Mercurial > hg > release > icedtea6-1.11
changeset 2945:a3249839270a
Add 20140114 CPU patches
line wrap: on
line diff
--- a/ChangeLog Fri Jan 10 18:13:33 2014 -0500 +++ b/ChangeLog Wed Jan 15 12:52:12 2014 -0500 @@ -1,3 +1,40 @@ +2014-01-15 Omair Majid <omajid@redhat.com> + + * Makefile (SECURITY_PATCHES): Add patches. + * patches/security/20140114/6995424-deprecated_dependency.patch, + * patches/security/20140114/7068126-snmp_status.patch, + * patches/security/20140114/8010935-xml_handling.patch, + * patches/security/20140114/8011786-networking.patch, + * patches/security/20140114/8021257-restrict_package.corba.patch, + * patches/security/20140114/8021257-restrict_package.jdk.patch, + * patches/security/20140114/8022904-jdbc.patch, + * patches/security/20140114/8022927-conversions.patch, + * patches/security/20140114/8022935-resolver_classes.patch, + * patches/security/20140114/8022945-jndi.patch, + * patches/security/20140114/8023057-splashscreen.patch, + * patches/security/20140114/8023069-tls.patch, + * patches/security/20140114/8023245-beans_decoding.patch, + * patches/security/20140114/8023301-generic_classes.patch, + * patches/security/20140114/8023672-jar_validation.patch, + * patches/security/20140114/8024306-subject_consistency.patch, + * patches/security/20140114/8024530-font_process.patch, + * patches/security/20140114/8024867-logging.patch, + * patches/security/20140114/8025014-security_policy.patch, + * patches/security/20140114/8025018-jaxp_setup.patch, + * patches/security/20140114/8025026-canonicalization.patch, + * patches/security/20140114/8025034-layout_lookups.patch, + * patches/security/20140114/8025448-swing_listening.patch, + * patches/security/20140114/8025758-naming.patch, + * patches/security/20140114/8025767-corba_iiop_streams.patch, + * patches/security/20140114/8026172-ui_management.patch, + * patches/security/20140114/8026176-document_printing.patch, + * patches/security/20140114/8026193-corba_stub_factories.patch, + * patches/security/20140114/8026204-auth_login_contexts.patch, + * patches/security/20140114/8026417-xml_canonicalization.patch, + * patches/security/20140114/8026826-fix_build.patch, + * patches/security/20140114/8027201-jaxp_setup.patch: + New file for CPU update. + 2014-01-10 Omair Majid <omajid@redhat.com> * patches/nss-not-enabled-config.patch: Fix path
--- a/Makefile.am Fri Jan 10 18:13:33 2014 -0500 +++ b/Makefile.am Wed Jan 15 12:52:12 2014 -0500 @@ -494,7 +494,40 @@ patches/openjdk/8003992-embedded_nulls.patch \ patches/openjdk/8013827-createtempfile_hang.patch \ patches/openjdk/8025128-createtempfile_absolute_prefix.patch \ - patches/openjdk/oj6-21-overrides.patch + patches/openjdk/oj6-21-overrides.patch \ + patches/security/20140114/6995424-deprecated_dependency.patch \ + patches/security/20140114/7068126-snmp_status.patch \ + patches/openjdk//8009530-icu_kern_table_support_broken.patch \ + patches/security/20140114/8010935-xml_handling.patch \ + patches/security/20140114/8011786-networking.patch \ + patches/security/20140114/8021257-restrict_package.corba.patch \ + patches/security/20140114/8021257-restrict_package.jdk.patch \ + patches/security/20140114/8022904-jdbc.patch \ + patches/security/20140114/8022927-conversions.patch \ + patches/security/20140114/8022935-resolver_classes.patch \ + patches/security/20140114/8022945-jndi.patch \ + patches/security/20140114/8023057-splashscreen.patch \ + patches/security/20140114/8023069-tls.patch \ + patches/security/20140114/8023245-beans_decoding.patch \ + patches/security/20140114/8023301-generic_classes.patch \ + patches/security/20140114/8023672-jar_validation.patch \ + patches/security/20140114/8024306-subject_consistency.patch \ + patches/security/20140114/8024530-font_process.patch \ + patches/security/20140114/8024867-logging.patch \ + patches/security/20140114/8025014-security_policy.patch \ + patches/security/20140114/8025018-jaxp_setup.patch \ + patches/security/20140114/8025026-canonicalization.patch \ + patches/security/20140114/8025034-layout_lookups.patch \ + patches/security/20140114/8025448-swing_listening.patch \ + patches/security/20140114/8025758-naming.patch \ + patches/security/20140114/8025767-corba_iiop_streams.patch \ + patches/security/20140114/8026172-ui_management.patch \ + patches/security/20140114/8026176-document_printing.patch \ + patches/security/20140114/8026193-corba_stub_factories.patch \ + patches/security/20140114/8026204-auth_login_contexts.patch \ + patches/security/20140114/8026417-xml_canonicalization.patch \ + patches/security/20140114/8026826-fix_build.patch \ + patches/security/20140114/8027201-jaxp_setup.patch SPECIAL_SECURITY_PATCH_1 = patches/security/20120214/7112642.patch SPECIAL_SECURITY_PATCH_2 = patches/security/20130618/8009071-improve_shape_handling.patch @@ -726,7 +759,6 @@ patches/aarch64.patch \ patches/jaxws-tempfiles-ioutils-6.patch \ patches/object-factory-cl-internal.patch \ - patches/openjdk/8009530-icu_kern_table_support_broken.patch \ patches/openjdk/7171223-strict_aliasing.patch \ patches/openjdk/8009165-inappropriate_method_in_reflectutil.patch \ patches/openjdk/8009217-fix_test_compile.patch \
--- a/NEWS Fri Jan 10 18:13:33 2014 -0500 +++ b/NEWS Wed Jan 15 12:52:12 2014 -0500 @@ -13,6 +13,42 @@ New in release 1.11.15 (2014-XX-XX): +* Security fixes + - S6727821: Enhance JAAS Configuration + - S7068126, CVE-2014-0373: Enhance SNMP status + - S8010935: Better XML handling + - S8011786, CVE-2014-0368: Better applet networking + - S8021257, CVE-2013-5896: com.sun.corba.se.** should be on restricted package list + - S8022904: Enhance JDBC Parsers + - S8022927: Input validation for byte/endian conversions + - S8022935: Enhance Apache resolver classes + - S8022945: Enhance JNDI implementation classes + - S8023057: Enhance start up image display + - S8023069, CVE-2014-0411: Enhance TLS connections + - S8023245, CVE-2014-0423: Enhance Beans decoding + - S8023301: Enhance generic classes + - S8023672: Enhance jar file validation + - S8024306, CVE-2014-0416: Enhance Subject consistency + - S8024530: Enhance font process resilience + - S8024867: Enhance logging start up + - S8025014: Enhance Security Policy + - S8025018, CVE-2014-0376: Enhance JAX-P set up + - S8025026, CVE-2013-5878: Enhance canonicalization + - S8025034, CVE-2013-5907: Improve layout lookups + - S8025448: Enhance listening events + - S8025758, CVE-2014-0422: Enhance Naming management + - S8025767, CVE-2014-0428: Enhance IIOP Streams + - S8026172: Enhance UI Management + - S8026176: Enhance document printing + - S8026193, CVE-2013-5884: Enhance CORBA stub factories + - S8026204: Enhance auth login contexts + - S8026417, CVE-2013-5910: Enhance XML canonicalization + - S8027201, CVE-2014-0376: Enhance JAX-P set up +* Bug fixes + - S8026826: JDK 7 fix for 8010935 broke the build +* Backports + - S6995424: Eliminate dependency to a deprecated API com.sun.security.auth.PolicyFile + New in release 1.11.14 (2013-11-13): * Security fixes
--- a/patches/ecj/override.patch Fri Jan 10 18:13:33 2014 -0500 +++ b/patches/ecj/override.patch Wed Jan 15 12:52:12 2014 -0500 @@ -310,3 +310,163 @@ public final void close() { open = false; synchronized (AbstractMidiDevice.this.traRecLock) { +diff -ruN openjdk-ecj/corba/src/share/classes/com/sun/corba/se/impl/corba/AnyImpl.java openjdk-ecj/corba/src/share/classes/com/sun/corba/se/impl/corba/AnyImpl.java +--- openjdk-ecj/corba/src/share/classes/com/sun/corba/se/impl/corba/AnyImpl.java 2014-01-10 16:24:15.000000000 -0500 ++++ openjdk-ecj/corba/src/share/classes/com/sun/corba/se/impl/corba/AnyImpl.java 2014-01-14 09:38:04.744121397 -0500 +@@ -87,7 +87,6 @@ + .create_input_stream(); + AnyInputStream aIS = AccessController + .doPrivileged(new PrivilegedAction<AnyInputStream>() { +- @Override + public AnyInputStream run() { + return new AnyInputStream( + (com.sun.corba.se.impl.encoding.EncapsInputStream) is); +diff -ruN openjdk-ecj/corba/src/share/classes/com/sun/corba/se/impl/presentation/rmi/StubFactoryFactoryProxyImpl.java openjdk-ecj/corba/src/share/classes/com/sun/corba/se/impl/presentation/rmi/StubFactoryFactoryProxyImpl.java +--- openjdk-ecj/corba/src/share/classes/com/sun/corba/se/impl/presentation/rmi/StubFactoryFactoryProxyImpl.java 2014-01-10 16:24:28.000000000 -0500 ++++ openjdk-ecj/corba/src/share/classes/com/sun/corba/se/impl/presentation/rmi/StubFactoryFactoryProxyImpl.java 2014-01-14 09:38:22.856141402 -0500 +@@ -38,7 +38,6 @@ + { + return AccessController + .doPrivileged(new PrivilegedAction<StubFactoryProxyImpl>() { +- @Override + public StubFactoryProxyImpl run() { + return new StubFactoryProxyImpl(classData, classLoader); + } +diff -ruN openjdk-ecj/corba/src/share/classes/com/sun/corba/se/impl/protocol/SharedCDRClientRequestDispatcherImpl.java openjdk-ecj/corba/src/share/classes/com/sun/corba/se/impl/protocol/SharedCDRClientRequestDispatcherImpl.java +--- openjdk-ecj/corba/src/share/classes/com/sun/corba/se/impl/protocol/SharedCDRClientRequestDispatcherImpl.java 2014-01-10 16:24:15.000000000 -0500 ++++ openjdk-ecj/corba/src/share/classes/com/sun/corba/se/impl/protocol/SharedCDRClientRequestDispatcherImpl.java 2014-01-14 09:34:50.248822900 -0500 +@@ -163,7 +163,6 @@ + final Message inMsg = cdrOutputObject.getMessageHeader(); + CDRInputObject cdrInputObject = AccessController + .doPrivileged(new PrivilegedAction<CDRInputObject>() { +- @Override + public CDRInputObject run() { + return new CDRInputObject(inOrb, null, inBuffer, + inMsg); +@@ -206,7 +205,6 @@ + final Message inMsg2 = cdrOutputObject.getMessageHeader(); + cdrInputObject = AccessController + .doPrivileged(new PrivilegedAction<CDRInputObject>() { +- @Override + public CDRInputObject run() { + return new CDRInputObject(inOrb2, null, inBuffer2, + inMsg2); +diff -ruN openjdk-ecj/corba/src/share/classes/org/omg/CORBA_2_3/portable/InputStream.java openjdk-ecj/corba/src/share/classes/org/omg/CORBA_2_3/portable/InputStream.java +--- openjdk-ecj/corba/src/share/classes/org/omg/CORBA_2_3/portable/InputStream.java 2014-01-10 16:24:15.000000000 -0500 ++++ openjdk-ecj/corba/src/share/classes/org/omg/CORBA_2_3/portable/InputStream.java 2014-01-14 09:35:08.657861832 -0500 +@@ -52,7 +52,6 @@ + + private static final boolean allowSubclass = AccessController.doPrivileged( + new PrivilegedAction<Boolean>() { +- @Override + public Boolean run() { + String prop = System.getProperty(ALLOW_SUBCLASS_PROP); + return prop == null ? false : +diff -ruN openjdk-ecj/corba/src/share/classes/sun/corba/EncapsInputStreamFactory.java openjdk-ecj/corba/src/share/classes/sun/corba/EncapsInputStreamFactory.java +--- openjdk-ecj/corba/src/share/classes/sun/corba/EncapsInputStreamFactory.java 2014-01-10 16:24:15.000000000 -0500 ++++ openjdk-ecj/corba/src/share/classes/sun/corba/EncapsInputStreamFactory.java 2014-01-14 09:34:21.846755388 -0500 +@@ -44,7 +44,6 @@ + final boolean littleEndian, final GIOPVersion version) { + return AccessController + .doPrivileged(new PrivilegedAction<EncapsInputStream>() { +- @Override + public EncapsInputStream run() { + return new EncapsInputStream(orb, buf, size, + littleEndian, version); +@@ -58,7 +57,6 @@ + final GIOPVersion version) { + return AccessController + .doPrivileged(new PrivilegedAction<EncapsInputStream>() { +- @Override + public EncapsInputStream run() { + return new EncapsInputStream(orb, byteBuffer, size, + littleEndian, version); +@@ -70,7 +68,6 @@ + final org.omg.CORBA.ORB orb, final byte[] data, final int size) { + return AccessController + .doPrivileged(new PrivilegedAction<EncapsInputStream>() { +- @Override + public EncapsInputStream run() { + return new EncapsInputStream(orb, data, size); + } +@@ -81,7 +78,6 @@ + final EncapsInputStream eis) { + return AccessController + .doPrivileged(new PrivilegedAction<EncapsInputStream>() { +- @Override + public EncapsInputStream run() { + return new EncapsInputStream(eis); + } +@@ -93,7 +89,6 @@ + final GIOPVersion version) { + return AccessController + .doPrivileged(new PrivilegedAction<EncapsInputStream>() { +- @Override + public EncapsInputStream run() { + return new EncapsInputStream(orb, data, size, version); + } +@@ -105,7 +100,6 @@ + final GIOPVersion version, final CodeBase codeBase) { + return AccessController + .doPrivileged(new PrivilegedAction<EncapsInputStream>() { +- @Override + public EncapsInputStream run() { + return new EncapsInputStream(orb, data, size, version, + codeBase); +@@ -118,7 +112,6 @@ + final boolean littleEndian, final GIOPVersion version) { + return AccessController + .doPrivileged(new PrivilegedAction<TypeCodeInputStream>() { +- @Override + public TypeCodeInputStream run() { + return new TypeCodeInputStream(orb, buf, size, + littleEndian, version); +@@ -132,7 +125,6 @@ + final GIOPVersion version) { + return AccessController + .doPrivileged(new PrivilegedAction<TypeCodeInputStream>() { +- @Override + public TypeCodeInputStream run() { + return new TypeCodeInputStream(orb, byteBuffer, size, + littleEndian, version); +@@ -144,7 +136,6 @@ + final org.omg.CORBA.ORB orb, final byte[] data, final int size) { + return AccessController + .doPrivileged(new PrivilegedAction<TypeCodeInputStream>() { +- @Override + public TypeCodeInputStream run() { + return new TypeCodeInputStream(orb, data, size); + } +diff -ruN openjdk-ecj/jaxws/drop_included/jaxws_src/src/com/sun/tools/internal/jxc/model/nav/APTNavigator.java openjdk-ecj/jaxws/drop_included/jaxws_src/src/com/sun/tools/internal/jxc/model/nav/APTNavigator.java +--- openjdk-ecj/jaxws/drop_included/jaxws_src/src/com/sun/tools/internal/jxc/model/nav/APTNavigator.java 2014-01-13 11:30:44.000000000 -0500 ++++ openjdk-ecj/jaxws/drop_included/jaxws_src/src/com/sun/tools/internal/jxc/model/nav/APTNavigator.java 2014-01-14 09:55:36.216424718 -0500 +@@ -272,7 +272,6 @@ + return clazz.getPackage().getQualifiedName(); + } + +- @Override + public TypeDeclaration loadObjectFactory(TypeDeclaration referencePoint, String packageName) { + return env.getTypeDeclaration(packageName + ".ObjectFactory"); + } +diff -ruN openjdk-ecj/jaxws/drop_included/jaxws_src/src/com/sun/tools/internal/xjc/model/nav/NavigatorImpl.java openjdk-ecj/jaxws/drop_included/jaxws_src/src/com/sun/tools/internal/xjc/model/nav/NavigatorImpl.java +--- openjdk-ecj/jaxws/drop_included/jaxws_src/src/com/sun/tools/internal/xjc/model/nav/NavigatorImpl.java 2014-01-13 11:30:44.000000000 -0500 ++++ openjdk-ecj/jaxws/drop_included/jaxws_src/src/com/sun/tools/internal/xjc/model/nav/NavigatorImpl.java 2014-01-14 09:55:54.141449331 -0500 +@@ -299,7 +299,6 @@ + throw new UnsupportedOperationException(); + } + +- @Override + public NClass loadObjectFactory(NClass referencePoint, String pkg) { + throw new UnsupportedOperationException(); + } +diff -ruN openjdk-ecj/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/nav/ReflectionNavigator.java openjdk-ecj/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/nav/ReflectionNavigator.java +--- openjdk-ecj/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/nav/ReflectionNavigator.java 2014-01-13 11:30:44.000000000 -0500 ++++ openjdk-ecj/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/nav/ReflectionNavigator.java 2014-01-14 09:56:08.879470090 -0500 +@@ -507,7 +507,6 @@ + else return name.substring(0,idx); + } + +- @Override + public Class loadObjectFactory(Class referencePoint, String pkg) { + String clName = pkg + ".ObjectFactory"; + checkPackageAccess(clName);
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/20140114/6995424-deprecated_dependency.patch Wed Jan 15 12:52:12 2014 -0500 @@ -0,0 +1,180 @@ +# HG changeset patch +# User mullan +# Date 1290438967 18000 +# Mon Nov 22 10:16:07 2010 -0500 +# Node ID 951db417fc3c96a7c8bf1bec1c3e4fe699b28926 +# Parent bf284d2db0081df959bede4e5dd318e9b342aac8 +6995424: Eliminate dependency to a deprecated API com.sun.security.auth.PolicyFile +Reviewed-by: mchung + +diff -Nru openjdk/jdk/src/share/classes/javax/security/auth/Policy.java openjdk/jdk/src/share/classes/javax/security/auth/Policy.java +--- openjdk/jdk/src/share/classes/javax/security/auth/Policy.java ++++ openjdk/jdk/src/share/classes/javax/security/auth/Policy.java +@@ -25,6 +25,9 @@ + + package javax.security.auth; + ++import java.security.Security; ++import sun.security.util.Debug; ++ + /** + * <p> This is an abstract class for representing the system policy for + * Subject-based authorization. A subclass implementation +@@ -159,6 +162,10 @@ + private static Policy policy; + private static ClassLoader contextClassLoader; + ++ // true if a custom (not com.sun.security.auth.PolicyFile) system-wide ++ // policy object is set ++ private static boolean isCustomPolicy; ++ + static { + contextClassLoader = java.security.AccessController.doPrivileged + (new java.security.PrivilegedAction<ClassLoader>() { +@@ -234,6 +241,8 @@ + contextClassLoader).newInstance(); + } + }); ++ isCustomPolicy = ++ !finalClass.equals("com.sun.security.auth.PolicyFile"); + } catch (Exception e) { + throw new SecurityException + (sun.security.util.ResourcesMgr.getString +@@ -265,6 +274,46 @@ + java.lang.SecurityManager sm = System.getSecurityManager(); + if (sm != null) sm.checkPermission(new AuthPermission("setPolicy")); + Policy.policy = policy; ++ // all non-null policy objects are assumed to be custom ++ isCustomPolicy = policy != null ? true : false; ++ } ++ ++ /** ++ * Returns true if a custom (not com.sun.security.auth.PolicyFile) ++ * system-wide policy object has been set or installed. This method is ++ * called by SubjectDomainCombiner to provide backwards compatibility for ++ * developers that provide their own javax.security.auth.Policy ++ * implementations. ++ * ++ * @return true if a custom (not com.sun.security.auth.PolicyFile) ++ * system-wide policy object has been set; false otherwise ++ */ ++ static boolean isCustomPolicySet(Debug debug) { ++ if (policy != null) { ++ if (debug != null && isCustomPolicy) { ++ debug.println("Providing backwards compatibility for " + ++ "javax.security.auth.policy implementation: " + ++ policy.toString()); ++ } ++ return isCustomPolicy; ++ } ++ // check if custom policy has been set using auth.policy.provider prop ++ String policyClass = java.security.AccessController.doPrivileged ++ (new java.security.PrivilegedAction<String>() { ++ public String run() { ++ return Security.getProperty("auth.policy.provider"); ++ } ++ }); ++ if (policyClass != null ++ && !policyClass.equals("com.sun.security.auth.PolicyFile")) { ++ if (debug != null) { ++ debug.println("Providing backwards compatibility for " + ++ "javax.security.auth.policy implementation: " + ++ policyClass); ++ } ++ return true; ++ } ++ return false; + } + + /** +diff -Nru openjdk/jdk/src/share/classes/javax/security/auth/SubjectDomainCombiner.java openjdk/jdk/src/share/classes/javax/security/auth/SubjectDomainCombiner.java +--- openjdk/jdk/src/share/classes/javax/security/auth/SubjectDomainCombiner.java ++++ openjdk/jdk/src/share/classes/javax/security/auth/SubjectDomainCombiner.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 1999, 2007, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -26,8 +26,6 @@ + package javax.security.auth; + + import java.security.AccessController; +-import java.security.AccessControlContext; +-import java.security.AllPermission; + import java.security.Permission; + import java.security.Permissions; + import java.security.PermissionCollection; +@@ -35,10 +33,8 @@ + import java.security.Principal; + import java.security.PrivilegedAction; + import java.security.ProtectionDomain; +-import java.lang.ClassLoader; + import java.security.Security; + import java.util.Set; +-import java.util.Iterator; + import java.util.WeakHashMap; + import java.lang.ref.WeakReference; + +@@ -61,7 +57,8 @@ + "\t[SubjectDomainCombiner]"); + + // Note: check only at classloading time, not dynamically during combine() +- private static final boolean useJavaxPolicy = compatPolicy(); ++ private static final boolean useJavaxPolicy = ++ javax.security.auth.Policy.isCustomPolicySet(debug); + + // Relevant only when useJavaxPolicy is true + private static final boolean allowCaching = +@@ -202,8 +199,8 @@ + return null; + } + +- // maintain backwards compatibility for people who provide +- // their own javax.security.auth.Policy implementations ++ // maintain backwards compatibility for developers who provide ++ // their own custom javax.security.auth.Policy implementations + if (useJavaxPolicy) { + return combineJavaxPolicy(currentDomains, assignedDomains); + } +@@ -476,8 +473,7 @@ + String s = AccessController.doPrivileged + (new PrivilegedAction<String>() { + public String run() { +- return java.security.Security.getProperty +- ("cache.auth.policy"); ++ return Security.getProperty("cache.auth.policy"); + } + }); + if (s != null) { +@@ -488,29 +484,6 @@ + return true; + } + +- // maintain backwards compatibility for people who provide +- // their own javax.security.auth.Policy implementations +- private static boolean compatPolicy() { +- javax.security.auth.Policy javaxPolicy = AccessController.doPrivileged +- (new PrivilegedAction<javax.security.auth.Policy>() { +- public javax.security.auth.Policy run() { +- return javax.security.auth.Policy.getPolicy(); +- } +- }); +- +- if (!(javaxPolicy instanceof com.sun.security.auth.PolicyFile)) { +- if (debug != null) { +- debug.println("Providing backwards compatibility for " + +- "javax.security.auth.policy implementation: " + +- javaxPolicy.toString()); +- } +- +- return true; +- } else { +- return false; +- } +- } +- + private static void printInputDomains(ProtectionDomain[] currentDomains, + ProtectionDomain[] assignedDomains) { + if (currentDomains == null || currentDomains.length == 0) {
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/20140114/7068126-snmp_status.patch Wed Jan 15 12:52:12 2014 -0500 @@ -0,0 +1,372 @@ +# HG changeset patch +# User sjiang +# Date 1382370476 -7200 +# Mon Oct 21 17:47:56 2013 +0200 +# Node ID 20009f68c21c45adbfa44a561746db51e4a2c6be +# Parent 956e1047786a3c265bcd0d41b49554201bffb781 +7068126: Enhance SNMP statuses +Reviewed-by: dfuchs, hawtin + +diff -Nru openjdk.orig/jdk/src/share/classes/com/sun/jmx/snmp/agent/SnmpMibEntry.java openjdk/jdk/src/share/classes/com/sun/jmx/snmp/agent/SnmpMibEntry.java +--- openjdk.orig/jdk/src/share/classes/com/sun/jmx/snmp/agent/SnmpMibEntry.java ++++ openjdk/jdk/src/share/classes/com/sun/jmx/snmp/agent/SnmpMibEntry.java +@@ -27,17 +27,9 @@ + + // java imports + // ++import com.sun.jmx.snmp.SnmpDefinitions; + import java.io.Serializable; +-import java.util.Hashtable; +-import java.util.Enumeration; +- +-// jmx imports +-// +-import com.sun.jmx.snmp.SnmpValue; +-import com.sun.jmx.snmp.SnmpVarBind; + import com.sun.jmx.snmp.SnmpStatusException; +-import com.sun.jmx.snmp.agent.SnmpMibOid; +-import com.sun.jmx.snmp.agent.SnmpMibNode; + + /** + * Represents a node in an SNMP MIB which corresponds to a table entry +@@ -99,7 +91,7 @@ + */ + public void validateVarId(long arc, Object userData) + throws SnmpStatusException { +- if (isVariable(arc) == false) throw noSuchNameException; ++ if (isVariable(arc) == false) throw new SnmpStatusException(SnmpDefinitions.snmpRspNoSuchName); + } + + /** +diff -Nru openjdk.orig/jdk/src/share/classes/com/sun/jmx/snmp/agent/SnmpMibGroup.java openjdk/jdk/src/share/classes/com/sun/jmx/snmp/agent/SnmpMibGroup.java +--- openjdk.orig/jdk/src/share/classes/com/sun/jmx/snmp/agent/SnmpMibGroup.java ++++ openjdk/jdk/src/share/classes/com/sun/jmx/snmp/agent/SnmpMibGroup.java +@@ -116,7 +116,7 @@ + public void validateVarId(long arc, Object userData) + throws SnmpStatusException { + if (isVariable(arc) == false) +- throw noSuchObjectException; ++ throw new SnmpStatusException(SnmpStatusException.noSuchObject); + } + + +@@ -365,16 +365,16 @@ + + // The trailing .0 is missing in the OID + if (depth+2 > length) +- throw noSuchInstanceException; ++ throw new SnmpStatusException(SnmpStatusException.noSuchInstance); + + // There are too many arcs left in the OID (there should remain + // a single trailing .0) + if (depth+2 < length) +- throw noSuchInstanceException; ++ throw new SnmpStatusException(SnmpStatusException.noSuchInstance); + + // The last trailing arc is not .0 + if (oid[depth+1] != 0L) +- throw noSuchInstanceException; ++ throw new SnmpStatusException(SnmpStatusException.noSuchInstance); + + // It's one of our variable, register this node. + handlers.add(this,depth,varbind); +@@ -397,7 +397,7 @@ + // abort the whole request, so we're going to throw + // a noSuchObject... + // +- throw noSuchObjectException; ++ throw new SnmpStatusException(SnmpStatusException.noSuchObject); + + final Object data = handlers.getUserData(); + final int pduVersion = handlers.getRequestPduVersion(); +@@ -433,7 +433,7 @@ + depth+1,handlers, + checker); + }catch(SnmpStatusException ex) { +- throw noSuchObjectException; ++ throw new SnmpStatusException(SnmpStatusException.noSuchObject); + } finally { + checker.remove(depth); + } +@@ -458,7 +458,7 @@ + try { + checker.checkCurrentOid(); + } catch(SnmpStatusException e) { +- throw noSuchObjectException; ++ throw new SnmpStatusException(SnmpStatusException.noSuchObject); + } finally { + checker.remove(depth,2); + } +@@ -503,7 +503,7 @@ + // The oid is not valid, we will throw an exception in order + // to try with the next valid identifier... + // +- throw noSuchObjectException; ++ throw new SnmpStatusException(SnmpStatusException.noSuchObject); + + } catch (SnmpStatusException e) { + // We didn't find anything at the given arc, so we're going +diff -Nru openjdk.orig/jdk/src/share/classes/com/sun/jmx/snmp/agent/SnmpMibNode.java openjdk/jdk/src/share/classes/com/sun/jmx/snmp/agent/SnmpMibNode.java +--- openjdk.orig/jdk/src/share/classes/com/sun/jmx/snmp/agent/SnmpMibNode.java ++++ openjdk/jdk/src/share/classes/com/sun/jmx/snmp/agent/SnmpMibNode.java +@@ -155,7 +155,7 @@ + long[] oid, int depth, + SnmpRequestTree handlers) + throws SnmpStatusException { +- throw noSuchObjectException; ++ throw new SnmpStatusException(SnmpStatusException.noSuchObject); + } + + /** +@@ -183,7 +183,7 @@ + long[] oid, int pos, int depth, + SnmpRequestTree handlers, AcmChecker checker) + throws SnmpStatusException { +- throw noSuchObjectException; ++ throw new SnmpStatusException(SnmpStatusException.noSuchObject); + } + + /** +@@ -347,7 +347,7 @@ + final int val= (int) value; + + if (a == null) +- throw noSuchObjectException; ++ throw new SnmpStatusException(SnmpStatusException.noSuchObject); + + int low= 0; + int max= a.length; +@@ -357,10 +357,10 @@ + // Basic check + // + if (max < 1) +- throw noSuchObjectException; ++ throw new SnmpStatusException(SnmpStatusException.noSuchObject); + + if (a[max-1] <= val) +- throw noSuchObjectException; ++ throw new SnmpStatusException(SnmpStatusException.noSuchObject); + + while (low <= max) { + elmt= a[curr]; +@@ -400,15 +400,4 @@ + * Contains the list of variable identifiers. + */ + protected int[] varList; +- +- /** +- * Contains a predefined exception that is often fired when an +- * object is not found in the MIB. +- */ +- static final protected SnmpStatusException noSuchInstanceException = +- new SnmpStatusException(SnmpStatusException.noSuchInstance); +- static final protected SnmpStatusException noSuchObjectException = +- new SnmpStatusException(SnmpStatusException.noSuchObject); +- static final protected SnmpStatusException noSuchNameException = +- new SnmpStatusException(SnmpDefinitions.snmpRspNoSuchName); + } +diff -Nru openjdk.orig/jdk/src/share/classes/com/sun/jmx/snmp/agent/SnmpMibOid.java openjdk/jdk/src/share/classes/com/sun/jmx/snmp/agent/SnmpMibOid.java +--- openjdk.orig/jdk/src/share/classes/com/sun/jmx/snmp/agent/SnmpMibOid.java ++++ openjdk/jdk/src/share/classes/com/sun/jmx/snmp/agent/SnmpMibOid.java +@@ -157,11 +157,11 @@ + + if (depth > length) { + // Nothing is left... the oid is not valid +- throw noSuchObjectException; ++ throw new SnmpStatusException(SnmpStatusException.noSuchObject); + + } else if (depth == length) { + // The oid is not complete... +- throw noSuchInstanceException; ++ throw new SnmpStatusException(SnmpStatusException.noSuchInstance); + + } else { + // Some children variable or subobject is being querried +@@ -206,7 +206,7 @@ + // abort the whole request, so we're going to throw + // a noSuchObject... + // +- throw noSuchObjectException; ++ throw new SnmpStatusException(SnmpStatusException.noSuchObject); + + final Object data = handlers.getUserData(); + final int pduVersion = handlers.getRequestPduVersion(); +@@ -231,7 +231,7 @@ + // SnmpOid result = null; + if (child == null) { + // shouldn't happen +- throw noSuchObjectException; ++ throw new SnmpStatusException(SnmpStatusException.noSuchObject); + // validateVarId(index); + // handlers.add(this,varbind,depth); + // result = new SnmpOid(0); +@@ -442,10 +442,10 @@ + // + final int pos= getInsertAt(id); + if (pos >= nbChildren) +- throw noSuchObjectException; ++ throw new SnmpStatusException(SnmpStatusException.noSuchObject); + + if (varList[pos] != (int) id) +- throw noSuchObjectException; ++ throw new SnmpStatusException(SnmpStatusException.noSuchObject); + + // Access the node + // +@@ -453,10 +453,10 @@ + try { + child = children.elementAtNonSync(pos); + } catch(ArrayIndexOutOfBoundsException e) { +- throw noSuchObjectException; ++ throw new SnmpStatusException(SnmpStatusException.noSuchObject); + } + if (child == null) +- throw noSuchInstanceException; ++ throw new SnmpStatusException(SnmpStatusException.noSuchInstance); + return child; + } + +diff -Nru openjdk.orig/jdk/src/share/classes/com/sun/jmx/snmp/agent/SnmpMibTable.java openjdk/jdk/src/share/classes/com/sun/jmx/snmp/agent/SnmpMibTable.java +--- openjdk.orig/jdk/src/share/classes/com/sun/jmx/snmp/agent/SnmpMibTable.java ++++ openjdk/jdk/src/share/classes/com/sun/jmx/snmp/agent/SnmpMibTable.java +@@ -279,7 +279,7 @@ + SnmpVarBind var = null; + for (Enumeration e= r.getElements(); e.hasMoreElements();) { + var = (SnmpVarBind) e.nextElement(); +- r.registerGetException(var,noSuchInstanceException); ++ r.registerGetException(var,new SnmpStatusException(SnmpStatusException.noSuchInstance)); + } + } + +@@ -1607,7 +1607,7 @@ + throws SnmpStatusException { + + if (size == 0) +- throw noSuchInstanceException; ++ throw new SnmpStatusException(SnmpStatusException.noSuchInstance); + + final SnmpOid resOid = oid; + +@@ -1618,7 +1618,7 @@ + if (last.equals(resOid)) { + // Last element of the table ... + // +- throw noSuchInstanceException; ++ throw new SnmpStatusException(SnmpStatusException.noSuchInstance); + } + + // First find the oid. This will allow to speed up retrieval process +@@ -1640,12 +1640,12 @@ + // XX last = (SnmpOid) oids.elementAt(newPos); + last = tableoids[newPos]; + } catch(ArrayIndexOutOfBoundsException e) { +- throw noSuchInstanceException; ++ throw new SnmpStatusException(SnmpStatusException.noSuchInstance); + } + } else { + // We are dealing with the last element of the table .. + // +- throw noSuchInstanceException; ++ throw new SnmpStatusException(SnmpStatusException.noSuchInstance); + } + + +@@ -1668,7 +1668,7 @@ + protected SnmpOid getNextOid(Object userData) + throws SnmpStatusException { + if (size == 0) +- throw noSuchInstanceException; ++ throw new SnmpStatusException(SnmpStatusException.noSuchInstance); + // XX return (SnmpOid) oids.firstElement(); + return tableoids[0]; + } +@@ -1875,7 +1875,7 @@ + if (!hasEntry) { + if (!handlers.isCreationAllowed()) + // we're not doing a set +- throw noSuchInstanceException; ++ throw new SnmpStatusException(SnmpStatusException.noSuchInstance); + else if (!isCreationEnabled()) + // we're doing a set but creation is disabled. + throw new +@@ -1921,7 +1921,7 @@ + // abort the whole request, so we're going to throw + // a noSuchObject... + // +- throw noSuchObjectException; ++ throw new SnmpStatusException(SnmpStatusException.noSuchObject); + + final Object data = handlers.getUserData(); + final int pduVersion = handlers.getRequestPduVersion(); +@@ -1955,7 +1955,7 @@ + // so we won't find the next element in this table... (any + // element in this table will have a smaller OID) + // +- throw noSuchObjectException; ++ throw new SnmpStatusException(SnmpStatusException.noSuchObject); + } else if (oid[pos] < nodeId) { + // we must return the first leaf under the first columnar + // object, so we are back to our first case where pos was +@@ -2046,7 +2046,7 @@ + // must have the same holes) + // + if (skipEntryVariable(entryoid,var,data,pduVersion)) +- throw noSuchObjectException; ++ throw new SnmpStatusException(SnmpStatusException.noSuchObject); + } catch(SnmpStatusException se) { + entryoid = getNextOid(data); + var = getNextVarEntryId(entryoid,var,data,pduVersion); +@@ -2079,7 +2079,7 @@ + // So we throw the exception. + // => will skip to next node in the MIB tree. + // +- if (entryoid == null || var == -1 ) throw noSuchObjectException; ++ if (entryoid == null || var == -1 ) throw new SnmpStatusException(SnmpStatusException.noSuchObject); + + + // So here we know both the row (entryoid) and the column (var) +@@ -2092,7 +2092,7 @@ + // other entry => skip to next column. + // + if (!isReadableEntryId(entryoid,var,data)) +- throw noSuchObjectException; ++ throw new SnmpStatusException(SnmpStatusException.noSuchObject); + + // Prepare the result and the ACM checker. + // +@@ -2156,7 +2156,7 @@ + // => will skip to next node in the MIB tree. + // + if (entryoid == null || var == -1 ) +- throw noSuchObjectException; ++ throw new SnmpStatusException(SnmpStatusException.noSuchObject); + } + } + +@@ -2177,12 +2177,12 @@ + // Control the length of the oid + // + if (pos +2 >= length) +- throw noSuchInstanceException; ++ throw new SnmpStatusException(SnmpStatusException.noSuchInstance); + + // Check that the entry identifier is specified + // + if (oid[pos] != nodeId) +- throw noSuchObjectException; ++ throw new SnmpStatusException(SnmpStatusException.noSuchObject); + + } + +diff -Nru openjdk.orig/jdk/src/share/classes/com/sun/jmx/snmp/daemon/SnmpRequestHandler.java openjdk/jdk/src/share/classes/com/sun/jmx/snmp/daemon/SnmpRequestHandler.java +--- openjdk.orig/jdk/src/share/classes/com/sun/jmx/snmp/daemon/SnmpRequestHandler.java ++++ openjdk/jdk/src/share/classes/com/sun/jmx/snmp/daemon/SnmpRequestHandler.java +@@ -1146,7 +1146,4 @@ + + static final private String InterruptSysCallMsg = + "Interrupted system call"; +- +- static final private SnmpStatusException noSuchNameException = +- new SnmpStatusException(SnmpDefinitions.snmpRspNoSuchName) ; + } +
