFilter.java,v 1.13 2006/01/27 12:49:52 vj135062 Exp $ ++ * + * @author Edwin Goei + */ + + public class RejectDoctypeSaxFilter extends XMLFilterImpl implements XMLReader, LexicalHandler{ +- protected static Logger log = ++ protected static final Logger log = + Logger.getLogger(LogDomainConstants.UTIL_DOMAIN, + "com.sun.xml.internal.messaging.saaj.util.LocalStrings"); + +diff -Nru openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/util/transform/EfficientStreamingTransformer.java openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/util/transform/EfficientStreamingTransformer.java +--- openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/util/transform/EfficientStreamingTransformer.java 2009-04-06 17:30:24.000000000 +0100 ++++ openjdk/jaxws/src/share/classes/com/sun/xml/internal/messaging/saaj/util/transform/EfficientStreamingTransformer.java 2009-04-06 18:05:38.000000000 +0100 +@@ -61,12 +61,13 @@ + public class EfficientStreamingTransformer + extends javax.xml.transform.Transformer { + +- static final String version; +- static final String vendor; ++ //static final String version; ++ //static final String vendor; + +- protected static TransformerFactory transformerFactory = TransformerFactory.newInstance(); ++ protected static final TransformerFactory transformerFactory = TransformerFactory.newInstance(); + +- static { ++ //removing support for Java 1.4 and 1.3 : CR6658158 ++ /*static { + version = System.getProperty("java.vm.version"); + vendor = System.getProperty("java.vm.vendor"); + if (vendor.startsWith("Sun") && +@@ -75,6 +76,7 @@ + new com.sun.org.apache.xalan.internal.xsltc.trax.TransformerFactoryImpl(); + } + } ++ */ + + /** + * TransformerFactory instance. +diff -Nru openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/txw2/DatatypeWriter.java openjdk/jaxws/src/share/classes/com/sun/xml/internal/txw2/DatatypeWriter.java +--- openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/txw2/DatatypeWriter.java 2009-04-06 17:30:23.000000000 +0100 ++++ openjdk/jaxws/src/share/classes/com/sun/xml/internal/txw2/DatatypeWriter.java 2009-04-06 18:03:31.000000000 +0100 +@@ -24,6 +24,9 @@ + */ + package com.sun.xml.internal.txw2; + ++import java.util.AbstractList; ++import java.util.Collections; ++import java.util.List; + import javax.xml.namespace.QName; + + /** +@@ -52,50 +55,60 @@ + */ + void print(DT dt, NamespaceResolver resolver, StringBuilder buf); + ++ static final List> BUILTIN = Collections.unmodifiableList(new AbstractList() { ++ ++ private DatatypeWriter[] BUILTIN_ARRAY = new DatatypeWriter[] { ++ new DatatypeWriter() { ++ public Class getType() { ++ return String.class; ++ } ++ public void print(String s, NamespaceResolver resolver, StringBuilder buf) { ++ buf.append(s); ++ } ++ }, ++ new DatatypeWriter() { ++ public Class getType() { ++ return Integer.class; ++ } ++ public void print(Integer i, NamespaceResolver resolver, StringBuilder buf) { ++ buf.append(i); ++ } ++ }, ++ new DatatypeWriter() { ++ public Class getType() { ++ return Float.class; ++ } ++ public void print(Float f, NamespaceResolver resolver, StringBuilder buf) { ++ buf.append(f); ++ } ++ }, ++ new DatatypeWriter() { ++ public Class getType() { ++ return Double.class; ++ } ++ public void print(Double d, NamespaceResolver resolver, StringBuilder buf) { ++ buf.append(d); ++ } ++ }, ++ new DatatypeWriter() { ++ public Class getType() { ++ return QName.class; ++ } ++ public void print(QName qn, NamespaceResolver resolver, StringBuilder buf) { ++ String p = resolver.getPrefix(qn.getNamespaceURI()); ++ if(p.length()!=0) ++ buf.append(p).append(':'); ++ buf.append(qn.getLocalPart()); ++ } ++ } ++ }; ++ ++ public DatatypeWriter get(int n) { ++ return BUILTIN_ARRAY[n]; ++ } + +- static final DatatypeWriter[] BUILDIN = new DatatypeWriter[] { +- new DatatypeWriter() { +- public Class getType() { +- return String.class; +- } +- public void print(String s, NamespaceResolver resolver, StringBuilder buf) { +- buf.append(s); +- } +- }, +- new DatatypeWriter() { +- public Class getType() { +- return Integer.class; +- } +- public void print(Integer i, NamespaceResolver resolver, StringBuilder buf) { +- buf.append(i); +- } +- }, +- new DatatypeWriter() { +- public Class getType() { +- return Float.class; +- } +- public void print(Float f, NamespaceResolver resolver, StringBuilder buf) { +- buf.append(f); +- } +- }, +- new DatatypeWriter() { +- public Class getType() { +- return Double.class; +- } +- public void print(Double d, NamespaceResolver resolver, StringBuilder buf) { +- buf.append(d); +- } +- }, +- new DatatypeWriter() { +- public Class getType() { +- return QName.class; +- } +- public void print(QName qn, NamespaceResolver resolver, StringBuilder buf) { +- String p = resolver.getPrefix(qn.getNamespaceURI()); +- if(p.length()!=0) +- buf.append(p).append(':'); +- buf.append(qn.getLocalPart()); +- } ++ public int size() { ++ return BUILTIN_ARRAY.length; + } +- }; ++ }); + } +diff -Nru openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/txw2/Document.java openjdk/jaxws/src/share/classes/com/sun/xml/internal/txw2/Document.java +--- openjdk.orig/jaxws/src/share/classes/com/sun/xml/internal/txw2/Document.java 2009-04-06 17:30:23.000000000 +0100 ++++ openjdk/jaxws/src/share/classes/com/sun/xml/internal/txw2/Document.java 2009-04-06 18:03:31.000000000 +0100 +@@ -75,7 +75,7 @@ + + Document(XmlSerializer out) { + this.out = out; +- for( DatatypeWriter dw : DatatypeWriter.BUILDIN ) ++ for( DatatypeWriter dw : DatatypeWriter.BUILTIN ) + datatypeWriters.put(dw.getType(),dw); + } + diff -r 9933c527970b -r 3a122c249dda patches/security/icedtea-6691246.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/icedtea-6691246.patch Tue Apr 07 01:02:17 2009 +0100 @@ -0,0 +1,167 @@ +diff -Nru openjdk.orig/jdk/src/share/classes/com/sun/jmx/remote/internal/ClientNotifForwarder.java openjdk/jdk/src/share/classes/com/sun/jmx/remote/internal/ClientNotifForwarder.java +--- openjdk.orig/jdk/src/share/classes/com/sun/jmx/remote/internal/ClientNotifForwarder.java 2009-04-06 18:37:04.000000000 +0100 ++++ openjdk/jdk/src/share/classes/com/sun/jmx/remote/internal/ClientNotifForwarder.java 2009-04-06 18:42:39.000000000 +0100 +@@ -22,7 +22,6 @@ + * CA 95054 USA or visit www.sun.com if you need additional information or + * have any questions. + */ +- + package com.sun.jmx.remote.internal; + + import java.io.IOException; +@@ -34,6 +33,7 @@ + import java.util.Map; + import java.util.concurrent.Executor; + ++import java.security.AccessControlContext; + import java.security.AccessController; + import java.security.PrivilegedAction; + import javax.security.auth.Subject; +@@ -54,6 +54,9 @@ + + + public abstract class ClientNotifForwarder { ++ ++ private final AccessControlContext acc; ++ + public ClientNotifForwarder(Map env) { + this(null, env); + } +@@ -87,6 +90,8 @@ + this.command = command; + if (thread == null) { + thread = new Thread() { ++ ++ @Override + public void run() { + while (true) { + Runnable r; +@@ -130,6 +135,7 @@ + + this.defaultClassLoader = defaultClassLoader; + this.executor = ex; ++ this.acc = AccessController.getContext(); + } + + /** +@@ -380,28 +386,85 @@ + setState(TERMINATED); + } + +-// ------------------------------------------------- +-// private classes +-// ------------------------------------------------- ++ ++ // ------------------------------------------------- ++ // private classes ++ // ------------------------------------------------- + // ++ + private class NotifFetcher implements Runnable { ++ ++ private volatile boolean alreadyLogged = false; ++ ++ private void logOnce(String msg, SecurityException x) { ++ if (alreadyLogged) return; ++ // Log only once. ++ logger.config("setContextClassLoader",msg); ++ if (x != null) logger.fine("setContextClassLoader", x); ++ alreadyLogged = true; ++ } ++ ++ // Set new context class loader, returns previous one. ++ private final ClassLoader setContextClassLoader(final ClassLoader loader) { ++ final AccessControlContext ctxt = ClientNotifForwarder.this.acc; ++ // if ctxt is null, log a config message and throw a ++ // SecurityException. ++ if (ctxt == null) { ++ logOnce("AccessControlContext must not be null.",null); ++ throw new SecurityException("AccessControlContext must not be null"); ++ } ++ return AccessController.doPrivileged( ++ new PrivilegedAction() { ++ public ClassLoader run() { ++ try { ++ // get context class loader - may throw ++ // SecurityException - though unlikely. ++ final ClassLoader previous = ++ Thread.currentThread().getContextClassLoader(); ++ ++ // if nothing needs to be done, break here... ++ if (loader == previous) return previous; ++ ++ // reset context class loader - may throw ++ // SecurityException ++ Thread.currentThread().setContextClassLoader(loader); ++ return previous; ++ } catch (SecurityException x) { ++ logOnce("Permission to set ContextClassLoader missing. " + ++ "Notifications will not be