Mercurial > hg > release > icedtea6-1.11

view patches/openjdk/8014745-logger_stack_walk_switch.patch @ 2938:d667440f2973

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Add 2013/10/15 security fixes. 2013-10-29 Andrew John Hughes <gnu.andrew@redhat.com> * patches/ecj/bootver.patch: Removed as unapplied & incorporated in other patches. * Makefile.am: (SECURITY_PATCHES): Add security update. * NEWS: Updated. * patches/jtreg-LastErrorString.patch, * patches/openjdk/7196533-timezone_bottleneck.patch, * patches/openjdk/8010727-empty_logger_name.patch, * patches/openjdk/8010939-logmanager_deadlock.patch, * patches/openjdk/8012617-arrayindexoutofbounds_linebreakmeasurer.patch, * patches/openjdk/8014718-remove_logging_suntoolkit.patch: Regenerated. * patches/nss-config.patch: Fix path to java.security. * patches/openjdk/4075303-javap_update.patch, * patches/openjdk/4111861-static_fields.patch, * patches/openjdk/4501661-disallow_mixing.patch, * patches/openjdk/4884240-javap_additional_option.patch, * patches/openjdk/6708729-javap_makefile_update.patch, * patches/openjdk/6715767-javap_crash.patch, * patches/openjdk/6819246-javap_instruction_decoding.patch, * patches/openjdk/6824493-experimental.patch, * patches/openjdk/6841419-classfile_iterator.patch, * patches/openjdk/6841420-classfile_methods.patch, * patches/openjdk/6843013-missing_experimental.patch, * patches/openjdk/6852856-javap_subclasses.patch, * patches/openjdk/6867671-javap_whitespace.patch, * patches/openjdk/6868539-constant_pool_tags.patch, * patches/openjdk/6902264-fix_indentation.patch, * patches/openjdk/6954275-big_xml_signatures.patch, * patches/openjdk/7146431-java.security_files.patch, * patches/openjdk/8000450-restrict_access.patch, * patches/openjdk/8002070-remove_logger_stack_search.patch, * patches/openjdk/8003992-embedded_nulls.patch, * patches/openjdk/8004188-rename_java.security.patch, * patches/openjdk/8006882-jmockit.patch, * patches/openjdk/8006900-new_date_time.patch, * patches/openjdk/8008589-better_mbean_permission_validation.patch, * patches/openjdk/8010118-caller_sensitive.patch, * patches/openjdk/8011071-better_crypto_provider_handling.patch, * patches/openjdk/8011081-improve_jhat.patch, * patches/openjdk/8011139-revise_checking_getenclosingclass.patch, * patches/openjdk/8011157-improve_corba_portability-jdk.patch, * patches/openjdk/8011157-improve_corba_portability.patch, * patches/openjdk/8011990-logger_test_urls.patch, * patches/openjdk/8012071-better_bean_building.patch, * patches/openjdk/8012147-improve_tool.patch, * patches/openjdk/8012243-serial_regression.patch, * patches/openjdk/8012277-improve_dataflavour.patch, * patches/openjdk/8012425-transform_transformfactory.patch, * patches/openjdk/8012453-runtime.exec.patch, * patches/openjdk/8013380-logger_stack_walk_glassfish.patch, * patches/openjdk/8013503-improve_stream_factories.patch, * patches/openjdk/8013506-better_pack200.patch, * patches/openjdk/8013510-augment_image_writing.patch, * patches/openjdk/8013514-improve_cmap_stability.patch, * patches/openjdk/8013739-better_ldap_resource_management.patch, * patches/openjdk/8013744-better_tabling.patch, * patches/openjdk/8013827-createtempfile_hang.patch, * patches/openjdk/8014085-better_serialization.patch, * patches/openjdk/8014093-improve_image_parsing.patch, * patches/openjdk/8014102-improve_image_conversion.patch, * patches/openjdk/8014341-better_kerberos_service.patch, * patches/openjdk/8014349-getdeclaredclass_fix.patch, * patches/openjdk/8014530-better_dsp.patch, * patches/openjdk/8014534-better_profiling.patch, * patches/openjdk/8014745-logger_stack_walk_switch.patch, * patches/openjdk/8014987-augment_serialization.patch, * patches/openjdk/8015144-performance_regression.patch, * patches/openjdk/8015614-update_build.patch, * patches/openjdk/8015731-auth_improvements.patch, * patches/openjdk/8015743-address_internet_addresses.patch, * patches/openjdk/8015965-typo_in_property_name.patch, * patches/openjdk/8015978-incorrect_transformation.patch, * patches/openjdk/8016256-finalization_final.patch, * patches/openjdk/8016357-update_hs_diagnostic_class.patch, * patches/openjdk/8016653-ignoreable_characters.patch, * patches/openjdk/8016675-robust_javadoc.patch, * patches/openjdk/8017196-ensure_proxies_are_handled_appropriately-jdk.patch, * patches/openjdk/8017196-ensure_proxies_are_handled_appropriately.patch, * patches/openjdk/8017287-better_resource_disposal.patch, * patches/openjdk/8017291-cast_proxies_aside.patch, * patches/openjdk/8017298-better_xml_support.patch, * patches/openjdk/8017300-improve_interface_implementation.patch, * patches/openjdk/8017505-better_client_service.patch, * patches/openjdk/8017566-backout_part_of_8000450.patch, * patches/openjdk/8019292-better_attribute_value_exceptions.patch, * patches/openjdk/8019584-invalid_notification_fix.patch, * patches/openjdk/8019617-better_view_of_objects.patch, * patches/openjdk/8019969-inet6_test_case_fix.patch, * patches/openjdk/8019979-better_access_test.patch, * patches/openjdk/8020293-jvm_crash.patch, * patches/openjdk/8021290-signature_validation.patch, * patches/openjdk/8021355-splashscreen_regression.patch, * patches/openjdk/8021366-jaxp_test_fix-01.patch, * patches/openjdk/8021577-bean_serialization_fix.patch, * patches/openjdk/8021933-jaxp_test_fix-02.patch, * patches/openjdk/8021969-jnlp_load_failure.patch, * patches/openjdk/8022661-writeobject_flush.patch, * patches/openjdk/8022682-supporting_xom.patch, * patches/openjdk/8022940-enhance_corba_translations.patch, * patches/openjdk/8023683-enhance_class_file_parsing.patch, * patches/openjdk/8023964-ignore_test.patch, * patches/openjdk/8024914-swapped_usage.patch, * patches/openjdk/8025128-createtempfile_absolute_prefix.patch, * patches/openjdk/oj6-19-fix_8010118_test_cases.patch, * patches/openjdk/oj6-20-merge.patch, * patches/openjdk/oj6-21-overrides.patch: Added.
author Andrew John Hughes <gnu.andrew@redhat.com>
date Thu, 31 Oct 2013 00:22:07 +0000
parents
children
line wrap: on
line source