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/20140114/8010935-xml_handling.patch Wed Jan 15 12:52:12 2014 -0500 @@ -0,0 +1,818 @@ +# HG changeset patch +# User mkos +# Date 1381933403 14400 +# Wed Oct 16 10:23:23 2013 -0400 +# Node ID 3fbf2a364eed6b58f9894a74d3d5fb9ac3635d5d +# Parent 8e6877caefcb68257ce71c0426fda9a40c4faf09 +8010935: Better XML handling +Reviewed-by: mchung, mgrebac, mullan + +diff -Nru openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/tools/internal/jxc/model/nav/APTNavigator.java openjdk/jaxws/drop_included/jaxws_src/src/com/sun/tools/internal/jxc/model/nav/APTNavigator.java +--- openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/tools/internal/jxc/model/nav/APTNavigator.java ++++ openjdk/jaxws/drop_included/jaxws_src/src/com/sun/tools/internal/jxc/model/nav/APTNavigator.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2005, 2006, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -71,8 +71,7 @@ + * + * @author Kohsuke Kawaguchi (kk@kohsuke.org) + */ +-public class APTNavigator implements Navigator<TypeMirror,TypeDeclaration,FieldDeclaration,MethodDeclaration> { +- ++public final class APTNavigator implements Navigator<TypeMirror,TypeDeclaration,FieldDeclaration,MethodDeclaration> { + private final AnnotationProcessorEnvironment env; + + private final PrimitiveType primitiveByte; +@@ -273,8 +272,9 @@ + return clazz.getPackage().getQualifiedName(); + } + +- public TypeDeclaration findClass(String className, TypeDeclaration referencePoint) { +- return env.getTypeDeclaration(className); ++ @Override ++ public TypeDeclaration loadObjectFactory(TypeDeclaration referencePoint, String packageName) { ++ return env.getTypeDeclaration(packageName + ".ObjectFactory"); + } + + public boolean isBridgeMethod(MethodDeclaration method) { +diff -Nru openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/tools/internal/xjc/model/nav/EagerNType.java openjdk/jaxws/drop_included/jaxws_src/src/com/sun/tools/internal/xjc/model/nav/EagerNType.java +--- openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/tools/internal/xjc/model/nav/EagerNType.java ++++ openjdk/jaxws/drop_included/jaxws_src/src/com/sun/tools/internal/xjc/model/nav/EagerNType.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2005, 2006, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -30,7 +30,6 @@ + import com.sun.codemodel.internal.JType; + import com.sun.tools.internal.xjc.outline.Aspect; + import com.sun.tools.internal.xjc.outline.Outline; +-import com.sun.xml.internal.bind.v2.model.nav.Navigator; + + /** + * @author Kohsuke Kawaguchi +@@ -69,6 +68,6 @@ + } + + public String fullName() { +- return Navigator.REFLECTION.getTypeName(t); ++ return Utils.REFLECTION_NAVIGATOR.getTypeName(t); + } + } +diff -Nru openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/tools/internal/xjc/model/nav/NavigatorImpl.java openjdk/jaxws/drop_included/jaxws_src/src/com/sun/tools/internal/xjc/model/nav/NavigatorImpl.java +--- openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/tools/internal/xjc/model/nav/NavigatorImpl.java ++++ openjdk/jaxws/drop_included/jaxws_src/src/com/sun/tools/internal/xjc/model/nav/NavigatorImpl.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2005, 2006, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -56,7 +56,7 @@ + EagerNType ent = (EagerNType) nt; + if (base instanceof EagerNClass) { + EagerNClass enc = (EagerNClass) base; +- return create(REFLECTION.getBaseClass(ent.t, enc.c)); ++ return create(Utils.REFLECTION_NAVIGATOR.getBaseClass(ent.t, enc.c)); + } + // lazy class can never be a base type of an eager type + return null; +@@ -172,7 +172,7 @@ + public NType getTypeArgument(NType nt, int i) { + if (nt instanceof EagerNType) { + EagerNType ent = (EagerNType) nt; +- return create(REFLECTION.getTypeArgument(ent.t,i)); ++ return create(Utils.REFLECTION_NAVIGATOR.getTypeArgument(ent.t,i)); + } + if (nt instanceof NClassByJClass) { + NClassByJClass nnt = (NClassByJClass) nt; +@@ -185,7 +185,7 @@ + public boolean isParameterizedType(NType nt) { + if (nt instanceof EagerNType) { + EagerNType ent = (EagerNType) nt; +- return REFLECTION.isParameterizedType(ent.t); ++ return Utils.REFLECTION_NAVIGATOR.isParameterizedType(ent.t); + } + if (nt instanceof NClassByJClass) { + NClassByJClass nnt = (NClassByJClass) nt; +@@ -299,8 +299,8 @@ + throw new UnsupportedOperationException(); + } + +- public NClass findClass(String className, NClass referencePoint) { +- // TODO: implement this method later ++ @Override ++ public NClass loadObjectFactory(NClass referencePoint, String pkg) { + throw new UnsupportedOperationException(); + } + +diff -Nru openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/api/JAXBRIContext.java openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/api/JAXBRIContext.java +--- openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/api/JAXBRIContext.java ++++ openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/api/JAXBRIContext.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2005, 2006, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -44,7 +44,6 @@ + import com.sun.xml.internal.bind.api.impl.NameConverter; + import com.sun.xml.internal.bind.v2.ContextFactory; + import com.sun.xml.internal.bind.v2.model.annotation.RuntimeAnnotationReader; +-import com.sun.xml.internal.bind.v2.model.nav.Navigator; + import com.sun.xml.internal.bind.v2.model.runtime.RuntimeTypeInfoSet; + + /** +@@ -360,7 +359,7 @@ + * @since 2.0 FCS + */ + public static @Nullable Type getBaseType(@NotNull Type type, @NotNull Class baseType) { +- return Navigator.REFLECTION.getBaseClass(type,baseType); ++ return Utils.REFLECTION_NAVIGATOR.getBaseClass(type, baseType); + } + + +diff -Nru openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/api/TypeReference.java openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/api/TypeReference.java +--- openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/api/TypeReference.java ++++ openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/api/TypeReference.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2005, 2006, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -31,8 +31,6 @@ + + import javax.xml.namespace.QName; + +-import com.sun.xml.internal.bind.v2.model.nav.Navigator; +- + /** + * A reference to a JAXB-bound type. + * +@@ -104,11 +102,10 @@ + // if we are to reinstitute this check, check JAXB annotations only + // assert annotations.length==0; // not designed to work with adapters. + +- Type base = Navigator.REFLECTION.getBaseClass(type, Collection.class); ++ Type base = Utils.REFLECTION_NAVIGATOR.getBaseClass(type, Collection.class); + if(base==null) + return this; // not a collection + +- return new TypeReference(tagName, +- Navigator.REFLECTION.getTypeArgument(base,0)); ++ return new TypeReference(tagName, Utils.REFLECTION_NAVIGATOR.getTypeArgument(base,0)); + } + } +diff -Nru openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/impl/ModelBuilder.java openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/impl/ModelBuilder.java +--- openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/impl/ModelBuilder.java ++++ openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/impl/ModelBuilder.java +@@ -235,7 +235,7 @@ + String pkg = nav.getPackageName(ci.getClazz()); + if(!registries.containsKey(pkg)) { + // insert the package's object factory +- C c = loadObjectFactory(ci, pkg); ++ C c = nav.loadObjectFactory(clazz, pkg); + if(c!=null) + addRegistry(c,(Locatable)p); + } +@@ -264,15 +264,6 @@ + return r; + } + +- private C loadObjectFactory(ClassInfoImpl<T, C, F, M> ci, String pkg) { +- try { +- return nav.findClass(pkg + ".ObjectFactory", ci.getClazz()); +- } catch (SecurityException ignored) { +- // treat SecurityException in same way as ClassNotFoundException in this case +- return null; +- } +- } +- + /** + * Checks the uniqueness of the type name. + */ +diff -Nru openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/impl/RuntimeAnyTypeImpl.java openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/impl/RuntimeAnyTypeImpl.java +--- openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/impl/RuntimeAnyTypeImpl.java ++++ openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/impl/RuntimeAnyTypeImpl.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2005, 2006, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -27,7 +27,6 @@ + + import java.lang.reflect.Type; + +-import com.sun.xml.internal.bind.v2.model.nav.Navigator; + import com.sun.xml.internal.bind.v2.model.runtime.RuntimeNonElement; + import com.sun.xml.internal.bind.v2.runtime.Transducer; + +@@ -36,7 +35,7 @@ + */ + final class RuntimeAnyTypeImpl extends AnyTypeImpl<Type,Class> implements RuntimeNonElement { + private RuntimeAnyTypeImpl() { +- super(Navigator.REFLECTION); ++ super(Utils.REFLECTION_NAVIGATOR); + } + + public <V> Transducer<V> getTransducer() { +diff -Nru openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/impl/RuntimeElementInfoImpl.java openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/impl/RuntimeElementInfoImpl.java +--- openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/impl/RuntimeElementInfoImpl.java ++++ openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/impl/RuntimeElementInfoImpl.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2005, 2006, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -42,7 +42,6 @@ + import com.sun.xml.internal.bind.v2.model.runtime.RuntimeNonElement; + import com.sun.xml.internal.bind.v2.model.runtime.RuntimePropertyInfo; + import com.sun.xml.internal.bind.v2.model.runtime.RuntimeTypeRef; +-import com.sun.xml.internal.bind.v2.model.nav.Navigator; + import com.sun.xml.internal.bind.v2.runtime.IllegalAnnotationException; + import com.sun.xml.internal.bind.v2.runtime.Transducer; + import com.sun.xml.internal.bind.v2.runtime.reflect.Accessor; +@@ -122,7 +121,7 @@ + } + + public Class<? extends JAXBElement> getType() { +- return Navigator.REFLECTION.erasure(super.getType()); ++ return (Class<? extends JAXBElement>) Utils.REFLECTION_NAVIGATOR.erasure(super.getType()); + } + + public RuntimeClassInfo getScope() { +diff -Nru openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/impl/RuntimeModelBuilder.java openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/impl/RuntimeModelBuilder.java +--- openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/impl/RuntimeModelBuilder.java ++++ openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/impl/RuntimeModelBuilder.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2005, 2006, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -37,8 +37,6 @@ + import com.sun.xml.internal.bind.v2.model.annotation.Locatable; + import com.sun.xml.internal.bind.v2.model.annotation.RuntimeAnnotationReader; + import com.sun.xml.internal.bind.v2.model.core.ID; +-import com.sun.xml.internal.bind.v2.model.nav.Navigator; +-import com.sun.xml.internal.bind.v2.model.nav.ReflectionNavigator; + import com.sun.xml.internal.bind.v2.model.runtime.RuntimeNonElement; + import com.sun.xml.internal.bind.v2.model.runtime.RuntimeNonElementRef; + import com.sun.xml.internal.bind.v2.model.runtime.RuntimePropertyInfo; +@@ -75,7 +73,7 @@ + public final @Nullable JAXBContextImpl context; + + public RuntimeModelBuilder(JAXBContextImpl context, RuntimeAnnotationReader annotationReader, Map<Class, Class> subclassReplacements, String defaultNamespaceRemap) { +- super(annotationReader, Navigator.REFLECTION, subclassReplacements, defaultNamespaceRemap); ++ super(annotationReader, Utils.REFLECTION_NAVIGATOR, subclassReplacements, defaultNamespaceRemap); + this.context = context; + } + +@@ -109,10 +107,6 @@ + return new RuntimeArrayInfoImpl(this, upstream, (Class)arrayType); + } + +- public ReflectionNavigator getNavigator() { +- return (ReflectionNavigator)nav; +- } +- + @Override + protected RuntimeTypeInfoSetImpl createTypeInfoSet() { + return new RuntimeTypeInfoSetImpl(reader); +diff -Nru openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/impl/RuntimeTypeInfoSetImpl.java openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/impl/RuntimeTypeInfoSetImpl.java +--- openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/impl/RuntimeTypeInfoSetImpl.java ++++ openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/impl/RuntimeTypeInfoSetImpl.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2005, 2006, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -34,9 +34,6 @@ + + import com.sun.xml.internal.bind.v2.model.annotation.AnnotationReader; + import com.sun.xml.internal.bind.v2.model.core.TypeInfoSet; +-import com.sun.xml.internal.bind.v2.model.core.NonElement; +-import com.sun.xml.internal.bind.v2.model.nav.Navigator; +-import com.sun.xml.internal.bind.v2.model.nav.ReflectionNavigator; + import com.sun.xml.internal.bind.v2.model.runtime.RuntimeNonElement; + import com.sun.xml.internal.bind.v2.model.runtime.RuntimeTypeInfoSet; + +@@ -47,7 +44,7 @@ + */ + final class RuntimeTypeInfoSetImpl extends TypeInfoSetImpl<Type,Class,Field,Method> implements RuntimeTypeInfoSet { + public RuntimeTypeInfoSetImpl(AnnotationReader<Type,Class,Field,Method> reader) { +- super(Navigator.REFLECTION,reader,RuntimeBuiltinLeafInfoImpl.LEAVES); ++ super(Utils.REFLECTION_NAVIGATOR,reader,RuntimeBuiltinLeafInfoImpl.LEAVES); + } + + @Override +@@ -55,10 +52,6 @@ + return RuntimeAnyTypeImpl.theInstance; + } + +- public ReflectionNavigator getNavigator() { +- return (ReflectionNavigator)super.getNavigator(); +- } +- + public RuntimeNonElement getTypeInfo( Type type ) { + return (RuntimeNonElement)super.getTypeInfo(type); + } +diff -Nru openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/nav/Navigator.java openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/nav/Navigator.java +--- openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/nav/Navigator.java ++++ openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/nav/Navigator.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2005, 2006, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -240,10 +240,6 @@ + */ + T getComponentType(T t); + +- +- /** The singleton instance. */ +- public static final ReflectionNavigator REFLECTION = new ReflectionNavigator(); +- + /** + * Gets the i-th type argument from a parameterized type. + * +@@ -352,14 +348,14 @@ + String getPackageName(C clazz); + + /** +- * Finds the class/interface/enum/annotation of the given name. ++ * Finds ObjectFactory for the given referencePoint. + * + * @param referencePoint + * The class that refers to the specified class. + * @return + * null if not found. + */ +- C findClass(String className, C referencePoint); ++ C loadObjectFactory(C referencePoint, String packageName); + + /** + * Returns true if this method is a bridge method as defined in JLS. +diff -Nru openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/nav/ReflectionNavigator.java openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/nav/ReflectionNavigator.java +--- openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/nav/ReflectionNavigator.java ++++ openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/nav/ReflectionNavigator.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2005, 2006, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -44,15 +44,20 @@ + * {@link Navigator} implementation for {@code java.lang.reflect}. + * + */ +-public final class ReflectionNavigator implements Navigator<Type,Class,Field,Method> { +- /** +- * Singleton. +- * +- * Use {@link Navigator#REFLECTION} +- */ +- ReflectionNavigator() {} ++/*package*/final class ReflectionNavigator implements Navigator<Type, Class, Field, Method> { ++// ---------- Singleton ----------------- ++ private static final ReflectionNavigator INSTANCE = new ReflectionNavigator(); ++ ++ /*package*/static ReflectionNavigator getInstance() { // accessible through reflection from Utils classes ++ return INSTANCE; ++ } ++ ++ private ReflectionNavigator() { ++ } ++// --------------------------------------- + + public Class getSuperClass(Class clazz) { ++ checkPackageAccess(clazz.getName()); + if(clazz==Object.class) return null; + Class sc = clazz.getSuperclass(); + if(sc==null) sc=Object.class; // error recovery +@@ -235,10 +240,12 @@ + } + + public Collection<? extends Field> getDeclaredFields(Class clazz) { ++ checkPackageAccess(clazz.getName()); + return Arrays.asList(clazz.getDeclaredFields()); + } + + public Field getDeclaredField(Class clazz, String fieldName) { ++ checkPackageAccess(clazz.getName()); + try { + return clazz.getDeclaredField(fieldName); + } catch (NoSuchFieldException e) { +@@ -247,6 +254,7 @@ + } + + public Collection<? extends Method> getDeclaredMethods(Class clazz) { ++ checkPackageAccess(clazz.getName()); + return Arrays.asList(clazz.getDeclaredMethods()); + } + +@@ -453,7 +461,7 @@ + c.getDeclaredConstructor(); + return true; + } catch (NoSuchMethodException e) { +- return false; ++ return false; // todo: do this WITHOUT exception throw + } + } + +@@ -474,6 +482,7 @@ + } + + public Field[] getEnumConstants(Class clazz) { ++ checkPackageAccess(clazz.getName()); + try { + Object[] values = clazz.getEnumConstants(); + Field[] fields = new Field[values.length]; +@@ -498,11 +507,16 @@ + else return name.substring(0,idx); + } + +- public Class findClass(String className, Class referencePoint) { ++ @Override ++ public Class loadObjectFactory(Class referencePoint, String pkg) { ++ String clName = pkg + ".ObjectFactory"; ++ checkPackageAccess(clName); ++ ClassLoader cl = referencePoint.getClassLoader(); ++ if (cl == null) ++ cl = ClassLoader.getSystemClassLoader(); ++ + try { +- ClassLoader cl = referencePoint.getClassLoader(); +- if(cl==null) cl = ClassLoader.getSystemClassLoader(); +- return cl.loadClass(className); ++ return cl.loadClass(clName); + } catch (ClassNotFoundException e) { + return null; + } +@@ -571,4 +585,24 @@ + + return t; + } ++ ++ /** ++ * Checking if current thread can access class. ++ * ++ * @param clName name of the class to be checked ++ * @throws SecurityException is thrown if thread doesn't have privileges ++ */ ++ static void checkPackageAccess(String clName) { ++ SecurityManager sm = System.getSecurityManager(); ++ if (sm == null) ++ return; ++ if (clName.startsWith("[")) { // array ++ int nameStart = clName.lastIndexOf('[') + 2; ++ if (nameStart > 1 && nameStart < clName.length()) ++ clName = clName.substring(nameStart); ++ } ++ int packageEnd = clName.lastIndexOf('.'); ++ if (packageEnd != -1) ++ sm.checkPackageAccess(clName.substring(0, packageEnd)); ++ } + } +diff -Nru openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/runtime/RuntimeTypeInfoSet.java openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/runtime/RuntimeTypeInfoSet.java +--- openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/runtime/RuntimeTypeInfoSet.java ++++ openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/runtime/RuntimeTypeInfoSet.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2005, 2006, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -33,8 +33,6 @@ + import javax.xml.namespace.QName; + + import com.sun.xml.internal.bind.v2.model.core.TypeInfoSet; +-import com.sun.xml.internal.bind.v2.model.core.NonElement; +-import com.sun.xml.internal.bind.v2.model.nav.ReflectionNavigator; + + /** + * {@link TypeInfoSet} refined for runtime. +@@ -52,5 +50,4 @@ + RuntimeElementInfo getElementInfo( Class scope, QName name ); + Map<QName,? extends RuntimeElementInfo> getElementMappings( Class scope ); + Iterable<? extends RuntimeElementInfo> getAllElements(); +- ReflectionNavigator getNavigator(); + } +diff -Nru openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/runtime/ElementBeanInfoImpl.java openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/runtime/ElementBeanInfoImpl.java +--- openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/runtime/ElementBeanInfoImpl.java ++++ openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/runtime/ElementBeanInfoImpl.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2005, 2006, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -36,7 +36,6 @@ + + import com.sun.xml.internal.bind.api.AccessorException; + import com.sun.xml.internal.bind.v2.model.core.PropertyKind; +-import com.sun.xml.internal.bind.v2.model.nav.Navigator; + import com.sun.xml.internal.bind.v2.model.runtime.RuntimeElementInfo; + import com.sun.xml.internal.bind.v2.model.runtime.RuntimePropertyInfo; + import com.sun.xml.internal.bind.v2.runtime.property.Property; +@@ -81,10 +80,10 @@ + this.property = PropertyFactory.create(grammar,rei.getProperty()); + + tagName = rei.getElementName(); +- expectedType = Navigator.REFLECTION.erasure(rei.getContentInMemoryType()); ++ expectedType = (Class) Utils.REFLECTION_NAVIGATOR.erasure(rei.getContentInMemoryType()); + scope = rei.getScope()==null ? JAXBElement.GlobalScope.class : rei.getScope().getClazz(); + +- Class type = Navigator.REFLECTION.erasure(rei.getType()); ++ Class type = (Class) Utils.REFLECTION_NAVIGATOR.erasure(rei.getType()); + if(type==JAXBElement.class) + constructor = null; + else { +diff -Nru openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/runtime/JAXBContextImpl.java openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/runtime/JAXBContextImpl.java +--- openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/runtime/JAXBContextImpl.java ++++ openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/runtime/JAXBContextImpl.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2005, 2006, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -91,7 +91,6 @@ + import com.sun.xml.internal.bind.v2.model.impl.RuntimeBuiltinLeafInfoImpl; + import com.sun.xml.internal.bind.v2.model.impl.RuntimeModelBuilder; + import com.sun.xml.internal.bind.v2.model.nav.Navigator; +-import com.sun.xml.internal.bind.v2.model.nav.ReflectionNavigator; + import com.sun.xml.internal.bind.v2.model.runtime.RuntimeArrayInfo; + import com.sun.xml.internal.bind.v2.model.runtime.RuntimeBuiltinLeafInfo; + import com.sun.xml.internal.bind.v2.model.runtime.RuntimeClassInfo; +@@ -343,7 +342,7 @@ + beanInfoMap.put( e.getKey(), beanInfoMap.get(e.getValue()) ); + + // build bridges +- ReflectionNavigator nav = typeSet.getNavigator(); ++ Navigator<Type, Class, Field, Method> nav = typeSet.getNavigator(); + + for (TypeReference tr : typeRefs) { + XmlJavaTypeAdapter xjta = tr.get(XmlJavaTypeAdapter.class); +@@ -351,7 +350,7 @@ + XmlList xl = tr.get(XmlList.class); + + // eventually compute the in-memory type +- Class erasedType = nav.erasure(tr.type); ++ Class erasedType = (Class) nav.erasure(tr.type); + + if(xjta!=null) { + a = new Adapter<Type,Class>(xjta.value(),nav); +@@ -362,7 +361,7 @@ + } + + if(a!=null) { +- erasedType = nav.erasure(a.defaultType); ++ erasedType = (Class) nav.erasure(a.defaultType); + } + + Name name = nameBuilder.createElementName(tr.tagName); +@@ -838,7 +837,7 @@ + // this is a special class we introduced for JAX-WS that we *don't* want in the schema + } else { + NonElement<Type,Class> typeInfo = getXmlType(tis,tr); +- xsdgen.add(tr.tagName, !Navigator.REFLECTION.isPrimitive(tr.type),typeInfo); ++ xsdgen.add(tr.tagName, !tis.getNavigator().isPrimitive(tr.type),typeInfo); + } + } + return xsdgen; +diff -Nru openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/runtime/property/ArrayProperty.java openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/runtime/property/ArrayProperty.java +--- openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/runtime/property/ArrayProperty.java ++++ openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/runtime/property/ArrayProperty.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2005, 2006, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -27,7 +27,6 @@ + + + import com.sun.xml.internal.bind.api.AccessorException; +-import com.sun.xml.internal.bind.v2.model.nav.Navigator; + import com.sun.xml.internal.bind.v2.model.runtime.RuntimePropertyInfo; + import com.sun.xml.internal.bind.v2.runtime.JAXBContextImpl; + import com.sun.xml.internal.bind.v2.runtime.reflect.Accessor; +@@ -49,7 +48,7 @@ + + assert prop.isCollection(); + lister = Lister.create( +- Navigator.REFLECTION.erasure(prop.getRawType()),prop.id(),prop.getAdapter()); ++ Utils.REFLECTION_NAVIGATOR.erasure(prop.getRawType()),prop.id(),prop.getAdapter()); + assert lister!=null; + acc = prop.getAccessor().optimize(context); + assert acc!=null; +diff -Nru openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/runtime/property/SingleMapNodeProperty.java openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/runtime/property/SingleMapNodeProperty.java +--- openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/runtime/property/SingleMapNodeProperty.java ++++ openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/runtime/property/SingleMapNodeProperty.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2005, 2006, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -42,7 +42,6 @@ + import com.sun.xml.internal.bind.v2.ClassFactory; + import com.sun.xml.internal.bind.v2.util.QNameMap; + import com.sun.xml.internal.bind.v2.model.core.PropertyKind; +-import com.sun.xml.internal.bind.v2.model.nav.ReflectionNavigator; + import com.sun.xml.internal.bind.v2.model.runtime.RuntimeMapPropertyInfo; + import com.sun.xml.internal.bind.v2.runtime.JAXBContextImpl; + import com.sun.xml.internal.bind.v2.runtime.JaxBeanInfo; +@@ -97,7 +96,8 @@ + this.valueBeanInfo = context.getOrCreate(prop.getValueType()); + + // infer the implementation class +- Class<ValueT> sig = ReflectionNavigator.REFLECTION.erasure(prop.getRawType()); ++ //noinspection unchecked ++ Class<ValueT> sig = (Class<ValueT>) Utils.REFLECTION_NAVIGATOR.erasure(prop.getRawType()); + mapImplClass = ClassFactory.inferImplClass(sig,knownImplClasses); + // TODO: error check for mapImplClass==null + // what is the error reporting path for this part of the code? +diff -Nru openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/runtime/reflect/Accessor.java openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/runtime/reflect/Accessor.java +--- openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/runtime/reflect/Accessor.java ++++ openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/runtime/reflect/Accessor.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2005, 2006, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -42,7 +42,6 @@ + import com.sun.xml.internal.bind.api.AccessorException; + import com.sun.xml.internal.bind.api.JAXBRIContext; + import com.sun.xml.internal.bind.v2.model.core.Adapter; +-import com.sun.xml.internal.bind.v2.model.nav.Navigator; + import com.sun.xml.internal.bind.v2.model.impl.RuntimeModelBuilder; + import com.sun.xml.internal.bind.v2.runtime.reflect.opt.OptimizedAccessorFactory; + import com.sun.xml.internal.bind.v2.runtime.unmarshaller.Loader; +@@ -176,7 +175,7 @@ + + public final <T> Accessor<BeanT,T> adapt(Adapter<Type,Class> adapter) { + return new AdaptedAccessor<BeanT,ValueT,T>( +- (Class<T>)Navigator.REFLECTION.erasure(adapter.defaultType), ++ (Class<T>) Utils.REFLECTION_NAVIGATOR.erasure(adapter.defaultType), + this, + adapter.adapterType); + } +diff -Nru openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/runtime/reflect/Lister.java openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/runtime/reflect/Lister.java +--- openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/runtime/reflect/Lister.java ++++ openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/runtime/reflect/Lister.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2005, 2006, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -51,7 +51,6 @@ + import com.sun.xml.internal.bind.v2.TODO; + import com.sun.xml.internal.bind.v2.model.core.Adapter; + import com.sun.xml.internal.bind.v2.model.core.ID; +-import com.sun.xml.internal.bind.v2.model.nav.Navigator; + import com.sun.xml.internal.bind.v2.runtime.XMLSerializer; + import com.sun.xml.internal.bind.v2.runtime.unmarshaller.Patcher; + import com.sun.xml.internal.bind.v2.runtime.unmarshaller.UnmarshallingContext; +@@ -116,7 +115,7 @@ + public static <BeanT,PropT,ItemT,PackT> + Lister<BeanT,PropT,ItemT,PackT> create(Type fieldType,ID idness, Adapter<Type,Class> adapter) { + +- Class rawType = Navigator.REFLECTION.erasure(fieldType); ++ Class rawType = (Class) Utils.REFLECTION_NAVIGATOR.erasure(fieldType); + Class itemType; + + Lister l; +@@ -125,9 +124,9 @@ + l = getArrayLister(itemType); + } else + if( Collection.class.isAssignableFrom(rawType) ) { +- Type bt = Navigator.REFLECTION.getBaseClass(fieldType,Collection.class); ++ Type bt = Utils.REFLECTION_NAVIGATOR.getBaseClass(fieldType,Collection.class); + if(bt instanceof ParameterizedType) +- itemType = Navigator.REFLECTION.erasure(((ParameterizedType)bt).getActualTypeArguments()[0]); ++ itemType = (Class) Utils.REFLECTION_NAVIGATOR.erasure(((ParameterizedType)bt).getActualTypeArguments()[0]); + else + itemType = Object.class; + l = new CollectionLister(getImplClass(rawType)); +diff -Nru openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/runtime/reflect/TransducedAccessor.java openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/runtime/reflect/TransducedAccessor.java +--- openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/runtime/reflect/TransducedAccessor.java ++++ openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/runtime/reflect/TransducedAccessor.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2005, 2006, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -39,7 +39,6 @@ + import com.sun.xml.internal.bind.api.AccessorException; + import com.sun.xml.internal.bind.v2.model.core.ID; + import com.sun.xml.internal.bind.v2.model.impl.RuntimeModelBuilder; +-import com.sun.xml.internal.bind.v2.model.nav.Navigator; + import com.sun.xml.internal.bind.v2.model.runtime.RuntimeNonElementRef; + import com.sun.xml.internal.bind.v2.model.runtime.RuntimePropertyInfo; + import com.sun.xml.internal.bind.v2.runtime.Name; +@@ -144,8 +143,7 @@ + + if(prop.isCollection()) { + return new ListTransducedAccessorImpl(xducer,prop.getAccessor(), +- Lister.create(Navigator.REFLECTION.erasure(prop.getRawType()),prop.id(), +- prop.getAdapter())); ++ Lister.create(Utils.REFLECTION_NAVIGATOR.erasure(prop.getRawType()), prop.id(), prop.getAdapter())); + } + + if(prop.id()==ID.IDREF) +diff -Nru openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/ws/model/RuntimeModeler.java openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/ws/model/RuntimeModeler.java +--- openjdk.orig/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/ws/model/RuntimeModeler.java ++++ openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/ws/model/RuntimeModeler.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2005, 2006, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -27,7 +27,6 @@ + import com.sun.istack.internal.NotNull; + import com.sun.xml.internal.bind.api.CompositeStructure; + import com.sun.xml.internal.bind.api.TypeReference; +-import com.sun.xml.internal.bind.v2.model.nav.Navigator; + import com.sun.xml.internal.ws.api.BindingID; + import com.sun.xml.internal.ws.api.SOAPVersion; + import com.sun.xml.internal.ws.api.model.ExceptionType; +@@ -764,7 +763,7 @@ + //set the actual type argument of Holder in the TypeReference + if (isHolder) { + if(clazzType==Holder.class){ +- clazzType = Navigator.REFLECTION.erasure(((ParameterizedType)genericParameterTypes[pos]).getActualTypeArguments()[0]); ++ clazzType = (Class) Utils.REFLECTION_NAVIGATOR.erasure(((ParameterizedType)genericParameterTypes[pos]).getActualTypeArguments()[0]); + } + } + Mode paramMode = isHolder ? Mode.INOUT : Mode.IN; +@@ -949,7 +948,7 @@ + //set the actual type argument of Holder in the TypeReference + if (isHolder) { + if (clazzType==Holder.class) +- clazzType = Navigator.REFLECTION.erasure(((ParameterizedType)genericParameterTypes[pos]).getActualTypeArguments()[0]); ++ clazzType = (Class) Utils.REFLECTION_NAVIGATOR.erasure(((ParameterizedType)genericParameterTypes[pos]).getActualTypeArguments()[0]); + } + Mode paramMode = isHolder ? Mode.INOUT : Mode.IN; + for (Annotation annotation : pannotations[pos]) { +@@ -1184,7 +1183,7 @@ + //set the actual type argument of Holder in the TypeReference + if (isHolder) { + if (clazzType==Holder.class) +- clazzType = Navigator.REFLECTION.erasure(((ParameterizedType)genericParameterTypes[pos]).getActualTypeArguments()[0]); ++ clazzType = (Class) Utils.REFLECTION_NAVIGATOR.erasure(((ParameterizedType)genericParameterTypes[pos]).getActualTypeArguments()[0]); + } + + Mode paramMode = isHolder ? Mode.INOUT : Mode.IN; +@@ -1252,14 +1251,14 @@ + private Class getAsyncReturnType(Method method, Class returnType) { + if(Response.class.isAssignableFrom(returnType)){ + Type ret = method.getGenericReturnType(); +- return Navigator.REFLECTION.erasure(((ParameterizedType)ret).getActualTypeArguments()[0]); ++ return (Class) Utils.REFLECTION_NAVIGATOR.erasure(((ParameterizedType)ret).getActualTypeArguments()[0]); + }else{ + Type[] types = method.getGenericParameterTypes(); + Class[] params = method.getParameterTypes(); + int i = 0; + for(Class cls : params){ + if(AsyncHandler.class.isAssignableFrom(cls)){ +- return Navigator.REFLECTION.erasure(((ParameterizedType)types[i]).getActualTypeArguments()[0]); ++ return (Class) Utils.REFLECTION_NAVIGATOR.erasure(((ParameterizedType)types[i]).getActualTypeArguments()[0]); + } + i++; + } +