dispatched. " + ++ "Please check your Java policy configuration: " + ++ x, x); ++ throw x; ++ } ++ } ++ }, ctxt); ++ } ++ + public void run() { ++ final ClassLoader previous; ++ if (defaultClassLoader != null) { ++ previous = setContextClassLoader(defaultClassLoader); ++ } else { ++ previous = null; ++ } ++ try { ++ doRun(); ++ } finally { ++ if (defaultClassLoader != null) { ++ setContextClassLoader(previous); ++ } ++ } ++ } ++ ++ private void doRun() { + synchronized (ClientNotifForwarder.this) { + currentFetchThread = Thread.currentThread(); + +- if (state == STARTING) ++ if (state == STARTING) { + setState(STARTED); ++ } + } + +- if (defaultClassLoader != null) { +- AccessController.doPrivileged(new PrivilegedAction() { +- public Void run() { +- Thread.currentThread(). +- setContextClassLoader(defaultClassLoader); +- return null; +- } +- }); +- } + + NotificationResult nr = null; + if (!shouldStop() && (nr = fetchNotifs()) != null) { +@@ -434,8 +497,9 @@ + // check if an mbean unregistration notif + if (!listenerID.equals(mbeanRemovedNotifID)) { + final ClientListenerInfo li = infoList.get(listenerID); +- if (li != null) +- listeners.put(listenerID,li); ++ if (li != null) { ++ listeners.put(listenerID, li); ++ } + continue; + } + final Notification notif = tn.getNotification(); +@@ -799,9 +863,7 @@ + private long clientSequenceNumber = -1; + private final int maxNotifications; + private final long timeout; +- + private Integer mbeanRemovedNotifID = null; +- + private Thread currentFetchThread; + + // state diff -r 9933c527970b -r 3a122c249dda patches/security/icedtea-6717680.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/icedtea-6717680.patch Tue Apr 07 01:02:17 2009 +0100 @@ -0,0 +1,27 @@ +--- old/src/share/classes/com/sun/jndi/ldap/LdapCtx.java Tue Mar 3 14:42:48 2009 ++++ openjdk/jdk/src/share/classes/com/sun/jndi/ldap/LdapCtx.java Tue Mar 3 14:42:47 2009 +@@ -1,5 +1,5 @@ + /* +- * Copyright 1999-2005 Sun Microsystems, Inc. All Rights Reserved. ++ * Copyright 1999-2009 Sun Microsystems, Inc. All Rights Reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -302,7 +302,16 @@ + + schemaTrees = new Hashtable(11, 0.75f); + initEnv(); +- connect(false); ++ try { ++ connect(false); ++ } catch (NamingException e) { ++ try { ++ close(); ++ } catch (Exception e2) { ++ // Nothing ++ } ++ throw e; ++ } + } + + LdapCtx(LdapCtx existing, String newDN) throws NamingException { diff -r 9933c527970b -r 3a122c249dda patches/security/icedtea-6721651.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/icedtea-6721651.patch Tue Apr 07 01:02:17 2009 +0100 @@ -0,0 +1,732 @@ +diff -Nru openjdk.orig/jdk/src/share/classes/com/sun/jmx/remote/security/MBeanServerAccessController.java openjdk/jdk/src/share/classes/com/sun/jmx/remote/security/MBeanServerAccessController.java +--- openjdk.orig/jdk/src/share/classes/com/sun/jmx/remote/security/MBeanServerAccessController.java 2009-04-06 18:37:03.000000000 +0100 ++++ openjdk/jdk/src/share/classes/com/sun/jmx/remote/security/MBeanServerAccessController.java 2009-04-06 18:44:48.000000000 +0100 +@@ -111,6 +111,22 @@ + */ + protected abstract void checkWrite(); + ++ /** ++ * Check if the caller can create the named class. The default ++ * implementation of this method calls {@link #checkWrite()}. ++ */ ++ protected void checkCreate(String className) { ++ checkWrite(); ++ } ++ ++ /** ++ * Check if the caller can unregister the named MBean. The default ++ * implementation of this method calls {@link #checkWrite()}. ++ */ ++ protected void checkUnregister(ObjectName name) { ++ checkWrite(); ++ } ++ + //-------------------------------------------- + //-------------------------------------------- + // +@@ -148,7 +164,7 @@ + } + + /** +- * Call checkWrite(), then forward this method to the ++ * Call checkCreate(className), then forward this method to the + * wrapped object. + */ + public ObjectInstance createMBean(String className, ObjectName name) +@@ -158,7 +174,7 @@ + MBeanRegistrationException, + MBeanException, + NotCompliantMBeanException { +- checkWrite(); ++ checkCreate(className); + SecurityManager sm = System.getSecurityManager(); + if (sm == null) { + Object object = getMBeanServer().instantiate(className); +@@ -170,7 +186,7 @@ + } + + /** +- * Call checkWrite(), then forward this method to the ++ * Call checkCreate(className), then forward this method to the + * wrapped object. + */ + public ObjectInstance createMBean(String className, ObjectName name, +@@ -181,7 +197,7 @@ + MBeanRegistrationException, + MBeanException, + NotCompliantMBeanException { +- checkWrite(); ++ checkCreate(className); + SecurityManager sm = System.getSecurityManager(); + if (sm == null) { + Object object = getMBeanServer().instantiate(className, +@@ -196,7 +212,7 @@ + } + + /** +- * Call checkWrite(), then forward this method to the ++ * Call checkCreate(className), then forward this method to the + * wrapped object. + */ + public ObjectInstance createMBean(String className, +@@ -209,7 +225,7 @@ + MBeanException, + NotCompliantMBeanException, + InstanceNotFoundException { +- checkWrite(); ++ checkCreate(className); + SecurityManager sm = System.getSecurityManager(); + if (sm == null) { + Object object = getMBeanServer().instantiate(className, +@@ -222,7 +238,7 @@ + } + + /** +- * Call checkWrite(), then forward this method to the ++ * Call checkCreate(className), then forward this method to the + * wrapped object. + */ + public ObjectInstance createMBean(String className, +@@ -237,7 +253,7 @@ + MBeanException, + NotCompliantMBeanException, + InstanceNotFoundException { +- checkWrite(); ++ checkCreate(className); + SecurityManager sm = System.getSecurityManager(); + if (sm == null) { + Object object = getMBeanServer().instantiate(className, +@@ -394,45 +410,45 @@ + } + + /** +- * Call checkWrite(), then forward this method to the ++ * Call checkCreate(className), then forward this method to the + * wrapped object. + */ + public Object instantiate(String className) + throws ReflectionException, MBeanException { +- checkWrite(); ++ checkCreate(className); + return getMBeanServer().instantiate(className); + } + + /** +- * Call checkWrite(), then forward this method to the ++ * Call checkCreate(className), then forward this method to the + * wrapped object. + */ + public Object instantiate(String className, + Object params[], + String signature[]) + throws ReflectionException, MBeanException { +- checkWrite(); ++ checkCreate(className); + return getMBeanServer().instantiate(className, params, signature); + } + + /** +- * Call checkWrite(), then forward this method to the ++ * Call checkCreate(className), then forward this method to the + * wrapped object. + */ + public Object instantiate(String className, ObjectName loaderName) + throws ReflectionException, MBeanException, InstanceNotFoundException { +- checkWrite(); ++ checkCreate(className); + return getMBeanServer().instantiate(className, loaderName); + } + + /** +- * Call checkWrite(), then forward this method to the ++ * Call checkCreate(className), then forward this method to the + * wrapped object. + */ + public Object instantiate(String className, ObjectName loaderName, + Object params[], String signature[]) + throws ReflectionException, MBeanException, InstanceNotFoundException { +- checkWrite(); ++ checkCreate(className); + return getMBeanServer().instantiate(className, loaderName, + params, signature); + } +@@ -579,12 +595,12 @@ + } + + /** +- * Call checkWrite(), then forward this method to the ++ * Call checkUnregister(), then forward this method to the + * wrapped object. + */ + public void unregisterMBean(ObjectName name) + throws InstanceNotFoundException, MBeanRegistrationException { +- checkWrite(); ++ checkUnregister(name); + getMBeanServer().unregisterMBean(name); + } + +diff -Nru openjdk.orig/jdk/src/share/classes/com/sun/jmx/remote/security/MBeanServerFileAccessController.java openjdk/jdk/src/share/classes/com/sun/jmx/remote/security/MBeanServerFileAccessController.java +--- openjdk.orig/jdk/src/share/classes/com/sun/jmx/remote/security/MBeanServerFileAccessController.java 2009-04-06 18:37:03.000000000 +0100 ++++ openjdk/jdk/src/share/classes/com/sun/jmx/remote/security/MBeanServerFileAccessController.java 2009-04-06 18:49:04.000000000 +0100 +@@ -31,11 +31,17 @@ + import java.security.AccessController; + import java.security.Principal; + import java.security.PrivilegedAction; +-import java.util.Collection; ++import java.util.ArrayList; ++import java.util.HashMap; + import java.util.Iterator; ++import java.util.List; ++import java.util.Map; + import java.util.Properties; + import java.util.Set; ++import java.util.StringTokenizer; ++import java.util.regex.Pattern; + import javax.management.MBeanServer; ++import javax.management.ObjectName; + import javax.security.auth.Subject; + + /** +@@ -46,7 +52,8 @@ + * not allowed; in this case the request is not forwarded to the + * wrapped object.

+ * +- *

This class implements the {@link #checkRead()} and {@link #checkWrite()} ++ *

This class implements the {@link #checkRead()}, {@link #checkWrite()}, ++ * {@link #checkCreate(String)}, and {@link #checkUnregister(ObjectName)} + * methods based on an access level properties file containing username/access + * level pairs. The set of username/access level pairs is passed either as a + * filename which denotes a properties file on disk, or directly as an instance +@@ -56,14 +63,50 @@ + * has exactly one access level. The same access level can be shared by several + * usernames.

+ * +- *

The supported access level values are readonly and +- * readwrite.

++ *

The supported access level values are {@code readonly} and ++ * {@code readwrite}. The {@code readwrite} access level can be ++ * qualified by one or more clauses, where each clause looks ++ * like create classNamePattern or {@code ++ * unregister}. For example:

++ * ++ * 
++ * monitorRole  readonly
++ * controlRole  readwrite \
++ *              create javax.management.timer.*,javax.management.monitor.* \
++ *              unregister
++ *
++ * ++ *

(The continuation lines with {@code \} come from the parser for ++ * Properties files.)

+ */ + public class MBeanServerFileAccessController + extends MBeanServerAccessController { + +- public static final String READONLY = "readonly"; +- public static final String READWRITE = "readwrite"; ++ static final String READONLY = "readonly"; ++ static final String READWRITE = "readwrite"; ++ ++ static final String CREATE = "create"; ++ static final String UNREGISTER = "unregister"; ++ ++ private enum AccessType {READ, WRITE, CREATE, UNREGISTER}; ++ ++ private static class Access { ++ final boolean write; ++ final String[] createPatterns; ++ private boolean unregister; ++ ++ Access(boolean write, boolean unregister, List createPatternList) { ++ this.write = write; ++ int npats = (createPatternList == null) ? 0 : createPatternList.size(); ++ if (npats == 0) ++ this.createPatterns = NO_STRINGS; ++ else ++ this.createPatterns = createPatternList.toArray(new String[npats]); ++ this.unregister = unregister; ++ } ++ ++ private final String[] NO_STRINGS = new String[0]; ++ } + + /** + *

Create a new MBeanServerAccessController that forwards all the +@@ -87,8 +130,8 @@ + throws IOException { + super(); + this.accessFileName = accessFileName; +- props = propertiesFromFile(accessFileName); +- checkValues(props); ++ Properties props = propertiesFromFile(accessFileName); ++ parseProperties(props); + } + + /** +@@ -123,14 +166,14 @@ + * #setMBeanServer} method after doing access checks based on read and + * write permissions.

+ * +- *

This instance is initialized from the specified properties instance. +- * This constructor makes a copy of the properties instance using its +- * clone method and it is the copy that is consulted to check +- * the username and access level of an incoming connection. The original +- * properties object can be modified without affecting the copy. If the +- * {@link #refresh} method is then called, the +- * MBeanServerFileAccessController will make a new copy of the +- * properties object at that time.

++ *

This instance is initialized from the specified properties ++ * instance. This constructor makes a copy of the properties ++ * instance and it is the copy that is consulted to check the ++ * username and access level of an incoming connection. The ++ * original properties object can be modified without affecting ++ * the copy. If the {@link #refresh} method is then called, the ++ * MBeanServerFileAccessController will make a new ++ * copy of the properties object at that time.

+ * + * @param accessFileProps properties list containing the username/access + * level entries. +@@ -145,8 +188,7 @@ + if (accessFileProps == null) + throw new IllegalArgumentException("Null properties"); + originalProps = accessFileProps; +- props = (Properties) accessFileProps.clone(); +- checkValues(props); ++ parseProperties(accessFileProps); + } + + /** +@@ -155,14 +197,14 @@ + * #setMBeanServer} method after doing access checks based on read and + * write permissions.

+ * +- *

This instance is initialized from the specified properties instance. +- * This constructor makes a copy of the properties instance using its +- * clone method and it is the copy that is consulted to check +- * the username and access level of an incoming connection. The original +- * properties object can be modified without affecting the copy. If the +- * {@link #refresh} method is then called, the +- * MBeanServerFileAccessController will make a new copy of the +- * properties object at that time.

++ *

This instance is initialized from the specified properties ++ * instance. This constructor makes a copy of the properties ++ * instance and it is the copy that is consulted to check the ++ * username and access level of an incoming connection. The ++ * original properties object can be modified without affecting ++ * the copy. If the {@link #refresh} method is then called, the ++ * MBeanServerFileAccessController will make a new ++ * copy of the properties object at that time.