# HG changeset patch
# User mchung
# Date 1368826191 25200
#      Fri May 17 14:29:51 2013 -0700
# Node ID 0bf55b4c8a7bbea02a9d848b2a5451adbd6a6ac4
# Parent  8733761ca20bb4e46405e274c514bda0e0616a21
8014745: Provide a switch to allow stack walk search of resource bundle
Reviewed-by: alanb, jgish

diff -r 8733761ca20b -r 0bf55b4c8a7b make/java/java/mapfile-vers
--- openjdk/jdk/make/java/java/mapfile-vers	Wed Jun 26 22:50:47 2013 -0500
+++ openjdk/jdk/make/java/java/mapfile-vers	Fri May 17 14:29:51 2013 -0700
@@ -271,6 +271,7 @@
 		Java_sun_reflect_NativeConstructorAccessorImpl_newInstance0;
 		Java_sun_reflect_NativeMethodAccessorImpl_invoke0;
 		Java_sun_reflect_Reflection_getCallerClass;
+		Java_sun_reflect_Reflection_getCallerClass0;
 		Java_sun_reflect_Reflection_getClassAccessFlags;
                 Java_sun_misc_Version_getJdkVersionInfo;
                 Java_sun_misc_Version_getJdkSpecialVersion;
diff -r 8733761ca20b -r 0bf55b4c8a7b src/share/classes/java/util/logging/Logger.java
--- openjdk/jdk/src/share/classes/java/util/logging/Logger.java	Wed Jun 26 22:50:47 2013 -0500
+++ openjdk/jdk/src/share/classes/java/util/logging/Logger.java	Fri May 17 14:29:51 2013 -0700
@@ -303,8 +303,13 @@
     // null, we assume it's a system logger and add it to the system context.
     // These system loggers only set the resource bundle to the given
     // resource bundle name (rather than the default system resource bundle).
-    private static class SystemLoggerHelper {
-        static boolean disableCallerCheck = getBooleanProperty("sun.util.logging.disableCallerCheck");
+    private static class LoggerHelper {
+        static boolean disableCallerCheck =
+            getBooleanProperty("sun.util.logging.disableCallerCheck");
+
+        // workaround to turn on the old behavior for resource bundle search
+        static boolean allowStackWalkSearch =
+            getBooleanProperty("jdk.logging.allowStackWalkSearch");
         private static boolean getBooleanProperty(final String key) {
             String s = AccessController.doPrivileged(new PrivilegedAction<String>() {
                 public String run() {
@@ -318,7 +323,7 @@
     private static Logger demandLogger(String name, String resourceBundleName, Class<?> caller) {
         LogManager manager = LogManager.getLogManager();
         SecurityManager sm = System.getSecurityManager();
-        if (sm != null && !SystemLoggerHelper.disableCallerCheck) {
+        if (sm != null && !LoggerHelper.disableCallerCheck) {
             if (caller.getClassLoader() == null) {
                 return manager.demandSystemLogger(name, resourceBundleName);
             }
@@ -1407,25 +1412,61 @@
         if (useCallersClassLoader) {
             // Try with the caller's ClassLoader
             ClassLoader callersClassLoader = getCallersClassLoader();
+            if (callersClassLoader != null && callersClassLoader != cl) {
+                try {
+                    catalog = ResourceBundle.getBundle(name, currentLocale,
+                                                       callersClassLoader);
+                    catalogName = name;
+                    catalogLocale = currentLocale;
+                    return catalog;
+                } catch (MissingResourceException ex) {
+                }
+            }
+        }
 
-            if (callersClassLoader == null || callersClassLoader == cl) {
-                return null;
-            }
-
-            try {
-                catalog = ResourceBundle.getBundle(name, currentLocale,
-                                                   callersClassLoader);
-                catalogName = name;
-                catalogLocale = currentLocale;
-                return catalog;
-            } catch (MissingResourceException ex) {
-                return null; // no luck
-            }
+        // If -Djdk.logging.allowStackWalkSearch=true is set,
+        // does stack walk to search for the resource bundle
+        if (LoggerHelper.allowStackWalkSearch) {
+            return findResourceBundleFromStack(name, currentLocale, cl);
         } else {
             return null;
         }
     }
 
+    /**
+     * This method will fail when running with a VM that enforces caller-sensitive
+     * methods and only allows to get the immediate caller.
+     */
+    @CallerSensitive
+    private synchronized ResourceBundle findResourceBundleFromStack(String name,
+                                                                    Locale locale,
+                                                                    ClassLoader cl)
+    {
+        for (int ix = 0; ; ix++) {
+            Class<?> clz = sun.reflect.Reflection.getCallerClass(ix);
+            if (clz == null) {
+                break;
+            }
+            ClassLoader cl2 = clz.getClassLoader();
+            if (cl2 == null) {
+                cl2 = ClassLoader.getSystemClassLoader();
+            }
+            if (cl == cl2) {
+                // We've already checked this classloader.
+                continue;
+            }
+            cl = cl2;
+            try {
+                catalog = ResourceBundle.getBundle(name, locale, cl);
+                catalogName = name;
+                catalogLocale = locale;
+                return catalog;
+            } catch (MissingResourceException ex) {
+            }
+        }
+        return null;
+    }
+
     // Private utility method to initialize our one entry
     // resource bundle name cache and the callers ClassLoader
     // Note: for consistency reasons, we are careful to check
diff -r 8733761ca20b -r 0bf55b4c8a7b src/share/classes/sun/reflect/Reflection.java
--- openjdk/jdk/src/share/classes/sun/reflect/Reflection.java	Wed Jun 26 22:50:47 2013 -0500
+++ openjdk/jdk/src/share/classes/sun/reflect/Reflection.java	Fri May 17 14:29:51 2013 -0700
@@ -58,6 +58,21 @@
     @CallerSensitive
     public static native Class getCallerClass();
 