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/20140114/8011786-networking.patch Wed Jan 15 12:52:12 2014 -0500 @@ -0,0 +1,394 @@ +# HG changeset patch +# User michaelm +# Date 1383302456 0 +# Fri Nov 01 10:40:56 2013 +0000 +# Node ID f2ddc5fa48bbca2a2e1a888bc617632b4f3526e0 +# Parent 322107c84c6d96944c624b348303aedfd5f2c0b3 +8011786: Better applet networking +Summary: add checkListen() to client socket binds and new interpretation for port number 0 in SocketPermission +Reviewed-by: chegar, alanb + +diff -Nru openjdk/jdk/src/share/classes/java/lang/SecurityManager.java openjdk/jdk/src/share/classes/java/lang/SecurityManager.java +--- openjdk/jdk/src/share/classes/java/lang/SecurityManager.java ++++ openjdk/jdk/src/share/classes/java/lang/SecurityManager.java +@@ -1131,12 +1131,8 @@ + * @see #checkPermission(java.security.Permission) checkPermission + */ + public void checkListen(int port) { +- if (port == 0) { +- checkPermission(SecurityConstants.LOCAL_LISTEN_PERMISSION); +- } else { +- checkPermission(new SocketPermission("localhost:"+port, +- SecurityConstants.SOCKET_LISTEN_ACTION)); +- } ++ checkPermission(new SocketPermission("localhost:"+port, ++ SecurityConstants.SOCKET_LISTEN_ACTION)); + } + + /** +diff -Nru openjdk/jdk/src/share/classes/java/net/Socket.java openjdk/jdk/src/share/classes/java/net/Socket.java +--- openjdk/jdk/src/share/classes/java/net/Socket.java ++++ openjdk/jdk/src/share/classes/java/net/Socket.java +@@ -591,6 +591,10 @@ + InetAddress addr = epoint.getAddress(); + int port = epoint.getPort(); + checkAddress (addr, "bind"); ++ SecurityManager security = System.getSecurityManager(); ++ if (security != null) { ++ security.checkListen(port); ++ } + getImpl().bind (addr, port); + bound = true; + } +diff -Nru openjdk/jdk/src/share/classes/java/net/SocketPermission.java openjdk/jdk/src/share/classes/java/net/SocketPermission.java +--- openjdk/jdk/src/share/classes/java/net/SocketPermission.java ++++ openjdk/jdk/src/share/classes/java/net/SocketPermission.java +@@ -34,6 +34,9 @@ + import java.net.InetAddress; + import java.security.Permission; + import java.security.PermissionCollection; ++import java.security.PrivilegedAction; ++import java.security.AccessController; ++import java.security.Security; + import java.security.Policy; + import java.io.Serializable; + import java.io.ObjectStreamField; +@@ -176,6 +179,7 @@ + private static final int PORT_MIN = 0; + private static final int PORT_MAX = 65535; + private static final int PRIV_PORT_MAX = 1023; ++ private static final int DEF_EPH_LOW = 49152; + + // the actions mask + private transient int mask; +@@ -228,6 +232,14 @@ + private static Debug debug = null; + private static boolean debugInit = false; + ++ // ephemeral port range for this system ++ private static final int ephemeralLow = initEphemeralPorts( ++ "low", DEF_EPH_LOW ++ ); ++ private static final int ephemeralHigh = initEphemeralPorts( ++ "high", PORT_MAX ++ ); ++ + static { + Boolean tmp = java.security.AccessController.doPrivileged( + new sun.security.action.GetBooleanAction("trustProxy")); +@@ -367,6 +379,14 @@ + } + + /** ++ * Returns true if the permission has specified zero ++ * as its value (or lower bound) signifying the ephemeral range ++ */ ++ private boolean includesEphemerals() { ++ return portrange[0] == 0; ++ } ++ ++ /** + * Initialize the SocketPermission object. We don't do any DNS lookups + * as this point, instead we hold off until the implies method is + * called. +@@ -868,10 +888,21 @@ + int i,j; + + if ((that.mask & RESOLVE) != that.mask) { +- // check port range ++ ++ // check simple port range + if ((that.portrange[0] < this.portrange[0]) || + (that.portrange[1] > this.portrange[1])) { ++ ++ // if either includes the ephemeral range, do full check ++ if (this.includesEphemerals() || that.includesEphemerals()) { ++ if (!inRange(this.portrange[0], this.portrange[1], ++ that.portrange[0], that.portrange[1])) ++ { ++ return false; ++ } ++ } else { + return false; ++ } + } + } + +@@ -1187,6 +1218,86 @@ + init(getName(),getMask(actions)); + } + ++ /** ++ * Check the system/security property for the ephemeral port range ++ * for this system. The suffix is either "high" or "low" ++ */ ++ private static int initEphemeralPorts( ++ final String suffix, final int defval ++ ) ++ { ++ return AccessController.doPrivileged( ++ new PrivilegedAction<Integer>(){ ++ public Integer run() { ++ int val = Integer.getInteger( ++ "jdk.net.ephemeralPortRange."+suffix, -1 ++ ); ++ if (val != -1) { ++ return val; ++ } else { ++ String prop = Security.getProperty( ++ "network.ephemeralPortRange."+suffix ++ ); ++ try { ++ val = Integer.parseInt(prop); ++ } catch (NumberFormatException e) { ++ // shouldn't happen ++ return defval; ++ } ++ } ++ return val; ++ } ++ } ++ ); ++ } ++ ++ /** ++ * Check if the target range is within the policy range ++ * together with the ephemeral range for this platform ++ * (if policy includes ephemeral range) ++ */ ++ private static boolean inRange( ++ int policyLow, int policyHigh, int targetLow, int targetHigh ++ ) ++ { ++ if (targetLow == 0) { ++ // check policy includes ephemeral range ++ if (!inRange(policyLow, policyHigh, ephemeralLow, ephemeralHigh)) { ++ return false; ++ } ++ if (targetHigh == 0) { ++ // nothing left to do ++ return true; ++ } ++ // continue check with first real port number ++ targetLow = 1; ++ } ++ ++ if (policyLow == 0 && policyHigh == 0) { ++ // ephemeral range only ++ return targetLow >= ephemeralLow && targetHigh <= ephemeralHigh; ++ } ++ ++ if (policyLow != 0) { ++ // simple check of policy only ++ return targetLow >= policyLow && targetHigh <= policyHigh; ++ } ++ ++ // policyLow == 0 which means possibly two ranges to check ++ ++ // first check if policy and ephem range overlap/contiguous ++ ++ if (policyHigh >= ephemeralLow - 1) { ++ return targetHigh <= ephemeralHigh; ++ } ++ ++ // policy and ephem range do not overlap ++ ++ // target range must lie entirely inside policy range or eph range ++ ++ return (targetLow <= policyHigh && targetHigh <= policyHigh) || ++ (targetLow >= ephemeralLow && targetHigh <= ephemeralHigh); ++ } + /* + public String toString() + { +diff -Nru openjdk/jdk/src/share/classes/sun/nio/ch/SocketChannelImpl.java openjdk/jdk/src/share/classes/sun/nio/ch/SocketChannelImpl.java +--- openjdk/jdk/src/share/classes/sun/nio/ch/SocketChannelImpl.java ++++ openjdk/jdk/src/share/classes/sun/nio/ch/SocketChannelImpl.java +@@ -470,6 +470,10 @@ + if (localAddress != null) + throw new AlreadyBoundException(); + InetSocketAddress isa = Net.checkAddress(local); ++ SecurityManager sm = System.getSecurityManager(); ++ if (sm != null) { ++ sm.checkListen(isa.getPort()); ++ } + Net.bind(fd, isa.getAddress(), isa.getPort()); + localAddress = Net.localAddress(fd); + } +diff -Nru openjdk/jdk/src/share/classes/sun/security/util/SecurityConstants.java openjdk/jdk/src/share/classes/sun/security/util/SecurityConstants.java +--- openjdk/jdk/src/share/classes/sun/security/util/SecurityConstants.java ++++ openjdk/jdk/src/share/classes/sun/security/util/SecurityConstants.java +@@ -184,7 +184,7 @@ + + // java.lang.SecurityManager + public static final SocketPermission LOCAL_LISTEN_PERMISSION = +- new SocketPermission("localhost:1024-", SOCKET_LISTEN_ACTION); ++ new SocketPermission("localhost:0", SOCKET_LISTEN_ACTION); + + // javax.security.auth.Subject + public static final AuthPermission DO_AS_PERMISSION = +diff -Nru openjdk/jdk/src/share/lib/security/java.policy openjdk/jdk/src/share/lib/security/java.policy +--- openjdk/jdk/src/share/lib/security/java.policy ++++ openjdk/jdk/src/share/lib/security/java.policy +@@ -2,47 +2,50 @@ + // Standard extensions get all permissions by default + + grant codeBase "file:${{java.ext.dirs}}/*" { +- permission java.security.AllPermission; ++ permission java.security.AllPermission; + }; + + // default permissions granted to all domains + +-grant { +- // Allows any thread to stop itself using the java.lang.Thread.stop() +- // method that takes no argument. +- // Note that this permission is granted by default only to remain +- // backwards compatible. +- // It is strongly recommended that you either remove this permission +- // from this policy file or further restrict it to code sources +- // that you specify, because Thread.stop() is potentially unsafe. +- // See "http://java.sun.com/notes" for more information. +- permission java.lang.RuntimePermission "stopThread"; ++grant { ++ // Allows any thread to stop itself using the java.lang.Thread.stop() ++ // method that takes no argument. ++ // Note that this permission is granted by default only to remain ++ // backwards compatible. ++ // It is strongly recommended that you either remove this permission ++ // from this policy file or further restrict it to code sources ++ // that you specify, because Thread.stop() is potentially unsafe. ++ // See "http://java.sun.com/notes" for more information. ++ permission java.lang.RuntimePermission "stopThread"; + +- // allows anyone to listen on un-privileged ports +- permission java.net.SocketPermission "localhost:1024-", "listen"; ++ // allows anyone to listen on dynamic ports ++ permission java.net.SocketPermission "localhost:0", "listen"; + +- // "standard" properies that can be read by anyone ++ // permission for standard RMI registry port ++ permission java.net.SocketPermission "localhost:1099", "listen"; + +- permission java.util.PropertyPermission "java.version", "read"; +- permission java.util.PropertyPermission "java.vendor", "read"; +- permission java.util.PropertyPermission "java.vendor.url", "read"; +- permission java.util.PropertyPermission "java.class.version", "read"; +- permission java.util.PropertyPermission "os.name", "read"; +- permission java.util.PropertyPermission "os.version", "read"; +- permission java.util.PropertyPermission "os.arch", "read"; +- permission java.util.PropertyPermission "file.separator", "read"; +- permission java.util.PropertyPermission "path.separator", "read"; +- permission java.util.PropertyPermission "line.separator", "read"; ++ // "standard" properies that can be read by anyone + +- permission java.util.PropertyPermission "java.specification.version", "read"; +- permission java.util.PropertyPermission "java.specification.vendor", "read"; +- permission java.util.PropertyPermission "java.specification.name", "read"; ++ permission java.util.PropertyPermission "java.version", "read"; ++ permission java.util.PropertyPermission "java.vendor", "read"; ++ permission java.util.PropertyPermission "java.vendor.url", "read"; ++ permission java.util.PropertyPermission "java.class.version", "read"; ++ permission java.util.PropertyPermission "os.name", "read"; ++ permission java.util.PropertyPermission "os.version", "read"; ++ permission java.util.PropertyPermission "os.arch", "read"; ++ permission java.util.PropertyPermission "file.separator", "read"; ++ permission java.util.PropertyPermission "path.separator", "read"; ++ permission java.util.PropertyPermission "line.separator", "read"; + +- permission java.util.PropertyPermission "java.vm.specification.version", "read"; +- permission java.util.PropertyPermission "java.vm.specification.vendor", "read"; +- permission java.util.PropertyPermission "java.vm.specification.name", "read"; +- permission java.util.PropertyPermission "java.vm.version", "read"; +- permission java.util.PropertyPermission "java.vm.vendor", "read"; +- permission java.util.PropertyPermission "java.vm.name", "read"; ++ permission java.util.PropertyPermission "java.specification.version", "read"; ++ permission java.util.PropertyPermission "java.specification.vendor", "read"; ++ permission java.util.PropertyPermission "java.specification.name", "read"; ++ ++ permission java.util.PropertyPermission "java.vm.specification.version", "read"; ++ permission java.util.PropertyPermission "java.vm.specification.vendor", "read"; ++ permission java.util.PropertyPermission "java.vm.specification.name", "read"; ++ permission java.util.PropertyPermission "java.vm.version", "read"; ++ permission java.util.PropertyPermission "java.vm.vendor", "read"; ++ permission java.util.PropertyPermission "java.vm.name", "read"; + }; + +diff -Nru openjdk/jdk/src/share/lib/security/java.security-linux openjdk/jdk/src/share/lib/security/java.security-linux +--- openjdk/jdk/src/share/lib/security/java.security-linux ++++ openjdk/jdk/src/share/lib/security/java.security-linux +@@ -284,6 +284,22 @@ + # ocsp.responderCertSubjectName="CN=OCSP Responder, O=XYZ Corp" + + # ++# Default ephemeral port ranges (operating system specific) ++# used by java.net.SocketPermission to interpret the meaning of the special ++# port value zero, as in the following example: ++# ++# SocketPermission("localhost:0" , "listen"); ++# ++# These can be overridden by the system properties: ++# ++# jdk.net.ephemeralPortRange.low and ++# jdk.net.ephemeralPortRange.high ++# ++# respectively. ++# ++network.ephemeralPortRange.low=32768 ++network.ephemeralPortRange.high=65535 ++# + # Issuer name of the OCSP responder's certificate + # + # By default, the certificate of the OCSP responder is that of the issuer +diff -Nru openjdk/jdk/src/share/lib/security/java.security-solaris openjdk/jdk/src/share/lib/security/java.security-solaris +--- openjdk/jdk/src/share/lib/security/java.security-solaris ++++ openjdk/jdk/src/share/lib/security/java.security-solaris +@@ -285,6 +285,22 @@ + # ocsp.responderCertSubjectName="CN=OCSP Responder, O=XYZ Corp" + + # ++# Default ephemeral port ranges (operating system specific) ++# used by java.net.SocketPermission to interpret the meaning of the special ++# port value zero, as in the following example: ++# ++# SocketPermission("localhost:0" , "listen"); ++# ++# These can be overridden by the system properties: ++# ++# jdk.net.ephemeralPortRange.low and ++# jdk.net.ephemeralPortRange.high ++# ++# respectively. ++# ++network.ephemeralPortRange.low=32768 ++network.ephemeralPortRange.high=65535 ++# + # Issuer name of the OCSP responder's certificate + # + # By default, the certificate of the OCSP responder is that of the issuer +diff -Nru openjdk/jdk/src/share/lib/security/java.security-windows openjdk/jdk/src/share/lib/security/java.security-windows +--- openjdk/jdk/src/share/lib/security/java.security-windows ++++ openjdk/jdk/src/share/lib/security/java.security-windows +@@ -287,6 +287,22 @@ + # ocsp.responderCertSubjectName="CN=OCSP Responder, O=XYZ Corp" + + # ++# Default ephemeral port ranges (operating system specific) ++# used by java.net.SocketPermission to interpret the meaning of the special ++# port value zero, as in the following example: ++# ++# SocketPermission("localhost:0" , "listen"); ++# ++# These can be overridden by the system properties: ++# ++# jdk.net.ephemeralPortRange.low and ++# jdk.net.ephemeralPortRange.high ++# ++# respectively. ++# ++network.ephemeralPortRange.low=49152 ++network.ephemeralPortRange.high=65535 ++# + # Issuer name of the OCSP responder's certificate + # + # By default, the certificate of the OCSP responder is that of the issuer
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/20140114/8021257-restrict_package.corba.patch Wed Jan 15 12:52:12 2014 -0500 @@ -0,0 +1,194 @@ +# HG changeset patch +# User alanb +# Date 1382438427 -3600 +# Tue Oct 22 11:40:27 2013 +0100 +# Node ID 8662d95ebee18761895cbeacb674cdb187163f03 +# Parent 47195b885932f562e1b003c046ada354dabf7cfe +8021257: com.sun.corba.se.** should be on restricted package list +Reviewed-by: chegar, coffeys, smarks +Contributed-by: alan.bateman@oralce.com, mark.sheppard@oracle.com + +diff -Nru openjdk/corba/src/share/classes/javax/rmi/CORBA/Stub.java openjdk/corba/src/share/classes/javax/rmi/CORBA/Stub.java +--- openjdk/corba/src/share/classes/javax/rmi/CORBA/Stub.java ++++ openjdk/corba/src/share/classes/javax/rmi/CORBA/Stub.java +@@ -61,13 +61,11 @@ + private transient StubDelegate stubDelegate = null; + private static Class stubDelegateClass = null; + private static final String StubClassKey = "javax.rmi.CORBA.StubClass"; +- private static final String defaultStubImplName = "com.sun.corba.se.impl.javax.rmi.CORBA.StubDelegateImpl"; + + static { +- Object stubDelegateInstance = (Object) createDelegateIfSpecified(StubClassKey, defaultStubImplName); ++ Object stubDelegateInstance = createDelegate(StubClassKey); + if (stubDelegateInstance != null) + stubDelegateClass = stubDelegateInstance.getClass(); +- + } + + +@@ -207,7 +205,7 @@ + // are in different packages and the visibility needs to be package for + // security reasons. If you know a better solution how to share this code + // then remove it from PortableRemoteObject. Also in Util.java +- private static Object createDelegateIfSpecified(String classKey, String defaultClassName) { ++ private static Object createDelegate(String classKey) { + String className = (String) + AccessController.doPrivileged(new GetPropertyAction(classKey)); + if (className == null) { +@@ -218,7 +216,7 @@ + } + + if (className == null) { +- className = defaultClassName; ++ return new com.sun.corba.se.impl.javax.rmi.CORBA.StubDelegateImpl(); + } + + try { +diff -Nru openjdk/corba/src/share/classes/javax/rmi/CORBA/Util.java openjdk/corba/src/share/classes/javax/rmi/CORBA/Util.java +--- openjdk/corba/src/share/classes/javax/rmi/CORBA/Util.java ++++ openjdk/corba/src/share/classes/javax/rmi/CORBA/Util.java +@@ -60,14 +60,11 @@ + public class Util { + + // This can only be set at static initialization time (no sync necessary). +- private static javax.rmi.CORBA.UtilDelegate utilDelegate = null; ++ private static final javax.rmi.CORBA.UtilDelegate utilDelegate; + private static final String UtilClassKey = "javax.rmi.CORBA.UtilClass"; +- private static final String defaultUtilImplName = +-"com.sun.corba.se.impl.javax.rmi.CORBA.Util"; + + static { +- utilDelegate = (javax.rmi.CORBA.UtilDelegate) +- createDelegateIfSpecified(UtilClassKey, defaultUtilImplName); ++ utilDelegate = (javax.rmi.CORBA.UtilDelegate)createDelegate(UtilClassKey); + } + + private Util(){} +@@ -338,9 +335,7 @@ + // are in different packages and the visibility needs to be package for + // security reasons. If you know a better solution how to share this code + // then remove it from PortableRemoteObject. Also in Stub.java +- private static Object createDelegateIfSpecified(String classKey, +- String defaultClassName) +- { ++ private static Object createDelegate(String classKey) { + String className = (String) + AccessController.doPrivileged(new GetPropertyAction(classKey)); + if (className == null) { +@@ -351,7 +346,7 @@ + } + + if (className == null) { +- className = defaultClassName; ++ return new com.sun.corba.se.impl.javax.rmi.CORBA.Util(); + } + + try { +diff -Nru openjdk/corba/src/share/classes/javax/rmi/PortableRemoteObject.java openjdk/corba/src/share/classes/javax/rmi/PortableRemoteObject.java +--- openjdk/corba/src/share/classes/javax/rmi/PortableRemoteObject.java ++++ openjdk/corba/src/share/classes/javax/rmi/PortableRemoteObject.java +@@ -65,17 +65,14 @@ + */ + public class PortableRemoteObject { + +- private static javax.rmi.CORBA.PortableRemoteObjectDelegate proDelegate = null; ++ private static final javax.rmi.CORBA.PortableRemoteObjectDelegate proDelegate; + + private static final String PortableRemoteObjectClassKey = + "javax.rmi.CORBA.PortableRemoteObjectClass"; + +- private static final String defaultPortableRemoteObjectImplName = +- "com.sun.corba.se.impl.javax.rmi.PortableRemoteObject"; +- + static { + proDelegate = (javax.rmi.CORBA.PortableRemoteObjectDelegate) +- createDelegateIfSpecified(PortableRemoteObjectClassKey); ++ createDelegate(PortableRemoteObjectClassKey); + } + + /** +@@ -181,7 +178,7 @@ + // are in different packages and the visibility needs to be package for + // security reasons. If you know a better solution how to share this code + // then remove it from here. +- private static Object createDelegateIfSpecified(String classKey) { ++ private static Object createDelegate(String classKey) { + String className = (String) + AccessController.doPrivileged(new GetPropertyAction(classKey)); + if (className == null) { +@@ -191,7 +188,7 @@ + } + } + if (className == null) { +- className = defaultPortableRemoteObjectImplName; ++ return new com.sun.corba.se.impl.javax.rmi.PortableRemoteObject(); + } + + try { +diff -Nru openjdk/corba/src/share/classes/org/omg/CORBA/ORB.java openjdk/corba/src/share/classes/org/omg/CORBA/ORB.java +--- openjdk/corba/src/share/classes/org/omg/CORBA/ORB.java ++++ openjdk/corba/src/share/classes/org/omg/CORBA/ORB.java +@@ -174,15 +174,6 @@ + private static final String ORBSingletonClassKey = "org.omg.CORBA.ORBSingletonClass"; + + // +- // The last resort fallback ORB implementation classes in case +- // no ORB implementation class is dynamically configured through +- // properties or applet parameters. Change these values to +- // vendor-specific class names. +- // +- private static final String defaultORB = "com.sun.corba.se.impl.orb.ORBImpl"; +- private static final String defaultORBSingleton = "com.sun.corba.se.impl.orb.ORBSingleton"; +- +- // + // The global instance of the singleton ORB implementation which + // acts as a factory for typecodes for generated Helper classes. + // TypeCodes should be immutable since they may be shared across +@@ -294,10 +285,11 @@ + String className = getSystemProperty(ORBSingletonClassKey); + if (className == null) + className = getPropertyFromFile(ORBSingletonClassKey); +- if (className == null) +- className = defaultORBSingleton; +- +- singleton = create_impl(className); ++ if (className == null) { ++ singleton = new com.sun.corba.se.impl.orb.ORBSingleton(); ++ } else { ++ singleton = create_impl(className); ++ } + } + return singleton; + } +@@ -347,10 +339,12 @@ + className = getSystemProperty(ORBClassKey); + if (className == null) + className = getPropertyFromFile(ORBClassKey); +- if (className == null) +- className = defaultORB; ++ if (className == null) { ++ orb = new com.sun.corba.se.impl.orb.ORBImpl(); ++ } else { ++ orb = create_impl(className); ++ } + +- orb = create_impl(className); + orb.set_parameters(args, props); + return orb; + } +@@ -375,10 +369,12 @@ + className = getSystemProperty(ORBClassKey); + if (className == null) + className = getPropertyFromFile(ORBClassKey); +- if (className == null) +- className = defaultORB; ++ if (className == null) { ++ orb = new com.sun.corba.se.impl.orb.ORBImpl(); ++ } else { ++ orb = create_impl(className); ++ } + +- orb = create_impl(className); + orb.set_parameters(app, props); + return orb; + }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/20140114/8021257-restrict_package.jdk.patch Wed Jan 15 12:52:12 2014 -0500 @@ -0,0 +1,78 @@ +# HG changeset patch +# User alanb +# Date 1382638912 -3600 +# Thu Oct 24 19:21:52 2013 +0100 +# Node ID 322107c84c6d96944c624b348303aedfd5f2c0b3 +# Parent 3bbfb1248ffef586f26d6292f4492a182133b91c +8021257: com.sun.corba.se.** should be on restricted package list +Reviewed-by: chegar, coffeys, smarks +Contributed-by: alan.bateman@oracle.com, mark.sheppard@oracle.com + +diff -Nru openjdk/jdk/src/share/lib/security/java.security-linux openjdk/jdk/src/share/lib/security/java.security-linux +--- openjdk/jdk/src/share/lib/security/java.security-linux ++++ openjdk/jdk/src/share/lib/security/java.security-linux +@@ -133,6 +133,7 @@ + com.sun.istack.internal.,\ + com.sun.jmx.,\ + com.sun.proxy.,\ ++ com.sun.corba.se.,\ + com.sun.script.,\ + com.sun.org.apache.bcel.internal.,\ + com.sun.org.apache.regexp.internal.,\ +@@ -171,6 +172,7 @@ + com.sun.istack.internal.,\ + com.sun.jmx.,\ + com.sun.proxy.,\ ++ com.sun.corba.se.,\ + com.sun.script.,\ + com.sun.org.apache.bcel.internal.,\ + com.sun.org.apache.regexp.internal.,\ +diff -Nru openjdk/jdk/src/share/lib/security/java.security-solaris openjdk/jdk/src/share/lib/security/java.security-solaris +--- openjdk/jdk/src/share/lib/security/java.security-solaris ++++ openjdk/jdk/src/share/lib/security/java.security-solaris +@@ -134,6 +134,7 @@ + com.sun.istack.internal.,\ + com.sun.jmx.,\ + com.sun.proxy.,\ ++ com.sun.corba.se.,\ + com.sun.script.,\ + com.sun.org.apache.bcel.internal.,\ + com.sun.org.apache.regexp.internal.,\ +@@ -173,6 +174,7 @@ + com.sun.istack.internal.,\ + com.sun.jmx.,\ + com.sun.proxy.,\ ++ com.sun.corba.se.,\ + com.sun.script.,\ + com.sun.org.apache.bcel.internal.,\ + com.sun.org.apache.regexp.internal.,\ +diff -Nru openjdk/jdk/src/share/lib/security/java.security-windows openjdk/jdk/src/share/lib/security/java.security-windows +--- openjdk/jdk/src/share/lib/security/java.security-windows ++++ openjdk/jdk/src/share/lib/security/java.security-windows +@@ -134,6 +134,7 @@ + com.sun.istack.internal.,\ + com.sun.jmx.,\ + com.sun.proxy.,\ ++ com.sun.corba.se.,\ + com.sun.script.,\ + com.sun.org.apache.bcel.internal.,\ + com.sun.org.apache.regexp.internal.,\ +@@ -174,6 +175,7 @@ + com.sun.istack.internal.,\ + com.sun.jmx.,\ + com.sun.proxy.,\ ++ com.sun.corba.se.,\ + com.sun.script.,\ + com.sun.org.apache.bcel.internal.,\ + com.sun.org.apache.regexp.internal.,\ +diff -Nru openjdk/jdk/test/java/lang/SecurityManager/CheckPackageAccess.java openjdk/jdk/test/java/lang/SecurityManager/CheckPackageAccess.java +--- openjdk/jdk/test/java/lang/SecurityManager/CheckPackageAccess.java ++++ openjdk/jdk/test/java/lang/SecurityManager/CheckPackageAccess.java +@@ -55,6 +55,7 @@ + "com.sun.istack.internal.", + "com.sun.jmx.", + "com.sun.proxy.", ++ "com.sun.corba.se.", + "com.sun.org.apache.bcel.internal.", + "com.sun.org.apache.regexp.internal.", + "com.sun.org.apache.xerces.internal.",
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/20140114/8022904-jdbc.patch Wed Jan 15 12:52:12 2014 -0500 @@ -0,0 +1,83 @@ +# HG changeset patch +# User lancea +# Date 1376581616 14400 +# Thu Aug 15 11:46:56 2013 -0400 +# Node ID 6f78aa03ae3c195be644e61a28ee2ea311588afa +# Parent f2ddc5fa48bbca2a2e1a888bc617632b4f3526e0 +8022904: Enhance JDBC Parsers +Reviewed-by: alanb, skoivu + +diff -Nru openjdk/jdk/src/share/classes/com/sun/rowset/internal/XmlReaderContentHandler.java openjdk/jdk/src/share/classes/com/sun/rowset/internal/XmlReaderContentHandler.java +--- openjdk/jdk/src/share/classes/com/sun/rowset/internal/XmlReaderContentHandler.java ++++ openjdk/jdk/src/share/classes/com/sun/rowset/internal/XmlReaderContentHandler.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2003, 2006, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -659,7 +659,7 @@ + //Added the handling for Class tags to take care of maps + //Makes an entry into the map upon end of class tag + try{ +- typeMap.put(Key_map,Class.forName(Value_map)); ++ typeMap.put(Key_map,sun.reflect.misc.ReflectUtil.forName(Value_map)); + + }catch(ClassNotFoundException ex) { + throw new SAXException(MessageFormat.format(resBundle.handleGetObject("xmlrch.errmap").toString(), ex.getMessage())); +diff -Nru openjdk/jdk/src/share/classes/javax/sql/rowset/spi/SyncFactory.java openjdk/jdk/src/share/classes/javax/sql/rowset/spi/SyncFactory.java +--- openjdk/jdk/src/share/classes/javax/sql/rowset/spi/SyncFactory.java ++++ openjdk/jdk/src/share/classes/javax/sql/rowset/spi/SyncFactory.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2003, 2006, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -41,6 +41,8 @@ + import java.io.FileInputStream; + import java.io.IOException; + import java.io.FileNotFoundException; ++import java.security.AccessController; ++import java.security.PrivilegedAction; + + import javax.naming.*; + +@@ -394,7 +396,16 @@ + /* + * Dependent on application + */ +- String strRowsetProperties = System.getProperty("rowset.properties"); ++ String strRowsetProperties; ++ try { ++ strRowsetProperties = AccessController.doPrivileged(new PrivilegedAction<String>() { ++ public String run() { ++ return System.getProperty("rowset.properties"); ++ } ++ }); ++ } catch (Exception ex) { ++ strRowsetProperties = null; ++ } + if ( strRowsetProperties != null) { + // Load user's implementation of SyncProvider + // here. -Drowset.properties=/abc/def/pqr.txt +@@ -430,7 +441,16 @@ + * load additional properties from -D command line + */ + properties.clear(); +- String providerImpls = System.getProperty(ROWSET_SYNC_PROVIDER); ++ String providerImpls; ++ try { ++ providerImpls = AccessController.doPrivileged(new PrivilegedAction<String>() { ++ public String run() { ++ return System.getProperty(ROWSET_SYNC_PROVIDER); ++ } ++ }); ++ } catch (Exception ex) { ++ providerImpls = null; ++ } + + if (providerImpls != null) { + int i = 0;
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/20140114/8022927-conversions.patch Wed Jan 15 12:52:12 2014 -0500 @@ -0,0 +1,158 @@ +# HG changeset patch +# User valeriep +# Date 1377112051 25200 +# Wed Aug 21 12:07:31 2013 -0700 +# Node ID 9428ea5293bee1fa63c7ea0462f9765714570800 +# Parent 20009f68c21c45adbfa44a561746db51e4a2c6be +8022927: Input validation for byte/endian conversions +Summary: Add additional boundary checks +Reviewed-by: ascarpino + +diff -Nru openjdk/jdk/src/share/classes/sun/security/provider/ByteArrayAccess.java openjdk/jdk/src/share/classes/sun/security/provider/ByteArrayAccess.java +--- openjdk/jdk/src/share/classes/sun/security/provider/ByteArrayAccess.java ++++ openjdk/jdk/src/share/classes/sun/security/provider/ByteArrayAccess.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2006, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 2006, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -43,10 +43,8 @@ + * These are the only platforms we currently support, but other optimized + * variants could be added as needed. + * +- * NOTE that because this code performs unchecked direct memory access, it +- * MUST be restricted to trusted code. It is imperative that the caller protects +- * against out of bounds memory access by performing the necessary bounds +- * checks before calling methods in this class. ++ * NOTE that ArrayIndexOutOfBoundsException will be thrown if the bounds checks ++ * failed. + * + * This class may also be helpful in improving the performance of the + * crypto code in the SunJCE provider. However, for now it is only accessible by +@@ -102,6 +100,10 @@ + * byte[] to int[] conversion, little endian byte order. + */ + static void b2iLittle(byte[] in, int inOfs, int[] out, int outOfs, int len) { ++ if ((inOfs < 0) || ((in.length - inOfs) < len) || ++ (outOfs < 0) || ((out.length - outOfs) < len/4)) { ++ throw new ArrayIndexOutOfBoundsException(); ++ } + if (littleEndianUnaligned) { + inOfs += byteArrayOfs; + len += inOfs; +@@ -130,6 +132,10 @@ + + // Special optimization of b2iLittle(in, inOfs, out, 0, 64) + static void b2iLittle64(byte[] in, int inOfs, int[] out) { ++ if ((inOfs < 0) || ((in.length - inOfs) < 64) || ++ (out.length < 16)) { ++ throw new ArrayIndexOutOfBoundsException(); ++ } + if (littleEndianUnaligned) { + inOfs += byteArrayOfs; + out[ 0] = unsafe.getInt(in, (long)(inOfs )); +@@ -175,6 +181,10 @@ + * int[] to byte[] conversion, little endian byte order. + */ + static void i2bLittle(int[] in, int inOfs, byte[] out, int outOfs, int len) { ++ if ((inOfs < 0) || ((in.length - inOfs) < len/4) || ++ (outOfs < 0) || ((out.length - outOfs) < len)) { ++ throw new ArrayIndexOutOfBoundsException(); ++ } + if (littleEndianUnaligned) { + outOfs += byteArrayOfs; + len += outOfs; +@@ -203,6 +213,9 @@ + + // Store one 32-bit value into out[outOfs..outOfs+3] in little endian order. + static void i2bLittle4(int val, byte[] out, int outOfs) { ++ if ((outOfs < 0) || ((out.length - outOfs) < 4)) { ++ throw new ArrayIndexOutOfBoundsException(); ++ } + if (littleEndianUnaligned) { + unsafe.putInt(out, (long)(byteArrayOfs + outOfs), val); + } else if (bigEndian && ((outOfs & 3) == 0)) { +@@ -219,6 +232,10 @@ + * byte[] to int[] conversion, big endian byte order. + */ + static void b2iBig(byte[] in, int inOfs, int[] out, int outOfs, int len) { ++ if ((inOfs < 0) || ((in.length - inOfs) < len) || ++ (outOfs < 0) || ((out.length - outOfs) < len/4)) { ++ throw new ArrayIndexOutOfBoundsException(); ++ } + if (littleEndianUnaligned) { + inOfs += byteArrayOfs; + len += inOfs; +@@ -247,6 +264,10 @@ + + // Special optimization of b2iBig(in, inOfs, out, 0, 64) + static void b2iBig64(byte[] in, int inOfs, int[] out) { ++ if ((inOfs < 0) || ((in.length - inOfs) < 64) || ++ (out.length < 16)) { ++ throw new ArrayIndexOutOfBoundsException(); ++ } + if (littleEndianUnaligned) { + inOfs += byteArrayOfs; + out[ 0] = reverseBytes(unsafe.getInt(in, (long)(inOfs ))); +@@ -292,6 +313,10 @@ + * int[] to byte[] conversion, big endian byte order. + */ + static void i2bBig(int[] in, int inOfs, byte[] out, int outOfs, int len) { ++ if ((inOfs < 0) || ((in.length - inOfs) < len/4) || ++ (outOfs < 0) || ((out.length - outOfs) < len)) { ++ throw new ArrayIndexOutOfBoundsException(); ++ } + if (littleEndianUnaligned) { + outOfs += byteArrayOfs; + len += outOfs; +@@ -320,6 +345,9 @@ + + // Store one 32-bit value into out[outOfs..outOfs+3] in big endian order. + static void i2bBig4(int val, byte[] out, int outOfs) { ++ if ((outOfs < 0) || ((out.length - outOfs) < 4)) { ++ throw new ArrayIndexOutOfBoundsException(); ++ } + if (littleEndianUnaligned) { + unsafe.putInt(out, (long)(byteArrayOfs + outOfs), reverseBytes(val)); + } else if (bigEndian && ((outOfs & 3) == 0)) { +@@ -336,6 +364,10 @@ + * byte[] to long[] conversion, big endian byte order. + */ + static void b2lBig(byte[] in, int inOfs, long[] out, int outOfs, int len) { ++ if ((inOfs < 0) || ((in.length - inOfs) < len) || ++ (outOfs < 0) || ((out.length - outOfs) < len/8)) { ++ throw new ArrayIndexOutOfBoundsException(); ++ } + if (littleEndianUnaligned) { + inOfs += byteArrayOfs; + len += inOfs; +@@ -377,6 +409,10 @@ + + // Special optimization of b2lBig(in, inOfs, out, 0, 128) + static void b2lBig128(byte[] in, int inOfs, long[] out) { ++ if ((inOfs < 0) || ((in.length - inOfs) < 128) || ++ (out.length < 16)) { ++ throw new ArrayIndexOutOfBoundsException(); ++ } + if (littleEndianUnaligned) { + inOfs += byteArrayOfs; + out[ 0] = reverseBytes(unsafe.getLong(in, (long)(inOfs ))); +@@ -405,6 +441,10 @@ + * long[] to byte[] conversion, big endian byte order. + */ + static void l2bBig(long[] in, int inOfs, byte[] out, int outOfs, int len) { ++ if ((inOfs < 0) || ((in.length - inOfs) < len/8) || ++ (outOfs < 0) || ((out.length - outOfs) < len)) { ++ throw new ArrayIndexOutOfBoundsException(); ++ } + len += outOfs; + while (outOfs < len) { + long i = in[inOfs++]; +@@ -418,5 +458,4 @@ + out[outOfs++] = (byte)(i ); + } + } +- + }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/20140114/8022935-resolver_classes.patch Wed Jan 15 12:52:12 2014 -0500 @@ -0,0 +1,163 @@ +# HG changeset patch +# User joehw +# Date 1377574776 25200 +# Mon Aug 26 20:39:36 2013 -0700 +# Node ID 5411e32abf0cf41f4358be4ef3ae4e54c9404506 +# Parent f7f424a947646639e12b45d7dba17018b52e790d +8022935: Enhance Apache resolver classes +Reviewed-by: alanb, mchung, skoivu + +diff -Nru openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xml/internal/resolver/CatalogManager.java openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xml/internal/resolver/CatalogManager.java +--- openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xml/internal/resolver/CatalogManager.java ++++ openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xml/internal/resolver/CatalogManager.java +@@ -24,20 +24,17 @@ + package com.sun.org.apache.xml.internal.resolver; + + import com.sun.org.apache.xerces.internal.utils.SecuritySupport; ++import com.sun.org.apache.xml.internal.resolver.helpers.BootstrapResolver; ++import com.sun.org.apache.xml.internal.resolver.helpers.Debug; + import java.io.InputStream; +- ++import java.net.MalformedURLException; + import java.net.URL; +-import java.net.MalformedURLException; +- + import java.util.MissingResourceException; + import java.util.PropertyResourceBundle; + import java.util.ResourceBundle; + import java.util.StringTokenizer; + import java.util.Vector; +- +-import com.sun.org.apache.xml.internal.resolver.helpers.Debug; +-import com.sun.org.apache.xml.internal.resolver.helpers.BootstrapResolver; +-import com.sun.org.apache.xml.internal.resolver.Catalog; ++import sun.reflect.misc.ReflectUtil; + + /** + * CatalogManager provides an interface to the catalog properties. +@@ -680,7 +677,7 @@ + catalog = new Catalog(); + } else { + try { +- catalog = (Catalog) Class.forName(catalogClassName).newInstance(); ++ catalog = (Catalog) ReflectUtil.forName(catalogClassName).newInstance(); + } catch (ClassNotFoundException cnfe) { + debug.message(1,"Catalog class named '" + + catalogClassName +diff -Nru openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xml/internal/resolver/readers/DOMCatalogReader.java openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xml/internal/resolver/readers/DOMCatalogReader.java +--- openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xml/internal/resolver/readers/DOMCatalogReader.java ++++ openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xml/internal/resolver/readers/DOMCatalogReader.java +@@ -23,24 +23,21 @@ + + package com.sun.org.apache.xml.internal.resolver.readers; + +-import java.util.Hashtable; ++import com.sun.org.apache.xml.internal.resolver.Catalog; ++import com.sun.org.apache.xml.internal.resolver.CatalogException; ++import com.sun.org.apache.xml.internal.resolver.helpers.Namespaces; + import java.io.IOException; + import java.io.InputStream; ++import java.net.MalformedURLException; + import java.net.URL; + import java.net.URLConnection; +-import java.net.MalformedURLException; +- ++import java.util.Hashtable; ++import javax.xml.parsers.DocumentBuilder; + import javax.xml.parsers.DocumentBuilderFactory; +-import javax.xml.parsers.DocumentBuilder; + import javax.xml.parsers.ParserConfigurationException; +- +-import com.sun.org.apache.xml.internal.resolver.Catalog; +-import com.sun.org.apache.xml.internal.resolver.CatalogException; +-import com.sun.org.apache.xml.internal.resolver.readers.CatalogReader; +-import com.sun.org.apache.xml.internal.resolver.helpers.Namespaces; +- ++import org.w3c.dom.*; + import org.xml.sax.SAXException; +-import org.w3c.dom.*; ++import sun.reflect.misc.ReflectUtil; + + /** + * A DOM-based CatalogReader. +@@ -199,7 +196,7 @@ + DOMCatalogParser domParser = null; + + try { +- domParser = (DOMCatalogParser) Class.forName(domParserClass).newInstance(); ++ domParser = (DOMCatalogParser) ReflectUtil.forName(domParserClass).newInstance(); + } catch (ClassNotFoundException cnfe) { + catalog.getCatalogManager().debug.message(1, "Cannot load XML Catalog Parser class", domParserClass); + throw new CatalogException(CatalogException.UNPARSEABLE); +diff -Nru openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xml/internal/resolver/readers/SAXCatalogReader.java openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xml/internal/resolver/readers/SAXCatalogReader.java +--- openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xml/internal/resolver/readers/SAXCatalogReader.java ++++ openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xml/internal/resolver/readers/SAXCatalogReader.java +@@ -23,19 +23,21 @@ + + package com.sun.org.apache.xml.internal.resolver.readers; + +-import java.util.Hashtable; ++import com.sun.org.apache.xml.internal.resolver.Catalog; ++import com.sun.org.apache.xml.internal.resolver.CatalogException; ++import com.sun.org.apache.xml.internal.resolver.CatalogManager; ++import com.sun.org.apache.xml.internal.resolver.helpers.Debug; ++import java.io.FileNotFoundException; + import java.io.IOException; +-import java.io.FileNotFoundException; + import java.io.InputStream; ++import java.net.MalformedURLException; + import java.net.URL; + import java.net.URLConnection; +-import java.net.MalformedURLException; + import java.net.UnknownHostException; +- ++import java.util.Hashtable; + import javax.xml.parsers.ParserConfigurationException; ++import javax.xml.parsers.SAXParser; + import javax.xml.parsers.SAXParserFactory; +-import javax.xml.parsers.SAXParser; +- + import org.xml.sax.AttributeList; + import org.xml.sax.Attributes; + import org.xml.sax.ContentHandler; +@@ -45,12 +47,7 @@ + import org.xml.sax.Locator; + import org.xml.sax.Parser; + import org.xml.sax.SAXException; +- +-import com.sun.org.apache.xml.internal.resolver.Catalog; +-import com.sun.org.apache.xml.internal.resolver.CatalogManager; +-import com.sun.org.apache.xml.internal.resolver.CatalogException; +-import com.sun.org.apache.xml.internal.resolver.readers.CatalogReader; +-import com.sun.org.apache.xml.internal.resolver.helpers.Debug; ++import sun.reflect.misc.ReflectUtil; + + /** + * A SAX-based CatalogReader. +@@ -246,7 +243,7 @@ + } + parser.parse(new InputSource(is), spHandler); + } else { +- Parser parser = (Parser) Class.forName(parserClass).newInstance(); ++ Parser parser = (Parser) ReflectUtil.forName(parserClass).newInstance(); + parser.setDocumentHandler(this); + if (bResolver != null) { + parser.setEntityResolver(bResolver); +@@ -352,7 +349,7 @@ + + try { + saxParser = (SAXCatalogParser) +- Class.forName(saxParserClass).newInstance(); ++ ReflectUtil.forName(saxParserClass).newInstance(); + + saxParser.setCatalog(catalog); + saxParser.startDocument(); +@@ -413,7 +410,7 @@ + + try { + saxParser = (SAXCatalogParser) +- Class.forName(saxParserClass).newInstance(); ++ ReflectUtil.forName(saxParserClass).newInstance(); + + saxParser.setCatalog(catalog); + saxParser.startDocument();