+ * + * @param accessFileProps properties list containing the username/access + * level entries. +@@ -184,16 +226,36 @@ + * Check if the caller can do read operations. This method does + * nothing if so, otherwise throws SecurityException. + */ ++ @Override + public void checkRead() { +- checkAccessLevel(READONLY); ++ checkAccess(AccessType.READ, null); + } + + /** + * Check if the caller can do write operations. This method does + * nothing if so, otherwise throws SecurityException. + */ ++ @Override + public void checkWrite() { +- checkAccessLevel(READWRITE); ++ checkAccess(AccessType.WRITE, null); ++ } ++ ++ /** ++ * Check if the caller can create MBeans or instances of the given class. ++ * This method does nothing if so, otherwise throws SecurityException. ++ */ ++ @Override ++ public void checkCreate(String className) { ++ checkAccess(AccessType.CREATE, className); ++ } ++ ++ /** ++ * Check if the caller can do unregister operations. This method does ++ * nothing if so, otherwise throws SecurityException. ++ */ ++ @Override ++ public void checkUnregister(ObjectName name) { ++ checkAccess(AccessType.UNREGISTER, null); + } + + /** +@@ -218,14 +280,13 @@ + * @exception IllegalArgumentException if any of the supplied access + * level values differs from "readonly" or "readwrite". + */ +- public void refresh() throws IOException { +- synchronized (props) { +- if (accessFileName == null) +- props = (Properties) originalProps.clone(); +- else +- props = propertiesFromFile(accessFileName); +- checkValues(props); +- } ++ public synchronized void refresh() throws IOException { ++ Properties props; ++ if (accessFileName == null) ++ props = (Properties) originalProps; ++ else ++ props = propertiesFromFile(accessFileName); ++ parseProperties(props); + } + + private static Properties propertiesFromFile(String fname) +@@ -234,13 +295,15 @@ + try { + Properties p = new Properties(); + p.load(fin); ++ // Properties.load does a buffered read so we don't need to wrap ++ // the FileInputStream in a BufferedInputStream. + return p; + } finally { + fin.close(); + } + } + +- private void checkAccessLevel(String accessLevel) { ++ private synchronized void checkAccess(AccessType requiredAccess, String arg) { + final AccessControlContext acc = AccessController.getContext(); + final Subject s = + AccessController.doPrivileged(new PrivilegedAction() { +@@ -250,38 +313,233 @@ + }); + if (s == null) return; /* security has not been enabled */ + final Set principals = s.getPrincipals(); ++ String newPropertyValue = null; + for (Principal p : principals) { +- String grantedAccessLevel; +- synchronized (props) { +- grantedAccessLevel = props.getProperty(p.getName()); +- } +- if (grantedAccessLevel != null) { +- if (accessLevel.equals(READONLY) && +- (grantedAccessLevel.equals(READONLY) || +- grantedAccessLevel.equals(READWRITE))) +- return; +- if (accessLevel.equals(READWRITE) && +- grantedAccessLevel.equals(READWRITE)) ++ Access access = accessMap.get(p.getName()); ++ if (access != null) { ++ boolean ok; ++ switch (requiredAccess) { ++ case READ: ++ ok = true; // all access entries imply read ++ break; ++ case WRITE: ++ ok = access.write; ++ break; ++ case UNREGISTER: ++ ok = access.unregister; ++ if (!ok && access.write) ++ newPropertyValue = "unregister"; ++ break; ++ case CREATE: ++ ok = checkCreateAccess(access, arg); ++ if (!ok && access.write) ++ newPropertyValue = "create " + arg; ++ break; ++ default: ++ throw new AssertionError(); ++ } ++ if (ok) + return; + } + } +- throw new SecurityException("Access denied! Invalid access level for " + +- "requested MBeanServer operation."); ++ SecurityException se = new SecurityException("Access denied! Invalid " + ++ "access level for requested MBeanServer operation."); ++ // Add some more information to help people with deployments that ++ // worked before we required explicit create clauses. We're not giving ++ // any information to the bad guys, other than that the access control ++ // is based on a file, which they could have worked out from the stack ++ // trace anyway. ++ if (newPropertyValue != null) { ++ SecurityException se2 = new SecurityException("Access property " + ++ "for this identity should be similar to: " + READWRITE + ++ " " + newPropertyValue); ++ se.initCause(se2); ++ } ++ throw se; ++ } ++ ++ private static boolean checkCreateAccess(Access access, String className) { ++ for (String classNamePattern : access.createPatterns) { ++ if (classNameMatch(classNamePattern, className)) ++ return true; ++ } ++ return false; ++ } ++ ++ private static boolean classNameMatch(String pattern, String className) { ++ // We studiously avoided regexes when parsing the properties file, ++ // because that is done whenever the VM is started with the ++ // appropriate -Dcom.sun.management options, even if nobody ever ++ // creates an MBean. We don't want to incur the overhead of loading ++ // all the regex code whenever those options are specified, but if we ++ // get as far as here then the VM is already running and somebody is ++ // doing the very unusual operation of remotely creating an MBean. ++ // Because that operation is so unusual, we don't try to optimize ++ // by hand-matching or by caching compiled Pattern objects. ++ StringBuilder sb = new StringBuilder(); ++ StringTokenizer stok = new StringTokenizer(pattern, "*", true); ++ while (stok.hasMoreTokens()) { ++ String tok = stok.nextToken(); ++ if (tok.equals("*")) ++ sb.append("[^.]*"); ++ else ++ sb.append(Pattern.quote(tok)); ++ } ++ return className.matches(sb.toString()); + } + +- private void checkValues(Properties props) { +- Collection c = props.values(); +- for (Iterator i = c.iterator(); i.hasNext(); ) { +- final String accessLevel = (String) i.next(); +- if (!accessLevel.equals(READONLY) && +- !accessLevel.equals(READWRITE)) { +- throw new IllegalArgumentException( +- "Syntax error in access level entry [" + accessLevel + "]"); ++ private void parseProperties(Properties props) { ++ this.accessMap = new HashMap(); ++ for (Map.Entry entry : props.entrySet()) { ++ String identity = (String) entry.getKey(); ++ String accessString = (String) entry.getValue(); ++ Access access = Parser.parseAccess(identity, accessString); ++ accessMap.put(identity, access); ++ } ++ } ++ ++ private static class Parser { ++ private final static int EOS = -1; // pseudo-codepoint "end of string" ++ static { ++ assert !Character.isWhitespace(EOS); ++ } ++ ++ private final String identity; // just for better error messages ++ private final String s; // the string we're parsing ++ private final int len; // s.length() ++ private int i; ++ private int c; ++ // At any point, either c is s.codePointAt(i), or i == len and ++ // c is EOS. We use int rather than char because it is conceivable ++ // (if unlikely) that a classname in a create clause might contain ++ // "supplementary characters", the ones that don't fit in the original ++ // 16 bits for Unicode. ++ ++ private Parser(String identity, String s) { ++ this.identity = identity; ++ this.s = s; ++ this.len = s.length(); ++ this.i = 0; ++ if (i < len) ++ this.c = s.codePointAt(i); ++ else ++ this.c = EOS; ++ } ++ ++ static Access parseAccess(String identity, String s) { ++ return new Parser(identity, s).parseAccess(); ++ } ++ ++ private Access parseAccess() { ++ skipSpace(); ++ String type = parseWord(); ++ Access access; ++ if (type.equals(READONLY)) ++ access = new Access(false, false, null); ++ else if (type.equals(READWRITE)) ++ access = parseReadWrite(); ++ else { ++ throw syntax("Expected " + READONLY + " or " + READWRITE + ++ ": " + type); ++ } ++ if (c != EOS) ++ throw syntax("Extra text at end of line"); ++ return access; ++ } ++ ++ private Access parseReadWrite() { ++ List createClasses = new ArrayList(); ++ boolean unregister = false; ++ while (true) { ++ skipSpace(); ++ if (c == EOS) ++ break; ++ String type = parseWord(); ++ if (type.equals(UNREGISTER)) ++ unregister = true; ++ else if (type.equals(CREATE)) ++ parseCreate(createClasses); ++ else ++ throw syntax("Unrecognized keyword " + type); ++ } ++ return new Access(true, unregister, createClasses); ++ } ++ ++ private void parseCreate(List createClasses) { ++ while (true) { ++ skipSpace(); ++ createClasses.add(parseClassName()); ++ skipSpace(); ++ if (c == ',') ++ next(); ++ else ++ break; ++ } ++ } ++ ++ private String parseClassName() { ++ // We don't check that classname components begin with suitable ++ // characters (so we accept 1.2.3 for example). This means that ++ // there are only two states, which we can call dotOK and !dotOK ++ // according as a dot (.) is legal or not. Initially we're in ++ // !dotOK since a classname can't start with a dot; after a dot ++ // we're in !dotOK again; and after any other characters we're in ++ // dotOK. The classname is only accepted if we end in dotOK, ++ // so we reject an empty name or a name that ends with a dot. ++ final int start = i; ++ boolean dotOK = false; ++ while (true) { ++ if (c == '.') { ++ if (!dotOK) ++ throw syntax("Bad . in class name"); ++ dotOK = false; ++ } else if (c == '*' || Character.isJavaIdentifierPart(c)) ++ dotOK = true; ++ else ++ break; ++ next(); ++ } ++ String className = s.substring(start, i); ++ if (!dotOK) ++ throw syntax("Bad class name " + className); ++ return className; ++ } ++ ++ // Advance c and i to the next character, unless already at EOS. ++ private void next() { ++ if (c != EOS) { ++ i += Character.charCount(c); ++ if (i < len) ++ c = s.codePointAt(i); ++ else ++ c = EOS; + } + } ++ ++ private void skipSpace() { ++ while (Character.isWhitespace(c)) ++ next(); ++ } ++ ++ private String parseWord() { ++ skipSpace(); ++ if (c == EOS) ++ throw syntax("Expected word at end of line"); ++ final int start = i; ++ while (c != EOS && !Character.isWhitespace(c)) ++ next(); ++ String word = s.substring(start, i); ++ skipSpace(); ++ return word; ++ } ++ ++ private IllegalArgumentException syntax(String msg) { ++ return new IllegalArgumentException( ++ msg + " [" + identity + " " + s + "]"); ++ } + } + +- private Properties props; ++ private Map accessMap; + private Properties originalProps; + private String accessFileName; + } +diff -Nru openjdk.orig/jdk/src/share/lib/management/jmxremote.access openjdk/jdk/src/share/lib/management/jmxremote.access +--- openjdk.orig/jdk/src/share/lib/management/jmxremote.access 2009-03-05 08:29:01.000000000 +0000 ++++ openjdk/jdk/src/share/lib/management/jmxremote.access 2009-04-06 18:44:48.000000000 +0100 +@@ -8,7 +8,7 @@ + # passwords. To be functional, a role must have an entry in + # both the password and the access files. + # +-# Default location of this file is $JRE/lib/management/jmxremote.access ++# The default location of this file is $JRE/lib/management/jmxremote.access + # You can specify an alternate location by specifying a property in + # the management config file $JRE/lib/management/management.properties + # (See that file for details) +@@ -16,7 +16,7 @@ + # The file format for password and access files is syntactically the same + # as the Properties file format. The syntax is described in the Javadoc + # for java.util.Properties.load. +-# Typical access file has multiple lines, where each line is blank, ++# A typical access file has multiple lines, where each line is blank, + # a comment (like this one), or an access control entry. + # + # An access control entry consists of a role name, and an +@@ -29,10 +29,38 @@ + # role can read measurements but cannot perform any action + # that changes the environment of the running program. + # "readwrite" grants access to read and write attributes of MBeans, +-# to invoke operations on them, and to create or remove them. +-# This access should be granted to only trusted clients, +-# since they can potentially interfere with the smooth +-# operation of a running program ++# to invoke operations on them, and optionally ++# to create or remove them. This access should be granted ++# only to trusted clients, since they can potentially ++# interfere with the smooth operation of a running program. ++# ++# The "readwrite" access level can optionally be followed by the "create" and/or ++# "unregister" keywords. The "unregister" keyword grants access to unregister ++# (delete) MBeans. The "create" keyword grants access to create MBeans of a ++# particular class or of any class matching a particular pattern. Access ++# should only be granted to create MBeans of known and trusted classes. ++# ++# For example, the following entry would grant readwrite access ++# to "controlRole", as well as access to create MBeans of the class ++# javax.management.monitor.CounterMonitor and to unregister any MBean: ++# controlRole readwrite \ ++# create javax.management.monitor.CounterMonitorMBean \ ++# unregister ++# or equivalently: ++# controlRole readwrite unregister create javax.management.monitor.CounterMBean ++# ++# The following entry would grant readwrite access as well as access to create ++# MBeans of any class in the packages javax.management.monitor and ++# javax.management.timer: ++# controlRole readwrite \ ++# create javax.management.monitor.*,javax.management.timer.* \ ++# unregister ++# ++# The \ character is defined in the Properties file syntax to allow continuation ++# lines as shown here. A * in a class pattern matches a sequence of characters ++# other than dot (.), so javax.management.monitor.* matches ++# javax.management.monitor.CounterMonitor but not ++# javax.management.monitor.foo.Bar. + # + # A given role should have at most one entry in this file. If a role + # has no entry, it has no access. +@@ -42,7 +70,10 @@ + # + # Default access control entries: + # o The "monitorRole" role has readonly access. +-# o The "controlRole" role has readwrite access. ++# o The "controlRole" role has readwrite access and can create the standard ++# Timer and Monitor MBeans defined by the JMX API. + + monitorRole readonly +-controlRole readwrite ++controlRole readwrite \ ++ create javax.management.monitor.*,javax.management.timer.* \ ++ unregister diff -r 9933c527970b -r 3a122c249dda patches/security/icedtea-6737315.