+    /**
+     * @deprecated No replacement.  This method will be removed in the next
+     * JDK 7 update release.
+     */
+    @Deprecated
+    @CallerSensitive
+    public static Class getCallerClass(int depth) {
+        return getCallerClass0(depth);
+    }
+
+    // If the VM enforces getting caller class with @CallerSensitive,
+    // this will fail anyway.
+    @CallerSensitive
+    private static native Class getCallerClass0(int depth);
+
     /** Retrieves the access flags written to the class file. For
         inner classes these flags may differ from those returned by
         Class.getModifiers(), which searches the InnerClasses
diff -r 8733761ca20b -r 0bf55b4c8a7b src/share/native/sun/reflect/Reflection.c
--- openjdk/jdk/src/share/native/sun/reflect/Reflection.c	Wed Jun 26 22:50:47 2013 -0500
+++ openjdk/jdk/src/share/native/sun/reflect/Reflection.c	Fri May 17 14:29:51 2013 -0700
@@ -34,6 +34,12 @@
     return JVM_GetCallerClass(env, 2);
 }
 
+JNIEXPORT jclass JNICALL Java_sun_reflect_Reflection_getCallerClass0
+(JNIEnv *env, jclass unused, jint depth)
+{
+    return JVM_GetCallerClass(env, depth);
+}
+
 JNIEXPORT jint JNICALL Java_sun_reflect_Reflection_getClassAccessFlags
 (JNIEnv *env, jclass unused, jclass cls)
 {
diff -r 8733761ca20b -r 0bf55b4c8a7b test/java/util/logging/bundlesearch/ResourceBundleSearchTest.java
--- openjdk/jdk/test/java/util/logging/bundlesearch/ResourceBundleSearchTest.java	Wed Jun 26 22:50:47 2013 -0500
+++ openjdk/jdk/test/java/util/logging/bundlesearch/ResourceBundleSearchTest.java	Fri May 17 14:29:51 2013 -0700
@@ -28,6 +28,7 @@
  * @author  Jim Gish
  * @build  ResourceBundleSearchTest IndirectlyLoadABundle LoadItUp1 LoadItUp2 TwiceIndirectlyLoadABundle LoadItUp2Invoker
  * @run main/othervm ResourceBundleSearchTest
+ * @run main/othervm -Djdk.logging.allowStackWalkSearch=true ResourceBundleSearchTest
  */
 import java.net.URL;
 import java.net.URLClassLoader;
@@ -79,7 +80,15 @@
 
         // Test 1 - can we find a Logger bundle from doing a stack search?
         // We shouldn't be able to
-        assertFalse(testGetBundleFromStackSearch(), "1-testGetBundleFromStackSearch");
+        // unless -Djdk.logging.allowStackWalkSearch=true is set
+
+        boolean allowStackWalkSearch = Boolean.getBoolean("jdk.logging.allowStackWalkSearch");
+        if (allowStackWalkSearch) {
+            assertTrue(testGetBundleFromStackSearch(), "1-testGetBundleFromStackSearch");
+        } else {
+            // default behavior
+            assertFalse(testGetBundleFromStackSearch(), "1-testGetBundleFromStackSearch");
+        }
 
         // Test 2 - can we find a Logger bundle off of the Thread context class
         // loader? We should be able to.
@@ -111,8 +120,10 @@
         // Test 6 - first call getLogger("myLogger").
         // Then call getLogger("myLogger","bundleName") from a different ClassLoader
         // Make sure we find the bundle
-        assertTrue(testGetBundleFromSecondCallersClassLoader(),
-                   "6-testGetBundleFromSecondCallersClassLoader");
+        if (!allowStackWalkSearch) {
+            assertTrue(testGetBundleFromSecondCallersClassLoader(),
+                       "6-testGetBundleFromSecondCallersClassLoader");
+        }
 
         report();
     }