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/20140114/8022945-jndi.patch Wed Jan 15 12:52:12 2014 -0500 @@ -0,0 +1,66 @@ +# HG changeset patch +# User weijun +# Date 1376923412 -28800 +# Mon Aug 19 22:43:32 2013 +0800 +# Node ID 3bbfb1248ffef586f26d6292f4492a182133b91c +# Parent 76445081396e1ba3ccf4a800011bd306b424a7d3 +8022945: Enhance JNDI implementation classes +Reviewed-by: xuelei, ahgross, skoivu + +diff -Nru openjdk/jdk/src/share/lib/security/java.security-linux openjdk/jdk/src/share/lib/security/java.security-linux +--- openjdk/jdk/src/share/lib/security/java.security-linux ++++ openjdk/jdk/src/share/lib/security/java.security-linux +@@ -152,6 +152,7 @@ + com.sun.org.apache.xml.internal.utils.,\ + com.sun.org.apache.xml.internal.security.,\ + com.sun.org.glassfish.,\ ++ com.sun.naming.internal.,\ + org.jcp.xml.dsig.internal. + + # +@@ -189,6 +190,7 @@ + com.sun.org.apache.xml.internal.utils.,\ + com.sun.org.apache.xml.internal.security.,\ + com.sun.org.glassfish.,\ ++ com.sun.naming.internal.,\ + org.jcp.xml.dsig.internal. + + # +diff -Nru openjdk/jdk/src/share/lib/security/java.security-solaris openjdk/jdk/src/share/lib/security/java.security-solaris +--- openjdk/jdk/src/share/lib/security/java.security-solaris ++++ openjdk/jdk/src/share/lib/security/java.security-solaris +@@ -154,6 +154,7 @@ + com.sun.org.apache.xml.internal.utils.,\ + com.sun.org.apache.xml.internal.security.,\ + com.sun.org.glassfish.,\ ++ com.sun.naming.internal.,\ + org.jcp.xml.dsig.internal. + + # +@@ -191,6 +192,7 @@ + com.sun.org.apache.xml.internal.utils.,\ + com.sun.org.apache.xml.internal.security.,\ + com.sun.org.glassfish.,\ ++ com.sun.naming.internal.,\ + org.jcp.xml.dsig.internal. + + # +diff -Nru openjdk/jdk/src/share/lib/security/java.security-windows openjdk/jdk/src/share/lib/security/java.security-windows +--- openjdk/jdk/src/share/lib/security/java.security-windows ++++ openjdk/jdk/src/share/lib/security/java.security-windows +@@ -154,6 +154,7 @@ + com.sun.org.apache.xml.internal.utils.,\ + com.sun.org.apache.xml.internal.security.,\ + com.sun.org.glassfish.,\ ++ com.sun.naming.internal.,\ + org.jcp.xml.dsig.internal.\ + com.sun.java.accessibility. + +@@ -192,6 +193,7 @@ + com.sun.org.apache.xml.internal.utils.,\ + com.sun.org.apache.xml.internal.security.,\ + com.sun.org.glassfish.,\ ++ com.sun.naming.internal.,\ + org.jcp.xml.dsig.internal.\ + com.sun.java.accessibility. +
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/20140114/8023057-splashscreen.patch Wed Jan 15 12:52:12 2014 -0500 @@ -0,0 +1,96 @@ +# HG changeset patch +# User vadim +# Date 1379062344 -14400 +# Fri Sep 13 12:52:24 2013 +0400 +# Node ID a6994940a6442b3a8eeb50eb01e5c52d9df3fd96 +# Parent 9428ea5293bee1fa63c7ea0462f9765714570800 +8023057: Enhance start up image display +Reviewed-by: anthony, serb, mschoene + +diff -Nru openjdk/jdk/src/share/native/sun/awt/splashscreen/splashscreen_impl.c openjdk/jdk/src/share/native/sun/awt/splashscreen/splashscreen_impl.c +--- openjdk/jdk/src/share/native/sun/awt/splashscreen/splashscreen_impl.c ++++ openjdk/jdk/src/share/native/sun/awt/splashscreen/splashscreen_impl.c +@@ -111,8 +111,9 @@ + int + SplashIsStillLooping(Splash * splash) + { +- if (splash->currentFrame < 0) ++ if (splash->currentFrame < 0) { + return 0; ++ } + return splash->loopCount != 1 || + splash->currentFrame + 1 < splash->frameCount; + } +@@ -121,17 +122,22 @@ + SplashUpdateScreenData(Splash * splash) + { + ImageRect srcRect, dstRect; ++ if (splash->currentFrame < 0) { ++ return; ++ } + + initRect(&srcRect, 0, 0, splash->width, splash->height, 1, + splash->width * sizeof(rgbquad_t), + splash->frames[splash->currentFrame].bitmapBits, &splash->imageFormat); +- if (splash->screenData) ++ if (splash->screenData) { + free(splash->screenData); ++ } + splash->screenStride = splash->width * splash->screenFormat.depthBytes; +- if (splash->byteAlignment > 1) ++ if (splash->byteAlignment > 1) { + splash->screenStride = + (splash->screenStride + splash->byteAlignment - 1) & + ~(splash->byteAlignment - 1); ++ } + splash->screenData = malloc(splash->height * splash->screenStride); + initRect(&dstRect, 0, 0, splash->width, splash->height, 1, + splash->screenStride, splash->screenData, &splash->screenFormat); +@@ -146,16 +152,19 @@ + void + SplashNextFrame(Splash * splash) + { +- if (splash->currentFrame < 0) ++ if (splash->currentFrame < 0) { + return; ++ } + do { +- if (!SplashIsStillLooping(splash)) ++ if (!SplashIsStillLooping(splash)) { + return; ++ } + splash->time += splash->frames[splash->currentFrame].delay; + if (++splash->currentFrame >= splash->frameCount) { + splash->currentFrame = 0; +- if (splash->loopCount > 0) ++ if (splash->loopCount > 0) { + splash->loopCount--; ++ } + } + } while (splash->time + splash->frames[splash->currentFrame].delay - + SplashTime() <= 0); +@@ -183,8 +192,9 @@ + pSrc += pSrcRect->depthBytes; + ++i; + } +- if (i >= pSrcRect->numSamples) ++ if (i >= pSrcRect->numSamples) { + break; ++ } + i0 = i; + while (i < pSrcRect->numSamples && + getRGBA(pSrc, pSrcRect->format) >= ALPHA_THRESHOLD) { +diff -Nru openjdk/jdk/src/solaris/native/sun/awt/splashscreen/splashscreen_sys.c openjdk/jdk/src/solaris/native/sun/awt/splashscreen/splashscreen_sys.c +--- openjdk/jdk/src/solaris/native/sun/awt/splashscreen/splashscreen_sys.c ++++ openjdk/jdk/src/solaris/native/sun/awt/splashscreen/splashscreen_sys.c +@@ -557,8 +557,8 @@ + SplashUnlock(splash); + rc = select(n, fds, NULL, NULL, ptv); + SplashLock(splash); +- if (splash->isVisible>0 && SplashTime() >= splash->time + +- splash->frames[splash->currentFrame].delay) { ++ if (splash->isVisible > 0 && splash->currentFrame >= 0 && ++ SplashTime() >= splash->time + splash->frames[splash->currentFrame].delay) { + SplashNextFrame(splash); + SplashUpdateShape(splash); + SplashRedrawWindow(splash);
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/20140114/8023069-tls.patch Wed Jan 15 12:52:12 2014 -0500 @@ -0,0 +1,627 @@ +# HG changeset patch +# User xuelei +# Date 1378430269 25200 +# Thu Sep 05 18:17:49 2013 -0700 +# Node ID 2185882efa739f75432070168c8d00cd841d81d0 +# Parent c4796b4be6b144653422100b14e33c0b817546ea +8023069: Enhance TLS connections +Summary: Also reviewed by Alexander Fomin and Andrew Gross +Reviewed-by: wetmore + +diff -Nru openjdk/jdk/src/share/classes/com/sun/crypto/provider/TlsRsaPremasterSecretGenerator.java openjdk/jdk/src/share/classes/com/sun/crypto/provider/TlsRsaPremasterSecretGenerator.java +--- openjdk/jdk/src/share/classes/com/sun/crypto/provider/TlsRsaPremasterSecretGenerator.java ++++ openjdk/jdk/src/share/classes/com/sun/crypto/provider/TlsRsaPremasterSecretGenerator.java +@@ -73,13 +73,17 @@ + throw new IllegalStateException + ("TlsRsaPremasterSecretGenerator must be initialized"); + } +- if (random == null) { +- random = new SecureRandom(); ++ byte[] b = spec.getEncodedSecret(); ++ if (b == null) { ++ if (random == null) { ++ random = new SecureRandom(); ++ } ++ b = new byte[48]; ++ random.nextBytes(b); ++ b[0] = (byte)spec.getMajorVersion(); ++ b[1] = (byte)spec.getMinorVersion(); + } +- byte[] b = new byte[48]; +- random.nextBytes(b); +- b[0] = (byte)spec.getMajorVersion(); +- b[1] = (byte)spec.getMinorVersion(); ++ + return new SecretKeySpec(b, "TlsRsaPremasterSecret"); + } + +diff -Nru openjdk/jdk/src/share/classes/sun/security/internal/spec/TlsRsaPremasterSecretParameterSpec.java openjdk/jdk/src/share/classes/sun/security/internal/spec/TlsRsaPremasterSecretParameterSpec.java +--- openjdk/jdk/src/share/classes/sun/security/internal/spec/TlsRsaPremasterSecretParameterSpec.java ++++ openjdk/jdk/src/share/classes/sun/security/internal/spec/TlsRsaPremasterSecretParameterSpec.java +@@ -43,11 +43,12 @@ + + private final int majorVersion; + private final int minorVersion; ++ private final byte[] encodedSecret; + + /** + * Constructs a new TlsRsaPremasterSecretParameterSpec. +- * +- * <p>The version numbers will be placed inside the premaster secret to ++ * <P> ++ * The version numbers will be placed inside the premaster secret to + * detect version rollbacks attacks as described in the TLS specification. + * Note that they do not indicate the protocol version negotiated for + * the handshake. +@@ -61,6 +62,40 @@ + public TlsRsaPremasterSecretParameterSpec(int majorVersion, int minorVersion) { + this.majorVersion = TlsMasterSecretParameterSpec.checkVersion(majorVersion); + this.minorVersion = TlsMasterSecretParameterSpec.checkVersion(minorVersion); ++ this.encodedSecret = null; ++ } ++ ++ /** ++ * Constructs a new TlsRsaPremasterSecretParameterSpec. ++ * <P> ++ * The version numbers will be placed inside the premaster secret to ++ * detect version rollbacks attacks as described in the TLS specification. ++ * Note that they do not indicate the protocol version negotiated for ++ * the handshake. ++ * <P> ++ * Usually, the encoded secret key is a random number that acts as ++ * dummy pre_master_secret to avoid vulnerabilities described by ++ * section 7.4.7.1, RFC 5246. ++ * ++ * @param majorVersion the major number of the protocol version ++ * @param minorVersion the minor number of the protocol version ++ * @param encodedSecret the encoded secret key ++ * ++ * @throws IllegalArgumentException if minorVersion or majorVersion are ++ * negative or larger than 255, or encodedSecret is not exactly 48 bytes. ++ */ ++ public TlsRsaPremasterSecretParameterSpec(int majorVersion, ++ int minorVersion, byte[] encodedSecret) { ++ this.majorVersion = ++ TlsMasterSecretParameterSpec.checkVersion(majorVersion); ++ this.minorVersion = ++ TlsMasterSecretParameterSpec.checkVersion(minorVersion); ++ ++ if (encodedSecret == null || encodedSecret.length != 48) { ++ throw new IllegalArgumentException( ++ "Encoded secret is not exactly 48 bytes"); ++ } ++ this.encodedSecret = encodedSecret.clone(); + } + + /** +@@ -80,4 +115,13 @@ + public int getMinorVersion() { + return minorVersion; + } ++ ++ /** ++ * Returns the encoded secret. ++ * ++ * @return the encoded secret, may be null if no encoded secret. ++ */ ++ public byte[] getEncodedSecret() { ++ return encodedSecret == null ? null : encodedSecret.clone(); ++ } + } +diff -Nru openjdk/jdk/src/share/classes/sun/security/pkcs11/P11RSACipher.java openjdk/jdk/src/share/classes/sun/security/pkcs11/P11RSACipher.java +--- openjdk/jdk/src/share/classes/sun/security/pkcs11/P11RSACipher.java ++++ openjdk/jdk/src/share/classes/sun/security/pkcs11/P11RSACipher.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -417,28 +417,6 @@ + // see JCE spec + protected Key engineUnwrap(byte[] wrappedKey, String algorithm, + int type) throws InvalidKeyException, NoSuchAlgorithmException { +- if (algorithm.equals("TlsRsaPremasterSecret")) { +- // the instance variable "session" has been initialized for +- // decrypt mode, so use a local variable instead. +- Session s = null; +- try { +- s = token.getObjSession(); +- long keyType = CKK_GENERIC_SECRET; +- CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { +- new CK_ATTRIBUTE(CKA_CLASS, CKO_SECRET_KEY), +- new CK_ATTRIBUTE(CKA_KEY_TYPE, keyType), +- }; +- attributes = token.getAttributes +- (O_IMPORT, CKO_SECRET_KEY, keyType, attributes); +- long keyID = token.p11.C_UnwrapKey(s.id(), new CK_MECHANISM(mechanism), +- p11Key.keyID, wrappedKey, attributes); +- return P11Key.secretKey(session, keyID, algorithm, 48 << 3, attributes); +- } catch (PKCS11Exception e) { +- throw new InvalidKeyException("wrap() failed", e); +- } finally { +- token.releaseSession(s); +- } +- } + // XXX implement unwrap using C_Unwrap() for all keys + if (wrappedKey.length > maxInputSize) { + throw new InvalidKeyException("Key is too long for unwrapping"); +diff -Nru openjdk/jdk/src/share/classes/sun/security/pkcs11/P11TlsRsaPremasterSecretGenerator.java openjdk/jdk/src/share/classes/sun/security/pkcs11/P11TlsRsaPremasterSecretGenerator.java +--- openjdk/jdk/src/share/classes/sun/security/pkcs11/P11TlsRsaPremasterSecretGenerator.java ++++ openjdk/jdk/src/share/classes/sun/security/pkcs11/P11TlsRsaPremasterSecretGenerator.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2005, 2007, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -88,23 +88,33 @@ + throw new IllegalStateException + ("TlsRsaPremasterSecretGenerator must be initialized"); + } +- CK_VERSION version = +- new CK_VERSION(spec.getMajorVersion(), spec.getMinorVersion()); +- Session session = null; +- try { +- session = token.getObjSession(); +- CK_ATTRIBUTE[] attributes = token.getAttributes +- (O_GENERATE, CKO_SECRET_KEY, CKK_GENERIC_SECRET, new CK_ATTRIBUTE[0]); +- long keyID = token.p11.C_GenerateKey +- (session.id(), new CK_MECHANISM(mechanism, version), attributes); +- SecretKey key = P11Key.secretKey +- (session, keyID, "TlsRsaPremasterSecret", 48 << 3, attributes); +- return key; +- } catch (PKCS11Exception e) { +- throw new ProviderException("Could not generate premaster secret", e); +- } finally { +- token.releaseSession(session); ++ ++ byte[] b = spec.getEncodedSecret(); ++ if (b == null) { ++ CK_VERSION version = new CK_VERSION( ++ spec.getMajorVersion(), spec.getMinorVersion()); ++ Session session = null; ++ try { ++ session = token.getObjSession(); ++ CK_ATTRIBUTE[] attributes = token.getAttributes( ++ O_GENERATE, CKO_SECRET_KEY, ++ CKK_GENERIC_SECRET, new CK_ATTRIBUTE[0]); ++ long keyID = token.p11.C_GenerateKey(session.id(), ++ new CK_MECHANISM(mechanism, version), attributes); ++ SecretKey key = P11Key.secretKey(session, ++ keyID, "TlsRsaPremasterSecret", 48 << 3, attributes); ++ return key; ++ } catch (PKCS11Exception e) { ++ throw new ProviderException( ++ "Could not generate premaster secret", e); ++ } finally { ++ token.releaseSession(session); ++ } + } ++ ++ // Won't worry, the TlsRsaPremasterSecret will be soon converted to ++ // TlsMasterSecret. ++ return new SecretKeySpec(b, "TlsRsaPremasterSecret"); + } + + } +diff -Nru openjdk/jdk/src/share/classes/sun/security/rsa/RSAPadding.java openjdk/jdk/src/share/classes/sun/security/rsa/RSAPadding.java +--- openjdk/jdk/src/share/classes/sun/security/rsa/RSAPadding.java ++++ openjdk/jdk/src/share/classes/sun/security/rsa/RSAPadding.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2003, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -318,33 +318,53 @@ + + /** + * PKCS#1 v1.5 unpadding (blocktype 1 and 2). ++ * ++ * Note that we want to make it a constant-time operation + */ + private byte[] unpadV15(byte[] padded) throws BadPaddingException { + int k = 0; ++ BadPaddingException bpe = null; ++ + if (padded[k++] != 0) { +- throw new BadPaddingException("Data must start with zero"); ++ bpe = new BadPaddingException("Data must start with zero"); + } +- if (padded[k++] != type) { +- throw new BadPaddingException("Blocktype mismatch: " + padded[1]); ++ if (padded[k++] != type && bpe == null) { ++ bpe = new BadPaddingException("Blocktype mismatch: " + padded[1]); + } +- while (true) { ++ int p = 0; ++ while (k < padded.length) { + int b = padded[k++] & 0xff; +- if (b == 0) { +- break; ++ if (b == 0 && p == 0) { ++ p = k; + } +- if (k == padded.length) { +- throw new BadPaddingException("Padding string not terminated"); ++ if (k == padded.length && p == 0 && bpe == null) { ++ bpe = new BadPaddingException("Padding string not terminated"); + } +- if ((type == PAD_BLOCKTYPE_1) && (b != 0xff)) { +- throw new BadPaddingException("Padding byte not 0xff: " + b); ++ if ((type == PAD_BLOCKTYPE_1) && (b != 0xff) && ++ p == 0 && bpe == null) { ++ bpe = new BadPaddingException("Padding byte not 0xff: " + b); + } + } +- int n = padded.length - k; +- if (n > maxDataSize) { +- throw new BadPaddingException("Padding string too short"); ++ int n = padded.length - p; ++ if (n > maxDataSize && bpe == null) { ++ bpe = new BadPaddingException("Padding string too short"); + } ++ ++ // copy useless padding array for a constant-time method ++ // ++ // Is it necessary? ++ byte[] padding = new byte[p]; ++ System.arraycopy(padded, 0, padding, 0, p); ++ + byte[] data = new byte[n]; +- System.arraycopy(padded, padded.length - n, data, 0, n); ++ System.arraycopy(padded, p, data, 0, n); ++ ++ if (bpe == null) { ++ bpe = new BadPaddingException("Unused exception"); ++ } else { ++ throw bpe; ++ } ++ + return data; + } + +diff -Nru openjdk/jdk/src/share/classes/sun/security/ssl/Handshaker.java openjdk/jdk/src/share/classes/sun/security/ssl/Handshaker.java +--- openjdk/jdk/src/share/classes/sun/security/ssl/Handshaker.java ++++ openjdk/jdk/src/share/classes/sun/security/ssl/Handshaker.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 1996, 2012, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -762,70 +762,25 @@ + // benefit to doing it twice + } + +- SecretKey masterSecret; + try { + KeyGenerator kg = JsseJce.getKeyGenerator("SunTlsMasterSecret"); + kg.init(spec); +- masterSecret = kg.generateKey(); +- } catch (GeneralSecurityException e) { +- // For RSA premaster secrets, do not signal a protocol error +- // due to the Bleichenbacher attack. See comments further down. +- if (!preMasterSecret.getAlgorithm().equals("TlsRsaPremasterSecret")) { +- throw new ProviderException(e); +- } ++ return kg.generateKey(); ++ } catch (InvalidAlgorithmParameterException e) { ++ // unlikely to happen, otherwise, must be a provider exception + if (debug != null && Debug.isOn("handshake")) { + System.out.println("RSA master secret generation error:"); + e.printStackTrace(System.out); + } +- preMasterSecret = +- RSAClientKeyExchange.generateDummySecret(protocolVersion); +- // recursive call with new premaster secret +- return calculateMasterSecret(preMasterSecret, null); ++ throw new ProviderException(e); ++ } catch (NoSuchAlgorithmException e) { ++ // unlikely to happen, otherwise, must be a provider exception ++ if (debug != null && Debug.isOn("handshake")) { ++ System.out.println("RSA master secret generation error:"); ++ e.printStackTrace(System.out); ++ } ++ throw new ProviderException(e); + } +- +- // if no version check requested (client side handshake), +- // or version information is not available (not an RSA premaster secret), +- // return master secret immediately. +- if ((requestedVersion == null) || !(masterSecret instanceof TlsMasterSecret)) { +- return masterSecret; +- } +- TlsMasterSecret tlsKey = (TlsMasterSecret)masterSecret; +- int major = tlsKey.getMajorVersion(); +- int minor = tlsKey.getMinorVersion(); +- if ((major < 0) || (minor < 0)) { +- return masterSecret; +- } +- +- // check if the premaster secret version is ok +- // the specification says that it must be the maximum version supported +- // by the client from its ClientHello message. However, many +- // implementations send the negotiated version, so accept both +- // NOTE that we may be comparing two unsupported version numbers in +- // the second case, which is why we cannot use object reference +- // equality in this special case +- ProtocolVersion premasterVersion = ProtocolVersion.valueOf(major, minor); +- boolean versionMismatch = (premasterVersion != protocolVersion) && +- (premasterVersion.v != requestedVersion.v); +- +- +- if (versionMismatch == false) { +- // check passed, return key +- return masterSecret; +- } +- +- // Due to the Bleichenbacher attack, do not signal a protocol error. +- // Generate a random premaster secret and continue with the handshake, +- // which will fail when verifying the finished messages. +- // For more information, see comments in PreMasterSecret. +- if (debug != null && Debug.isOn("handshake")) { +- System.out.println("RSA PreMasterSecret version error: expected" +- + protocolVersion + " or " + requestedVersion + ", decrypted: " +- + premasterVersion); +- } +- preMasterSecret = +- RSAClientKeyExchange.generateDummySecret(protocolVersion); +- // recursive call with new premaster secret +- return calculateMasterSecret(preMasterSecret, null); + } + + /* +diff -Nru openjdk/jdk/src/share/classes/sun/security/ssl/RSAClientKeyExchange.java openjdk/jdk/src/share/classes/sun/security/ssl/RSAClientKeyExchange.java +--- openjdk/jdk/src/share/classes/sun/security/ssl/RSAClientKeyExchange.java ++++ openjdk/jdk/src/share/classes/sun/security/ssl/RSAClientKeyExchange.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 1996, 2012, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -123,7 +123,8 @@ + * it with its private key. + */ + RSAClientKeyExchange(ProtocolVersion currentVersion, +- ProtocolVersion maxVersion, HandshakeInStream input, ++ ProtocolVersion maxVersion, ++ SecureRandom generator, HandshakeInStream input, + int messageSize, PrivateKey privateKey) throws IOException { + + if (privateKey.getAlgorithm().equals("RSA") == false) { +@@ -141,20 +142,32 @@ + } + } + ++ Exception failover = null; ++ byte[] encoded = null; + try { + Cipher cipher = JsseJce.getCipher(JsseJce.CIPHER_RSA_PKCS1); +- cipher.init(Cipher.UNWRAP_MODE, privateKey); +- preMaster = (SecretKey)cipher.unwrap(encrypted, +- "TlsRsaPremasterSecret", Cipher.SECRET_KEY); ++ // Cannot generate key here, please don't use Cipher.UNWRAP_MODE! ++ cipher.init(Cipher.DECRYPT_MODE, privateKey); ++ encoded = cipher.doFinal(encrypted); ++ } catch (BadPaddingException bpe) { ++ failover = bpe; ++ encoded = null; ++ } catch (IllegalBlockSizeException ibse) { ++ // the message it too big to process with RSA ++ throw new SSLProtocolException( ++ "Unable to process PreMasterSecret, may be too big"); ++ } catch (Exception e) { ++ // unlikely to happen, otherwise, must be a provider exception ++ if (debug != null && Debug.isOn("handshake")) { ++ System.out.println("RSA premaster secret decryption error:"); ++ e.printStackTrace(System.out); ++ } ++ throw new RuntimeException("Could not generate dummy secret", e); ++ } + +- // polish the premaster secret +- preMaster = polishPreMasterSecretKey( +- currentVersion, maxVersion, preMaster, null); +- } catch (Exception e) { +- // polish the premaster secret +- preMaster = polishPreMasterSecretKey( +- currentVersion, maxVersion, preMaster, e); +- } ++ // polish the premaster secret ++ preMaster = polishPreMasterSecretKey( ++ currentVersion, maxVersion, generator, encoded, failover); + } + + /** +@@ -165,58 +178,53 @@ + * + * RFC 5246 describes the approach as : + * +- * 1. Generate a string R of 46 random bytes ++ * 1. Generate a string R of 48 random bytes + * + * 2. Decrypt the message to recover the plaintext M + * + * 3. If the PKCS#1 padding is not correct, or the length of message + * M is not exactly 48 bytes: +- * pre_master_secret = ClientHello.client_version || R ++ * pre_master_secret = R + * else If ClientHello.client_version <= TLS 1.0, and version + * number check is explicitly disabled: +- * pre_master_secret = M ++ * premaster secret = M ++ * else If M[0..1] != ClientHello.client_version: ++ * premaster secret = R + * else: +- * pre_master_secret = ClientHello.client_version || M[2..47] ++ * premaster secret = M ++ * ++ * Note that #2 has completed before the call of this method. + * + * Note that although TLS 1.2 is not supported in this release, we still + * want to make use of the above approach to provide better protection. + */ +- private SecretKey polishPreMasterSecretKey( +- ProtocolVersion currentVersion, ProtocolVersion clientHelloVersion, +- SecretKey secretKey, Exception failoverException) { ++ private SecretKey polishPreMasterSecretKey(ProtocolVersion currentVersion, ++ ProtocolVersion clientHelloVersion, SecureRandom generator, ++ byte[] encoded, Exception failoverException) { + +- if (failoverException == null && secretKey != null) { ++ this.protocolVersion = clientHelloVersion; ++ if (generator == null) { ++ generator = new SecureRandom(); ++ } ++ byte[] random = new byte[48]; ++ generator.nextBytes(random); ++ ++ if (failoverException == null && encoded != null) { + // check the length +- byte[] encoded = secretKey.getEncoded(); +- if (encoded == null) { // unable to get the encoded key ++ if (encoded.length != 48) { + if (debug != null && Debug.isOn("handshake")) { + System.out.println( +- "unable to get the plaintext of the premaster secret"); ++ "incorrect length of premaster secret: " + ++ encoded.length); + } + +- int keySize = KeyUtil.getKeySize(secretKey); +- if (keySize > 0 && keySize != 384) { // 384 = 48 * 8 +- if (debug != null && Debug.isOn("handshake")) { +- System.out.println( +- "incorrect length of premaster secret: " + +- (keySize/8)); +- } ++ return generatePreMasterSecret( ++ clientHelloVersion, random, generator); ++ } ++ if (clientHelloVersion.major != encoded[0] || ++ clientHelloVersion.minor != encoded[1]) { + +- return generateDummySecret(currentVersion); +- } +- +- // The key size is exactly 48 bytes or not accessible. +- // +- // Conservatively, pass the checking to master secret +- // calculation. +- return secretKey; +- } else if (encoded.length == 48) { +- // check the version +- if (clientHelloVersion.major == encoded[0] && +- clientHelloVersion.minor == encoded[1]) { +- +- return secretKey; +- } else if (clientHelloVersion.v <= ProtocolVersion.TLS10.v && ++ if (clientHelloVersion.v <= ProtocolVersion.TLS10.v && + currentVersion.major == encoded[0] && + currentVersion.minor == encoded[1]) { + /* +@@ -224,24 +232,22 @@ + * version in pre_master_secret can be the negotiated + * version for TLS v1.0 and SSL v3.0. + */ +- return secretKey; ++ this.protocolVersion = currentVersion; ++ } else { ++ if (debug != null && Debug.isOn("handshake")) { ++ System.out.println("Mismatching Protocol Versions, " + ++ "ClientHello.client_version is " + ++ clientHelloVersion + ++ ", while PreMasterSecret.client_version is " + ++ ProtocolVersion.valueOf(encoded[0], encoded[1])); ++ } ++ ++ encoded = random; + } ++ } + +- if (debug != null && Debug.isOn("handshake")) { +- System.out.println("Mismatching Protocol Versions, " + +- "ClientHello.client_version is " + clientHelloVersion + +- ", while PreMasterSecret.client_version is " + +- ProtocolVersion.valueOf(encoded[0], encoded[1])); +- } +- return generateDummySecret(currentVersion); +- } else { +- if (debug != null && Debug.isOn("handshake")) { +- System.out.println( +- "incorrect length of premaster secret: " + +- encoded.length); +- } +- return generateDummySecret(currentVersion); +- } ++ return generatePreMasterSecret( ++ clientHelloVersion, encoded, generator); + } + + if (debug != null && Debug.isOn("handshake") && +@@ -250,11 +256,14 @@ + failoverException.printStackTrace(System.out); + } + +- return generateDummySecret(currentVersion); ++ return generatePreMasterSecret(clientHelloVersion, random, generator); + } + + // generate a premaster secret with the specified version number +- static SecretKey generateDummySecret(ProtocolVersion version) { ++ private static SecretKey generatePreMasterSecret( ++ ProtocolVersion version, byte[] encodedSecret, ++ SecureRandom generator) { ++ + if (debug != null && Debug.isOn("handshake")) { + System.out.println("Generating a random fake premaster secret"); + } +@@ -262,11 +271,23 @@ + try { + KeyGenerator kg = + JsseJce.getKeyGenerator("SunTlsRsaPremasterSecret"); +- kg.init(new TlsRsaPremasterSecretParameterSpec +- (version.major, version.minor)); ++ kg.init(new TlsRsaPremasterSecretParameterSpec( ++ version.major, version.minor, encodedSecret), generator); + return kg.generateKey(); +- } catch (GeneralSecurityException e) { +- throw new RuntimeException("Could not generate dummy secret", e); ++ } catch (InvalidAlgorithmParameterException iae) { ++ // unlikely to happen, otherwise, must be a provider exception ++ if (debug != null && Debug.isOn("handshake")) { ++ System.out.println("RSA premaster secret generation error:"); ++ iae.printStackTrace(System.out); ++ } ++ throw new RuntimeException("Could not generate dummy secret", iae); ++ } catch (NoSuchAlgorithmException iae) { ++ // unlikely to happen, otherwise, must be a provider exception ++ if (debug != null && Debug.isOn("handshake")) { ++ System.out.println("RSA premaster secret generation error:"); ++ iae.printStackTrace(System.out); ++ } ++ throw new RuntimeException("Could not generate dummy secret", iae); + } + } + +diff -Nru openjdk/jdk/src/share/classes/sun/security/ssl/ServerHandshaker.java openjdk/jdk/src/share/classes/sun/security/ssl/ServerHandshaker.java +--- openjdk/jdk/src/share/classes/sun/security/ssl/ServerHandshaker.java ++++ openjdk/jdk/src/share/classes/sun/security/ssl/ServerHandshaker.java +@@ -192,7 +192,8 @@ + */ + RSAClientKeyExchange pms = new RSAClientKeyExchange( + protocolVersion, clientRequestedVersion, +- input, message_len, privateKey); ++ sslContext.getSecureRandom(), input, ++ message_len, privateKey); + preMasterSecret = this.clientKeyExchange(pms); + break; + case K_KRB5:
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/20140114/8023245-beans_decoding.patch Wed Jan 15 12:52:12 2014 -0500 @@ -0,0 +1,34 @@ +# HG changeset patch +# User malenkov +# Date 1378126593 -14400 +# Mon Sep 02 16:56:33 2013 +0400 +# Node ID 76445081396e1ba3ccf4a800011bd306b424a7d3 +# Parent d2fd1283e0b7b978e47ae797731291bf09ba81d7 +8023245: Enhance Beans decoding +Reviewed-by: art, skoivu, alanb + +diff -Nru openjdk/jdk/src/share/classes/com/sun/beans/ObjectHandler.java openjdk/jdk/src/share/classes/com/sun/beans/ObjectHandler.java +--- openjdk/jdk/src/share/classes/com/sun/beans/ObjectHandler.java ++++ openjdk/jdk/src/share/classes/com/sun/beans/ObjectHandler.java +@@ -29,6 +29,7 @@ + + import java.beans.*; + import java.util.*; ++import java.io.StringReader; + + import org.xml.sax.*; + +@@ -153,6 +154,13 @@ + expStack.add(e); + } + ++ /** ++ * Disables any external entities. ++ */ ++ public InputSource resolveEntity(String publicId, String systemId) { ++ return new InputSource(new StringReader("")); ++ } ++ + private Object getValue(Expression exp) { + try { + return exp.getValue();
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/20140114/8023301-generic_classes.patch Wed Jan 15 12:52:12 2014 -0500 @@ -0,0 +1,125 @@ +# HG changeset patch +# User jfranck +# Date 1381483341 -7200 +# Fri Oct 11 11:22:21 2013 +0200 +# Node ID 0130075b454ced66b4c2f557f84c4253f8052de2 +# Parent a6994940a6442b3a8eeb50eb01e5c52d9df3fd96 +8023301: Enhance generic classes +Reviewed-by: mchung, hawtin + +diff -Nru openjdk/jdk/src/share/classes/sun/reflect/generics/reflectiveObjects/TypeVariableImpl.java openjdk/jdk/src/share/classes/sun/reflect/generics/reflectiveObjects/TypeVariableImpl.java +--- openjdk/jdk/src/share/classes/sun/reflect/generics/reflectiveObjects/TypeVariableImpl.java ++++ openjdk/jdk/src/share/classes/sun/reflect/generics/reflectiveObjects/TypeVariableImpl.java +@@ -25,13 +25,17 @@ + + package sun.reflect.generics.reflectiveObjects; + ++import java.lang.reflect.Constructor; + import java.lang.reflect.GenericDeclaration; ++import java.lang.reflect.Member; ++import java.lang.reflect.Method; + import java.lang.reflect.Type; + import java.lang.reflect.TypeVariable; + + import sun.reflect.generics.factory.GenericsFactory; + import sun.reflect.generics.tree.FieldTypeSignature; + import sun.reflect.generics.visitor.Reifier; ++import sun.reflect.misc.ReflectUtil; + + /** + * Implementation of <tt>java.lang.reflect.TypeVariable</tt> interface +@@ -87,6 +91,13 @@ + TypeVariableImpl<T> make(T decl, String name, + FieldTypeSignature[] bs, + GenericsFactory f) { ++ ++ if (!((decl instanceof Class) || ++ (decl instanceof Method) || ++ (decl instanceof Constructor))) { ++ throw new AssertionError("Unexpected kind of GenericDeclaration" + ++ decl.getClass().toString()); ++ } + return new TypeVariableImpl<T>(decl, name, bs, f); + } + +@@ -141,6 +152,13 @@ + * @since 1.5 + */ + public D getGenericDeclaration(){ ++ if (genericDeclaration instanceof Class) ++ ReflectUtil.checkPackageAccess((Class)genericDeclaration); ++ else if ((genericDeclaration instanceof Method) || ++ (genericDeclaration instanceof Constructor)) ++ ReflectUtil.conservativeCheckMemberAccess((Member)genericDeclaration); ++ else ++ throw new AssertionError("Unexpected kind of GenericDeclaration"); + return genericDeclaration; + } + +@@ -156,7 +174,8 @@ + + @Override + public boolean equals(Object o) { +- if (o instanceof TypeVariable) { ++ if (o instanceof TypeVariable && ++ o.getClass() == TypeVariableImpl.class) { + TypeVariable that = (TypeVariable) o; + + GenericDeclaration thatDecl = that.getGenericDeclaration(); +diff -Nru openjdk/jdk/src/share/classes/sun/reflect/misc/ReflectUtil.java openjdk/jdk/src/share/classes/sun/reflect/misc/ReflectUtil.java +--- openjdk/jdk/src/share/classes/sun/reflect/misc/ReflectUtil.java ++++ openjdk/jdk/src/share/classes/sun/reflect/misc/ReflectUtil.java +@@ -26,11 +26,13 @@ + + package sun.reflect.misc; + ++import java.lang.reflect.Member; + import java.lang.reflect.Method; + import java.lang.reflect.Modifier; + import java.lang.reflect.Proxy; + import java.util.Arrays; + import sun.reflect.Reflection; ++import sun.security.util.SecurityConstants; + + public final class ReflectUtil { + +@@ -125,6 +127,39 @@ + return false; + } + ++ /** ++ * Does a conservative approximation of member access check. Use this if ++ * you don't have an actual 'userland' caller Class/ClassLoader available. ++ * This might be more restrictive than a precise member access check where ++ * you have a caller, but should never allow a member access that is ++ * forbidden. ++ * ++ * @param m the {@code Member} about to be accessed ++ */ ++ public static void conservativeCheckMemberAccess(Member m) throws SecurityException{ ++ final SecurityManager sm = System.getSecurityManager(); ++ if (sm == null) ++ return; ++ ++ // Check for package access on the declaring class. ++ // ++ // In addition, unless the member and the declaring class are both ++ // public check for access declared member permissions. ++ // ++ // This is done regardless of ClassLoader relations between the {@code ++ // Member m} and any potential caller. ++ ++ final Class<?> declaringClass = m.getDeclaringClass(); ++ ++ checkPackageAccess(declaringClass); ++ ++ if (Modifier.isPublic(m.getModifiers()) && ++ Modifier.isPublic(declaringClass.getModifiers())) ++ return; ++ ++ // Check for declared member access. ++ sm.checkPermission(SecurityConstants.CHECK_MEMBER_ACCESS_PERMISSION); ++ } + + /** + * Checks package access on the given class.
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/20140114/8023672-jar_validation.patch Wed Jan 15 12:52:12 2014 -0500 @@ -0,0 +1,24 @@ +# HG changeset patch +# User weijun +# Date 1379056959 -28800 +# Fri Sep 13 15:22:39 2013 +0800 +# Node ID 16e444c32915fcf9ec46b2c15d455c220ddc9085 +# Parent 0130075b454ced66b4c2f557f84c4253f8052de2 +8023672: Enhance jar file validation +Summary: Also reviewed by Chris Ries and Alexander Fomin +Reviewed-by: mullan, sherman + +diff -Nru openjdk/jdk/src/share/classes/java/util/jar/JarVerifier.java openjdk/jdk/src/share/classes/java/util/jar/JarVerifier.java +--- openjdk/jdk/src/share/classes/java/util/jar/JarVerifier.java ++++ openjdk/jdk/src/share/classes/java/util/jar/JarVerifier.java +@@ -158,7 +158,9 @@ + name = name.substring(1); + + // only set the jev object for entries that have a signature +- if (sigFileSigners.get(name) != null) { ++ // (either verified or not) ++ if (sigFileSigners.get(name) != null || ++ verifiedSigners.get(name) != null) { + mev.setEntry(name, je); + return; + }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/20140114/8024306-subject_consistency.patch Wed Jan 15 12:52:12 2014 -0500 @@ -0,0 +1,24 @@ +# HG changeset patch +# User weijun +# Date 1379056651 -28800 +# Fri Sep 13 15:17:31 2013 +0800 +# Node ID d2fd1283e0b7b978e47ae797731291bf09ba81d7 +# Parent c12624b110764c74f7dcc1e9ad3b6f313484157c +8024306: Enhance Subject consistency +Summary: Also reviewed by Alexander Fomin +Reviewed-by: mullan, ahgross + +diff -Nru openjdk/jdk/src/share/classes/javax/security/auth/Subject.java openjdk/jdk/src/share/classes/javax/security/auth/Subject.java +--- openjdk/jdk/src/share/classes/javax/security/auth/Subject.java ++++ openjdk/jdk/src/share/classes/javax/security/auth/Subject.java +@@ -947,6 +947,10 @@ + + s.defaultReadObject(); + ++ // Rewrap the principals into a SecureSet ++ principals = Collections.synchronizedSet(new SecureSet<Principal> ++ (this, PRINCIPAL_SET, principals)); ++ + // The Credential <code>Set</code> is not serialized, but we do not + // want the default deserialization routine to set it to null. + this.pubCredentials = Collections.synchronizedSet