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/icedtea-6737315.patch Tue Apr 07 01:02:17 2009 +0100 @@ -0,0 +1,44 @@ +--- old/./src/share/classes/com/sun/jndi/ldap/VersionHelper12.java Tue Mar 10 17:35:37 2009 ++++ openjdk/jdk/src/share/classes/com/sun/jndi/ldap/VersionHelper12.java Tue Mar 10 17:35:36 2009 +@@ -1,5 +1,5 @@ + /* +- * Copyright 1999 Sun Microsystems, Inc. All Rights Reserved. ++ * Copyright 1999-2009 Sun Microsystems, Inc. All Rights Reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -33,12 +33,33 @@ + + final class VersionHelper12 extends VersionHelper { + ++ // System property to control whether classes may be loaded from an ++ // arbitrary URL code base. ++ private static final String TRUST_URL_CODEBASE_PROPERTY = ++ "com.sun.jndi.ldap.object.trustURLCodebase"; ++ ++ // Determine whether classes may be loaded from an arbitrary URL code base. ++ private static final String trustURLCodebase = ++ AccessController.doPrivileged( ++ new PrivilegedAction() { ++ public String run() { ++ return System.getProperty(TRUST_URL_CODEBASE_PROPERTY, ++ "false"); ++ } ++ } ++ ); ++ + VersionHelper12() {} // Disallow external from creating one of these. + + ClassLoader getURLClassLoader(String[] url) + throws MalformedURLException { + ClassLoader parent = getContextClassLoader(); +- if (url != null) { ++ /* ++ * Classes may only be loaded from an arbitrary URL code base when ++ * the system property com.sun.jndi.ldap.object.trustURLCodebase ++ * has been set to "true". ++ */ ++ if (url != null && "true".equalsIgnoreCase(trustURLCodebase)) { + return URLClassLoader.newInstance(getUrlArray(url), parent); + } else { + return parent; diff -r 9933c527970b -r 3a122c249dda patches/security/icedtea-6792554.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/icedtea-6792554.patch Tue Apr 07 01:02:17 2009 +0100 @@ -0,0 +1,415 @@ +diff -Nru openjdk.orig/jdk/src/share/native/com/sun/java/util/jar/pack/bands.cpp openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/bands.cpp +--- openjdk.orig/jdk/src/share/native/com/sun/java/util/jar/pack/bands.cpp 2009-03-05 08:29:01.000000000 +0000 ++++ openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/bands.cpp 2009-04-06 18:51:27.000000000 +0100 +@@ -1,5 +1,5 @@ + /* +- * Copyright 2002-2008 Sun Microsystems, Inc. All Rights Reserved. ++ * Copyright 2002-2009 Sun Microsystems, Inc. All Rights Reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -94,6 +94,7 @@ + assert(!valc->isMalloc); + } + xvs.init(u->rp, u->rplimit, valc); ++ CHECK; + int X = xvs.getInt(); + if (valc->S() != 0) { + assert(valc->min <= -256); +@@ -117,6 +118,7 @@ + byte XB_byte = (byte) XB; + byte* XB_ptr = &XB_byte; + cm.init(u->rp, u->rplimit, XB_ptr, 0, defc, length, null); ++ CHECK; + } else { + NOT_PRODUCT(byte* meta_rp0 = u->meta_rp); + assert(u->meta_rp != null); +@@ -215,8 +217,19 @@ + if (length == 0) return 0; + if (total_memo > 0) return total_memo-1; + int total = getInt(); ++ // overflow checks require that none of the addends are <0, ++ // and that the partial sums never overflow (wrap negative) ++ if (total < 0) { ++ abort("overflow detected"); ++ return 0; ++ } + for (int k = length-1; k > 0; k--) { +- total += vs[0].getInt(); ++ int prev_total = total; ++ total += vs[0].getInt(); ++ if (total < prev_total) { ++ abort("overflow detected"); ++ return 0; ++ } + } + rewind(); + total_memo = total+1; +diff -Nru openjdk.orig/jdk/src/share/native/com/sun/java/util/jar/pack/coding.cpp openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/coding.cpp +--- openjdk.orig/jdk/src/share/native/com/sun/java/util/jar/pack/coding.cpp 2009-03-05 08:29:01.000000000 +0000 ++++ openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/coding.cpp 2009-04-06 18:51:43.000000000 +0100 +@@ -1,5 +1,5 @@ + /* +- * Copyright 2002-2008 Sun Microsystems, Inc. All Rights Reserved. ++ * Copyright 2002-2009 Sun Microsystems, Inc. All Rights Reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -814,6 +814,7 @@ + } + band_rp = vs.rp; + } ++ CHECK; + + // Get an accurate upper limit now. + vs0.rplimit = band_rp; +diff -Nru openjdk.orig/jdk/src/share/native/com/sun/java/util/jar/pack/defines.h openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/defines.h +--- openjdk.orig/jdk/src/share/native/com/sun/java/util/jar/pack/defines.h 2009-04-06 18:38:11.000000000 +0100 ++++ openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/defines.h 2009-04-06 18:51:06.000000000 +0100 +@@ -1,5 +1,5 @@ + /* +- * Copyright 2001-2008 Sun Microsystems, Inc. All Rights Reserved. ++ * Copyright 2001-2009 Sun Microsystems, Inc. All Rights Reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -149,6 +149,8 @@ + #define CHECK_NULL_(y,p) _CHECK_DO((p)==null, return y) + #define CHECK_NULL_0(p) _CHECK_DO((p)==null, return 0) + ++#define CHECK_COUNT(t) if (t < 0){abort("bad value count");} CHECK ++ + #define STR_TRUE "true" + #define STR_FALSE "false" + +diff -Nru openjdk.orig/jdk/src/share/native/com/sun/java/util/jar/pack/unpack.cpp openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/unpack.cpp +--- openjdk.orig/jdk/src/share/native/com/sun/java/util/jar/pack/unpack.cpp 2009-03-05 08:29:01.000000000 +0000 ++++ openjdk/jdk/src/share/native/com/sun/java/util/jar/pack/unpack.cpp 2009-04-06 18:53:46.000000000 +0100 +@@ -1,5 +1,5 @@ + /* +- * Copyright 2001-2008 Sun Microsystems, Inc. All Rights Reserved. ++ * Copyright 2001-2009 Sun Microsystems, Inc. All Rights Reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -523,15 +523,40 @@ + enum { + MAGIC_BYTES = 4, + AH_LENGTH_0 = 3, //minver, majver, options are outside of archive_size ++ AH_LENGTH_0_MAX = AH_LENGTH_0 + 1, // options might have 2 bytes + AH_LENGTH = 26, //maximum archive header length (w/ all fields) + // Length contributions from optional header fields: + AH_FILE_HEADER_LEN = 5, // sizehi/lo/next/modtime/files ++ AH_ARCHIVE_SIZE_LEN = 2, // sizehi/lo only; part of AH_FILE_HEADER_LEN + AH_CP_NUMBER_LEN = 4, // int/float/long/double + AH_SPECIAL_FORMAT_LEN = 2, // layouts/band-headers + AH_LENGTH_MIN = AH_LENGTH + -(AH_FILE_HEADER_LEN+AH_SPECIAL_FORMAT_LEN+AH_CP_NUMBER_LEN), ++ ARCHIVE_SIZE_MIN = AH_LENGTH_MIN - (AH_LENGTH_0 + AH_ARCHIVE_SIZE_LEN), + FIRST_READ = MAGIC_BYTES + AH_LENGTH_MIN + }; ++ ++ ++ assert(AH_LENGTH_MIN == 15); // # of UNSIGNED5 fields required after archive_magic ++ assert(ARCHIVE_SIZE_MIN == 10); // # of UNSIGNED5 fields required after archive_size ++ // An absolute minimum null archive is magic[4], {minver,majver,options}[3], ++ // archive_size[0], cp_counts[8], class_counts[4], for a total of 19 bytes. ++ // (Note that archive_size is optional; it may be 0..10 bytes in length.) ++ // The first read must capture everything up through the options field. ++ // This happens to work even if {minver,majver,options} is a pathological ++ // 15 bytes long. Legal pack files limit those three fields to 1+1+2 bytes. ++ assert(FIRST_READ >= MAGIC_BYTES + AH_LENGTH_0 * B_MAX); ++ ++ // Up through