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/20140114/8024530-font_process.patch Wed Jan 15 12:52:12 2014 -0500 @@ -0,0 +1,2933 @@ +# HG changeset patch +# User prr +# Date 1382274728 25200 +# Sun Oct 20 06:12:08 2013 -0700 +# Node ID 9d4e84bf8c0d6f4d5b538e68b7b4f64b2787a847 +# Parent 2cf3d83c5c6b0d64f2c66161fd9b2d789ffef5f9 +8024530: Enhance font process resilience +Reviewed-by: mschoene, bae, srl, prr + +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/AlternateSubstSubtables.cpp openjdk/jdk/src/share/native/sun/font/layout/AlternateSubstSubtables.cpp +--- openjdk/jdk/src/share/native/sun/font/layout/AlternateSubstSubtables.cpp ++++ openjdk/jdk/src/share/native/sun/font/layout/AlternateSubstSubtables.cpp +@@ -55,7 +55,7 @@ + (const AlternateSetTable *) ((char *) this + alternateSetTableOffset)); + TTGlyphID alternate = SWAPW(alternateSetTable->alternateArray[0]); + +- if (filter == NULL || filter->accept(LE_SET_GLYPH(glyph, alternate))) { ++ if (filter == NULL || filter->accept(LE_SET_GLYPH(glyph, alternate), success)) { + glyphIterator->setCurrGlyphID(SWAPW(alternateSetTable->alternateArray[0])); + } + +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/AnchorTables.cpp openjdk/jdk/src/share/native/sun/font/layout/AnchorTables.cpp +--- openjdk/jdk/src/share/native/sun/font/layout/AnchorTables.cpp ++++ openjdk/jdk/src/share/native/sun/font/layout/AnchorTables.cpp +@@ -37,55 +37,54 @@ + + U_NAMESPACE_BEGIN + +-void AnchorTable::getAnchor(LEGlyphID glyphID, const LEFontInstance *fontInstance, +- LEPoint &anchor) const ++void AnchorTable::getAnchor(const LETableReference &base, LEGlyphID glyphID, const LEFontInstance *fontInstance, ++ LEPoint &anchor, LEErrorCode &success) const + { + switch(SWAPW(anchorFormat)) { + case 1: + { +- const Format1AnchorTable *f1 = (const Format1AnchorTable *) this; +- +- f1->getAnchor(fontInstance, anchor); ++ LEReferenceTo<Format1AnchorTable> f1(base, success); ++ f1->getAnchor(f1, fontInstance, anchor, success); + break; + } + + case 2: + { +- const Format2AnchorTable *f2 = (const Format2AnchorTable *) this; +- +- f2->getAnchor(glyphID, fontInstance, anchor); ++ LEReferenceTo<Format2AnchorTable> f2(base, success); ++ f2->getAnchor(f2, glyphID, fontInstance, anchor, success); + break; + } + + case 3: + { +- const Format3AnchorTable *f3 = (const Format3AnchorTable *) this; +- +- f3->getAnchor(fontInstance, anchor); ++ LEReferenceTo<Format3AnchorTable> f3(base, success); ++ f3->getAnchor(f3, fontInstance, anchor, success); + break; + } + + default: ++ { + // unknown format: just use x, y coordinate, like format 1... +- const Format1AnchorTable *f1 = (const Format1AnchorTable *) this; +- +- f1->getAnchor(fontInstance, anchor); ++ LEReferenceTo<Format1AnchorTable> f1(base, success); ++ f1->getAnchor(f1, fontInstance, anchor, success); + break; + } + } ++} + +-void Format1AnchorTable::getAnchor(const LEFontInstance *fontInstance, LEPoint &anchor) const ++void Format1AnchorTable::getAnchor(const LEReferenceTo<Format1AnchorTable>& base, const LEFontInstance *fontInstance, LEPoint &anchor, LEErrorCode &success) const + { + le_int16 x = SWAPW(xCoordinate); + le_int16 y = SWAPW(yCoordinate); + LEPoint pixels; + + fontInstance->transformFunits(x, y, pixels); +- + fontInstance->pixelsToUnits(pixels, anchor); + } + +-void Format2AnchorTable::getAnchor(LEGlyphID glyphID, const LEFontInstance *fontInstance, LEPoint &anchor) const ++void Format2AnchorTable::getAnchor(const LEReferenceTo<Format2AnchorTable>& base, ++ LEGlyphID glyphID, const LEFontInstance *fontInstance, LEPoint &anchor ++ , LEErrorCode &success) const + { + LEPoint point; + +@@ -100,7 +99,8 @@ + fontInstance->pixelsToUnits(point, anchor); + } + +-void Format3AnchorTable::getAnchor(const LEFontInstance *fontInstance, LEPoint &anchor) const ++void Format3AnchorTable::getAnchor(const LEReferenceTo<Format3AnchorTable> &base, const LEFontInstance *fontInstance, ++ LEPoint &anchor, LEErrorCode &success) const + { + le_int16 x = SWAPW(xCoordinate); + le_int16 y = SWAPW(yCoordinate); +@@ -111,15 +111,15 @@ + fontInstance->transformFunits(x, y, pixels); + + if (dtxOffset != 0) { +- const DeviceTable *dtx = (const DeviceTable *) ((char *) this + dtxOffset); +- le_int16 adjx = dtx->getAdjustment((le_int16) fontInstance->getXPixelsPerEm()); ++ LEReferenceTo<DeviceTable> dt(base, success, dtxOffset); ++ le_int16 adjx = dt->getAdjustment(dt, (le_int16) fontInstance->getXPixelsPerEm(), success); + + pixels.fX += adjx; + } + + if (dtyOffset != 0) { +- const DeviceTable *dty = (const DeviceTable *) ((char *) this + dtyOffset); +- le_int16 adjy = dty->getAdjustment((le_int16) fontInstance->getYPixelsPerEm()); ++ LEReferenceTo<DeviceTable> dt(base, success, dtyOffset); ++ le_int16 adjy = dt->getAdjustment(dt, (le_int16) fontInstance->getYPixelsPerEm(), success); + + pixels.fY += adjy; + } +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/AnchorTables.h openjdk/jdk/src/share/native/sun/font/layout/AnchorTables.h +--- openjdk/jdk/src/share/native/sun/font/layout/AnchorTables.h ++++ openjdk/jdk/src/share/native/sun/font/layout/AnchorTables.h +@@ -49,20 +49,23 @@ + le_int16 xCoordinate; + le_int16 yCoordinate; + +- void getAnchor(LEGlyphID glyphID, const LEFontInstance *fontInstance, +- LEPoint &anchor) const; ++ void getAnchor(const LETableReference &base, LEGlyphID glyphID, const LEFontInstance *fontInstance, ++ LEPoint &anchor, LEErrorCode &success) const; + }; + + struct Format1AnchorTable : AnchorTable + { +- void getAnchor(const LEFontInstance *fontInstance, LEPoint &anchor) const; ++ void getAnchor(const LEReferenceTo<Format1AnchorTable>& base, ++ const LEFontInstance *fontInstance, LEPoint &anchor, LEErrorCode &success) const; + }; + + struct Format2AnchorTable : AnchorTable + { + le_uint16 anchorPoint; + +- void getAnchor(LEGlyphID glyphID, const LEFontInstance *fontInstance, LEPoint &anchor) const; ++ void getAnchor(const LEReferenceTo<Format2AnchorTable>& base, ++ LEGlyphID glyphID, const LEFontInstance *fontInstance, ++ LEPoint &anchor, LEErrorCode &success) const; + }; + + struct Format3AnchorTable : AnchorTable +@@ -70,7 +73,9 @@ + Offset xDeviceTableOffset; + Offset yDeviceTableOffset; + +- void getAnchor(const LEFontInstance *fontInstance, LEPoint &anchor) const; ++ void getAnchor(const LEReferenceTo<Format3AnchorTable>& base, ++ const LEFontInstance *fontInstance, LEPoint &anchor, ++ LEErrorCode &success) const; + }; + + U_NAMESPACE_END +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/ArabicLayoutEngine.cpp openjdk/jdk/src/share/native/sun/font/layout/ArabicLayoutEngine.cpp +--- openjdk/jdk/src/share/native/sun/font/layout/ArabicLayoutEngine.cpp ++++ openjdk/jdk/src/share/native/sun/font/layout/ArabicLayoutEngine.cpp +@@ -51,7 +51,7 @@ + + U_NAMESPACE_BEGIN + +-le_bool CharSubstitutionFilter::accept(LEGlyphID glyph) const ++le_bool CharSubstitutionFilter::accept(LEGlyphID glyph, LEErrorCode &/*success*/) const + { + return fFontInstance->canDisplay((LEUnicode) glyph); + } +@@ -147,7 +147,9 @@ + GDEFMarkFilter filter(fGDEFTable, success); + adjustMarkGlyphs(glyphStorage, &filter, success); + } else { +- LEReferenceTo<GlyphDefinitionTableHeader> gdefTable(CanonShaping::glyphDefinitionTable, CanonShaping::glyphDefinitionTableLen); ++ LEReferenceTo<GlyphDefinitionTableHeader> gdefTable(LETableReference::kStaticData, ++ CanonShaping::glyphDefinitionTable, ++ CanonShaping::glyphDefinitionTableLen); + GDEFMarkFilter filter(gdefTable, success); + + adjustMarkGlyphs(&chars[offset], count, reverse, glyphStorage, &filter, success); +@@ -157,8 +159,8 @@ + UnicodeArabicOpenTypeLayoutEngine::UnicodeArabicOpenTypeLayoutEngine(const LEFontInstance *fontInstance, le_int32 scriptCode, le_int32 languageCode, le_int32 typoFlags, LEErrorCode &success) + : ArabicOpenTypeLayoutEngine(fontInstance, scriptCode, languageCode, typoFlags | LE_CHAR_FILTER_FEATURE_FLAG, success) + { +- fGSUBTable = (const GlyphSubstitutionTableHeader *) CanonShaping::glyphSubstitutionTable; +- fGDEFTable = (const GlyphDefinitionTableHeader *) CanonShaping::glyphDefinitionTable; ++ fGSUBTable.setTo(LETableReference::kStaticData, (const GlyphSubstitutionTableHeader *) CanonShaping::glyphSubstitutionTable, CanonShaping::glyphSubstitutionTableLen); ++ fGDEFTable.setTo(LETableReference::kStaticData, (const GlyphDefinitionTableHeader *) CanonShaping::glyphDefinitionTable, CanonShaping::glyphDefinitionTableLen); + /* OpenTypeLayoutEngine will allocate a substitution filter */ + } + +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/ArabicShaping.cpp openjdk/jdk/src/share/native/sun/font/layout/ArabicShaping.cpp +--- openjdk/jdk/src/share/native/sun/font/layout/ArabicShaping.cpp ++++ openjdk/jdk/src/share/native/sun/font/layout/ArabicShaping.cpp +@@ -59,7 +59,8 @@ + ArabicShaping::ShapeType ArabicShaping::getShapeType(LEUnicode c) + { + LEErrorCode success = LE_NO_ERROR; +- const LEReferenceTo<ClassDefinitionTable> joiningTypes((const ClassDefinitionTable *) ArabicShaping::shapingTypeTable, ++ const LEReferenceTo<ClassDefinitionTable> joiningTypes(LETableReference::kStaticData, ++ (const ClassDefinitionTable *) ArabicShaping::shapingTypeTable, + ArabicShaping::shapingTypeTableLen); + le_int32 joiningType = joiningTypes->getGlyphClass(joiningTypes, c, success); + +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/CanonShaping.cpp openjdk/jdk/src/share/native/sun/font/layout/CanonShaping.cpp +--- openjdk/jdk/src/share/native/sun/font/layout/CanonShaping.cpp ++++ openjdk/jdk/src/share/native/sun/font/layout/CanonShaping.cpp +@@ -60,7 +60,7 @@ + LEUnicode *outChars, LEGlyphStorage &glyphStorage) + { + LEErrorCode success = LE_NO_ERROR; +- LEReferenceTo<GlyphDefinitionTableHeader> gdefTable(CanonShaping::glyphDefinitionTable, CanonShaping::glyphDefinitionTableLen); ++ LEReferenceTo<GlyphDefinitionTableHeader> gdefTable(LETableReference::kStaticData, CanonShaping::glyphDefinitionTable, CanonShaping::glyphDefinitionTableLen); + LEReferenceTo<ClassDefinitionTable> classTable = gdefTable->getMarkAttachClassDefinitionTable(gdefTable, success); + le_int32 *combiningClasses = LE_NEW_ARRAY(le_int32, charCount); + le_int32 *indices = LE_NEW_ARRAY(le_int32, charCount); +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/CharSubstitutionFilter.h openjdk/jdk/src/share/native/sun/font/layout/CharSubstitutionFilter.h +--- openjdk/jdk/src/share/native/sun/font/layout/CharSubstitutionFilter.h ++++ openjdk/jdk/src/share/native/sun/font/layout/CharSubstitutionFilter.h +@@ -43,6 +43,8 @@ + * This filter is used by character-based GSUB processors. It + * accepts only those characters which the given font can display. + * ++ * Note: Implementation is in ArabicLayoutEngine.cpp ++ * + * @internal + */ + class CharSubstitutionFilter : public UMemory, public LEGlyphFilter +@@ -97,7 +99,7 @@ + * + * @internal + */ +- le_bool accept(LEGlyphID glyph) const; ++ le_bool accept(LEGlyphID glyph, LEErrorCode &success) const; + }; + + U_NAMESPACE_END +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/ClassDefinitionTables.h openjdk/jdk/src/share/native/sun/font/layout/ClassDefinitionTables.h +--- openjdk/jdk/src/share/native/sun/font/layout/ClassDefinitionTables.h ++++ openjdk/jdk/src/share/native/sun/font/layout/ClassDefinitionTables.h +@@ -49,6 +49,7 @@ + le_int32 getGlyphClass(const LETableReference &base, LEGlyphID glyphID, LEErrorCode &success) const; + le_bool hasGlyphClass(const LETableReference &base, le_int32 glyphClass, LEErrorCode &success) const; + ++#if LE_ENABLE_RAW + le_int32 getGlyphClass(LEGlyphID glyphID) const { + LETableReference base((const le_uint8*)this); + LEErrorCode ignored = LE_NO_ERROR; +@@ -60,6 +61,7 @@ + LEErrorCode ignored = LE_NO_ERROR; + return hasGlyphClass(base,glyphClass,ignored); + } ++#endif + }; + + struct ClassDefFormat1Table : ClassDefinitionTable +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/ContextualSubstSubtables.cpp openjdk/jdk/src/share/native/sun/font/layout/ContextualSubstSubtables.cpp +--- openjdk/jdk/src/share/native/sun/font/layout/ContextualSubstSubtables.cpp ++++ openjdk/jdk/src/share/native/sun/font/layout/ContextualSubstSubtables.cpp +@@ -48,7 +48,7 @@ + */ + void ContextualSubstitutionBase::applySubstitutionLookups( + const LookupProcessor *lookupProcessor, +- const SubstitutionLookupRecord *substLookupRecordArray, ++ const LEReferenceToArrayOf<SubstitutionLookupRecord>& substLookupRecordArray, + le_uint16 substCount, + GlyphIterator *glyphIterator, + const LEFontInstance *fontInstance, +@@ -60,10 +60,11 @@ + } + + GlyphIterator tempIterator(*glyphIterator); ++ const SubstitutionLookupRecord *substLookupRecordArrayPtr = substLookupRecordArray.getAlias(); // OK to dereference, range checked against substCount below. + + for (le_int16 subst = 0; subst < substCount && LE_SUCCESS(success); subst += 1) { +- le_uint16 sequenceIndex = SWAPW(substLookupRecordArray[subst].sequenceIndex); +- le_uint16 lookupListIndex = SWAPW(substLookupRecordArray[subst].lookupListIndex); ++ le_uint16 sequenceIndex = SWAPW(substLookupRecordArrayPtr[subst].sequenceIndex); ++ le_uint16 lookupListIndex = SWAPW(substLookupRecordArrayPtr[subst].lookupListIndex); + + tempIterator.setCurrStreamPosition(position); + tempIterator.next(sequenceIndex); +@@ -72,7 +73,7 @@ + } + } + +-le_bool ContextualSubstitutionBase::matchGlyphIDs(const TTGlyphID *glyphArray, le_uint16 glyphCount, ++le_bool ContextualSubstitutionBase::matchGlyphIDs(const LEReferenceToArrayOf<TTGlyphID>& glyphArray, le_uint16 glyphCount, + GlyphIterator *glyphIterator, le_bool backtrack) + { + le_int32 direction = 1; +@@ -101,9 +102,12 @@ + return TRUE; + } + +-le_bool ContextualSubstitutionBase::matchGlyphClasses(const le_uint16 *classArray, le_uint16 glyphCount, ++le_bool ContextualSubstitutionBase::matchGlyphClasses( ++ const LEReferenceToArrayOf<le_uint16> &classArray, ++ le_uint16 glyphCount, + GlyphIterator *glyphIterator, +- const ClassDefinitionTable *classDefinitionTable, ++ const LEReferenceTo<ClassDefinitionTable> &classDefinitionTable, ++ LEErrorCode &success, + le_bool backtrack) + { + le_int32 direction = 1; +@@ -120,7 +124,7 @@ + } + + LEGlyphID glyph = glyphIterator->getCurrGlyphID(); +- le_int32 glyphClass = classDefinitionTable->getGlyphClass(glyph); ++ le_int32 glyphClass = classDefinitionTable->getGlyphClass(classDefinitionTable, glyph, success); + le_int32 matchClass = SWAPW(classArray[match]); + + if (glyphClass != matchClass) { +@@ -128,7 +132,7 @@ + // in the class array which aren't in the class definition + // table. If we're looking for such a class, pretend that + // we found it. +- if (classDefinitionTable->hasGlyphClass(matchClass)) { ++ if (classDefinitionTable->hasGlyphClass(classDefinitionTable, matchClass, success)) { + return FALSE; + } + } +@@ -140,8 +144,8 @@ + return TRUE; + } + +-le_bool ContextualSubstitutionBase::matchGlyphCoverages(const Offset *coverageTableOffsetArray, le_uint16 glyphCount, +- GlyphIterator *glyphIterator, const char *offsetBase, le_bool backtrack) ++le_bool ContextualSubstitutionBase::matchGlyphCoverages(const LEReferenceToArrayOf<Offset> &coverageTableOffsetArray, le_uint16 glyphCount, ++GlyphIterator *glyphIterator, const LETableReference &offsetBase, LEErrorCode &success, le_bool backtrack) + { + le_int32 direction = 1; + le_int32 glyph = 0; +@@ -153,13 +157,15 @@ + + while (glyphCount > 0) { + Offset coverageTableOffset = SWAPW(coverageTableOffsetArray[glyph]); +- const CoverageTable *coverageTable = (const CoverageTable *) (offsetBase + coverageTableOffset); ++ LEReferenceTo<CoverageTable> coverageTable(offsetBase, success, coverageTableOffset); + +- if (! glyphIterator->next()) { ++ if (LE_FAILURE(success) || ! glyphIterator->next()) { + return FALSE; + } + +- if (coverageTable->getGlyphCoverage((LEGlyphID) glyphIterator->getCurrGlyphID()) < 0) { ++ if (coverageTable->getGlyphCoverage(coverageTable, ++ (LEGlyphID) glyphIterator->getCurrGlyphID(), ++ success) < 0) { + return FALSE; + } + +@@ -170,7 +176,7 @@ + return TRUE; + } + +-le_uint32 ContextualSubstitutionSubtable::process(const LookupProcessor *lookupProcessor, ++le_uint32 ContextualSubstitutionSubtable::process(const LETableReference &base, const LookupProcessor *lookupProcessor, + GlyphIterator *glyphIterator, + const LEFontInstance *fontInstance, + LEErrorCode& success) const +@@ -186,20 +192,29 @@ + + case 1: + { +- const ContextualSubstitutionFormat1Subtable *subtable = (const ContextualSubstitutionFormat1Subtable *) this; +- return subtable->process(lookupProcessor, glyphIterator, fontInstance, success); ++ LEReferenceTo<ContextualSubstitutionFormat1Subtable> subtable(base, success, (const ContextualSubstitutionFormat1Subtable *) this); ++ if( LE_FAILURE(success) ) { ++ return 0; ++ } ++ return subtable->process(subtable, lookupProcessor, glyphIterator, fontInstance, success); + } + + case 2: + { +- const ContextualSubstitutionFormat2Subtable *subtable = (const ContextualSubstitutionFormat2Subtable *) this; +- return subtable->process(lookupProcessor, glyphIterator, fontInstance, success); ++ LEReferenceTo<ContextualSubstitutionFormat2Subtable> subtable(base, success, (const ContextualSubstitutionFormat2Subtable *) this); ++ if( LE_FAILURE(success) ) { ++ return 0; ++ } ++ return subtable->process(subtable, lookupProcessor, glyphIterator, fontInstance, success); + } + + case 3: + { +- const ContextualSubstitutionFormat3Subtable *subtable = (const ContextualSubstitutionFormat3Subtable *) this; +- return subtable->process(lookupProcessor, glyphIterator, fontInstance, success); ++ LEReferenceTo<ContextualSubstitutionFormat3Subtable> subtable(base, success, (const ContextualSubstitutionFormat3Subtable *) this); ++ if( LE_FAILURE(success) ) { ++ return 0; ++ } ++ return subtable->process(subtable, lookupProcessor, glyphIterator, fontInstance, success); + } + + default: +@@ -207,7 +222,7 @@ + } + } + +-le_uint32 ContextualSubstitutionFormat1Subtable::process(const LookupProcessor *lookupProcessor, ++le_uint32 ContextualSubstitutionFormat1Subtable::process(const LETableReference &base, const LookupProcessor *lookupProcessor, + GlyphIterator *glyphIterator, + const LEFontInstance *fontInstance, + LEErrorCode& success) const +@@ -227,22 +242,22 @@ + + if (coverageIndex < srSetCount) { + Offset subRuleSetTableOffset = SWAPW(subRuleSetTableOffsetArray[coverageIndex]); +- const SubRuleSetTable *subRuleSetTable = +- (const SubRuleSetTable *) ((char *) this + subRuleSetTableOffset); ++ LEReferenceTo<SubRuleSetTable> ++ subRuleSetTable(base, success, (const SubRuleSetTable *) ((char *) this + subRuleSetTableOffset)); + le_uint16 subRuleCount = SWAPW(subRuleSetTable->subRuleCount); + le_int32 position = glyphIterator->getCurrStreamPosition(); + + for (le_uint16 subRule = 0; subRule < subRuleCount; subRule += 1) { + Offset subRuleTableOffset = + SWAPW(subRuleSetTable->subRuleTableOffsetArray[subRule]); +- const SubRuleTable *subRuleTable = +- (const SubRuleTable *) ((char *) subRuleSetTable + subRuleTableOffset); ++ LEReferenceTo<SubRuleTable> ++ subRuleTable(subRuleSetTable, success, subRuleTableOffset); + le_uint16 matchCount = SWAPW(subRuleTable->glyphCount) - 1; + le_uint16 substCount = SWAPW(subRuleTable->substCount); +- +- if (matchGlyphIDs(subRuleTable->inputGlyphArray, matchCount, glyphIterator)) { +- const SubstitutionLookupRecord *substLookupRecordArray = +- (const SubstitutionLookupRecord *) &subRuleTable->inputGlyphArray[matchCount]; ++ LEReferenceToArrayOf<TTGlyphID> inputGlyphArray(base, success, subRuleTable->inputGlyphArray, matchCount+2); ++ if (matchGlyphIDs(inputGlyphArray, matchCount, glyphIterator)) { ++ LEReferenceToArrayOf<SubstitutionLookupRecord> ++ substLookupRecordArray(base, success, (const SubstitutionLookupRecord *) &subRuleTable->inputGlyphArray[matchCount], substCount); + + applySubstitutionLookups(lookupProcessor, substLookupRecordArray, substCount, glyphIterator, fontInstance, position, success); + +@@ -259,7 +274,8 @@ + return 0; + } + +-le_uint32 ContextualSubstitutionFormat2Subtable::process(const LookupProcessor *lookupProcessor, ++le_uint32 ContextualSubstitutionFormat2Subtable::process(const LETableReference &base, ++ const LookupProcessor *lookupProcessor, + GlyphIterator *glyphIterator, + const LEFontInstance *fontInstance, + LEErrorCode& success) const +@@ -275,29 +291,33 @@ + } + + if (coverageIndex >= 0) { +- const ClassDefinitionTable *classDefinitionTable = +- (const ClassDefinitionTable *) ((char *) this + SWAPW(classDefTableOffset)); ++ LEReferenceTo<ClassDefinitionTable> classDefinitionTable(base, success, ++ (const ClassDefinitionTable *) ((char *) this + SWAPW(classDefTableOffset))); + le_uint16 scSetCount = SWAPW(subClassSetCount); +- le_int32 setClass = classDefinitionTable->getGlyphClass(glyphIterator->getCurrGlyphID()); ++ le_int32 setClass = classDefinitionTable->getGlyphClass(classDefinitionTable, ++ glyphIterator->getCurrGlyphID(), ++ success); + + if (setClass < scSetCount && subClassSetTableOffsetArray[setClass] != 0) { + Offset subClassSetTableOffset = SWAPW(subClassSetTableOffsetArray[setClass]); +- const SubClassSetTable *subClassSetTable = +- (const SubClassSetTable *) ((char *) this + subClassSetTableOffset); ++ LEReferenceTo<SubClassSetTable> ++ subClassSetTable(base, success, (const SubClassSetTable *) ((char *) this + subClassSetTableOffset)); + le_uint16 subClassRuleCount = SWAPW(subClassSetTable->subClassRuleCount); + le_int32 position = glyphIterator->getCurrStreamPosition(); + + for (le_uint16 scRule = 0; scRule < subClassRuleCount; scRule += 1) { + Offset subClassRuleTableOffset = + SWAPW(subClassSetTable->subClassRuleTableOffsetArray[scRule]); +- const SubClassRuleTable *subClassRuleTable = +- (const SubClassRuleTable *) ((char *) subClassSetTable + subClassRuleTableOffset); ++ LEReferenceTo<SubClassRuleTable> ++ subClassRuleTable(subClassSetTable, success, subClassRuleTableOffset); + le_uint16 matchCount = SWAPW(subClassRuleTable->glyphCount) - 1; + le_uint16 substCount = SWAPW(subClassRuleTable->substCount); + +- if (matchGlyphClasses(subClassRuleTable->classArray, matchCount, glyphIterator, classDefinitionTable)) { +- const SubstitutionLookupRecord *substLookupRecordArray = +- (const SubstitutionLookupRecord *) &subClassRuleTable->classArray[matchCount]; ++ LEReferenceToArrayOf<le_uint16> classArray(base, success, subClassRuleTable->classArray, matchCount+1); ++ ++ if (matchGlyphClasses(classArray, matchCount, glyphIterator, classDefinitionTable, success)) { ++ LEReferenceToArrayOf<SubstitutionLookupRecord> ++ substLookupRecordArray(base, success, (const SubstitutionLookupRecord *) &subClassRuleTable->classArray[matchCount], substCount); + + applySubstitutionLookups(lookupProcessor, substLookupRecordArray, substCount, glyphIterator, fontInstance, position, success); + +@@ -314,7 +334,8 @@ + return 0; + } + +-le_uint32 ContextualSubstitutionFormat3Subtable::process(const LookupProcessor *lookupProcessor, ++le_uint32 ContextualSubstitutionFormat3Subtable::process(const LETableReference &base, ++ const LookupProcessor *lookupProcessor, + GlyphIterator *glyphIterator, + const LEFontInstance *fontInstance, + LEErrorCode& success)const +@@ -333,9 +354,13 @@ + // that matched when we're done. + glyphIterator->prev(); + +- if (ContextualSubstitutionBase::matchGlyphCoverages(coverageTableOffsetArray, gCount, glyphIterator, (const char *) this)) { +- const SubstitutionLookupRecord *substLookupRecordArray = +- (const SubstitutionLookupRecord *) &coverageTableOffsetArray[gCount]; ++ LEReferenceToArrayOf<Offset> covTableOffsetArray(base, success, coverageTableOffsetArray, gCount); ++ ++ if( LE_FAILURE(success) ) { return 0; } ++ ++ if (ContextualSubstitutionBase::matchGlyphCoverages(covTableOffsetArray, gCount, glyphIterator, base, success)) { ++ LEReferenceToArrayOf<SubstitutionLookupRecord> ++ substLookupRecordArray(base, success, (const SubstitutionLookupRecord *) &coverageTableOffsetArray[gCount], subCount); + + ContextualSubstitutionBase::applySubstitutionLookups(lookupProcessor, substLookupRecordArray, subCount, glyphIterator, fontInstance, position, success); + +@@ -347,7 +372,8 @@ + return 0; + } + +-le_uint32 ChainingContextualSubstitutionSubtable::process(const LookupProcessor *lookupProcessor, ++le_uint32 ChainingContextualSubstitutionSubtable::process(const LEReferenceTo<ChainingContextualSubstitutionSubtable> &base, ++ const LookupProcessor *lookupProcessor, + GlyphIterator *glyphIterator, + const LEFontInstance *fontInstance, + LEErrorCode& success) const +@@ -363,20 +389,23 @@ + + case 1: + { +- const ChainingContextualSubstitutionFormat1Subtable *subtable = (const ChainingContextualSubstitutionFormat1Subtable *) this; +- return subtable->process(lookupProcessor, glyphIterator, fontInstance, success); ++ LEReferenceTo<ChainingContextualSubstitutionFormat1Subtable> subtable(base, success, (ChainingContextualSubstitutionFormat1Subtable *) this); ++ if(LE_FAILURE(success)) return 0; ++ return subtable->process(subtable, lookupProcessor, glyphIterator, fontInstance, success); + } + + case 2: + { +- const ChainingContextualSubstitutionFormat2Subtable *subtable = (const ChainingContextualSubstitutionFormat2Subtable *) this; +- return subtable->process(lookupProcessor, glyphIterator, fontInstance, success); ++ LEReferenceTo<ChainingContextualSubstitutionFormat2Subtable> subtable(base, success, (const ChainingContextualSubstitutionFormat2Subtable *) this); ++ if( LE_FAILURE(success) ) { return 0; } ++ return subtable->process(subtable, lookupProcessor, glyphIterator, fontInstance, success); + } + + case 3: + { +- const ChainingContextualSubstitutionFormat3Subtable *subtable = (const ChainingContextualSubstitutionFormat3Subtable *) this; +- return subtable->process(lookupProcessor, glyphIterator, fontInstance, success); ++ LEReferenceTo<ChainingContextualSubstitutionFormat3Subtable> subtable(base, success, (const ChainingContextualSubstitutionFormat3Subtable *) this); ++ if( LE_FAILURE(success) ) { return 0; } ++ return subtable->process(subtable, lookupProcessor, glyphIterator, fontInstance, success); + } + + default: +@@ -390,7 +419,7 @@ + // emptyFeatureList matches an le_uint32 or an le_uint16... + static const FeatureMask emptyFeatureList = 0x00000000UL; + +-le_uint32 ChainingContextualSubstitutionFormat1Subtable::process(const LookupProcessor *lookupProcessor, ++le_uint32 ChainingContextualSubstitutionFormat1Subtable::process(const LETableReference &base, const LookupProcessor *lookupProcessor, + GlyphIterator *glyphIterator, + const LEFontInstance *fontInstance, + LEErrorCode& success) const +@@ -410,8 +439,8 @@ + + if (coverageIndex < srSetCount) { + Offset chainSubRuleSetTableOffset = SWAPW(chainSubRuleSetTableOffsetArray[coverageIndex]); +- const ChainSubRuleSetTable *chainSubRuleSetTable = +- (const ChainSubRuleSetTable *) ((char *) this + chainSubRuleSetTableOffset); ++ LEReferenceTo<ChainSubRuleSetTable> ++ chainSubRuleSetTable(base, success, (const ChainSubRuleSetTable *) ((char *) this + chainSubRuleSetTableOffset)); + le_uint16 chainSubRuleCount = SWAPW(chainSubRuleSetTable->chainSubRuleCount); + le_int32 position = glyphIterator->getCurrStreamPosition(); + GlyphIterator tempIterator(*glyphIterator, emptyFeatureList); +@@ -419,13 +448,19 @@ + for (le_uint16 subRule = 0; subRule < chainSubRuleCount; subRule += 1) { + Offset chainSubRuleTableOffset = + SWAPW(chainSubRuleSetTable->chainSubRuleTableOffsetArray[subRule]); +- const ChainSubRuleTable *chainSubRuleTable = +- (const ChainSubRuleTable *) ((char *) chainSubRuleSetTable + chainSubRuleTableOffset); ++ LEReferenceTo<ChainSubRuleTable> ++ chainSubRuleTable = LEReferenceTo<ChainSubRuleTable>(chainSubRuleSetTable, success, chainSubRuleTableOffset); ++ if( LE_FAILURE(success) ) { return 0; } + le_uint16 backtrackGlyphCount = SWAPW(chainSubRuleTable->backtrackGlyphCount); ++ LEReferenceToArrayOf<TTGlyphID> backtrackGlyphArray(base, success, chainSubRuleTable->backtrackGlyphArray, backtrackGlyphCount); ++ if( LE_FAILURE(success) ) { return 0; } + le_uint16 inputGlyphCount = (le_uint16) SWAPW(chainSubRuleTable->backtrackGlyphArray[backtrackGlyphCount]) - 1; +- const TTGlyphID *inputGlyphArray = &chainSubRuleTable->backtrackGlyphArray[backtrackGlyphCount + 1]; ++ LEReferenceToArrayOf<TTGlyphID> inputGlyphArray(base, success, &chainSubRuleTable->backtrackGlyphArray[backtrackGlyphCount + 1], inputGlyphCount+2); ++ ++ if( LE_FAILURE(success) ) { return 0; } + le_uint16 lookaheadGlyphCount = (le_uint16) SWAPW(inputGlyphArray[inputGlyphCount]); +- const TTGlyphID *lookaheadGlyphArray = &inputGlyphArray[inputGlyphCount + 1]; ++ LEReferenceToArrayOf<TTGlyphID> lookaheadGlyphArray(base, success, inputGlyphArray.getAlias(inputGlyphCount + 1,success), lookaheadGlyphCount+2); ++ if( LE_FAILURE(success) ) { return 0; } + le_uint16 substCount = (le_uint16) SWAPW(lookaheadGlyphArray[lookaheadGlyphCount]); + + tempIterator.setCurrStreamPosition(position); +@@ -435,7 +470,8 @@ + } + + tempIterator.prev(); +- if (! matchGlyphIDs(chainSubRuleTable->backtrackGlyphArray, backtrackGlyphCount, &tempIterator, TRUE)) { ++ ++ if (! matchGlyphIDs(backtrackGlyphArray, backtrackGlyphCount, &tempIterator, TRUE)) { + continue; + } + +@@ -446,8 +482,8 @@ + } + + if (matchGlyphIDs(inputGlyphArray, inputGlyphCount, glyphIterator)) { +- const SubstitutionLookupRecord *substLookupRecordArray = +- (const SubstitutionLookupRecord *) &lookaheadGlyphArray[lookaheadGlyphCount + 1]; ++ LEReferenceToArrayOf<SubstitutionLookupRecord> ++ substLookupRecordArray(base, success, (const SubstitutionLookupRecord *) lookaheadGlyphArray.getAlias(lookaheadGlyphCount + 1,success), substCount); + + applySubstitutionLookups(lookupProcessor, substLookupRecordArray, substCount, glyphIterator, fontInstance, position, success); + +@@ -464,7 +500,7 @@ + return 0; + } + +-le_uint32 ChainingContextualSubstitutionFormat2Subtable::process(const LookupProcessor *lookupProcessor, ++le_uint32 ChainingContextualSubstitutionFormat2Subtable::process(const LETableReference &base, const LookupProcessor *lookupProcessor, + GlyphIterator *glyphIterator, + const LEFontInstance *fontInstance, + LEErrorCode& success) const +@@ -480,19 +516,21 @@ + } + + if (coverageIndex >= 0) { +- const ClassDefinitionTable *backtrackClassDefinitionTable = +- (const ClassDefinitionTable *) ((char *) this + SWAPW(backtrackClassDefTableOffset)); +- const ClassDefinitionTable *inputClassDefinitionTable = +- (const ClassDefinitionTable *) ((char *) this + SWAPW(inputClassDefTableOffset)); +- const ClassDefinitionTable *lookaheadClassDefinitionTable = +- (const ClassDefinitionTable *) ((char *) this + SWAPW(lookaheadClassDefTableOffset)); ++ LEReferenceTo<ClassDefinitionTable> ++ backtrackClassDefinitionTable(base, success, (const ClassDefinitionTable *) ((char *) this + SWAPW(backtrackClassDefTableOffset))); ++ LEReferenceTo<ClassDefinitionTable> ++ inputClassDefinitionTable(base, success, (const ClassDefinitionTable *) ((char *) this + SWAPW(inputClassDefTableOffset))); ++ LEReferenceTo<ClassDefinitionTable> ++ lookaheadClassDefinitionTable(base, success, (const ClassDefinitionTable *) ((char *) this + SWAPW(lookaheadClassDefTableOffset))); + le_uint16 scSetCount = SWAPW(chainSubClassSetCount); +- le_int32 setClass = inputClassDefinitionTable->getGlyphClass(glyphIterator->getCurrGlyphID()); ++ le_int32 setClass = inputClassDefinitionTable->getGlyphClass(inputClassDefinitionTable, ++ glyphIterator->getCurrGlyphID(), ++ success); + + if (setClass < scSetCount && chainSubClassSetTableOffsetArray[setClass] != 0) { + Offset chainSubClassSetTableOffset = SWAPW(chainSubClassSetTableOffsetArray[setClass]); +- const ChainSubClassSetTable *chainSubClassSetTable = +- (const ChainSubClassSetTable *) ((char *) this + chainSubClassSetTableOffset); ++ LEReferenceTo<ChainSubClassSetTable> ++ chainSubClassSetTable(base, success, (const ChainSubClassSetTable *) ((char *) this + chainSubClassSetTableOffset)); + le_uint16 chainSubClassRuleCount = SWAPW(chainSubClassSetTable->chainSubClassRuleCount); + le_int32 position = glyphIterator->getCurrStreamPosition(); + GlyphIterator tempIterator(*glyphIterator, emptyFeatureList); +@@ -500,13 +538,15 @@ + for (le_uint16 scRule = 0; scRule < chainSubClassRuleCount; scRule += 1) { + Offset chainSubClassRuleTableOffset = + SWAPW(chainSubClassSetTable->chainSubClassRuleTableOffsetArray[scRule]); +- const ChainSubClassRuleTable *chainSubClassRuleTable = +- (const ChainSubClassRuleTable *) ((char *) chainSubClassSetTable + chainSubClassRuleTableOffset); ++ LEReferenceTo<ChainSubClassRuleTable> ++ chainSubClassRuleTable(chainSubClassSetTable, success, chainSubClassRuleTableOffset); + le_uint16 backtrackGlyphCount = SWAPW(chainSubClassRuleTable->backtrackGlyphCount); + le_uint16 inputGlyphCount = SWAPW(chainSubClassRuleTable->backtrackClassArray[backtrackGlyphCount]) - 1; +- const le_uint16 *inputClassArray = &chainSubClassRuleTable->backtrackClassArray[backtrackGlyphCount + 1]; +- le_uint16 lookaheadGlyphCount = SWAPW(inputClassArray[inputGlyphCount]); +- const le_uint16 *lookaheadClassArray = &inputClassArray[inputGlyphCount + 1]; ++ LEReferenceToArrayOf<le_uint16> inputClassArray(base, success, &chainSubClassRuleTable->backtrackClassArray[backtrackGlyphCount + 1],inputGlyphCount+2); // +2 for the lookaheadGlyphCount count ++ le_uint16 lookaheadGlyphCount = SWAPW(inputClassArray.getObject(inputGlyphCount, success)); ++ LEReferenceToArrayOf<le_uint16> lookaheadClassArray(base, success, inputClassArray.getAlias(inputGlyphCount + 1,success), lookaheadGlyphCount+2); // +2 for the substCount ++ ++ if( LE_FAILURE(success) ) { return 0; } + le_uint16 substCount = SWAPW(lookaheadClassArray[lookaheadGlyphCount]); + + +@@ -517,20 +557,22 @@ + } + + tempIterator.prev(); +- if (! matchGlyphClasses(chainSubClassRuleTable->backtrackClassArray, backtrackGlyphCount, +- &tempIterator, backtrackClassDefinitionTable, TRUE)) { ++ LEReferenceToArrayOf<le_uint16> backtrackClassArray(base, success, chainSubClassRuleTable->backtrackClassArray, backtrackGlyphCount); ++ if( LE_FAILURE(success) ) { return 0; } ++ if (! matchGlyphClasses(backtrackClassArray, backtrackGlyphCount, ++ &tempIterator, backtrackClassDefinitionTable, success, TRUE)) { + continue; + } + + tempIterator.setCurrStreamPosition(position); + tempIterator.next(inputGlyphCount); +- if (! matchGlyphClasses(lookaheadClassArray, lookaheadGlyphCount, &tempIterator, lookaheadClassDefinitionTable)) { ++ if (! matchGlyphClasses(lookaheadClassArray, lookaheadGlyphCount, &tempIterator, lookaheadClassDefinitionTable, success)) { + continue; + } + +- if (matchGlyphClasses(inputClassArray, inputGlyphCount, glyphIterator, inputClassDefinitionTable)) { +- const SubstitutionLookupRecord *substLookupRecordArray = +- (const SubstitutionLookupRecord *) &lookaheadClassArray[lookaheadGlyphCount + 1]; ++ if (matchGlyphClasses(inputClassArray, inputGlyphCount, glyphIterator, inputClassDefinitionTable, success)) { ++ LEReferenceToArrayOf<SubstitutionLookupRecord> ++ substLookupRecordArray(base, success, (const SubstitutionLookupRecord *) lookaheadClassArray.getAlias(lookaheadGlyphCount + 1, success), substCount); + + applySubstitutionLookups(lookupProcessor, substLookupRecordArray, substCount, glyphIterator, fontInstance, position, success); + +@@ -547,7 +589,7 @@ + return 0; + } + +-le_uint32 ChainingContextualSubstitutionFormat3Subtable::process(const LookupProcessor *lookupProcessor, ++le_uint32 ChainingContextualSubstitutionFormat3Subtable::process(const LETableReference &base, const LookupProcessor *lookupProcessor, + GlyphIterator *glyphIterator, + const LEFontInstance *fontInstance, + LEErrorCode & success) const +@@ -558,9 +600,13 @@ + + le_uint16 backtrkGlyphCount = SWAPW(backtrackGlyphCount); + le_uint16 inputGlyphCount = (le_uint16) SWAPW(backtrackCoverageTableOffsetArray[backtrkGlyphCount]); +- const Offset *inputCoverageTableOffsetArray = &backtrackCoverageTableOffsetArray[backtrkGlyphCount + 1]; ++ LEReferenceToArrayOf<Offset> inputCoverageTableOffsetArray(base, success, &backtrackCoverageTableOffsetArray[backtrkGlyphCount + 1], inputGlyphCount+2); // offset + const le_uint16 lookaheadGlyphCount = (le_uint16) SWAPW(inputCoverageTableOffsetArray[inputGlyphCount]); +- const Offset *lookaheadCoverageTableOffsetArray = &inputCoverageTableOffsetArray[inputGlyphCount + 1]; ++ ++ if( LE_FAILURE(success) ) { return 0; } ++ LEReferenceToArrayOf<Offset> lookaheadCoverageTableOffsetArray(base, success, inputCoverageTableOffsetArray.getAlias(inputGlyphCount + 1, success), lookaheadGlyphCount+2); ++ ++ if( LE_FAILURE(success) ) { return 0; } + le_uint16 substCount = (le_uint16) SWAPW(lookaheadCoverageTableOffsetArray[lookaheadGlyphCount]); + le_int32 position = glyphIterator->getCurrStreamPosition(); + GlyphIterator tempIterator(*glyphIterator, emptyFeatureList); +@@ -571,14 +617,14 @@ + + tempIterator.prev(); + if (! ContextualSubstitutionBase::matchGlyphCoverages(backtrackCoverageTableOffsetArray, +- backtrkGlyphCount, &tempIterator, (const char *) this, TRUE)) { ++ backtrkGlyphCount, &tempIterator, base, success, TRUE)) { + return 0; + } + + tempIterator.setCurrStreamPosition(position); + tempIterator.next(inputGlyphCount - 1); + if (! ContextualSubstitutionBase::matchGlyphCoverages(lookaheadCoverageTableOffsetArray, +- lookaheadGlyphCount, &tempIterator, (const char *) this)) { ++ lookaheadGlyphCount, &tempIterator, base, success)) { + return 0; + } + +@@ -589,9 +635,10 @@ + glyphIterator->prev(); + + if (ContextualSubstitutionBase::matchGlyphCoverages(inputCoverageTableOffsetArray, +- inputGlyphCount, glyphIterator, (const char *) this)) { +- const SubstitutionLookupRecord *substLookupRecordArray = +- (const SubstitutionLookupRecord *) &lookaheadCoverageTableOffsetArray[lookaheadGlyphCount + 1]; ++ inputGlyphCount, glyphIterator, base, success)) { ++ LEReferenceToArrayOf<SubstitutionLookupRecord> ++ substLookupRecordArray(base, success, ++ (const SubstitutionLookupRecord *) lookaheadCoverageTableOffsetArray.getAlias(lookaheadGlyphCount + 1,success), substCount); + + ContextualSubstitutionBase::applySubstitutionLookups(lookupProcessor, substLookupRecordArray, substCount, glyphIterator, fontInstance, position, success); + +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/ContextualSubstSubtables.h openjdk/jdk/src/share/native/sun/font/layout/ContextualSubstSubtables.h +--- openjdk/jdk/src/share/native/sun/font/layout/ContextualSubstSubtables.h ++++ openjdk/jdk/src/share/native/sun/font/layout/ContextualSubstSubtables.h +@@ -56,20 +56,32 @@ + struct ContextualSubstitutionBase : GlyphSubstitutionSubtable + { + static le_bool matchGlyphIDs( +- const TTGlyphID *glyphArray, le_uint16 glyphCount, GlyphIterator *glyphIterator, ++ const LEReferenceToArrayOf<TTGlyphID> &glyphArray, le_uint16 glyphCount, GlyphIterator *glyphIterator, + le_bool backtrack = FALSE); + + static le_bool matchGlyphClasses( +- const le_uint16 *classArray, le_uint16 glyphCount, GlyphIterator *glyphIterator, +- const ClassDefinitionTable *classDefinitionTable, le_bool backtrack = FALSE); ++ const LEReferenceToArrayOf<le_uint16> &classArray, le_uint16 glyphCount, GlyphIterator *glyphIterator, ++ const LEReferenceTo<ClassDefinitionTable> &classDefinitionTable, LEErrorCode &success, le_bool backtrack = FALSE); + + static le_bool matchGlyphCoverages( ++ const LEReferenceToArrayOf<Offset> &coverageTableOffsetArray, le_uint16 glyphCount, ++ GlyphIterator *glyphIterator, const LETableReference& offsetBase, LEErrorCode &success, le_bool backtrack = FALSE); ++ ++ /** ++ * little shim to wrap the Offset array in range checking ++ * @private ++ */ ++ static le_bool matchGlyphCoverages( + const Offset *coverageTableOffsetArray, le_uint16 glyphCount, +- GlyphIterator *glyphIterator, const char *offsetBase, le_bool backtrack = FALSE); ++ GlyphIterator *glyphIterator, const LETableReference& offsetBase, LEErrorCode &success, le_bool backtrack = FALSE) { ++ LEReferenceToArrayOf<Offset> ref(offsetBase, success, coverageTableOffsetArray, glyphCount); ++ if( LE_FAILURE(success) ) { return FALSE; } ++ return matchGlyphCoverages(ref, glyphCount, glyphIterator, offsetBase, success, backtrack); ++ } + + static void applySubstitutionLookups( + const LookupProcessor *lookupProcessor, +- const SubstitutionLookupRecord *substLookupRecordArray, ++ const LEReferenceToArrayOf<SubstitutionLookupRecord>& substLookupRecordArray, + le_uint16 substCount, + GlyphIterator *glyphIterator, + const LEFontInstance *fontInstance, +@@ -79,7 +91,8 @@ + + struct ContextualSubstitutionSubtable : ContextualSubstitutionBase + { +- le_uint32 process(const LookupProcessor *lookupProcessor, GlyphIterator *glyphIterator, const LEFontInstance *fontInstance, LEErrorCode& success) const; ++ le_uint32 process(const LETableReference &base, const LookupProcessor *lookupProcessor, ++ GlyphIterator *glyphIterator, const LEFontInstance *fontInstance, LEErrorCode& success) const; + }; + + struct ContextualSubstitutionFormat1Subtable : ContextualSubstitutionSubtable +@@ -87,7 +100,8 @@ + le_uint16 subRuleSetCount; + Offset subRuleSetTableOffsetArray[ANY_NUMBER]; + +- le_uint32 process(const LookupProcessor *lookupProcessor, GlyphIterator *glyphIterator, const LEFontInstance *fontInstance, LEErrorCode& success) const; ++ le_uint32 process(const LETableReference &base, const LookupProcessor *lookupProcessor, GlyphIterator *glyphIterator, ++ const LEFontInstance *fontInstance, LEErrorCode& success) const; + }; + LE_VAR_ARRAY(ContextualSubstitutionFormat1Subtable, subRuleSetTableOffsetArray) + +@@ -116,7 +130,7 @@ + le_uint16 subClassSetCount; + Offset subClassSetTableOffsetArray[ANY_NUMBER]; + +- le_uint32 process(const LookupProcessor *lookupProcessor, GlyphIterator *glyphIterator, const LEFontInstance *fontInstance, LEErrorCode& success) const; ++ le_uint32 process(const LETableReference &base, const LookupProcessor *lookupProcessor, GlyphIterator *glyphIterator, const LEFontInstance *fontInstance, LEErrorCode& success) const; + }; + LE_VAR_ARRAY(ContextualSubstitutionFormat2Subtable, subClassSetTableOffsetArray) + +@@ -152,13 +166,15 @@ + Offset coverageTableOffsetArray[ANY_NUMBER]; + //SubstitutionLookupRecord substLookupRecord[ANY_NUMBER]; + +- le_uint32 process(const LookupProcessor *lookupProcessor, GlyphIterator *glyphIterator, const LEFontInstance *fontInstance, LEErrorCode& success) const; ++ le_uint32 process(const LETableReference &base, const LookupProcessor *lookupProcessor, GlyphIterator *glyphIterator, ++ const LEFontInstance *fontInstance, LEErrorCode& success) const; + }; + LE_VAR_ARRAY(ContextualSubstitutionFormat3Subtable, coverageTableOffsetArray) + + struct ChainingContextualSubstitutionSubtable : ContextualSubstitutionBase + { +- le_uint32 process(const LookupProcessor *lookupProcessor, GlyphIterator *glyphIterator, const LEFontInstance *fontInstance, LEErrorCode& success) const; ++ le_uint32 process(const LEReferenceTo<ChainingContextualSubstitutionSubtable> &base, const LookupProcessor *lookupProcessor, GlyphIterator *glyphIterator, ++ const LEFontInstance *fontInstance, LEErrorCode& success) const; + }; + + struct ChainingContextualSubstitutionFormat1Subtable : ChainingContextualSubstitutionSubtable +@@ -166,7 +182,8 @@ + le_uint16 chainSubRuleSetCount; + Offset chainSubRuleSetTableOffsetArray[ANY_NUMBER]; + +- le_uint32 process(const LookupProcessor *lookupProcessor, GlyphIterator *glyphIterator, const LEFontInstance *fontInstance, LEErrorCode& success) const; ++ le_uint32 process(const LETableReference &base, const LookupProcessor *lookupProcessor, GlyphIterator *glyphIterator, ++ const LEFontInstance *fontInstance, LEErrorCode& success) const; + }; + LE_VAR_ARRAY(ChainingContextualSubstitutionFormat1Subtable, chainSubRuleSetTableOffsetArray) + +@@ -201,7 +218,8 @@ + le_uint16 chainSubClassSetCount; + Offset chainSubClassSetTableOffsetArray[ANY_NUMBER]; + +- le_uint32 process(const LookupProcessor *lookupProcessor, GlyphIterator *glyphIterator, const LEFontInstance *fontInstance, LEErrorCode& success) const; ++ le_uint32 process(const LETableReference &base, const LookupProcessor *lookupProcessor, GlyphIterator *glyphIterator, ++ const LEFontInstance *fontInstance, LEErrorCode& success) const; + }; + LE_VAR_ARRAY(ChainingContextualSubstitutionFormat2Subtable, chainSubClassSetTableOffsetArray) + +@@ -243,7 +261,8 @@ + //le_uint16 substCount; + //SubstitutionLookupRecord substLookupRecord[ANY_NUMBER]; + +- le_uint32 process(const LookupProcessor *lookupProcessor, GlyphIterator *glyphIterator, const LEFontInstance *fontInstance, LEErrorCode& success) const; ++ le_uint32 process(const LETableReference &base, const LookupProcessor *lookupProcessor, ++ GlyphIterator *glyphIterator, const LEFontInstance *fontInstance, LEErrorCode& success) const; + }; + LE_VAR_ARRAY(ChainingContextualSubstitutionFormat3Subtable, backtrackCoverageTableOffsetArray) + +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/CoverageTables.cpp openjdk/jdk/src/share/native/sun/font/layout/CoverageTables.cpp +--- openjdk/jdk/src/share/native/sun/font/layout/CoverageTables.cpp ++++ openjdk/jdk/src/share/native/sun/font/layout/CoverageTables.cpp +@@ -37,8 +37,10 @@ + + U_NAMESPACE_BEGIN + +-le_int32 CoverageTable::getGlyphCoverage(LEGlyphID glyphID) const ++le_int32 CoverageTable::getGlyphCoverage(const LETableReference &base, LEGlyphID glyphID, LEErrorCode &success) const + { ++ if(LE_FAILURE(success)) return -1; ++ + switch(SWAPW(coverageFormat)) + { + case 0: +@@ -46,16 +48,16 @@ + + case 1: + { +- const CoverageFormat1Table *f1Table = (const CoverageFormat1Table *) this; ++ LEReferenceTo<CoverageFormat1Table> f1Table(base, success); + +- return f1Table->getGlyphCoverage(glyphID); ++ return f1Table->getGlyphCoverage(f1Table, glyphID, success); + } + + case 2: + { +- const CoverageFormat2Table *f2Table = (const CoverageFormat2Table *) this; ++ LEReferenceTo<CoverageFormat2Table> f2Table(base, success); + +- return f2Table->getGlyphCoverage(glyphID); ++ return f2Table->getGlyphCoverage(f2Table, glyphID, success); + } + + default: +@@ -63,8 +65,10 @@ + } + } + +-le_int32 CoverageFormat1Table::getGlyphCoverage(LEGlyphID glyphID) const ++le_int32 CoverageFormat1Table::getGlyphCoverage(LEReferenceTo<CoverageFormat1Table> &base, LEGlyphID glyphID, LEErrorCode &success) const + { ++ if(LE_FAILURE(success)) return -1; ++ + TTGlyphID ttGlyphID = (TTGlyphID) LE_GET_GLYPH(glyphID); + le_uint16 count = SWAPW(glyphCount); + le_uint8 bit = OpenTypeUtilities::highBit(count); +@@ -77,6 +81,10 @@ + return -1; + } + ++ LEReferenceToArrayOf<TTGlyphID>(base, success, glyphArray, count); ++ if(LE_FAILURE(success)) return -1; // range checks array ++ ++ + if (SWAPW(glyphArray[extra]) <= ttGlyphID) { + index = extra; + } +@@ -96,14 +104,18 @@ + return -1; + } + +-le_int32 CoverageFormat2Table::getGlyphCoverage(LEGlyphID glyphID) const ++le_int32 CoverageFormat2Table::getGlyphCoverage(LEReferenceTo<CoverageFormat2Table> &base, LEGlyphID glyphID, LEErrorCode &success) const + { ++ if(LE_FAILURE(success)) return -1; ++ + TTGlyphID ttGlyphID = (TTGlyphID) LE_GET_GLYPH(glyphID); + le_uint16 count = SWAPW(rangeCount); ++ ++ LEReferenceToArrayOf<GlyphRangeRecord> rangeRecordArrayRef(base, success, rangeRecordArray, count); + le_int32 rangeIndex = +- OpenTypeUtilities::getGlyphRangeIndex(ttGlyphID, rangeRecordArray, count); ++ OpenTypeUtilities::getGlyphRangeIndex(ttGlyphID, rangeRecordArrayRef, success); + +- if (rangeIndex < 0) { ++ if (rangeIndex < 0 || LE_FAILURE(success)) { // could fail if array out of bounds + return -1; + } + +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/CoverageTables.h openjdk/jdk/src/share/native/sun/font/layout/CoverageTables.h +--- openjdk/jdk/src/share/native/sun/font/layout/CoverageTables.h ++++ openjdk/jdk/src/share/native/sun/font/layout/CoverageTables.h +@@ -46,7 +46,7 @@ + { + le_uint16 coverageFormat; + +- le_int32 getGlyphCoverage(LEGlyphID glyphID) const; ++ le_int32 getGlyphCoverage(const LETableReference &base, LEGlyphID glyphID, LEErrorCode &success) const; + }; + + struct CoverageFormat1Table : CoverageTable +@@ -54,7 +54,7 @@ + le_uint16 glyphCount; + TTGlyphID glyphArray[ANY_NUMBER]; + +- le_int32 getGlyphCoverage(LEGlyphID glyphID) const; ++ le_int32 getGlyphCoverage(LEReferenceTo<CoverageFormat1Table> &base, LEGlyphID glyphID, LEErrorCode &success) const; + }; + LE_VAR_ARRAY(CoverageFormat1Table, glyphArray) + +@@ -64,7 +64,7 @@ + le_uint16 rangeCount; + GlyphRangeRecord rangeRecordArray[ANY_NUMBER]; + +- le_int32 getGlyphCoverage(LEGlyphID glyphID) const; ++ le_int32 getGlyphCoverage(LEReferenceTo<CoverageFormat2Table> &base, LEGlyphID glyphID, LEErrorCode &success) const; + }; + LE_VAR_ARRAY(CoverageFormat2Table, rangeRecordArray) + +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/CursiveAttachmentSubtables.cpp openjdk/jdk/src/share/native/sun/font/layout/CursiveAttachmentSubtables.cpp +--- openjdk/jdk/src/share/native/sun/font/layout/CursiveAttachmentSubtables.cpp ++++ openjdk/jdk/src/share/native/sun/font/layout/CursiveAttachmentSubtables.cpp +@@ -51,23 +51,27 @@ + } + + LEPoint entryAnchor, exitAnchor; +- Offset entryOffset = SWAPW(entryExitRecords[coverageIndex].entryAnchor); // TODO ++ Offset entryOffset = SWAPW(entryExitRecords[coverageIndex].entryAnchor); + Offset exitOffset = SWAPW(entryExitRecords[coverageIndex].exitAnchor); + + if (entryOffset != 0) { +- const AnchorTable *entryAnchorTable = (const AnchorTable *) ((char *) this + entryOffset); ++ LEReferenceTo<AnchorTable> entryAnchorTable(base, success, entryOffset); + +- entryAnchorTable->getAnchor(glyphID, fontInstance, entryAnchor); ++ if( LE_SUCCESS(success) ) { ++ entryAnchorTable->getAnchor(entryAnchorTable, glyphID, fontInstance, entryAnchor, success); + glyphIterator->setCursiveEntryPoint(entryAnchor); ++ } + } else { + //glyphIterator->clearCursiveEntryPoint(); + } + + if (exitOffset != 0) { +- const AnchorTable *exitAnchorTable = (const AnchorTable *) ((char *) this + exitOffset); ++ LEReferenceTo<AnchorTable> exitAnchorTable(base, success, exitOffset); + +- exitAnchorTable->getAnchor(glyphID, fontInstance, exitAnchor); ++ if( LE_SUCCESS(success) ) { ++ exitAnchorTable->getAnchor(exitAnchorTable, glyphID, fontInstance, exitAnchor, success); + glyphIterator->setCursiveExitPoint(exitAnchor); ++ } + } else { + //glyphIterator->clearCursiveExitPoint(); + } +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/DeviceTables.cpp openjdk/jdk/src/share/native/sun/font/layout/DeviceTables.cpp +--- openjdk/jdk/src/share/native/sun/font/layout/DeviceTables.cpp ++++ openjdk/jdk/src/share/native/sun/font/layout/DeviceTables.cpp +@@ -43,7 +43,7 @@ + + #define FORMAT_COUNT LE_ARRAY_SIZE(fieldBits) + +-le_int16 DeviceTable::getAdjustment(le_uint16 ppem) const ++le_int16 DeviceTable::getAdjustment(const LEReferenceTo<DeviceTable>&base, le_uint16 ppem, LEErrorCode &success) const + { + le_uint16 start = SWAPW(startSize); + le_uint16 format = SWAPW(deltaFormat) - 1; +@@ -53,6 +53,13 @@ + le_uint16 sizeIndex = ppem - start; + le_uint16 bits = fieldBits[format]; + le_uint16 count = 16 / bits; ++ ++ LEReferenceToArrayOf<le_uint16> deltaValuesRef(base, success, deltaValues, (sizeIndex / count)); ++ ++ if(LE_FAILURE(success)) { ++ return result; ++ } ++ + le_uint16 word = SWAPW(deltaValues[sizeIndex / count]); + le_uint16 fieldIndex = sizeIndex % count; + le_uint16 shift = 16 - (bits * (fieldIndex + 1)); +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/DeviceTables.h openjdk/jdk/src/share/native/sun/font/layout/DeviceTables.h +--- openjdk/jdk/src/share/native/sun/font/layout/DeviceTables.h ++++ openjdk/jdk/src/share/native/sun/font/layout/DeviceTables.h +@@ -50,7 +50,7 @@ + le_uint16 deltaFormat; + le_uint16 deltaValues[ANY_NUMBER]; + +- le_int16 getAdjustment(le_uint16 ppem) const; ++ le_int16 getAdjustment(const LEReferenceTo<DeviceTable> &base, le_uint16 ppem, LEErrorCode &success) const; + + private: + static const le_uint16 fieldMasks[]; +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/ExtensionSubtables.cpp openjdk/jdk/src/share/native/sun/font/layout/ExtensionSubtables.cpp +--- openjdk/jdk/src/share/native/sun/font/layout/ExtensionSubtables.cpp ++++ openjdk/jdk/src/share/native/sun/font/layout/ExtensionSubtables.cpp +@@ -48,7 +48,6 @@ + const LookupProcessor *lookupProcessor, le_uint16 lookupType, + GlyphIterator *glyphIterator, const LEFontInstance *fontInstance, LEErrorCode& success) const + { +- + if (LE_FAILURE(success)) { + return 0; + } +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/ExtensionSubtables.h openjdk/jdk/src/share/native/sun/font/layout/ExtensionSubtables.h +--- openjdk/jdk/src/share/native/sun/font/layout/ExtensionSubtables.h ++++ openjdk/jdk/src/share/native/sun/font/layout/ExtensionSubtables.h +@@ -52,8 +52,7 @@ + le_uint16 extensionLookupType; + le_uint32 extensionOffset; + +- le_uint32 process(const LEReferenceTo<ExtensionSubtable> &extRef, +- const LookupProcessor *lookupProcessor, le_uint16 lookupType, ++ le_uint32 process(const LEReferenceTo<ExtensionSubtable> &base, const LookupProcessor *lookupProcessor, le_uint16 lookupType, + GlyphIterator *glyphIterator, const LEFontInstance *fontInstance, LEErrorCode& success) const; + }; + +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/GDEFMarkFilter.cpp openjdk/jdk/src/share/native/sun/font/layout/GDEFMarkFilter.cpp +--- openjdk/jdk/src/share/native/sun/font/layout/GDEFMarkFilter.cpp ++++ openjdk/jdk/src/share/native/sun/font/layout/GDEFMarkFilter.cpp +@@ -49,9 +49,9 @@ + // nothing to do? + } + +-le_bool GDEFMarkFilter::accept(LEGlyphID glyph) const ++le_bool GDEFMarkFilter::accept(LEGlyphID glyph, LEErrorCode &success) const + { +- le_int32 glyphClass = classDefTable->getGlyphClass(glyph); ++ le_int32 glyphClass = classDefTable->getGlyphClass(classDefTable, glyph, success); + + return glyphClass == gcdMarkGlyph; + } +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/GDEFMarkFilter.h openjdk/jdk/src/share/native/sun/font/layout/GDEFMarkFilter.h +--- openjdk/jdk/src/share/native/sun/font/layout/GDEFMarkFilter.h ++++ openjdk/jdk/src/share/native/sun/font/layout/GDEFMarkFilter.h +@@ -55,7 +55,7 @@ + GDEFMarkFilter(const LEReferenceTo<GlyphDefinitionTableHeader> &gdefTable, LEErrorCode &success); + virtual ~GDEFMarkFilter(); + +- virtual le_bool accept(LEGlyphID glyph) const; ++ virtual le_bool accept(LEGlyphID glyph, LEErrorCode &success) const; + }; + + U_NAMESPACE_END +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/GlyphIterator.cpp openjdk/jdk/src/share/native/sun/font/layout/GlyphIterator.cpp +--- openjdk/jdk/src/share/native/sun/font/layout/GlyphIterator.cpp ++++ openjdk/jdk/src/share/native/sun/font/layout/GlyphIterator.cpp +@@ -41,14 +41,13 @@ + U_NAMESPACE_BEGIN + + GlyphIterator::GlyphIterator(LEGlyphStorage &theGlyphStorage, GlyphPositionAdjustments *theGlyphPositionAdjustments, le_bool rightToLeft, le_uint16 theLookupFlags, +- FeatureMask theFeatureMask, const LEReferenceTo<GlyphDefinitionTableHeader> &theGlyphDefinitionTableHeader) ++ FeatureMask theFeatureMask, const LEReferenceTo<GlyphDefinitionTableHeader> &theGlyphDefinitionTableHeader, LEErrorCode &success) + : direction(1), position(-1), nextLimit(-1), prevLimit(-1), + glyphStorage(theGlyphStorage), glyphPositionAdjustments(theGlyphPositionAdjustments), + srcIndex(-1), destIndex(-1), lookupFlags(theLookupFlags), featureMask(theFeatureMask), glyphGroup(0), + glyphClassDefinitionTable(), markAttachClassDefinitionTable() + + { +- LEErrorCode success = LE_NO_ERROR; // TODO + le_int32 glyphCount = glyphStorage.getGlyphCount(); + + if (theGlyphDefinitionTableHeader.isValid()) { +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/GlyphIterator.h openjdk/jdk/src/share/native/sun/font/layout/GlyphIterator.h +--- openjdk/jdk/src/share/native/sun/font/layout/GlyphIterator.h ++++ openjdk/jdk/src/share/native/sun/font/layout/GlyphIterator.h +@@ -49,7 +49,7 @@ + class GlyphIterator : public UMemory { + public: + GlyphIterator(LEGlyphStorage &theGlyphStorage, GlyphPositionAdjustments *theGlyphPositionAdjustments, le_bool rightToLeft, le_uint16 theLookupFlags, +- FeatureMask theFeatureMask, const LEReferenceTo<GlyphDefinitionTableHeader> &theGlyphDefinitionTableHeader); ++ FeatureMask theFeatureMask, const LEReferenceTo<GlyphDefinitionTableHeader> &theGlyphDefinitionTableHeader, LEErrorCode &success); + + GlyphIterator(GlyphIterator &that); + +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/GlyphPosnLookupProc.cpp openjdk/jdk/src/share/native/sun/font/layout/GlyphPosnLookupProc.cpp +--- openjdk/jdk/src/share/native/sun/font/layout/GlyphPosnLookupProc.cpp ++++ openjdk/jdk/src/share/native/sun/font/layout/GlyphPosnLookupProc.cpp +@@ -95,6 +95,8 @@ + + le_uint32 delta = 0; + ++ //_LETRACE("attempting lookupType #%d", lookupType); ++ + switch(lookupType) + { + case 0: +@@ -152,21 +154,21 @@ + { + LEReferenceTo<ContextualPositioningSubtable> subtable(lookupSubtable, success); + +- delta = subtable->process(this, glyphIterator, fontInstance, success); ++ delta = subtable->process(subtable, this , glyphIterator, fontInstance, success); + break; + } + + case gpstChainedContext: + { +- LEReferenceTo<ChainingContextualPositioningSubtable> subtable(lookupSubtable, success); ++ const LEReferenceTo<ChainingContextualPositioningSubtable> subtable(lookupSubtable, success); + +- delta = subtable->process(this, glyphIterator, fontInstance, success); ++ delta = subtable->process(subtable, this, glyphIterator, fontInstance, success); + break; + } + + case gpstExtension: + { +- LEReferenceTo<ExtensionSubtable> subtable(lookupSubtable, success); ++ const LEReferenceTo<ExtensionSubtable> subtable(lookupSubtable, success); + + delta = subtable->process(subtable, this, lookupType, glyphIterator, fontInstance, success); + break; +@@ -176,6 +178,12 @@ + break; + } + ++#if LE_TRACE ++ if(delta != 0) { ++ _LETRACE("GlyphPositioningLookupProcessor applied #%d -> delta %d @ %d", lookupType, delta, glyphIterator->getCurrStreamPosition()); ++ } ++#endif ++ + return delta; + } + +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/GlyphSubstLookupProc.cpp openjdk/jdk/src/share/native/sun/font/layout/GlyphSubstLookupProc.cpp +--- openjdk/jdk/src/share/native/sun/font/layout/GlyphSubstLookupProc.cpp ++++ openjdk/jdk/src/share/native/sun/font/layout/GlyphSubstLookupProc.cpp +@@ -123,7 +123,7 @@ + { + const LEReferenceTo<ContextualSubstitutionSubtable> subtable(lookupSubtable, success); + +- delta = subtable->process(this, glyphIterator, fontInstance, success); ++ delta = subtable->process(subtable, this, glyphIterator, fontInstance, success); + break; + } + +@@ -131,7 +131,7 @@ + { + const LEReferenceTo<ChainingContextualSubstitutionSubtable> subtable(lookupSubtable, success); + +- delta = subtable->process(this, glyphIterator, fontInstance, success); ++ delta = subtable->process(subtable, this, glyphIterator, fontInstance, success); + break; + } + +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/IndicLayoutEngine.cpp openjdk/jdk/src/share/native/sun/font/layout/IndicLayoutEngine.cpp +--- openjdk/jdk/src/share/native/sun/font/layout/IndicLayoutEngine.cpp ++++ openjdk/jdk/src/share/native/sun/font/layout/IndicLayoutEngine.cpp +@@ -44,7 +44,7 @@ + #include "LEGlyphStorage.h" + + #include "IndicReordering.h" +-#include <stdio.h> ++ + U_NAMESPACE_BEGIN + + UOBJECT_DEFINE_RTTI_IMPLEMENTATION(IndicOpenTypeLayoutEngine) +@@ -90,6 +90,7 @@ + return 0; + } + ++ _LETRACE("IOTLE::gp, calling parent"); + le_int32 retCount = OpenTypeLayoutEngine::glyphProcessing(chars, offset, count, max, rightToLeft, glyphStorage, success); + + if (LE_FAILURE(success)) { +@@ -97,10 +98,14 @@ + } + + if (fVersion2) { ++ _LETRACE("IOTLE::gp, v2 final,"); + IndicReordering::finalReordering(glyphStorage,retCount); ++ _LETRACE("IOTLE::gp, v2 pres"); + IndicReordering::applyPresentationForms(glyphStorage,retCount); ++ _LETRACE("IOTLE::gp, parent gsub"); + OpenTypeLayoutEngine::glyphSubstitution(count,max, rightToLeft, glyphStorage, success); + } else { ++ _LETRACE("IOTLE::gp, adjust mpres"); + IndicReordering::adjustMPres(fMPreFixups, glyphStorage, success); + } + return retCount; +@@ -116,6 +121,8 @@ + return 0; + } + ++ _LETRACE("IOTLE: charProc"); ++ + if (chars == NULL || offset < 0 || count < 0 || max < 0 || offset >= max || offset + count > max) { + success = LE_ILLEGAL_ARGUMENT_ERROR; + return 0; +@@ -143,8 +150,10 @@ + + le_int32 outCharCount; + if (fVersion2) { ++ _LETRACE("v2process"); + outCharCount = IndicReordering::v2process(&chars[offset], count, fScriptCode, outChars, glyphStorage); + } else { ++ _LETRACE("reorder"); + outCharCount = IndicReordering::reorder(&chars[offset], count, fScriptCode, outChars, glyphStorage, &fMPreFixups, success); + } + +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/KernTable.cpp openjdk/jdk/src/share/native/sun/font/layout/KernTable.cpp +--- openjdk/jdk/src/share/native/sun/font/layout/KernTable.cpp ++++ openjdk/jdk/src/share/native/sun/font/layout/KernTable.cpp +@@ -39,7 +39,7 @@ + + #include <stdio.h> + +-#define DEBUG 0 ++#define DEBUG_KERN_TABLE 0 + + U_NAMESPACE_BEGIN + +@@ -99,14 +99,14 @@ + : pairs(), pairsSwapped(NULL), fTable(base) + { + if(LE_FAILURE(success) || (fTable.isEmpty())) { +-#if DEBUG ++#if DEBUG_KERN_TABLE + fprintf(stderr, "no kern data\n"); + #endif + return; + } + LEReferenceTo<KernTableHeader> header(fTable, success); + +-#if DEBUG ++#if DEBUG_KERN_TABLE + // dump first 32 bytes of header + for (int i = 0; i < 64; ++i) { + fprintf(stderr, "%0.2x ", ((const char*)header.getAlias())[i]&0xff); +@@ -167,13 +167,13 @@ + fprintf(stderr, " searchRange: %d entrySelector: %d rangeShift: %d\n", searchRange, entrySelector, rangeShift); + fprintf(stderr, "[[ ignored font table entries: range %d selector %d shift %d ]]\n", SWAPW(table->searchRange), SWAPW(table->entrySelector), SWAPW(table->rangeShift)); + #endif +-#if DEBUG ++#if DEBUG_KERN_TABLE + fprintf(stderr, "coverage: %0.4x nPairs: %d pairs 0x%x\n", coverage, nPairs, pairs); + fprintf(stderr, + " searchRange(pairs): %d entrySelector: %d rangeShift(pairs): %d\n", + searchRange, entrySelector, rangeShift); + +- { ++ if (LE_SUCCESS(success)) { + // dump part of the pair list + char ids[256]; + for (int i = 256; --i >= 0;) { +@@ -238,7 +238,7 @@ + p = tp; + } + +-#if DEBUG ++#if DEBUG_KERN_TABLE + fprintf(stderr, "binary search for %0.8x\n", key); + #endif + +@@ -247,13 +247,13 @@ + probe >>= 1; + tp = (const PairInfo*)(p + (probe/KERN_PAIRINFO_SIZE)); + le_uint32 tkey = tp->key; +-#if DEBUG ++#if DEBUG_KERN_TABLE + fprintf(stdout, " %.3d (%0.8x)\n", (tp - pairsSwapped), tkey); + #endif + if (tkey <= key) { + if (tkey == key) { + le_int16 value = SWAPW(tp->value); +-#if DEBUG ++#if DEBUG_KERN_TABLE + fprintf(stdout, "binary found kerning pair %x:%x at %d, value: 0x%x (%g)\n", + storage[i-1], storage[i], i, value & 0xffff, font->xUnitsToPoints(value)); + fflush(stdout); +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/LEFontInstance.h openjdk/jdk/src/share/native/sun/font/layout/LEFontInstance.h +--- openjdk/jdk/src/share/native/sun/font/layout/LEFontInstance.h ++++ openjdk/jdk/src/share/native/sun/font/layout/LEFontInstance.h +@@ -181,6 +181,10 @@ + * + * Subclasses which represent composite fonts should always return <code>NULL</code>. + * ++ * Note that implementing this function does not allow for range checking. ++ * Subclasses that desire the safety of range checking must implement the ++ * variation which has a length parameter. ++ * + * @param tableTag - the four byte table tag. (e.g. 'cmap') + * + * @return the address of the table in memory, or <code>NULL</code> +@@ -203,6 +207,8 @@ + * Subclasses which represent composite fonts should always return <code>NULL</code>. + * + * This version sets a length, for range checking. ++ * Note that range checking can only be accomplished if this function is ++ * implemented in subclasses. + * + * @param tableTag - the four byte table tag. (e.g. 'cmap') + * @param length - ignored on entry, on exit will be the length of the table if known, or -1 if unknown. +@@ -572,5 +578,3 @@ + + U_NAMESPACE_END + #endif +- +- +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/LEGlyphFilter.h openjdk/jdk/src/share/native/sun/font/layout/LEGlyphFilter.h +--- openjdk/jdk/src/share/native/sun/font/layout/LEGlyphFilter.h ++++ openjdk/jdk/src/share/native/sun/font/layout/LEGlyphFilter.h +@@ -61,7 +61,7 @@ + * + * @internal + */ +- virtual le_bool accept(LEGlyphID glyph) const = 0; ++ virtual le_bool accept(LEGlyphID glyph, LEErrorCode &success) const = 0; + }; + + U_NAMESPACE_END +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/LEGlyphStorage.cpp openjdk/jdk/src/share/native/sun/font/layout/LEGlyphStorage.cpp +--- openjdk/jdk/src/share/native/sun/font/layout/LEGlyphStorage.cpp ++++ openjdk/jdk/src/share/native/sun/font/layout/LEGlyphStorage.cpp +@@ -458,7 +458,7 @@ + success = LE_INDEX_OUT_OF_BOUNDS_ERROR; + return; + } +- ++ _LETRACE("set%-4d\t(%.2f, %.2f)", glyphIndex, x, y); + fPositions[glyphIndex * 2] = x; + fPositions[glyphIndex * 2 + 1] = y; + } +@@ -694,4 +694,3 @@ + } + + U_NAMESPACE_END +- +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/LEGlyphStorage.h openjdk/jdk/src/share/native/sun/font/layout/LEGlyphStorage.h +--- openjdk/jdk/src/share/native/sun/font/layout/LEGlyphStorage.h ++++ openjdk/jdk/src/share/native/sun/font/layout/LEGlyphStorage.h +@@ -568,4 +568,3 @@ + + U_NAMESPACE_END + #endif +- +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/LEScripts.h openjdk/jdk/src/share/native/sun/font/layout/LEScripts.h +--- openjdk/jdk/src/share/native/sun/font/layout/LEScripts.h ++++ openjdk/jdk/src/share/native/sun/font/layout/LEScripts.h +@@ -30,7 +30,7 @@ + * WARNING: THIS FILE IS MACHINE GENERATED. DO NOT HAND EDIT IT UNLESS + * YOU REALLY KNOW WHAT YOU'RE DOING. + * +- * Generated on: 10/26/2010 02:53:33 PM PDT ++ * Generated on: 11/01/2011 04:08:09 PM PDT + */ + + #ifndef __LESCRIPTS_H +@@ -262,7 +262,16 @@ + khojScriptCode = 157, + tirhScriptCode = 158, + +- scriptCodeCount = 159 ++/** ++ * @stable ICU 52 ++ */ ++ aghbScriptCode = 159, ++ mahjScriptCode = 160, ++ ++/** ++ * @stable ICU 2.2 ++ */ ++ scriptCodeCount + }; + + U_NAMESPACE_END +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/LEStandalone.h openjdk/jdk/src/share/native/sun/font/layout/LEStandalone.h +--- openjdk/jdk/src/share/native/sun/font/layout/LEStandalone.h ++++ openjdk/jdk/src/share/native/sun/font/layout/LEStandalone.h +@@ -132,6 +132,9 @@ + #define uprv_memcpy memcpy + #define uprv_realloc realloc + ++#define U_EXPORT2 ++#define U_CAPI extern "C" ++ + #if !defined(U_IS_BIG_ENDIAN) + #ifdef _LITTLE_ENDIAN + #define U_IS_BIG_ENDIAN 0 +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/LETableReference.h openjdk/jdk/src/share/native/sun/font/layout/LETableReference.h +--- openjdk/jdk/src/share/native/sun/font/layout/LETableReference.h ++++ openjdk/jdk/src/share/native/sun/font/layout/LETableReference.h +@@ -38,34 +38,47 @@ + #include "LETypes.h" + #include "LEFontInstance.h" + ++/** ++ * \def LE_ENABLE_RAW ++ * If this is 1, enables old non-safe raw access ++ */ ++#ifndef LE_ENABLE_RAW ++#define LE_ENABLE_RAW 0 ++#endif + +-#define kQuestionmarkTableTag 0x3F3F3F3FUL +-#define kTildeTableTag 0x7e7e7e7eUL ++#define kQuestionmarkTableTag 0x3F3F3F3FUL /* ???? */ ++#define kStaticTableTag 0x30303030UL /* 0000 */ ++#define kTildeTableTag 0x7e7e7e7eUL /* ~~~~ */ + #ifdef __cplusplus + + // internal - interface for range checking + U_NAMESPACE_BEGIN + + #if LE_ASSERT_BAD_FONT ++ ++#ifndef LE_TRACE_TR ++#define LE_TRACE_TR 0 ++#endif ++ + class LETableReference; // fwd + /** + * defined in OpenTypeUtilities.cpp + * @internal + */ +-extern void _debug_LETableReference(const char *f, int l, const char *msg, const LETableReference *what, const void *ptr, size_t len); ++U_CAPI void U_EXPORT2 _debug_LETableReference(const char *f, int l, const char *msg, const LETableReference *what, const void *ptr, size_t len); + + #define LE_DEBUG_TR(x) _debug_LETableReference(__FILE__, __LINE__, x, this, NULL, 0); + #define LE_DEBUG_TR3(x,y,z) _debug_LETableReference(__FILE__, __LINE__, x, this, (const void*)y, (size_t)z); +-#if 0 +-#define LE_TRACE_TR(x) _debug_LETableReference(__FILE__, __LINE__, x, this, NULL, 0); ++#if LE_TRACE_TR ++#define _TRTRACE(x) _debug_LETableReference(__FILE__, __LINE__, x, this, NULL, 0); + #else +-#define LE_TRACE_TR(x) ++#define _TRTRACE(x) + #endif + + #else + #define LE_DEBUG_TR(x) + #define LE_DEBUG_TR3(x,y,z) +-#define LE_TRACE_TR(x) ++#define _TRTRACE(x) + #endif + + /** +@@ -73,6 +86,13 @@ + */ + class LETableReference { + public: ++ ++ /** ++ * Dummy enum asserting that a value is actually static data ++ * and does not need to be range checked ++ */ ++ enum EStaticData { kStaticData = 0 }; ++ + /** + * @internal + * Construct from a specific tag +@@ -80,28 +100,42 @@ + LETableReference(const LEFontInstance* font, LETag tableTag, LEErrorCode &success) : + fFont(font), fTag(tableTag), fParent(NULL), fStart(NULL),fLength(LE_UINTPTR_MAX) { + loadTable(success); +- LE_TRACE_TR("INFO: new table load") ++ _TRTRACE("INFO: new table load") + } + + LETableReference(const LETableReference &parent, LEErrorCode &success) : fFont(parent.fFont), fTag(parent.fTag), fParent(&parent), fStart(parent.fStart), fLength(parent.fLength) { + if(LE_FAILURE(success)) { + clear(); + } +- LE_TRACE_TR("INFO: new clone") ++ _TRTRACE("INFO: new clone") + } + ++#if LE_ENABLE_RAW ++ /** ++ * Construct without a parent LETR. ++ */ + LETableReference(const le_uint8* data, size_t length = LE_UINTPTR_MAX) : + fFont(NULL), fTag(kQuestionmarkTableTag), fParent(NULL), fStart(data), fLength(length) { +- LE_TRACE_TR("INFO: new raw") ++ _TRTRACE("INFO: new raw") + } ++#endif ++ ++ /** ++ * Construct without a parent LETR. ++ */ ++ LETableReference(EStaticData /* NOTUSED */, const le_uint8* data, size_t length) : ++ fFont(NULL), fTag(kQuestionmarkTableTag), fParent(NULL), fStart(data), fLength(length) { ++ _TRTRACE("INFO: new EStaticData") ++ } ++ + LETableReference() : + fFont(NULL), fTag(kQuestionmarkTableTag), fParent(NULL), fStart(NULL), fLength(0) { +- LE_TRACE_TR("INFO: new empty") ++ _TRTRACE("INFO: new empty") + } + + ~LETableReference() { +- fTag=kTildeTableTag; +- LE_TRACE_TR("INFO: new dtor") ++ fTag= (LETag)kTildeTableTag; ++ _TRTRACE("INFO: new dtor") + } + + /** +@@ -127,7 +161,7 @@ + fLength = (fParent->fLength) - offset; // decrement length as base address is incremented + } + if(fLength != LE_UINTPTR_MAX) { // if we have bounds: +- if(offset+fLength > fParent->fLength) { ++ if((offset+fLength < offset) || (offset+fLength > fParent->fLength)) { + LE_DEBUG_TR3("offset+fLength out of range: (%p) +%d", NULL, offset+fLength); + err = LE_INDEX_OUT_OF_BOUNDS_ERROR; // exceeded + clear(); +@@ -137,11 +171,13 @@ + } else { + clear(); + } +- LE_TRACE_TR("INFO: new subset") ++ _TRTRACE("INFO: new subset") + } + + const void* getAlias() const { return (const void*)fStart; } +- const void* getAliasTODO() const { LE_DEBUG_TR("getAliasTODO()"); return (const void*)fStart; } ++#ifndef LE_ENABLE_RAW ++ const void* getAliasRAW() const { LE_DEBUG_TR("getAliasRAW()"); return (const void*)fStart; } ++#endif + le_bool isEmpty() const { return fStart==NULL || fLength==0; } + le_bool isValid() const { return !isEmpty(); } + le_bool hasBounds() const { return fLength!