archive_size, the largest possible archive header is ++ // magic[4], {minver,majver,options}[4], archive_size[10]. ++ // (Note only the low 12 bits of options are allowed to be non-zero.) ++ // In order to parse archive_size, we need at least this many bytes ++ // in the first read. Of course, if archive_size_hi is more than ++ // a byte, we probably will fail to allocate the buffer, since it ++ // will be many gigabytes long. This is a practical, not an ++ // architectural limit to Pack200 archive sizes. ++ assert(FIRST_READ >= MAGIC_BYTES + AH_LENGTH_0_MAX + 2*B_MAX); ++ + bool foreign_buf = (read_input_fn == null); + byte initbuf[(int)FIRST_READ + (int)C_SLOP + 200]; // 200 is for JAR I/O + if (foreign_buf) { +@@ -547,7 +572,7 @@ + // There is no way to tell the caller that we used only part of them. + // Therefore, the caller must use only a bare minimum of read-ahead. + if (inbytes.len > FIRST_READ) { +- abort("too much pushback"); ++ abort("too much read-ahead"); + return; + } + input.set(initbuf, sizeof(initbuf)); +@@ -557,7 +582,7 @@ + rplimit += inbytes.len; + bytes_read += inbytes.len; + } +- // Read only 19 bytes, which is certain to contain #archive_size fields, ++ // Read only 19 bytes, which is certain to contain #archive_options fields, + // but is certain not to overflow past the archive_header. + input.b.len = FIRST_READ; + if (!ensure_input(FIRST_READ)) +@@ -630,8 +655,8 @@ + if ((archive_options & ~OPTION_LIMIT) != 0) { + fprintf(errstrm, "Warning: Illegal archive options 0x%x\n", + archive_options); +- // Do not abort. If the format really changes, version numbers will bump. +- //abort("illegal archive options"); ++ abort("illegal archive options"); ++ return; + } + + if ((archive_options & AO_HAVE_FILE_HEADERS) != 0) { +@@ -663,8 +688,17 @@ + return; + } + } else if (archive_size > 0) { ++ if (archive_size < ARCHIVE_SIZE_MIN) { ++ abort("impossible archive size"); // bad input data ++ return; ++ } ++ if (archive_size < header_size_1) { ++ abort("too much read-ahead"); // somehow we pre-fetched too much? ++ return; ++ } + input.set(U_NEW(byte, (size_t)(header_size_0 + archive_size + C_SLOP)), + (size_t) header_size_0 + (size_t)archive_size); ++ CHECK; + assert(input.limit()[0] == 0); + // Move all the bytes we read initially into the real buffer. + input.b.copyFrom(initbuf, header_size); +@@ -680,6 +714,7 @@ + rp = rplimit = input.base(); + // Set up input buffer as if we already read the header: + input.b.copyFrom(initbuf, header_size); ++ CHECK; + rplimit += header_size; + while (ensure_input(input.limit() - rp)) { + size_t dataSoFar = input_remaining(); +@@ -715,8 +750,10 @@ + + if ((archive_options & AO_HAVE_FILE_HEADERS) != 0) { + archive_next_count = hdr.getInt(); ++ CHECK_COUNT(archive_next_count); + archive_modtime = hdr.getInt(); + file_count = hdr.getInt(); ++ CHECK_COUNT(file_count); + hdrVals += 3; + } else { + hdrValsSkipped += 3; +@@ -724,7 +761,9 @@ + + if ((archive_options & AO_HAVE_SPECIAL_FORMATS) != 0) { + band_headers_size = hdr.getInt(); ++ CHECK_COUNT(band_headers_size); + attr_definition_count = hdr.getInt(); ++ CHECK_COUNT(attr_definition_count); + hdrVals += 2; + } else { + hdrValsSkipped += 2; +@@ -744,13 +783,16 @@ + } + } + cp_counts[k] = hdr.getInt(); ++ CHECK_COUNT(cp_counts[k]); + hdrVals += 1; + } + + ic_count = hdr.getInt(); ++ CHECK_COUNT(ic_count); + default_class_minver = hdr.getInt(); + default_class_majver = hdr.getInt(); + class_count = hdr.getInt(); ++ CHECK_COUNT(class_count); + hdrVals += 4; + + // done with archive_header +@@ -807,7 +849,6 @@ + bytes::of(band_headers.limit(), C_SLOP).clear(_meta_error); + } + +- + void unpacker::finish() { + if (verbose >= 1) { + fprintf(errstrm, +@@ -2117,13 +2158,14 @@ + + field_descr.readData(field_count); + read_attrs(ATTR_CONTEXT_FIELD, field_count); ++ CHECK; + + method_descr.readData(method_count); + read_attrs(ATTR_CONTEXT_METHOD, method_count); +- + CHECK; + + read_attrs(ATTR_CONTEXT_CLASS, class_count); ++ CHECK; + + read_code_headers(); + +@@ -2150,10 +2192,12 @@ + assert(endsWith(xxx_flags_hi.name, "_flags_hi")); + if (haveLongFlags) + xxx_flags_hi.readData(obj_count); ++ CHECK; + + band& xxx_flags_lo = ad.xxx_flags_lo(); + assert(endsWith(xxx_flags_lo.name, "_flags_lo")); + xxx_flags_lo.readData(obj_count); ++ CHECK; + + // pre-scan flags, counting occurrences of each index bit + julong indexMask = ad.flagIndexMask(); // which flag bits are index bits? +@@ -2176,11 +2220,13 @@ + assert(endsWith(xxx_attr_count.name, "_attr_count")); + // There is one count element for each 1<<16 bit set in flags: + xxx_attr_count.readData(ad.predefCount(X_ATTR_OVERFLOW)); ++ CHECK; + + band& xxx_attr_indexes = ad.xxx_attr_indexes(); + assert(endsWith(xxx_attr_indexes.name, "_attr_indexes")); + int overflowIndexCount = xxx_attr_count.getIntTotal(); + xxx_attr_indexes.readData(overflowIndexCount); ++ CHECK; + // pre-scan attr indexes, counting occurrences of each value + for (i = 0; i < overflowIndexCount; i++) { + idx = xxx_attr_indexes.getInt(); +@@ -2211,6 +2257,7 @@ + } + } + ad.xxx_attr_calls().readData(backwardCounts); ++ CHECK; + + // Read built-in bands. + // Mostly, these are hand-coded equivalents to readBandData(). +@@ -2219,42 +2266,53 @@ + + count = ad.predefCount(CLASS_ATTR_SourceFile); + class_SourceFile_RUN.readData(count); ++ CHECK; + + count = ad.predefCount(CLASS_ATTR_EnclosingMethod); + class_EnclosingMethod_RC.readData(count); + class_EnclosingMethod_RDN.readData(count); ++ CHECK; + + count = ad.predefCount(X_ATTR_Signature); + class_Signature_RS.readData(count); ++ CHECK; + + ad.readBandData(X_ATTR_RuntimeVisibleAnnotations); + ad.readBandData(X_ATTR_RuntimeInvisibleAnnotations); + + count = ad.predefCount(CLASS_ATTR_InnerClasses); + class_InnerClasses_N.readData(count); ++ CHECK; ++ + count = class_InnerClasses_N.getIntTotal(); + class_InnerClasses_RC.readData(count); + class_InnerClasses_F.readData(count); ++ CHECK; + // Drop remaining columns wherever flags are zero: + count -= class_InnerClasses_F.getIntCount(0); + class_InnerClasses_outer_RCN.readData(count); + class_InnerClasses_name_RUN.readData(count); ++ CHECK; + + count = ad.predefCount(CLASS_ATTR_ClassFile_version); + class_ClassFile_version_minor_H.readData(count); + class_ClassFile_version_major_H.readData(count); ++ CHECK; + break; + + case ATTR_CONTEXT_FIELD: + + count = ad.predefCount(FIELD_ATTR_ConstantValue); + field_ConstantValue_KQ.readData(count); ++ CHECK; + + count = ad.predefCount(X_ATTR_Signature); + field_Signature_RS.readData(count); ++ CHECK; + + ad.readBandData(X_ATTR_RuntimeVisibleAnnotations); + ad.readBandData(X_ATTR_RuntimeInvisibleAnnotations); ++ CHECK; + break; + + case ATTR_CONTEXT_METHOD: +@@ -2266,15 +2324,18 @@ + method_Exceptions_N.readData(count); + count = method_Exceptions_N.getIntTotal(); + method_Exceptions_RC.readData(count); ++ CHECK; + + count = ad.predefCount(X_ATTR_Signature); + method_Signature_RS.readData(count); ++ CHECK; + + ad.readBandData(X_ATTR_RuntimeVisibleAnnotations); + ad.readBandData(X_ATTR_RuntimeInvisibleAnnotations); + ad.readBandData(METHOD_ATTR_RuntimeVisibleParameterAnnotations); + ad.readBandData(METHOD_ATTR_RuntimeInvisibleParameterAnnotations); + ad.readBandData(METHOD_ATTR_AnnotationDefault); ++ CHECK; + break; + + case ATTR_CONTEXT_CODE: +@@ -2286,8 +2347,10 @@ + return; + } + code_StackMapTable_N.readData(count); ++ CHECK; + count = code_StackMapTable_N.getIntTotal(); + code_StackMapTable_frame_T.readData(count); ++ CHECK; + // the rest of it depends in a complicated way on frame tags + { + int fat_frame_count = 0; +@@ -2321,18 +2384,23 @@ + // deal completely with fat frames: + offset_count += fat_frame_count; + code_StackMapTable_local_N.readData(fat_frame_count); ++ CHECK; + type_count += code_StackMapTable_local_N.getIntTotal(); + code_StackMapTable_stack_N.readData(fat_frame_count); + type_count += code_StackMapTable_stack_N.getIntTotal(); ++ CHECK; + // read the rest: + code_StackMapTable_offset.readData(offset_count); + code_StackMapTable_T.readData(type_count); ++ CHECK; + // (7) [RCH] + count = code_StackMapTable_T.getIntCount(7); + code_StackMapTable_RC.readData(count); ++ CHECK; + // (8) [PH] + count = code_StackMapTable_T.getIntCount(8); + code_StackMapTable_P.readData(count); ++ CHECK; + } + + count = ad.predefCount(CODE_ATTR_LineNumberTable); +@@ -2654,6 +2722,8 @@ + code_max_na_locals.readData(); + code_handler_count.readData(); + totalHandlerCount += code_handler_count.getIntTotal(); ++ CHECK; ++ + + // Read handler specifications. + // Cf. PackageReader.readCodeHandlers. +@@ -2661,8 +2731,10 @@ + code_handler_end_PO.readData(totalHandlerCount); + code_handler_catch_PO.readData(totalHandlerCount); + code_handler_class_RCN.readData(totalHandlerCount); ++ CHECK; + + read_attrs(ATTR_CONTEXT_CODE, totalFlagsCount); ++ CHECK; + } + + static inline bool is_in_range(uint n, uint min, uint max) { diff -r 9933c527970b -r 3a122c249dda patches/security/icedtea-6804996.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/icedtea-6804996.patch Tue Apr 07 01:02:17 2009 +0100 @@ -0,0 +1,75 @@ +--- old/src/share/native/sun/awt/splashscreen/splashscreen_gif.c Thu Mar 5 16:18:35 2009 ++++ openjdk/jdk/src/share/native/sun/awt/splashscreen/splashscreen_gif.c Thu Mar 5 16:18:34 2009 +@@ -53,10 +53,6 @@ + // convert libungif samples to our ones + #define MAKE_QUAD_GIF(c,a) MAKE_QUAD((c).Red, (c).Green, (c).Blue, (a)) + +-#define SAFE_TO_ALLOC(c, sz) \ +- (((c) > 0) && ((sz) > 0) && \ +- ((0xffffffffu / ((unsigned int)(c))) > (unsigned int)(sz))) +- + /* stdio FILE* and memory input functions for libungif */ + int + SplashStreamGifInputFunc(GifFileType * gif, GifByteType * buf, int n) +--- old/src/share/native/sun/awt/splashscreen/splashscreen_impl.h Thu Mar 5 16:18:38 2009 ++++ openjdk/jdk/src/share/native/sun/awt/splashscreen/splashscreen_impl.h Thu Mar 5 16:18:37 2009 +@@ -155,6 +155,10 @@ + + void SplashInitFrameShape(Splash * splash, int imageIndex); + ++#define SAFE_TO_ALLOC(c, sz) \ ++ (((c) > 0) && ((sz) > 0) && \ ++ ((0xffffffffu / ((unsigned int)(c))) > (unsigned int)(sz))) ++ + #define dbgprintf printf + + #endif +--- old/src/share/native/sun/awt/splashscreen/splashscreen_png.c Thu Mar 5 16:18:41 2009 ++++ openjdk/jdk/src/share/native/sun/awt/splashscreen/splashscreen_png.c Thu Mar 5 16:18:40 2009 +@@ -103,9 +103,17 @@ + + rowbytes = png_get_rowbytes(png_ptr, info_ptr); + ++ if (!SAFE_TO_ALLOC(rowbytes, height)) { ++ goto done; ++ } ++ + if ((image_data = (unsigned char *) malloc(rowbytes * height)) == NULL) { + goto done; + } ++ ++ if (!SAFE_TO_ALLOC(height, sizeof(png_bytep))) { ++ goto done; ++ } + if ((row_pointers = (png_bytepp) malloc(height * sizeof(png_bytep))) + == NULL) { + goto done; +@@ -121,13 +129,28 @@ + splash->width = width; + splash->height = height; + ++ if (!SAFE_TO_ALLOC(splash->width, splash->imageFormat.depthBytes)) { ++ goto done; ++ } + stride = splash->width * splash->imageFormat.depthBytes; + ++ if (!SAFE_TO_ALLOC(splash->height, stride)) { ++ goto done; ++ } + splash->frameCount = 1; + splash->frames = (SplashImage *) + malloc(sizeof(SplashImage) * splash->frameCount); ++ ++ if (splash->frames == NULL) { ++ goto done; ++ } ++ + splash->loopCount = 1; + splash->frames[0].bitmapBits = malloc(stride * splash->height); ++ if (splash->frames[0].bitmapBits == NULL) { ++ free(splash->frames); ++ goto done; ++ } + splash->frames[0].delay = 0; + + /* FIXME: sort out the real format */ diff -r 9933c527970b -r 3a122c249dda patches/security/icedtea-6804997.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/icedtea-6804997.patch Tue Apr 07 01:02:17 2009 +0100 @@ -0,0 +1,31 @@ +--- old/src/share/native/sun/awt/giflib/dgif_lib.c Thu Mar 5 16:33:17 2009 ++++ openjdk/jdk/src/share/native/sun/awt/giflib/dgif_lib.c Thu Mar 5 16:33:16 2009 +@@ -722,6 +722,10 @@ + GifFilePrivateType *Private = (GifFilePrivateType *)GifFile->Private; + + READ(GifFile, &CodeSize, 1); /* Read Code size from file. */ ++ if (CodeSize >= 12) { ++ /* Invalid initial code size: report failure */ ++ return GIF_ERROR; ++ } + BitsPerPixel = CodeSize; + + Private->Buf[0] = 0; /* Input Buffer empty. */ +@@ -964,10 +968,13 @@ + + /* If code cannot fit into RunningBits bits, must raise its size. Note + * however that codes above 4095 are used for special signaling. */ +- if (++Private->RunningCode > Private->MaxCode1 && +- Private->RunningBits < LZ_BITS) { +- Private->MaxCode1 <<= 1; +- Private->RunningBits++; ++ if (++Private->RunningCode > Private->MaxCode1) { ++ if (Private->RunningBits < LZ_BITS) { ++ Private->MaxCode1 <<= 1; ++ Private->RunningBits++; ++ } else { ++ Private->RunningCode = Private->MaxCode1; ++ } + } + return GIF_OK; + } diff -r 9933c527970b -r 3a122c249dda patches/security/icedtea-6804998.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/icedtea-6804998.patch Tue Apr 07 01:02:17 2009 +0100 @@ -0,0 +1,35 @@ +--- old/src/share/classes/sun/awt/image/GifImageDecoder.java Thu Mar 5 17:00:25 2009 ++++ openjdk/jdk/src/share/classes/sun/awt/image/GifImageDecoder.java Thu Mar 5 17:00:24 2009 +@@ -585,9 +585,16 @@ + System.out.print("Reading a " + width + " by " + height + " " + + (interlace ? "" : "non-") + "interlaced image..."); + } +- ++ int initCodeSize = ExtractByte(block, 9); ++ if (initCodeSize >= 12) { ++ if (verbose) { ++ System.out.println("Invalid initial code size: " + ++ initCodeSize); ++ } ++ return false; ++ } + boolean ret = parseImage(x, y, width, height, +- interlace, ExtractByte(block, 9), ++ interlace, initCodeSize, + block, rasline, model); + + if (!ret) { +--- old/src/share/native/sun/awt/image/gif/gifdecoder.c Thu Mar 5 17:00:28 2009 ++++ openjdk/jdk/src/share/native/sun/awt/image/gif/gifdecoder.c Thu Mar 5 17:00:27 2009 +@@ -191,6 +191,11 @@ + int passht = passinc; + int len; + ++ /* We have verified the initial code size on the java layer. ++ * Here we just check bounds for particular indexes. */ ++ if (freeCode >= 4096 || maxCode >= 4096) { ++ return 0; ++ } + if (blockh == 0 || raslineh == 0 + || prefixh == 0 || suffixh == 0 + || outCodeh == 0)