=LE_UINTPTR_MAX; } +@@ -234,7 +270,18 @@ + + void setRaw(const void *data, size_t length = LE_UINTPTR_MAX) { + fFont = NULL; +- fTag = kQuestionmarkTableTag; ++ fTag = (LETag)kQuestionmarkTableTag; ++ fParent = NULL; ++ fStart = (const le_uint8*)data; ++ fLength = length; ++ } ++ ++ /** ++ * set this object pointing to static data ++ */ ++ void setTo(EStaticData /*notused*/, const void *data, size_t length) { ++ fFont = NULL; ++ fTag = (LETag)kStaticTableTag; + fParent = NULL; + fStart = (const le_uint8*)data; + fLength = length; +@@ -277,96 +324,6 @@ + * Open a new entry based on an existing table + */ + +-/** +- * \def LE_UNBOUNDED_ARRAY +- * define an array with no *known* bound. Will trim to available size. +- * @internal +- */ +-#define LE_UNBOUNDED_ARRAY LE_UINT32_MAX +- +-template<class T> +-class LEReferenceToArrayOf : public LETableReference { +-public: +- LEReferenceToArrayOf(const LETableReference &parent, LEErrorCode &success, size_t offset, le_uint32 count) +- : LETableReference(parent, offset, LE_UINTPTR_MAX, success), fCount(count) { +- LE_TRACE_TR("INFO: new RTAO by offset") +- if(LE_SUCCESS(success)) { +- if(count == LE_UNBOUNDED_ARRAY) { // not a known length +- count = getLength()/LETableVarSizer<T>::getSize(); // fit to max size +- } +- LETableReference::verifyLength(0, LETableVarSizer<T>::getSize()*count, success); +- } +- if(LE_FAILURE(success)) { +- fCount=0; +- clear(); +- } +- } +- +- LEReferenceToArrayOf(const LETableReference &parent, LEErrorCode &success, const T* array, le_uint32 count) +- : LETableReference(parent, parent.ptrToOffset(array, success), LE_UINTPTR_MAX, success), fCount(count) { +-LE_TRACE_TR("INFO: new RTAO") +- if(LE_SUCCESS(success)) { +- if(count == LE_UNBOUNDED_ARRAY) { // not a known length +- count = getLength()/LETableVarSizer<T>::getSize(); // fit to max size +- } +- LETableReference::verifyLength(0, LETableVarSizer<T>::getSize()*count, success); +- } +- if(LE_FAILURE(success)) clear(); +- } +- LEReferenceToArrayOf(const LETableReference &parent, LEErrorCode &success, const T* array, size_t offset, le_uint32 count) +- : LETableReference(parent, parent.ptrToOffset(array, success)+offset, LE_UINTPTR_MAX, success), fCount(count) { +-LE_TRACE_TR("INFO: new RTAO") +- if(LE_SUCCESS(success)) { +- if(count == LE_UNBOUNDED_ARRAY) { // not a known length +- count = getLength()/LETableVarSizer<T>::getSize(); // fit to max size +- } +- LETableReference::verifyLength(0, LETableVarSizer<T>::getSize()*count, success); +- } +- if(LE_FAILURE(success)) clear(); +- } +- +- LEReferenceToArrayOf() :LETableReference(), fCount(0) {} +- +- le_uint32 getCount() const { return fCount; } +- +- using LETableReference::getAlias; +- +- const T *getAlias(le_uint32 i, LEErrorCode &success) const { +- return ((const T*)(((const char*)getAlias())+getOffsetFor(i, success))); +- } +- +- const T *getAliasTODO() const { LE_DEBUG_TR("getAliasTODO<>"); return (const T*)fStart; } +- +- const T& getObject(le_uint32 i, LEErrorCode &success) const { +- return *getAlias(i,success); +- } +- +- const T& operator()(le_uint32 i, LEErrorCode &success) const { +- return *getAlias(i,success); +- } +- +- size_t getOffsetFor(le_uint32 i, LEErrorCode &success) const { +- if(LE_SUCCESS(success)&&i<getCount()) { +- return LETableVarSizer<T>::getSize()*i; +- } else { +- success = LE_INDEX_OUT_OF_BOUNDS_ERROR; +- } +- return 0; +- } +- +- LEReferenceToArrayOf<T> &reparent(const LETableReference &base) { +- fParent = &base; +- return *this; +- } +- +- LEReferenceToArrayOf(const LETableReference& parent, LEErrorCode & success) : LETableReference(parent,0, LE_UINTPTR_MAX, success), fCount(0) { +- LE_TRACE_TR("INFO: null RTAO") +- } +- +-private: +- le_uint32 fCount; +-}; +- + + template<class T> + class LEReferenceTo : public LETableReference { +@@ -405,14 +362,26 @@ + verifyLength(0, LETableVarSizer<T>::getSize(), success); + if(LE_FAILURE(success)) clear(); + } ++#if LE_ENABLE_RAW + inline LEReferenceTo(const le_uint8 *data, size_t length = LE_UINTPTR_MAX) : LETableReference(data, length) {} + inline LEReferenceTo(const T *data, size_t length = LE_UINTPTR_MAX) : LETableReference((const le_uint8*)data, length) {} +- inline LEReferenceTo() : LETableReference(NULL) {} ++#endif ++ inline LEReferenceTo(EStaticData staticData, const le_uint8 *data, size_t length) : LETableReference(staticData, data, length) {} ++ inline LEReferenceTo(EStaticData staticData, const T *data, size_t length) : LETableReference(staticData, (const le_uint8*)data, length) {} + ++ inline LEReferenceTo() : LETableReference() {} ++ ++#if LE_ENABLE_RAW + inline LEReferenceTo<T>& operator=(const T* other) { + setRaw(other); + return *this; + } ++#endif ++ ++ LEReferenceTo<T>& setTo(LETableReference::EStaticData staticData, const T* other, size_t length) { ++ LETableReference::setTo(staticData, other, length); ++ return *this; ++ } + + LEReferenceTo<T> &reparent(const LETableReference &base) { + fParent = &base; +@@ -431,11 +400,135 @@ + } + + const T *operator->() const { return getAlias(); } ++ const T *operator*() const { return getAlias(); } + const T *getAlias() const { return (const T*)fStart; } +- const T *getAliasTODO() const { LE_DEBUG_TR("getAliasTODO<>"); return (const T*)fStart; } ++#if LE_ENABLE_RAW ++ const T *getAliasRAW() const { LE_DEBUG_TR("getAliasRAW<>"); return (const T*)fStart; } ++#endif ++ + }; + + ++/** ++ * \def LE_UNBOUNDED_ARRAY ++ * define an array with no *known* bound. Will trim to available size. ++ * @internal ++ */ ++#define LE_UNBOUNDED_ARRAY LE_UINT32_MAX ++ ++template<class T> ++class LEReferenceToArrayOf : public LETableReference { ++public: ++ LEReferenceToArrayOf(const LETableReference &parent, LEErrorCode &success, size_t offset, le_uint32 count) ++ : LETableReference(parent, offset, LE_UINTPTR_MAX, success), fCount(count) { ++ _TRTRACE("INFO: new RTAO by offset") ++ if(LE_SUCCESS(success)) { ++ if(fCount == LE_UNBOUNDED_ARRAY) { // not a known length ++ fCount = getLength()/LETableVarSizer<T>::getSize(); // fit to max size ++ } ++ LETableReference::verifyLength(0, LETableVarSizer<T>::getSize()*fCount, success); ++ } ++ if(LE_FAILURE(success)) { ++ fCount=0; ++ clear(); ++ } ++ } ++ ++ LEReferenceToArrayOf(const LETableReference &parent, LEErrorCode &success, const T* array, le_uint32 count) ++ : LETableReference(parent, parent.ptrToOffset(array, success), LE_UINTPTR_MAX, success), fCount(count) { ++_TRTRACE("INFO: new RTAO") ++ if(LE_SUCCESS(success)) { ++ if(fCount == LE_UNBOUNDED_ARRAY) { // not a known length ++ fCount = getLength()/LETableVarSizer<T>::getSize(); // fit to max size ++ } ++ LETableReference::verifyLength(0, LETableVarSizer<T>::getSize()*fCount, success); ++ } ++ if(LE_FAILURE(success)) clear(); ++ } ++ LEReferenceToArrayOf(const LETableReference &parent, LEErrorCode &success, const T* array, size_t offset, le_uint32 count) ++ : LETableReference(parent, parent.ptrToOffset(array, success)+offset, LE_UINTPTR_MAX, success), fCount(count) { ++_TRTRACE("INFO: new RTAO") ++ if(LE_SUCCESS(success)) { ++ if(fCount == LE_UNBOUNDED_ARRAY) { // not a known length ++ fCount = getLength()/LETableVarSizer<T>::getSize(); // fit to max size ++ } ++ LETableReference::verifyLength(0, LETableVarSizer<T>::getSize()*fCount, success); ++ } ++ if(LE_FAILURE(success)) clear(); ++ } ++ ++ LEReferenceToArrayOf() :LETableReference(), fCount(0) {} ++ ++ le_uint32 getCount() const { return fCount; } ++ ++ const T *getAlias() const { return (const T*)fStart; } ++ ++ const T *getAlias(le_uint32 i, LEErrorCode &success) const { ++ return ((const T*)(((const char*)getAlias())+getOffsetFor(i, success))); ++ } ++ ++#ifndef LE_ENABLE_RAW ++ const T *getAliasRAW() const { LE_DEBUG_TR("getAliasRAW<>"); return (const T*)fStart; } ++#endif ++ ++ const T& getObject(le_uint32 i, LEErrorCode &success) const { ++ return *getAlias(i,success); ++ } ++ ++ /** ++ * by-value array accessor for integral types. ++ */ ++ const T operator[](le_uint32 i) const { ++ LEErrorCode success = LE_NO_ERROR; ++ const T *ret = getAlias(i, success); ++ if(LE_FAILURE(success) || ret==NULL) { ++#if LE_ASSERT_BAD_FONT ++ LE_DEBUG_TR3("Range error, out of bounds? (%p) #%d", NULL, i); ++#endif ++ return T(0); // will not work for all types. ++ } ++ return *ret; ++ } ++ ++ const LEReferenceTo<T> getReference(le_uint32 i, LEErrorCode &success) const { ++ if(LE_FAILURE(success)) return LEReferenceTo<T>(); ++ return LEReferenceTo<T>(*this, success, getAlias(i,success)); ++ } ++ ++ const T& operator()(le_uint32 i, LEErrorCode &success) const { ++ return *getAlias(i,success); ++ } ++ ++ size_t getOffsetFor(le_uint32 i, LEErrorCode &success) const { ++ if(LE_SUCCESS(success)&&i<getCount()) { ++ return LETableVarSizer<T>::getSize()*i; ++ } else { ++ LE_DEBUG_TR3("getOffsetFor failed (%p) index=%d",NULL, i); ++ success = LE_INDEX_OUT_OF_BOUNDS_ERROR; ++ } ++ return 0; ++ } ++ ++ LEReferenceToArrayOf<T> &reparent(const LETableReference &base) { ++ fParent = &base; ++ return *this; ++ } ++ ++ LEReferenceToArrayOf(const LETableReference& parent, LEErrorCode & success) : LETableReference(parent,0, LE_UINTPTR_MAX, success), fCount(0) { ++ _TRTRACE("INFO: null RTAO") ++ } ++ ++private: ++ le_uint32 fCount; ++}; ++ ++ ++ ++ ++#ifdef _TRTRACE ++#undef _TRTRACE ++#endif ++ + U_NAMESPACE_END + + #endif +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/LETypes.h openjdk/jdk/src/share/native/sun/font/layout/LETypes.h +--- openjdk/jdk/src/share/native/sun/font/layout/LETypes.h ++++ openjdk/jdk/src/share/native/sun/font/layout/LETypes.h +@@ -312,6 +312,20 @@ + */ + #define LE_SET_CLIENT(gid, client) ((gid & ~LE_CLIENT_MASK) | ((client << LE_CLIENT_SHIFT) & LE_CLIENT_MASK)) + ++/** ++ * \def LE_TRACE ++ * @internal ++ */ ++#ifndef LE_TRACE ++# define LE_TRACE 0 ++#endif ++ ++#if LE_TRACE ++# include <stdio.h> ++# define _LETRACE printf("\n%s:%d: LE: ", __FILE__, __LINE__),printf ++#else ++# define _LETRACE 0&& ++#endif + + /** + * Used to represent 16-bit Unicode code points. +@@ -656,7 +670,7 @@ + * + * @stable ICU 2.4 + */ +-#ifndef LE_FAILURE ++#ifndef LE_SUCCESS + #define LE_SUCCESS(code) (U_SUCCESS((UErrorCode)code)) + #endif + +@@ -666,12 +680,21 @@ + LE_CHAR_FILTER_FEATURE_ENUM = 31, + }; + ++ ++/** ++ * Flags for typographic features. ++ * @internal ++ * @{ ++ */ + #define LE_Kerning_FEATURE_FLAG (1 << LE_Kerning_FEATURE_ENUM) + #define LE_Ligatures_FEATURE_FLAG (1 << LE_Ligatures_FEATURE_ENUM) + + #define LE_CHAR_FILTER_FEATURE_ENUM 31 + + #define LE_CHAR_FILTER_FEATURE_FLAG (1 << LE_CHAR_FILTER_FEATURE_ENUM) ++/** ++ * @} ++ */ + + #define LE_DEFAULT_FEATURE_FLAG (LE_Kerning_FEATURE_FLAG | LE_Ligatures_FEATURE_FLAG) /**< default features */ + +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/LayoutEngine.cpp openjdk/jdk/src/share/native/sun/font/layout/LayoutEngine.cpp +--- openjdk/jdk/src/share/native/sun/font/layout/LayoutEngine.cpp ++++ openjdk/jdk/src/share/native/sun/font/layout/LayoutEngine.cpp +@@ -150,7 +150,7 @@ + CanonMarkFilter(const LEReferenceTo<GlyphDefinitionTableHeader> &gdefTable, LEErrorCode &success); + virtual ~CanonMarkFilter(); + +- virtual le_bool accept(LEGlyphID glyph) const; ++ virtual le_bool accept(LEGlyphID glyph, LEErrorCode &success) const; + }; + + CanonMarkFilter::CanonMarkFilter(const LEReferenceTo<GlyphDefinitionTableHeader> &gdefTable, LEErrorCode &success) +@@ -163,9 +163,8 @@ + // nothing to do? + } + +-le_bool CanonMarkFilter::accept(LEGlyphID glyph) const ++le_bool CanonMarkFilter::accept(LEGlyphID glyph, LEErrorCode &success) const + { +- LEErrorCode success = LE_NO_ERROR; + le_int32 glyphClass = classDefTable->getGlyphClass(classDefTable, glyph, success); + if(LE_FAILURE(success)) return false; + return glyphClass != 0; +@@ -253,7 +252,9 @@ + return 0; + } + +- LEReferenceTo<GlyphSubstitutionTableHeader> canonGSUBTable((GlyphSubstitutionTableHeader *) CanonShaping::glyphSubstitutionTable); ++ LEReferenceTo<GlyphSubstitutionTableHeader> canonGSUBTable(LETableReference::kStaticData, ++ (GlyphSubstitutionTableHeader *) CanonShaping::glyphSubstitutionTable, ++ CanonShaping::glyphSubstitutionTableLen); + LETag scriptTag = OpenTypeLayoutEngine::getScriptTag(fScriptCode); + LETag langSysTag = OpenTypeLayoutEngine::getLangSysTag(fLanguageCode); + le_int32 i, dir = 1, out = 0, outCharCount = count; +@@ -313,7 +314,8 @@ + LE_DELETE_ARRAY(reordered); + } + +- outCharCount = canonGSUBTable->process(canonGSUBTable, fakeGlyphStorage, rightToLeft, scriptTag, langSysTag, (const GlyphDefinitionTableHeader*)NULL, substitutionFilter, canonFeatureMap, canonFeatureMapCount, FALSE, success); ++ const LEReferenceTo<GlyphDefinitionTableHeader> noGDEF; // empty gdef header ++ outCharCount = canonGSUBTable->process(canonGSUBTable, fakeGlyphStorage, rightToLeft, scriptTag, langSysTag, noGDEF, substitutionFilter, canonFeatureMap, canonFeatureMapCount, FALSE, success); + + if (LE_FAILURE(success)) { + delete substitutionFilter; +@@ -393,10 +395,13 @@ + LEPoint advance; + + glyphStorage.setPosition(i, x, y, success); ++ _LETRACE("g#%-4d (%.2f, %.2f)", i, x, y); + + fFontInstance->getGlyphAdvance(glyphStorage[i], advance); + x += advance.fX; + y += advance.fY; ++ ++ + } + + glyphStorage.setPosition(glyphCount, x, y, success); +@@ -414,7 +419,7 @@ + return; + } + +- LEReferenceTo<GlyphDefinitionTableHeader> gdefTable((GlyphDefinitionTableHeader *) CanonShaping::glyphDefinitionTable, ++ LEReferenceTo<GlyphDefinitionTableHeader> gdefTable(LETableReference::kStaticData, (GlyphDefinitionTableHeader *) CanonShaping::glyphDefinitionTable, + CanonShaping::glyphDefinitionTableLen); + CanonMarkFilter filter(gdefTable, success); + +@@ -454,9 +459,10 @@ + glyphStorage.getGlyphPosition(p + 1, next, ignore, success); + + xAdvance = next - prev; ++ _LETRACE("p#%d (%.2f,%.2f)", p, xAdvance, 0); + glyphStorage.adjustPosition(p, xAdjust, 0, success); + +- if (markFilter->accept(glyphStorage[p])) { ++ if (markFilter->accept(glyphStorage[p], success)) { + xAdjust -= xAdvance; + } + +@@ -496,9 +502,13 @@ + glyphStorage.getGlyphPosition(p + 1, next, ignore, success); + + xAdvance = next - prev; ++ ++ _LETRACE("p#%d (%.2f,%.2f)", p, xAdvance, 0); ++ ++ + glyphStorage.adjustPosition(p, xAdjust, 0, success); + +- if (markFilter->accept(chars[c])) { ++ if (markFilter->accept(chars[c], success)) { + xAdjust -= xAdvance; + } + +@@ -669,7 +679,6 @@ + } + + case arabScriptCode: +- //case hebrScriptCode: + result = new UnicodeArabicOpenTypeLayoutEngine(fontInstance, scriptCode, languageCode, typoFlags, success); + break; + +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/LayoutEngine.h openjdk/jdk/src/share/native/sun/font/layout/LayoutEngine.h +--- openjdk/jdk/src/share/native/sun/font/layout/LayoutEngine.h ++++ openjdk/jdk/src/share/native/sun/font/layout/LayoutEngine.h +@@ -147,8 +147,8 @@ + * @param fontInstance - the font for the text + * @param scriptCode - the script for the text + * @param languageCode - the language for the text +- * @param typoFlags - the typographic control flags for the text. Set bit 1 if kerning +- * is desired, set bit 2 if ligature formation is desired. Others are reserved. ++ * @param typoFlags - the typographic control flags for the text (a bitfield). Use kTypoFlagKern ++ * if kerning is desired, kTypoFlagLiga if ligature formation is desired. Others are reserved. + * @param success - set to an error code if the operation fails + * + * @see LEFontInstance +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/LigatureSubstSubtables.cpp openjdk/jdk/src/share/native/sun/font/layout/LigatureSubstSubtables.cpp +--- openjdk/jdk/src/share/native/sun/font/layout/LigatureSubstSubtables.cpp ++++ openjdk/jdk/src/share/native/sun/font/layout/LigatureSubstSubtables.cpp +@@ -49,14 +49,20 @@ + return 0; + } + +- if (coverageIndex >= 0) { ++ LEReferenceToArrayOf<Offset> ligSetTableOffsetArrayRef(base, success, ligSetTableOffsetArray, SWAPW(ligSetCount)); ++ ++ if (coverageIndex >= 0 && LE_SUCCESS(success) && (le_uint32)coverageIndex < ligSetTableOffsetArrayRef.getCount()) { + Offset ligSetTableOffset = SWAPW(ligSetTableOffsetArray[coverageIndex]); +- const LigatureSetTable *ligSetTable = (const LigatureSetTable *) ((char *) this + ligSetTableOffset); ++ LEReferenceTo<LigatureSetTable> ligSetTable(base, success, ligSetTableOffset); ++ ++ if( LE_FAILURE(success) ) { return 0; } + le_uint16 ligCount = SWAPW(ligSetTable->ligatureCount); + +- for (le_uint16 lig = 0; lig < ligCount; lig += 1) { ++ LEReferenceTo<Offset> ligatureTableOffsetArray(base, success, ligSetTable->ligatureTableOffsetArray, ligCount); ++ for (le_uint16 lig = 0; LE_SUCCESS(success) && lig < ligCount; lig += 1) { + Offset ligTableOffset = SWAPW(ligSetTable->ligatureTableOffsetArray[lig]); +- const LigatureTable *ligTable = (const LigatureTable *) ((char *)ligSetTable + ligTableOffset); ++ LEReferenceTo<LigatureTable> ligTable(ligSetTable, success, ligTableOffset); ++ if(LE_FAILURE(success)) { return 0; } + le_uint16 compCount = SWAPW(ligTable->compCount) - 1; + le_int32 startPosition = glyphIterator->getCurrStreamPosition(); + TTGlyphID ligGlyph = SWAPW(ligTable->ligGlyph); +@@ -72,7 +78,7 @@ + } + } + +- if (comp == compCount && (filter == NULL || filter->accept(LE_SET_GLYPH(glyph, ligGlyph)))) { ++ if (comp == compCount && (filter == NULL || filter->accept(LE_SET_GLYPH(glyph, ligGlyph), success))) { + GlyphIterator tempIterator(*glyphIterator); + TTGlyphID deletedGlyph = tempIterator.ignoresMarks()? 0xFFFE : 0xFFFF; + +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/LookupProcessor.cpp openjdk/jdk/src/share/native/sun/font/layout/LookupProcessor.cpp +--- openjdk/jdk/src/share/native/sun/font/layout/LookupProcessor.cpp ++++ openjdk/jdk/src/share/native/sun/font/layout/LookupProcessor.cpp +@@ -60,8 +60,10 @@ + LEReferenceTo<LookupSubtable> lookupSubtable = lookupTable->getLookupSubtable(lookupTable, subtable, success); + + delta = applySubtable(lookupSubtable, lookupType, glyphIterator, fontInstance, success); +- +- if (delta > 0 || LE_FAILURE(success)) { ++ if (delta > 0 && LE_FAILURE(success)) { ++#if LE_TRACE ++ _LETRACE("Posn #%d, type %X, applied subtable #%d/%d - %s\n", startPosition, lookupType, subtable, subtableCount, u_errorName((UErrorCode)success)); ++#endif + return 1; + } + +@@ -86,7 +88,7 @@ + } + + GlyphIterator glyphIterator(glyphStorage, glyphPositionAdjustments, +- rightToLeft, 0, 0, glyphDefinitionTableHeader); ++ rightToLeft, 0, 0, glyphDefinitionTableHeader, success); + le_int32 newGlyphCount = glyphCount; + + for (le_uint16 order = 0; order < lookupOrderCount && LE_SUCCESS(success); order += 1) { +@@ -94,6 +96,7 @@ + FeatureMask selectMask = lookupSelectArray[lookup]; + + if (selectMask != 0) { ++ _LETRACE("Processing order#%d/%d", order, lookupOrderCount); + const LEReferenceTo<LookupTable> lookupTable = lookupListTable->getLookupTable(lookupListTable, lookup, success); + if (!lookupTable.isValid() ||LE_FAILURE(success) ) { + continue; +@@ -103,8 +106,11 @@ + glyphIterator.reset(lookupFlags, selectMask); + + while (glyphIterator.findFeatureTag()) { +- applyLookupTable(lookupTable, &glyphIterator, fontInstance, success); // TODO ++ applyLookupTable(lookupTable, &glyphIterator, fontInstance, success); + if (LE_FAILURE(success)) { ++#if LE_TRACE ++ _LETRACE("Failure for lookup 0x%x - %s\n", lookup, u_errorName((UErrorCode)success)); ++#endif + return 0; + } + } +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/Lookups.cpp openjdk/jdk/src/share/native/sun/font/layout/Lookups.cpp +--- openjdk/jdk/src/share/native/sun/font/layout/Lookups.cpp ++++ openjdk/jdk/src/share/native/sun/font/layout/Lookups.cpp +@@ -65,7 +65,7 @@ + + if(LE_FAILURE(success)) return 0; + +- return coverageTable->getGlyphCoverage(glyphID); ++ return coverageTable->getGlyphCoverage(coverageTable, glyphID, success); + } + + U_NAMESPACE_END +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/MarkArrays.cpp openjdk/jdk/src/share/native/sun/font/layout/MarkArrays.cpp +--- openjdk/jdk/src/share/native/sun/font/layout/MarkArrays.cpp ++++ openjdk/jdk/src/share/native/sun/font/layout/MarkArrays.cpp +@@ -38,20 +38,28 @@ + + U_NAMESPACE_BEGIN + +-le_int32 MarkArray::getMarkClass(LEGlyphID glyphID, le_int32 coverageIndex, const LEFontInstance *fontInstance, +- LEPoint &anchor) const ++le_int32 MarkArray::getMarkClass(const LETableReference &base, LEGlyphID glyphID, ++ le_int32 coverageIndex, const LEFontInstance *fontInstance, ++ LEPoint &anchor, LEErrorCode &success) const + { + le_int32 markClass = -1; + +- if (coverageIndex >= 0) { ++ if ( coverageIndex >= 0 && LE_SUCCESS(success) ) { + le_uint16 mCount = SWAPW(markCount); +- + if (coverageIndex < mCount) { ++ LEReferenceToArrayOf<MarkRecord> markRecordArrayRef(base, success, markRecordArray, mCount); ++ if(LE_FAILURE(success)) { ++ return markClass; ++ } + const MarkRecord *markRecord = &markRecordArray[coverageIndex]; + Offset anchorTableOffset = SWAPW(markRecord->markAnchorTableOffset); +- const AnchorTable *anchorTable = (AnchorTable *) ((char *) this + anchorTableOffset); ++ LEReferenceTo<AnchorTable> anchorTable(base, success, anchorTableOffset); + +- anchorTable->getAnchor(glyphID, fontInstance, anchor); ++ if(LE_FAILURE(success)) { ++ return markClass; ++ } ++ ++ anchorTable->getAnchor(anchorTable, glyphID, fontInstance, anchor, success); + markClass = SWAPW(markRecord->markClass); + } + +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/MarkArrays.h openjdk/jdk/src/share/native/sun/font/layout/MarkArrays.h +--- openjdk/jdk/src/share/native/sun/font/layout/MarkArrays.h ++++ openjdk/jdk/src/share/native/sun/font/layout/MarkArrays.h +@@ -54,8 +54,9 @@ + le_uint16 markCount; + MarkRecord markRecordArray[ANY_NUMBER]; + +- le_int32 getMarkClass(LEGlyphID glyphID, le_int32 coverageIndex, const LEFontInstance *fontInstance, +- LEPoint &anchor) const; ++ le_int32 getMarkClass(const LETableReference &base, LEGlyphID glyphID, ++ le_int32 coverageIndex, const LEFontInstance *fontInstance, ++ LEPoint &anchor, LEErrorCode &success) const; + }; + LE_VAR_ARRAY(MarkArray, markRecordArray) + +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/MarkToBasePosnSubtables.cpp openjdk/jdk/src/share/native/sun/font/layout/MarkToBasePosnSubtables.cpp +--- openjdk/jdk/src/share/native/sun/font/layout/MarkToBasePosnSubtables.cpp ++++ openjdk/jdk/src/share/native/sun/font/layout/MarkToBasePosnSubtables.cpp +@@ -66,11 +66,11 @@ + } + + LEPoint markAnchor; +- const MarkArray *markArray = (const MarkArray *) ((char *) this + SWAPW(markArrayOffset)); +- le_int32 markClass = markArray->getMarkClass(markGlyph, markCoverage, fontInstance, markAnchor); ++ LEReferenceTo<MarkArray> markArray(base, success, (const MarkArray *) ((char *) this + SWAPW(markArrayOffset))); ++ le_int32 markClass = markArray->getMarkClass(markArray, markGlyph, markCoverage, fontInstance, markAnchor, success); + le_uint16 mcCount = SWAPW(classCount); + +- if (markClass < 0 || markClass >= mcCount) { ++ if (markClass < 0 || markClass >= mcCount || LE_FAILURE(success)) { + // markGlyph isn't in the mark array or its + // mark class is too big. The table is mal-formed! + return 0; +@@ -80,7 +80,8 @@ + GlyphIterator baseIterator(*glyphIterator, (le_uint16) (lfIgnoreMarks /*| lfIgnoreLigatures*/)); + LEGlyphID baseGlyph = findBaseGlyph(&baseIterator); + le_int32 baseCoverage = getBaseCoverage(base, (LEGlyphID) baseGlyph, success); +- const BaseArray *baseArray = (const BaseArray *) ((char *) this + SWAPW(baseArrayOffset)); ++ LEReferenceTo<BaseArray> baseArray(base, success, (const BaseArray *) ((char *) this + SWAPW(baseArrayOffset))); ++ if(LE_FAILURE(success)) return 0; + le_uint16 baseCount = SWAPW(baseArray->baseRecordCount); + + if (baseCoverage < 0 || baseCoverage >= baseCount) { +@@ -89,19 +90,23 @@ + // table is mal-formed... + return 0; + } ++ LEReferenceTo<BaseRecord> baseRecord(base, success, &baseArray->baseRecordArray[baseCoverage * mcCount]); ++ if( LE_FAILURE(success) ) { return 0; } ++ LEReferenceToArrayOf<Offset> baseAnchorTableOffsetArray(base, success, &(baseRecord->baseAnchorTableOffsetArray[0]), markClass+1); + +- const BaseRecord *baseRecord = &baseArray->baseRecordArray[baseCoverage * mcCount]; ++ if( LE_FAILURE(success) ) { return 0; } + Offset anchorTableOffset = SWAPW(baseRecord->baseAnchorTableOffsetArray[markClass]); +- const AnchorTable *anchorTable = (const AnchorTable *) ((char *) baseArray + anchorTableOffset); +- LEPoint baseAnchor, markAdvance, pixels; +- +- if (anchorTableOffset == 0) { ++ if (anchorTableOffset <= 0) { + // this means the table is mal-formed... + glyphIterator->setCurrGlyphBaseOffset(baseIterator.getCurrStreamPosition()); + return 0; + } + +- anchorTable->getAnchor(baseGlyph, fontInstance, baseAnchor); ++ LEReferenceTo<AnchorTable> anchorTable(baseArray, success, anchorTableOffset); ++ LEPoint baseAnchor, markAdvance, pixels; ++ ++ ++ anchorTable->getAnchor(anchorTable, baseGlyph, fontInstance, baseAnchor, success); + + fontInstance->getGlyphAdvance(markGlyph, pixels); + fontInstance->pixelsToUnits(pixels, markAdvance); +@@ -109,6 +114,8 @@ + float anchorDiffX = baseAnchor.fX - markAnchor.fX; + float anchorDiffY = baseAnchor.fY - markAnchor.fY; + ++ _LETRACE("Offset: (%.2f, %.2f) glyph 0x%X", anchorDiffX, anchorDiffY, markGlyph); ++ + glyphIterator->setCurrGlyphBaseOffset(baseIterator.getCurrStreamPosition()); + + if (glyphIterator->isRightToLeft()) { +@@ -132,7 +139,6 @@ + gi.next(); + } + // end of JK patch +- + fontInstance->pixelsToUnits(pixels, baseAdvance); + + glyphIterator->setCurrGlyphPositionAdjustment(anchorDiffX - baseAdvance.fX, anchorDiffY - baseAdvance.fY, -markAdvance.fX, -markAdvance.fY); +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/MarkToLigaturePosnSubtables.cpp openjdk/jdk/src/share/native/sun/font/layout/MarkToLigaturePosnSubtables.cpp +--- openjdk/jdk/src/share/native/sun/font/layout/MarkToLigaturePosnSubtables.cpp ++++ openjdk/jdk/src/share/native/sun/font/layout/MarkToLigaturePosnSubtables.cpp +@@ -65,8 +65,11 @@ + } + + LEPoint markAnchor; +- const MarkArray *markArray = (const MarkArray *) ((char *) this + SWAPW(markArrayOffset)); +- le_int32 markClass = markArray->getMarkClass(markGlyph, markCoverage, fontInstance, markAnchor); ++ LEReferenceTo<MarkArray> markArray(base, success, SWAPW(markArrayOffset)); ++ if( LE_FAILURE(success) ) { ++ return 0; ++ } ++ le_int32 markClass = markArray->getMarkClass(markArray, markGlyph, markCoverage, fontInstance, markAnchor, success); + le_uint16 mcCount = SWAPW(classCount); + + if (markClass < 0 || markClass >= mcCount) { +@@ -79,7 +82,7 @@ + GlyphIterator ligatureIterator(*glyphIterator, (le_uint16) (lfIgnoreMarks /*| lfIgnoreBaseGlyphs*/)); + LEGlyphID ligatureGlyph = findLigatureGlyph(&ligatureIterator); + le_int32 ligatureCoverage = getBaseCoverage(base, (LEGlyphID) ligatureGlyph, success); +- const LigatureArray *ligatureArray = (const LigatureArray *) ((char *) this + SWAPW(baseArrayOffset)); ++ LEReferenceTo<LigatureArray> ligatureArray(base, success, SWAPW(baseArrayOffset)); + le_uint16 ligatureCount = SWAPW(ligatureArray->ligatureCount); + + if (ligatureCoverage < 0 || ligatureCoverage >= ligatureCount) { +@@ -91,7 +94,7 @@ + + le_int32 markPosition = glyphIterator->getCurrStreamPosition(); + Offset ligatureAttachOffset = SWAPW(ligatureArray->ligatureAttachTableOffsetArray[ligatureCoverage]); +- const LigatureAttachTable *ligatureAttachTable = (const LigatureAttachTable *) ((char *) ligatureArray + ligatureAttachOffset); ++ LEReferenceTo<LigatureAttachTable> ligatureAttachTable(ligatureArray, success, ligatureAttachOffset); + le_int32 componentCount = SWAPW(ligatureAttachTable->componentCount); + le_int32 component = ligatureIterator.getMarkComponent(markPosition); + +@@ -100,12 +103,14 @@ + component = componentCount - 1; + } + +- const ComponentRecord *componentRecord = &ligatureAttachTable->componentRecordArray[component * mcCount]; ++ LEReferenceTo<ComponentRecord> componentRecord(base, success, &ligatureAttachTable->componentRecordArray[component * mcCount]); ++ LEReferenceToArrayOf<Offset> ligatureAnchorTableOffsetArray(base, success, &(componentRecord->ligatureAnchorTableOffsetArray[0]), markClass+1); ++ if( LE_FAILURE(success) ) { return 0; } + Offset anchorTableOffset = SWAPW(componentRecord->ligatureAnchorTableOffsetArray[markClass]); +- const AnchorTable *anchorTable = (const AnchorTable *) ((char *) ligatureAttachTable + anchorTableOffset); ++ LEReferenceTo<AnchorTable> anchorTable(ligatureAttachTable, success, anchorTableOffset); + LEPoint ligatureAnchor, markAdvance, pixels; + +- anchorTable->getAnchor(ligatureGlyph, fontInstance, ligatureAnchor); ++ anchorTable->getAnchor(anchorTable, ligatureGlyph, fontInstance, ligatureAnchor, success); + + fontInstance->getGlyphAdvance(markGlyph, pixels); + fontInstance->pixelsToUnits(pixels, markAdvance); +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/MarkToMarkPosnSubtables.cpp openjdk/jdk/src/share/native/sun/font/layout/MarkToMarkPosnSubtables.cpp +--- openjdk/jdk/src/share/native/sun/font/layout/MarkToMarkPosnSubtables.cpp ++++ openjdk/jdk/src/share/native/sun/font/layout/MarkToMarkPosnSubtables.cpp +@@ -66,8 +66,11 @@ + } + + LEPoint markAnchor; +- const MarkArray *markArray = (const MarkArray *) ((char *) this + SWAPW(markArrayOffset)); +- le_int32 markClass = markArray->getMarkClass(markGlyph, markCoverage, fontInstance, markAnchor); ++ LEReferenceTo<MarkArray> markArray(base, success, SWAPW(markArrayOffset)); ++ if(LE_FAILURE(success)) { ++ return 0; ++ } ++ le_int32 markClass = markArray->getMarkClass(markArray, markGlyph, markCoverage, fontInstance, markAnchor, success); + le_uint16 mcCount = SWAPW(classCount); + + if (markClass < 0 || markClass >= mcCount) { +@@ -79,7 +82,8 @@ + GlyphIterator mark2Iterator(*glyphIterator); + LEGlyphID mark2Glyph = findMark2Glyph(&mark2Iterator); + le_int32 mark2Coverage = getBaseCoverage(base, (LEGlyphID) mark2Glyph, success); +- const Mark2Array *mark2Array = (const Mark2Array *) ((char *) this + SWAPW(baseArrayOffset)); ++ LEReferenceTo<Mark2Array> mark2Array(base, success, (const Mark2Array *) ((char *) this + SWAPW(baseArrayOffset))); ++ if(LE_FAILURE(success)) return 0; + le_uint16 mark2Count = SWAPW(mark2Array->mark2RecordCount); + + if (mark2Coverage < 0 || mark2Coverage >= mark2Count) { +@@ -89,9 +93,11 @@ + return 0; + } + +- const Mark2Record *mark2Record = &mark2Array->mark2RecordArray[mark2Coverage * mcCount]; ++ LEReferenceTo<Mark2Record> mark2Record(base, success, &mark2Array->mark2RecordArray[mark2Coverage * mcCount]); ++ if(LE_FAILURE(success)) return 0; + Offset anchorTableOffset = SWAPW(mark2Record->mark2AnchorTableOffsetArray[markClass]); +- const AnchorTable *anchorTable = (const AnchorTable *) ((char *) mark2Array + anchorTableOffset); ++ LEReferenceTo<AnchorTable> anchorTable(mark2Array, success, anchorTableOffset); ++ if(LE_FAILURE(success)) return 0; + LEPoint mark2Anchor, markAdvance, pixels; + + if (anchorTableOffset == 0) { +@@ -99,7 +105,7 @@ + return 0; + } + +- anchorTable->getAnchor(mark2Glyph, fontInstance, mark2Anchor); ++ anchorTable->getAnchor(anchorTable, mark2Glyph, fontInstance, mark2Anchor, success); + + fontInstance->getGlyphAdvance(markGlyph, pixels); + fontInstance->pixelsToUnits(pixels, markAdvance); +@@ -107,6 +113,8 @@ + float anchorDiffX = mark2Anchor.fX - markAnchor.fX; + float anchorDiffY = mark2Anchor.fY - markAnchor.fY; + ++ _LETRACE("Offset: (%.2f, %.2f) glyph 0x%X mark2 0x%X", anchorDiffX, anchorDiffY, markGlyph, mark2Glyph); ++ + glyphIterator->setCurrGlyphBaseOffset(mark2Iterator.getCurrStreamPosition()); + + if (glyphIterator->isRightToLeft()) { +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/MultipleSubstSubtables.cpp openjdk/jdk/src/share/native/sun/font/layout/MultipleSubstSubtables.cpp +--- openjdk/jdk/src/share/native/sun/font/layout/MultipleSubstSubtables.cpp ++++ openjdk/jdk/src/share/native/sun/font/layout/MultipleSubstSubtables.cpp +@@ -54,9 +54,10 @@ + // FIXME: is this always the right thing to do? + // FIXME: should this only be done for a non-zero + // glyphCount? +- if (filter != NULL && filter->accept(glyph)) { ++ if (filter != NULL && filter->accept(glyph, success)) { + return 0; + } ++ if(LE_FAILURE(success)) return 0; + + le_int32 coverageIndex = getGlyphCoverage(base, glyph, success); + le_uint16 seqCount = SWAPW(sequenceCount); +@@ -67,7 +68,7 @@ + + if (coverageIndex >= 0 && coverageIndex < seqCount) { + Offset sequenceTableOffset = SWAPW(sequenceTableOffsetArray[coverageIndex]); +- const SequenceTable *sequenceTable = (const SequenceTable *) ((char *) this + sequenceTableOffset); ++ LEReferenceTo<SequenceTable> sequenceTable(base, success, sequenceTableOffset); + le_uint16 glyphCount = SWAPW(sequenceTable->glyphCount); + + if (glyphCount == 0) { +@@ -76,7 +77,7 @@ + } else if (glyphCount == 1) { + TTGlyphID substitute = SWAPW(sequenceTable->substituteArray[0]); + +- if (filter != NULL && ! filter->accept(LE_SET_GLYPH(glyph, substitute))) { ++ if (filter != NULL && ! filter->accept(LE_SET_GLYPH(glyph, substitute), success)) { + return 0; + } + +@@ -89,7 +90,7 @@ + for (le_int32 i = 0; i < glyphCount; i += 1) { + TTGlyphID substitute = SWAPW(sequenceTable->substituteArray[i]); + +- if (! filter->accept(substitute)) { ++ if (! filter->accept(substitute, success)) { + return 0; + } + } +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/OpenTypeLayoutEngine.cpp openjdk/jdk/src/share/native/sun/font/layout/OpenTypeLayoutEngine.cpp +--- openjdk/jdk/src/share/native/sun/font/layout/OpenTypeLayoutEngine.cpp ++++ openjdk/jdk/src/share/native/sun/font/layout/OpenTypeLayoutEngine.cpp +@@ -369,6 +369,7 @@ + void OpenTypeLayoutEngine::adjustGlyphPositions(const LEUnicode chars[], le_int32 offset, le_int32 count, le_bool reverse, + LEGlyphStorage &glyphStorage, LEErrorCode &success) + { ++ _LETRACE("OTLE::adjustGPOS"); + if (LE_FAILURE(success)) { + return; + } +@@ -409,14 +410,17 @@ + if (!fGPOSTable.isEmpty()) { + if (fScriptTagV2 != nullScriptTag && + fGPOSTable->coversScriptAndLanguage(fGPOSTable, fScriptTagV2,fLangSysTag,success)) { ++ _LETRACE("OTLE::process [0]"); + fGPOSTable->process(fGPOSTable, glyphStorage, adjustments, reverse, fScriptTagV2, fLangSysTag, + fGDEFTable, success, fFontInstance, fFeatureMap, fFeatureMapCount, fFeatureOrder); + + } else { ++ _LETRACE("OTLE::process [1]"); + fGPOSTable->process(fGPOSTable, glyphStorage, adjustments, reverse, fScriptTag, fLangSysTag, + fGDEFTable, success, fFontInstance, fFeatureMap, fFeatureMapCount, fFeatureOrder); + } + } else if (fTypoFlags & LE_Kerning_FEATURE_FLAG) { /* kerning enabled */ ++ _LETRACE("OTLE::kerning"); + LETableReference kernTable(fFontInstance, LE_KERN_TABLE_TAG, success); + KernTable kt(kernTable, success); + kt.process(glyphStorage, success); +@@ -445,6 +449,7 @@ + + xPlacement = fFontInstance->xUnitsToPoints(xPlacement); + yPlacement = fFontInstance->yUnitsToPoints(yPlacement); ++ _LETRACE("OTLE GPOS: #%d, (%.2f,%.2f)", i, xPlacement, yPlacement); + glyphStorage.adjustPosition(i, xAdjust + xPlacement, -(yAdjust + yPlacement), success); + + xAdjust += fFontInstance->xUnitsToPoints(xAdvance); +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/OpenTypeUtilities.h openjdk/jdk/src/share/native/sun/font/layout/OpenTypeUtilities.h +--- openjdk/jdk/src/share/native/sun/font/layout/OpenTypeUtilities.h ++++ openjdk/jdk/src/share/native/sun/font/layout/OpenTypeUtilities.h +@@ -46,15 +46,14 @@ + public: + static le_int8 highBit(le_int32 value); + static Offset getTagOffset(LETag tag, const LEReferenceToArrayOf<TagAndOffsetRecord> &records, LEErrorCode &success); +- /** +- * @deprecated TODO remove +- */ ++#if LE_ENABLE_RAW + static le_int32 getGlyphRangeIndex(TTGlyphID glyphID, const GlyphRangeRecord *records, le_int32 recordCount) { + LEErrorCode success = LE_NO_ERROR; + LETableReference recordRef0((const le_uint8*)records); + LEReferenceToArrayOf<GlyphRangeRecord> recordRef(recordRef0, success, (size_t)0, recordCount); + return getGlyphRangeIndex(glyphID, recordRef, success); + } ++#endif + static le_int32 getGlyphRangeIndex(TTGlyphID glyphID, const LEReferenceToArrayOf<GlyphRangeRecord> &records, LEErrorCode &success); + static le_int32 search(le_uint16 value, const le_uint16 array[], le_int32 count); + static le_int32 search(le_uint32 value, const le_uint32 array[], le_int32 count); +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/PairPositioningSubtables.cpp openjdk/jdk/src/share/native/sun/font/layout/PairPositioningSubtables.cpp +--- openjdk/jdk/src/share/native/sun/font/layout/PairPositioningSubtables.cpp ++++ openjdk/jdk/src/share/native/sun/font/layout/PairPositioningSubtables.cpp +@@ -76,19 +76,17 @@ + { + LEGlyphID firstGlyph = glyphIterator->getCurrGlyphID(); + le_int32 coverageIndex = getGlyphCoverage(base, firstGlyph, success); +- +- if (LE_FAILURE(success)) { +- return 0; +- } + GlyphIterator tempIterator(*glyphIterator); + +- if (coverageIndex >= 0 && glyphIterator->next()) { ++ LEReferenceToArrayOf<Offset> pairSetTableOffsetArrayRef(base, success, pairSetTableOffsetArray, SWAPW(pairSetCount)); ++ ++ if (LE_SUCCESS(success) && coverageIndex >= 0 && glyphIterator->next() && (le_uint32)coverageIndex < pairSetTableOffsetArrayRef.getCount()) { + Offset pairSetTableOffset = SWAPW(pairSetTableOffsetArray[coverageIndex]); +- LEReferenceTo<PairSetTable> pairSetTable(base, success, ((char *) this + pairSetTableOffset)); +- if (LE_FAILURE(success)) { +- return 0; +- } ++ LEReferenceTo<PairSetTable> pairSetTable(base, success, pairSetTableOffset); ++ if( LE_FAILURE(success) ) return 0; + le_uint16 pairValueCount = SWAPW(pairSetTable->pairValueCount); ++ LEReferenceTo<PairValueRecord> pairValueRecordArray(pairSetTable, success, pairSetTable->pairValueRecordArray); ++ if( LE_FAILURE(success) ) return 0; + le_int16 valueRecord1Size = ValueRecord::getSize(SWAPW(valueFormat1)); + le_int16 valueRecord2Size = ValueRecord::getSize(SWAPW(valueFormat2)); + le_int16 recordSize = sizeof(PairValueRecord) - sizeof(ValueRecord) + valueRecord1Size + valueRecord2Size; +@@ -96,21 +94,22 @@ + LEReferenceTo<PairValueRecord> pairValueRecord; + + if (pairValueCount != 0) { +- pairValueRecord = findPairValueRecord(base, (TTGlyphID) LE_GET_GLYPH(secondGlyph), pairSetTable->pairValueRecordArray, pairValueCount, recordSize, success); ++ pairValueRecord = findPairValueRecord((TTGlyphID) LE_GET_GLYPH(secondGlyph), pairValueRecordArray, pairValueCount, recordSize, success); + } + +- if (pairValueRecord.isEmpty()) { ++ if (pairValueRecord.isEmpty() || LE_FAILURE(success)) { + return 0; + } + + if (valueFormat1 != 0) { +- pairValueRecord->valueRecord1.adjustPosition(SWAPW(valueFormat1), (char *) this, tempIterator, fontInstance); ++ pairValueRecord->valueRecord1.adjustPosition(SWAPW(valueFormat1), base, tempIterator, fontInstance, success); + } + + if (valueFormat2 != 0) { +- const ValueRecord *valueRecord2 = (const ValueRecord *) ((char *) &pairValueRecord->valueRecord1 + valueRecord1Size); +- +- valueRecord2->adjustPosition(SWAPW(valueFormat2), (char *) this, *glyphIterator, fontInstance); ++ LEReferenceTo<ValueRecord> valueRecord2(base, success, ((char *) &pairValueRecord->valueRecord1 + valueRecord1Size)); ++ if(LE_SUCCESS(success)) { ++ valueRecord2->adjustPosition(SWAPW(valueFormat2), base, *glyphIterator, fontInstance, success); ++ } + } + + // back up glyphIterator so second glyph can be +@@ -135,26 +134,28 @@ + + if (coverageIndex >= 0 && glyphIterator->next()) { + LEGlyphID secondGlyph = glyphIterator->getCurrGlyphID(); +- const ClassDefinitionTable *classDef1 = (const ClassDefinitionTable *) ((char *) this + SWAPW(classDef1Offset)); +- const ClassDefinitionTable *classDef2 = (const ClassDefinitionTable *) ((char *) this + SWAPW(classDef2Offset)); +- le_int32 class1 = classDef1->getGlyphClass(firstGlyph); +- le_int32 class2 = classDef2->getGlyphClass(secondGlyph); ++ const LEReferenceTo<ClassDefinitionTable> classDef1(base, success, SWAPW(classDef1Offset)); ++ const LEReferenceTo<ClassDefinitionTable> classDef2(base, success, SWAPW(classDef2Offset)); ++ le_int32 class1 = classDef1->getGlyphClass(classDef1, firstGlyph, success); ++ le_int32 class2 = classDef2->getGlyphClass(classDef2, secondGlyph, success); + le_int16 valueRecord1Size = ValueRecord::getSize(SWAPW(valueFormat1)); + le_int16 valueRecord2Size = ValueRecord::getSize(SWAPW(valueFormat2)); + le_int16 class2RecordSize = valueRecord1Size + valueRecord2Size; + le_int16 class1RecordSize = class2RecordSize * SWAPW(class2Count); +- const Class1Record *class1Record = (const Class1Record *) ((char *) class1RecordArray + (class1RecordSize * class1)); +- const Class2Record *class2Record = (const Class2Record *) ((char *) class1Record->class2RecordArray + (class2RecordSize * class2)); ++ const LEReferenceTo<Class1Record> class1Record(base, success, (const Class1Record *) ((char *) class1RecordArray + (class1RecordSize * class1))); ++ const LEReferenceTo<Class2Record> class2Record(base, success, (const Class2Record *) ((char *) class1Record->class2RecordArray + (class2RecordSize * class2))); + +- ++ if( LE_SUCCESS(success) ) { + if (valueFormat1 != 0) { +- class2Record->valueRecord1.adjustPosition(SWAPW(valueFormat1), (char *) this, tempIterator, fontInstance); ++ class2Record->valueRecord1.adjustPosition(SWAPW(valueFormat1), base, tempIterator, fontInstance, success); + } +- + if (valueFormat2 != 0) { +- const ValueRecord *valueRecord2 = (const ValueRecord *) ((char *) &class2Record->valueRecord1 + valueRecord1Size); +- +- valueRecord2->adjustPosition(SWAPW(valueFormat2), (const char *) this, *glyphIterator, fontInstance); ++ const LEReferenceTo<ValueRecord> valueRecord2(base, success, ((char *) &class2Record->valueRecord1) + valueRecord1Size); ++ LEReferenceTo<PairPositioningFormat2Subtable> thisRef(base, success, this); ++ if(LE_SUCCESS(success)) { ++ valueRecord2->adjustPosition(SWAPW(valueFormat2), thisRef, *glyphIterator, fontInstance, success); ++ } ++ } + } + + // back up glyphIterator so second glyph can be +@@ -166,23 +167,24 @@ + return 0; + } + +-LEReferenceTo<PairValueRecord> PairPositioningFormat1Subtable::findPairValueRecord(const LETableReference &base, TTGlyphID glyphID, const PairValueRecord *records, le_uint16 recordCount, le_uint16 recordSize, LEErrorCode &success) const ++LEReferenceTo<PairValueRecord> ++PairPositioningFormat1Subtable::findPairValueRecord(TTGlyphID glyphID, LEReferenceTo<PairValueRecord>& records, ++ le_uint16 recordCount, ++ le_uint16 recordSize, LEErrorCode &success) const + { + #if 1 + // The OpenType spec. says that the ValueRecord table is + // sorted by secondGlyph. Unfortunately, there are fonts + // around that have an unsorted ValueRecord table. +- LEReferenceTo<PairValueRecord> record(base, success, records); +- record.verifyLength(0, recordSize, success); ++ LEReferenceTo<PairValueRecord> record(records); + + for(le_int32 r = 0; r < recordCount; r += 1) { +- if (LE_FAILURE(success)) return (const PairValueRecord*)NULL; ++ if(LE_FAILURE(success)) return LEReferenceTo<PairValueRecord>(); + if (SWAPW(record->secondGlyph) == glyphID) { + return record; + } + +- record = LEReferenceTo<PairValueRecord>(base, success, ((const char*)record.getAlias())+ recordSize); +- record.verifyLength(0, recordSize, success); ++ record.addOffset(recordSize, success); + } + #else + #error dead code - not updated. +@@ -211,7 +213,7 @@ + } + #endif + +- return (const PairValueRecord*)NULL; ++ return LEReferenceTo<PairValueRecord>(); + } + + U_NAMESPACE_END +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/PairPositioningSubtables.h openjdk/jdk/src/share/native/sun/font/layout/PairPositioningSubtables.h +--- openjdk/jdk/src/share/native/sun/font/layout/PairPositioningSubtables.h ++++ openjdk/jdk/src/share/native/sun/font/layout/PairPositioningSubtables.h +@@ -77,9 +77,8 @@ + le_uint32 process(const LEReferenceTo<PairPositioningFormat1Subtable> &base, GlyphIterator *glyphIterator, const LEFontInstance *fontInstance, LEErrorCode &success) const; + + private: +- LEReferenceTo<PairValueRecord> findPairValueRecord(const LETableReference &base, TTGlyphID glyphID, const PairValueRecord *records, ++ LEReferenceTo<PairValueRecord> findPairValueRecord(TTGlyphID glyphID, LEReferenceTo<PairValueRecord> &records, + le_uint16 recordCount, le_uint16 recordSize, LEErrorCode &success) const; +- + }; + LE_VAR_ARRAY(PairPositioningFormat1Subtable, pairSetTableOffsetArray) + +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/ScriptAndLanguage.cpp openjdk/jdk/src/share/native/sun/font/layout/ScriptAndLanguage.cpp +--- openjdk/jdk/src/share/native/sun/font/layout/ScriptAndLanguage.cpp ++++ openjdk/jdk/src/share/native/sun/font/layout/ScriptAndLanguage.cpp +@@ -106,7 +106,8 @@ + } + } else { + LEReferenceToArrayOf<ScriptRecord> scriptRecordArrayRef(base, success, &scriptRecordArray[0], count); +- scriptTableOffset = OpenTypeUtilities::getTagOffset(scriptTag, scriptRecordArrayRef, success); // TODO ++ ++ scriptTableOffset = OpenTypeUtilities::getTagOffset(scriptTag, scriptRecordArrayRef, success); + } + + if (scriptTableOffset != 0) { +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/ScriptAndLanguageTags.cpp openjdk/jdk/src/share/native/sun/font/layout/ScriptAndLanguageTags.cpp +--- openjdk/jdk/src/share/native/sun/font/layout/ScriptAndLanguageTags.cpp ++++ openjdk/jdk/src/share/native/sun/font/layout/ScriptAndLanguageTags.cpp +@@ -126,13 +126,13 @@ + linaScriptTag, /* 'lina' (LINA) */ + mandScriptTag, /* 'mand' (MANDAIC) */ + mayaScriptTag, /* 'maya' (MAYA) */ +- meroScriptTag, /* 'mero' (MERO) */ ++ meroScriptTag, /* 'mero' (MEROITIC_HIEROGLYPHS) */ + nkooScriptTag, /* 'nko ' (NKO) */ + orkhScriptTag, /* 'orkh' (OLD_TURKIC) */ + permScriptTag, /* 'perm' (PERM) */ + phagScriptTag, /* 'phag' (PHAGS_PA) */ + phnxScriptTag, /* 'phnx' (PHOENICIAN) */ +- plrdScriptTag, /* 'plrd' (PLRD) */ ++ plrdScriptTag, /* 'plrd' (MIAO/POLLARD) */ + roroScriptTag, /* 'roro' (RORO) */ + saraScriptTag, /* 'sara' (SARA) */ + syreScriptTag, /* 'syre' (SYRE) */ +@@ -158,7 +158,7 @@ + mteiScriptTag, /* 'mtei' (MEETEI_MAYEK) */ + armiScriptTag, /* 'armi' (IMPERIAL_ARAMAIC) */ + avstScriptTag, /* 'avst' (AVESTAN) */ +- cakmScriptTag, /* 'cakm' (CAKM) */ ++ cakmScriptTag, /* 'cakm' (CHAKMA) */ + koreScriptTag, /* 'kore' (KORE) */ + kthiScriptTag, /* 'kthi' (KAITHI) */ + maniScriptTag, /* 'mani' (MANI) */ +@@ -181,7 +181,7 @@ + kpelScriptTag, /* 'kpel' (KPEL) */ + lomaScriptTag, /* 'loma' (LOMA) */ + mendScriptTag, /* 'mend' (MEND) */ +- mercScriptTag, /* 'merc' (MERC) */ ++ mercScriptTag, /* 'merc' (MEROITIC_CURSIVE) */ + narbScriptTag, /* 'narb' (NARB) */ + nbatScriptTag, /* 'nbat' (NBAT) */ + palmScriptTag, /* 'palm' (PALM) */ +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/ScriptAndLanguageTags.h openjdk/jdk/src/share/native/sun/font/layout/ScriptAndLanguageTags.h +--- openjdk/jdk/src/share/native/sun/font/layout/ScriptAndLanguageTags.h ++++ openjdk/jdk/src/share/native/sun/font/layout/ScriptAndLanguageTags.h +@@ -140,13 +140,13 @@ + const LETag linaScriptTag = 0x6C696E61; /* 'lina' (LINA) */ + const LETag mandScriptTag = 0x6D616E64; /* 'mand' (MANDAIC) */ + const LETag mayaScriptTag = 0x6D617961; /* 'maya' (MAYA) */ +-const LETag meroScriptTag = 0x6D65726F; /* 'mero' (MERO) */ ++const LETag meroScriptTag = 0x6D65726F; /* 'mero' (MEROITIC_HIEROGLYPHS) */ + const LETag nkooScriptTag = 0x6E6B6F20; /* 'nko ' (NKO) */ + const LETag orkhScriptTag = 0x6F726B68; /* 'orkh' (OLD_TURKIC) */ + const LETag permScriptTag = 0x7065726D; /* 'perm' (PERM) */ + const LETag phagScriptTag = 0x70686167; /* 'phag' (PHAGS_PA) */ + const LETag phnxScriptTag = 0x70686E78; /* 'phnx' (PHOENICIAN) */ +-const LETag plrdScriptTag = 0x706C7264; /* 'plrd' (PLRD) */ ++const LETag plrdScriptTag = 0x706C7264; /* 'plrd' (MIAO) */ + const LETag roroScriptTag = 0x726F726F; /* 'roro' (RORO) */ + const LETag saraScriptTag = 0x73617261; /* 'sara' (SARA) */ + const LETag syreScriptTag = 0x73797265; /* 'syre' (SYRE) */ +@@ -172,7 +172,7 @@ + const LETag mteiScriptTag = 0x6D746569; /* 'mtei' (MEETEI_MAYEK) */ + const LETag armiScriptTag = 0x61726D69; /* 'armi' (IMPERIAL_ARAMAIC) */ + const LETag avstScriptTag = 0x61767374; /* 'avst' (AVESTAN) */ +-const LETag cakmScriptTag = 0x63616B6D; /* 'cakm' (CAKM) */ ++const LETag cakmScriptTag = 0x63616B6D; /* 'cakm' (CHAKMA) */ + const LETag koreScriptTag = 0x6B6F7265; /* 'kore' (KORE) */ + const LETag kthiScriptTag = 0x6B746869; /* 'kthi' (KAITHI) */ + const LETag maniScriptTag = 0x6D616E69; /* 'mani' (MANI) */ +@@ -195,7 +195,7 @@ + const LETag kpelScriptTag = 0x6B70656C; /* 'kpel' (KPEL) */ + const LETag lomaScriptTag = 0x6C6F6D61; /* 'loma' (LOMA) */ + const LETag mendScriptTag = 0x6D656E64; /* 'mend' (MEND) */ +-const LETag mercScriptTag = 0x6D657263; /* 'merc' (MERC) */ ++const LETag mercScriptTag = 0x6D657263; /* 'merc' (MEROITIC_CURSIVE) */ + const LETag narbScriptTag = 0x6E617262; /* 'narb' (NARB) */ + const LETag nbatScriptTag = 0x6E626174; /* 'nbat' (NBAT) */ + const LETag palmScriptTag = 0x70616C6D; /* 'palm' (PALM) */ +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/SinglePositioningSubtables.cpp openjdk/jdk/src/share/native/sun/font/layout/SinglePositioningSubtables.cpp +--- openjdk/jdk/src/share/native/sun/font/layout/SinglePositioningSubtables.cpp ++++ openjdk/jdk/src/share/native/sun/font/layout/SinglePositioningSubtables.cpp +@@ -75,7 +75,7 @@ + } + + if (coverageIndex >= 0) { +- valueRecord.adjustPosition(SWAPW(valueFormat), (const char *) this, *glyphIterator, fontInstance); ++ valueRecord.adjustPosition(SWAPW(valueFormat), base, *glyphIterator, fontInstance, success); + + return 1; + } +@@ -92,7 +92,7 @@ + } + + if (coverageIndex >= 0) { +- valueRecordArray[0].adjustPosition(coverageIndex, SWAPW(valueFormat), (const char *) this, *glyphIterator, fontInstance); ++ valueRecordArray[0].adjustPosition(coverageIndex, SWAPW(valueFormat), base, *glyphIterator, fontInstance, success); + + return 1; + } +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/SingleSubstitutionSubtables.cpp openjdk/jdk/src/share/native/sun/font/layout/SingleSubstitutionSubtables.cpp +--- openjdk/jdk/src/share/native/sun/font/layout/SingleSubstitutionSubtables.cpp ++++ openjdk/jdk/src/share/native/sun/font/layout/SingleSubstitutionSubtables.cpp +@@ -76,7 +76,7 @@ + if (coverageIndex >= 0) { + TTGlyphID substitute = ((TTGlyphID) LE_GET_GLYPH(glyph)) + SWAPW(deltaGlyphID); + +- if (filter == NULL || filter->accept(LE_SET_GLYPH(glyph, substitute))) { ++ if (filter == NULL || filter->accept(LE_SET_GLYPH(glyph, substitute), success)) { + glyphIterator->setCurrGlyphID(substitute); + } + +@@ -97,7 +97,7 @@ + if (coverageIndex >= 0) { + TTGlyphID substitute = SWAPW(substituteArray[coverageIndex]); + +- if (filter == NULL || filter->accept(LE_SET_GLYPH(glyph, substitute))) { ++ if (filter == NULL || filter->accept(LE_SET_GLYPH(glyph, substitute), success)) { + glyphIterator->setCurrGlyphID(substitute); + } + +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/TibetanReordering.h openjdk/jdk/src/share/native/sun/font/layout/TibetanReordering.h +--- openjdk/jdk/src/share/native/sun/font/layout/TibetanReordering.h ++++ openjdk/jdk/src/share/native/sun/font/layout/TibetanReordering.h +@@ -39,7 +39,7 @@ + */ + + #ifndef __TIBETANREORDERING_H +-#define __TIBETANORDERING_H ++#define __TIBETANREORDERING_H + + /** + * \file +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/ValueRecords.cpp openjdk/jdk/src/share/native/sun/font/layout/ValueRecords.cpp +--- openjdk/jdk/src/share/native/sun/font/layout/ValueRecords.cpp ++++ openjdk/jdk/src/share/native/sun/font/layout/ValueRecords.cpp +@@ -59,8 +59,8 @@ + return SWAPW(value); + } + +-void ValueRecord::adjustPosition(ValueFormat valueFormat, const char *base, GlyphIterator &glyphIterator, +- const LEFontInstance *fontInstance) const ++void ValueRecord::adjustPosition(ValueFormat valueFormat, const LETableReference& base, GlyphIterator &glyphIterator, ++ const LEFontInstance *fontInstance, LEErrorCode &success) const + { + float xPlacementAdjustment = 0; + float yPlacementAdjustment = 0; +@@ -118,8 +118,8 @@ + Offset dtOffset = getFieldValue(valueFormat, vrfXPlaDevice); + + if (dtOffset != 0) { +- const DeviceTable *dt = (const DeviceTable *) (base + dtOffset); +- le_int16 xAdj = dt->getAdjustment(xppem); ++ LEReferenceTo<DeviceTable> dt(base, success, dtOffset); ++ le_int16 xAdj = dt->getAdjustment(dt, xppem, success); + + xPlacementAdjustment += fontInstance->xPixelsToUnits(xAdj); + } +@@ -129,8 +129,8 @@ + Offset dtOffset = getFieldValue(valueFormat, vrfYPlaDevice); + + if (dtOffset != 0) { +- const DeviceTable *dt = (const DeviceTable *) (base + dtOffset); +- le_int16 yAdj = dt->getAdjustment(yppem); ++ LEReferenceTo<DeviceTable> dt(base, success, dtOffset); ++ le_int16 yAdj = dt->getAdjustment(dt, yppem, success); + + yPlacementAdjustment += fontInstance->yPixelsToUnits(yAdj); + } +@@ -140,8 +140,8 @@ + Offset dtOffset = getFieldValue(valueFormat, vrfXAdvDevice); + + if (dtOffset != 0) { +- const DeviceTable *dt = (const DeviceTable *) (base + dtOffset); +- le_int16 xAdj = dt->getAdjustment(xppem); ++ LEReferenceTo<DeviceTable> dt(base, success, dtOffset); ++ le_int16 xAdj = dt->getAdjustment(dt, xppem, success); + + xAdvanceAdjustment += fontInstance->xPixelsToUnits(xAdj); + } +@@ -151,8 +151,8 @@ + Offset dtOffset = getFieldValue(valueFormat, vrfYAdvDevice); + + if (dtOffset != 0) { +- const DeviceTable *dt = (const DeviceTable *) (base + dtOffset); +- le_int16 yAdj = dt->getAdjustment(yppem); ++ LEReferenceTo<DeviceTable> dt(base, success, dtOffset); ++ le_int16 yAdj = dt->getAdjustment(dt, yppem, success); + + yAdvanceAdjustment += fontInstance->yPixelsToUnits(yAdj); + } +@@ -163,8 +163,8 @@ + xPlacementAdjustment, yPlacementAdjustment, xAdvanceAdjustment, yAdvanceAdjustment); + } + +-void ValueRecord::adjustPosition(le_int16 index, ValueFormat valueFormat, const char *base, GlyphIterator &glyphIterator, +- const LEFontInstance *fontInstance) const ++void ValueRecord::adjustPosition(le_int16 index, ValueFormat valueFormat, const LETableReference& base, GlyphIterator &glyphIterator, ++ const LEFontInstance *fontInstance, LEErrorCode &success) const + { + float xPlacementAdjustment = 0; + float yPlacementAdjustment = 0; +@@ -222,8 +222,8 @@ + Offset dtOffset = getFieldValue(index, valueFormat, vrfXPlaDevice); + + if (dtOffset != 0) { +- const DeviceTable *dt = (const DeviceTable *) (base + dtOffset); +- le_int16 xAdj = dt->getAdjustment(xppem); ++ LEReferenceTo<DeviceTable> dt(base, success, dtOffset); ++ le_int16 xAdj = dt->getAdjustment(dt, xppem, success); + + xPlacementAdjustment += fontInstance->xPixelsToUnits(xAdj); + } +@@ -233,8 +233,8 @@ + Offset dtOffset = getFieldValue(index, valueFormat, vrfYPlaDevice); + + if (dtOffset != 0) { +- const DeviceTable *dt = (const DeviceTable *) (base + dtOffset); +- le_int16 yAdj = dt->getAdjustment(yppem); ++ LEReferenceTo<DeviceTable> dt(base, success, dtOffset); ++ le_int16 yAdj = dt->getAdjustment(dt, yppem, success); + + yPlacementAdjustment += fontInstance->yPixelsToUnits(yAdj); + } +@@ -244,8 +244,8 @@ + Offset dtOffset = getFieldValue(index, valueFormat, vrfXAdvDevice); + + if (dtOffset != 0) { +- const DeviceTable *dt = (const DeviceTable *) (base + dtOffset); +- le_int16 xAdj = dt->getAdjustment(xppem); ++ LEReferenceTo<DeviceTable> dt(base, success, dtOffset); ++ le_int16 xAdj = dt->getAdjustment(dt, xppem, success); + + xAdvanceAdjustment += fontInstance->xPixelsToUnits(xAdj); + } +@@ -255,8 +255,8 @@ + Offset dtOffset = getFieldValue(index, valueFormat, vrfYAdvDevice); + + if (dtOffset != 0) { +- const DeviceTable *dt = (const DeviceTable *) (base + dtOffset); +- le_int16 yAdj = dt->getAdjustment(yppem); ++ LEReferenceTo<DeviceTable> dt(base, success, dtOffset); ++ le_int16 yAdj = dt->getAdjustment(dt, yppem, success); + + yAdvanceAdjustment += fontInstance->yPixelsToUnits(yAdj); + } +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/ValueRecords.h openjdk/jdk/src/share/native/sun/font/layout/ValueRecords.h +--- openjdk/jdk/src/share/native/sun/font/layout/ValueRecords.h ++++ openjdk/jdk/src/share/native/sun/font/layout/ValueRecords.h +@@ -53,10 +53,10 @@ + + le_int16 getFieldValue(ValueFormat valueFormat, ValueRecordField field) const; + le_int16 getFieldValue(le_int16 index, ValueFormat valueFormat, ValueRecordField field) const; +- void adjustPosition(ValueFormat valueFormat, const char *base, GlyphIterator &glyphIterator, +- const LEFontInstance *fontInstance) const; +- void adjustPosition(le_int16 index, ValueFormat valueFormat, const char *base, GlyphIterator &glyphIterator, +- const LEFontInstance *fontInstance) const; ++ void adjustPosition(ValueFormat valueFormat, const LETableReference &base, GlyphIterator &glyphIterator, ++ const LEFontInstance *fontInstance, LEErrorCode &success) const; ++ void adjustPosition(le_int16 index, ValueFormat valueFormat, const LETableReference &base, GlyphIterator &glyphIterator, ++ const LEFontInstance *fontInstance, LEErrorCode &success) const; + + static le_int16 getSize(ValueFormat valueFormat); +
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/20140114/8024867-logging.patch Wed Jan 15 12:52:12 2014 -0500 @@ -0,0 +1,44 @@ +# HG changeset patch +# User dfuchs +# Date 1381140562 -7200 +# Mon Oct 07 12:09:22 2013 +0200 +# Node ID 8ddfc847b88227282606279c3ae76089fb0efae5 +# Parent 16e444c32915fcf9ec46b2c15d455c220ddc9085 +8024867: Enhance logging start up +Reviewed-by: mchung, hawtin + +diff -Nru openjdk/jdk/src/share/classes/java/util/logging/LogManager.java openjdk/jdk/src/share/classes/java/util/logging/LogManager.java +--- openjdk/jdk/src/share/classes/java/util/logging/LogManager.java ++++ openjdk/jdk/src/share/classes/java/util/logging/LogManager.java +@@ -240,6 +240,11 @@ + * retrieved by calling Logmanager.getLogManager. + */ + protected LogManager() { ++ this(checkSubclassPermissions()); ++ } ++ ++ private LogManager(Void checked) { ++ + // Add a shutdown hook to close the global handlers. + try { + Runtime.getRuntime().addShutdownHook(new Cleaner()); +@@ -249,6 +254,19 @@ + } + } + ++ private static Void checkSubclassPermissions() { ++ final SecurityManager sm = System.getSecurityManager(); ++ if (sm != null) { ++ // These permission will be checked in the LogManager constructor, ++ // in order to register the Cleaner() thread as a shutdown hook. ++ // Check them here to avoid the penalty of constructing the object ++ // etc... ++ sm.checkPermission(new RuntimePermission("shutdownHooks")); ++ sm.checkPermission(new RuntimePermission("setContextClassLoader")); ++ } ++ return null; ++ } ++ + /** + * Return the global LogManager object. + */
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/20140114/8025014-security_policy.patch Wed Jan 15 12:52:12 2014 -0500 @@ -0,0 +1,185 @@ +# HG changeset patch +# User weijun +# Date 1381975122 -28800 +# Thu Oct 17 09:58:42 2013 +0800 +# Node ID 1e92cb43dce5042f47d8500057396ff48ab4e143 +# Parent e82fe533fa3135e25baedef06dec60324a44229b +8025014: Enhance Security Policy +6727821: Enhance JAAS Configuration +Reviewed-by: xuelei, hawtin + +diff -Nru openjdk/jdk/src/share/classes/javax/security/auth/Policy.java openjdk/jdk/src/share/classes/javax/security/auth/Policy.java +--- openjdk/jdk/src/share/classes/javax/security/auth/Policy.java ++++ openjdk/jdk/src/share/classes/javax/security/auth/Policy.java +@@ -26,6 +26,9 @@ + package javax.security.auth; + + import java.security.Security; ++import java.security.AccessController; ++import java.security.PrivilegedAction; ++import java.security.PrivilegedExceptionAction; + import sun.security.util.Debug; + + /** +@@ -160,21 +163,14 @@ + public abstract class Policy { + + private static Policy policy; +- private static ClassLoader contextClassLoader; ++ ++ private final java.security.AccessControlContext acc = ++ java.security.AccessController.getContext(); + + // true if a custom (not com.sun.security.auth.PolicyFile) system-wide + // policy object is set + private static boolean isCustomPolicy; + +- static { +- contextClassLoader = java.security.AccessController.doPrivileged +- (new java.security.PrivilegedAction<ClassLoader>() { +- public ClassLoader run() { +- return Thread.currentThread().getContextClassLoader(); +- } +- }); +- }; +- + /** + * Sole constructor. (For invocation by subclass constructors, typically + * implicit.) +@@ -217,8 +213,8 @@ + + if (policy == null) { + String policy_class = null; +- policy_class = java.security.AccessController.doPrivileged +- (new java.security.PrivilegedAction<String>() { ++ policy_class = AccessController.doPrivileged ++ (new PrivilegedAction<String>() { + public String run() { + return java.security.Security.getProperty + ("auth.policy.provider"); +@@ -230,19 +226,31 @@ + + try { + final String finalClass = policy_class; +- policy = java.security.AccessController.doPrivileged +- (new java.security.PrivilegedExceptionAction<Policy>() { +- public Policy run() throws ClassNotFoundException, +- InstantiationException, +- IllegalAccessException { +- return (Policy) Class.forName +- (finalClass, +- true, +- contextClassLoader).newInstance(); +- } +- }); +- isCustomPolicy = +- !finalClass.equals("com.sun.security.auth.PolicyFile"); ++ final Policy untrustedImpl = AccessController.doPrivileged( ++ new PrivilegedExceptionAction<Policy>() { ++ public Policy run() throws ClassNotFoundException, ++ InstantiationException, ++ IllegalAccessException { ++ Class<? extends Policy> implClass = Class.forName( ++ finalClass, false, ++ Thread.currentThread().getContextClassLoader() ++ ).asSubclass(Policy.class); ++ return implClass.newInstance(); ++ } ++ }); ++ if (untrustedImpl.acc == null) { ++ throw new NullPointerException(); ++ } ++ AccessController.doPrivileged( ++ new PrivilegedExceptionAction<Void>() { ++ public Void run() { ++ setPolicy(untrustedImpl); ++ isCustomPolicy = ++ !finalClass.equals("com.sun.security.auth.PolicyFile"); ++ return null; ++ } ++ }, untrustedImpl.acc ++ ); + } catch (Exception e) { + throw new SecurityException + (sun.security.util.ResourcesMgr.getString +diff -Nru openjdk/jdk/src/share/classes/javax/security/auth/login/Configuration.java openjdk/jdk/src/share/classes/javax/security/auth/login/Configuration.java +--- openjdk/jdk/src/share/classes/javax/security/auth/login/Configuration.java ++++ openjdk/jdk/src/share/classes/javax/security/auth/login/Configuration.java +@@ -27,9 +27,6 @@ + + import javax.security.auth.AuthPermission; + +-import java.io.*; +-import java.util.*; +-import java.net.URI; + import java.security.AccessController; + import java.security.PrivilegedAction; + import java.security.PrivilegedExceptionAction; +@@ -38,7 +35,6 @@ + import java.security.NoSuchProviderException; + import java.security.Provider; + import java.security.Security; +-import java.security.SecurityPermission; + + import sun.security.jca.GetInstance; + +@@ -194,16 +190,9 @@ + public abstract class Configuration { + + private static Configuration configuration; +- private static ClassLoader contextClassLoader; + +- static { +- contextClassLoader = AccessController.doPrivileged +- (new PrivilegedAction<ClassLoader>() { +- public ClassLoader run() { +- return Thread.currentThread().getContextClassLoader(); +- } +- }); +- }; ++ private final java.security.AccessControlContext acc = ++ java.security.AccessController.getContext(); + + private static void checkPermission(String type) { + SecurityManager sm = System.getSecurityManager(); +@@ -256,17 +245,29 @@ + + try { + final String finalClass = config_class; +- configuration = AccessController.doPrivileged +- (new PrivilegedExceptionAction<Configuration>() { +- public Configuration run() throws ClassNotFoundException, +- InstantiationException, +- IllegalAccessException { +- return (Configuration)Class.forName +- (finalClass, +- true, +- contextClassLoader).newInstance(); +- } +- }); ++ final Configuration untrustedImpl = AccessController.doPrivileged( ++ new PrivilegedExceptionAction<Configuration>() { ++ public Configuration run() throws ClassNotFoundException, ++ InstantiationException, ++ IllegalAccessException { ++ Class<? extends Configuration> implClass = Class.forName( ++ finalClass, false, ++ Thread.currentThread().getContextClassLoader() ++ ).asSubclass(Configuration.class); ++ return implClass.newInstance(); ++ } ++ }); ++ if (untrustedImpl.acc == null) { ++ throw new NullPointerException(); ++ } ++ AccessController.doPrivileged( ++ new PrivilegedExceptionAction<Void>() { ++ public Void run() { ++ setConfiguration(untrustedImpl); ++ return null; ++ } ++ }, untrustedImpl.acc ++ ); + } catch (PrivilegedActionException e) { + Exception ee = e.getException(); + if (ee instanceof InstantiationException) {
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/20140114/8025018-jaxp_setup.patch Wed Jan 15 12:52:12 2014 -0500 @@ -0,0 +1,58 @@ +# HG changeset patch +# User joehw +# Date 1382471973 25200 +# Tue Oct 22 12:59:33 2013 -0700 +# Node ID 1502dbf19fe21111593ee0d88f262d0cfd9b359a +# Parent 5411e32abf0cf41f4358be4ef3ae4e54c9404506 +8025018: Enhance JAX-P set up +Reviewed-by: alanb, dfuchs, lancea, ahgross + +diff -Nru openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xalan/internal/lib/ExsltStrings.java openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xalan/internal/lib/ExsltStrings.java +--- openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xalan/internal/lib/ExsltStrings.java ++++ openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xalan/internal/lib/ExsltStrings.java +@@ -52,6 +52,8 @@ + */ + public class ExsltStrings extends ExsltBase + { ++ static final String JDK_DEFAULT_DOM = "com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderFactoryImpl"; ++ + /** + * The str:align function aligns a string within another string. + * <p> +@@ -343,7 +345,11 @@ + static { + try + { +- m_doc =DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument(); ++ if (System.getSecurityManager() == null) { ++ m_doc = DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument(); ++ } else { ++ m_doc = DocumentBuilderFactory.newInstance(JDK_DEFAULT_DOM, null).newDocumentBuilder().newDocument(); ++ } + } + + catch(ParserConfigurationException pce) +diff -Nru openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xalan/internal/lib/Extensions.java openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xalan/internal/lib/Extensions.java +--- openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xalan/internal/lib/Extensions.java ++++ openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xalan/internal/lib/Extensions.java +@@ -55,6 +55,7 @@ + */ + public class Extensions + { ++ static final String JDK_DEFAULT_DOM = "com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderFactoryImpl"; + /** + * Constructor Extensions + * +@@ -407,7 +408,11 @@ + { + try + { +- m_doc = DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument(); ++ if (System.getSecurityManager() == null) { ++ m_doc = DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument(); ++ } else { ++ m_doc = DocumentBuilderFactory.newInstance(JDK_DEFAULT_DOM, null).newDocumentBuilder().newDocument(); ++ } + } + + catch(ParserConfigurationException pce)
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/20140114/8025026-canonicalization.patch Wed Jan 15 12:52:12 2014 -0500 @@ -0,0 +1,132 @@ +# HG changeset patch +# User xuelei +# Date 1381800940 25200 +# Mon Oct 14 18:35:40 2013 -0700 +# Node ID d6b926b610d956b000045f41e469555a2e241ea7 +# Parent 6f78aa03ae3c195be644e61a28ee2ea311588afa +8025026: Enhance canonicalization +Summary: Don't use cached null xmlns definition. Also reviewed by Alexander Fomin <alexander.fomin@oracle.com> +Reviewed-by: mullan, hawtin + +diff -Nru openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer11.java openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer11.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer11.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer11.java +@@ -358,7 +358,8 @@ + } else if (!isVisible(xmlns)) { + // There is a defn but the xmlns is not selected by the xpath. + // then xmlns="" +- n = ns.addMappingAndRender(XMLNS, "", nullNode); ++ n = ns.addMappingAndRender(XMLNS, "", ++ getNullNode(xmlns.getOwnerDocument())); + } + // output the xmlns def if needed. + if (n != null) { +diff -Nru openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315.java openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315.java +@@ -302,7 +302,8 @@ + } else if ( !isVisible(xmlns)) { + //There is a definition but the xmlns is not selected by the xpath. + //then xmlns="" +- n=ns.addMappingAndRender(XMLNS,"",nullNode); ++ n=ns.addMappingAndRender(XMLNS, "", ++ getNullNode(xmlns.getOwnerDocument())); + } + //output the xmlns def if needed. + if (n!=null) { +diff -Nru openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315Excl.java openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315Excl.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315Excl.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/Canonicalizer20010315Excl.java +@@ -300,7 +300,7 @@ + if ((xmlns!=null) && (!isVisible(xmlns))) { + //There is a definition but the xmlns is not selected by the xpath. + //then xmlns="" +- ns.addMapping(XMLNS,"",nullNode); ++ ns.addMapping(XMLNS, "", getNullNode(xmlns.getOwnerDocument())); + } + + if (E.getNamespaceURI() != null) { +diff -Nru openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/CanonicalizerBase.java openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/CanonicalizerBase.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/CanonicalizerBase.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/CanonicalizerBase.java +@@ -34,7 +34,6 @@ + import java.util.Map; + import java.util.Set; + +-import javax.xml.parsers.DocumentBuilderFactory; + import javax.xml.parsers.ParserConfigurationException; + + import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException; +@@ -48,6 +47,7 @@ + import org.w3c.dom.Attr; + import org.w3c.dom.Comment; + import org.w3c.dom.Element; ++import org.w3c.dom.Document; + import org.w3c.dom.NamedNodeMap; + import org.w3c.dom.Node; + import org.w3c.dom.ProcessingInstruction; +@@ -86,22 +86,10 @@ + static final int NODE_BEFORE_DOCUMENT_ELEMENT = -1; + static final int NODE_NOT_BEFORE_OR_AFTER_DOCUMENT_ELEMENT = 0; + static final int NODE_AFTER_DOCUMENT_ELEMENT = 1; +- //The null xmlns definiton. +- protected static final Attr nullNode; +- static { +- try { +- nullNode=DocumentBuilderFactory.newInstance(). +- newDocumentBuilder().newDocument().createAttributeNS(Constants.NamespaceSpecNS,XMLNS); +- nullNode.setValue(""); +- } catch (Exception e) { +- throw new RuntimeException("Unable to create nullNode"/*,*/+e); +- } +- } +- + List nodeFilter; +- + boolean _includeComments; + Set<Node> _xpathNodeSet = null; ++ + /** + * The node to be skiped/excluded from the DOM tree + * in subtree canonicalizations. +@@ -110,6 +98,11 @@ + OutputStream _writer = new UnsyncByteArrayOutputStream();//null; + + /** ++ * The null xmlns definition. ++ */ ++ private Attr nullNode; ++ ++ /** + * Constructor CanonicalizerBase + * + * @param includeComments +@@ -613,7 +606,8 @@ + Attr nsprefix; + if (((nsprefix=ns.getMappingWithoutRendered("xmlns"))!=null) + && "".equals(nsprefix.getValue())) { +- ns.addMappingAndRender("xmlns","",nullNode); ++ ns.addMappingAndRender("xmlns", "", ++ getNullNode(nsprefix.getOwnerDocument())); + } + } + /** +@@ -841,4 +835,18 @@ + } + } + ++ // The null xmlns definition. ++ protected Attr getNullNode(Document ownerDocument) { ++ if (nullNode == null) { ++ try { ++ nullNode = ownerDocument.createAttributeNS( ++ Constants.NamespaceSpecNS, XMLNS); ++ nullNode.setValue(""); ++ } catch (Exception e) { ++ throw new RuntimeException("Unable to create nullNode: " + e); ++ } ++ } ++ return nullNode; ++ } ++ + }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/20140114/8025034-layout_lookups.patch Wed Jan 15 12:52:12 2014 -0500 @@ -0,0 +1,48 @@ +# HG changeset patch +# User vadim +# Date 1379609780 -14400 +# Thu Sep 19 20:56:20 2013 +0400 +# Node ID 31735865b718fa6d8bf6950158a3d09d7613b21a +# Parent 1e92cb43dce5042f47d8500057396ff48ab4e143 +8025034: Improve layout lookups +Reviewed-by: mschoene, vadim, srl + +diff -Nru openjdk/jdk/src/share/native/sun/font/layout/LookupProcessor.cpp openjdk/jdk/src/share/native/sun/font/layout/LookupProcessor.cpp +--- openjdk/jdk/src/share/native/sun/font/layout/LookupProcessor.cpp ++++ openjdk/jdk/src/share/native/sun/font/layout/LookupProcessor.cpp +@@ -138,7 +138,7 @@ + le_int32 LookupProcessor::selectLookups(const LEReferenceTo<FeatureTable> &featureTable, FeatureMask featureMask, le_int32 order, LEErrorCode &success) + { + le_uint16 lookupCount = featureTable.isValid()? SWAPW(featureTable->lookupCount) : 0; +- le_int32 store = order; ++ le_uint32 store = (le_uint32)order; + + LEReferenceToArrayOf<le_uint16> lookupListIndexArray(featureTable, success, featureTable->lookupListIndexArray, lookupCount); + +@@ -147,6 +147,9 @@ + if (lookupListIndex >= lookupSelectCount) { + continue; + } ++ if (store >= lookupOrderCount) { ++ continue; ++ } + + lookupSelectArray[lookupListIndex] |= featureMask; + lookupOrderArray[store++] = lookupListIndex; +@@ -246,7 +249,7 @@ + + if (requiredFeatureIndex != 0xFFFF) { + requiredFeatureTable = featureListTable->getFeatureTable(featureListTable, requiredFeatureIndex, &requiredFeatureTag, success); +- featureReferences += SWAPW(featureTable->lookupCount); ++ featureReferences += SWAPW(requiredFeatureTable->lookupCount); + } + + lookupOrderArray = LE_NEW_ARRAY(le_uint16, featureReferences); +@@ -254,6 +257,7 @@ + success = LE_MEMORY_ALLOCATION_ERROR; + return; + } ++ lookupOrderCount = featureReferences; + + for (le_int32 f = 0; f < featureMapCount; f += 1) { + FeatureMap fm = featureMap[f];
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/20140114/8025448-swing_listening.patch Wed Jan 15 12:52:12 2014 -0500 @@ -0,0 +1,31 @@ +# HG changeset patch +# User malenkov +# Date 1380901199 -14400 +# Fri Oct 04 19:39:59 2013 +0400 +# Node ID e78f7f39740968bdc1f8f86bd5ab08dce06d8370 +# Parent 8ddfc847b88227282606279c3ae76089fb0efae5 +8025448: Enhance listening events +Reviewed-by: art, skoivu + +diff -Nru openjdk/jdk/src/share/classes/javax/swing/event/EventListenerList.java openjdk/jdk/src/share/classes/javax/swing/event/EventListenerList.java +--- openjdk/jdk/src/share/classes/javax/swing/event/EventListenerList.java ++++ openjdk/jdk/src/share/classes/javax/swing/event/EventListenerList.java +@@ -27,6 +27,7 @@ + import java.io.*; + import java.util.*; + import java.lang.reflect.Array; ++import sun.reflect.misc.ReflectUtil; + + /** + * A class that holds a list of EventListeners. A single instance +@@ -270,7 +271,9 @@ + while (null != (listenerTypeOrNull = s.readObject())) { + ClassLoader cl = Thread.currentThread().getContextClassLoader(); + EventListener l = (EventListener)s.readObject(); +- add((Class<EventListener>)Class.forName((String)listenerTypeOrNull, true, cl), l); ++ String name = (String) listenerTypeOrNull; ++ ReflectUtil.checkPackageAccess(name); ++ add((Class<EventListener>)Class.forName(name, true, cl), l); + } + } +
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/20140114/8025758-naming.patch Wed Jan 15 12:52:12 2014 -0500 @@ -0,0 +1,218 @@ +# HG changeset patch +# User xuelei +# Date 1381979572 25200 +# Wed Oct 16 20:12:52 2013 -0700 +# Node ID c4796b4be6b144653422100b14e33c0b817546ea +# Parent c331d7827c61b73b362121f902b38224d7112955 +8025758: Enhance Naming management +Summary: Enforce package access control with current context. Also reviewed by Alexander Fomin <alexander.fomin@oracle.com> +Reviewed-by: weijun, ahgross + +diff -Nru openjdk/jdk/src/share/classes/com/sun/naming/internal/FactoryEnumeration.java openjdk/jdk/src/share/classes/com/sun/naming/internal/FactoryEnumeration.java +--- openjdk/jdk/src/share/classes/com/sun/naming/internal/FactoryEnumeration.java ++++ openjdk/jdk/src/share/classes/com/sun/naming/internal/FactoryEnumeration.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 1999, 2001, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -29,10 +29,10 @@ + import javax.naming.NamingException; + + /** +- * The FactoryEnumeration is used for returning factory instances. +- * +- * @author Rosanna Lee +- * @author Scott Seligman ++ * The FactoryEnumeration is used for returning factory instances. ++ * ++ * @author Rosanna Lee ++ * @author Scott Seligman + */ + + // no need to implement Enumeration since this is only for internal use +@@ -55,9 +55,12 @@ + * references so as not to prevent GC of the class loader. Each + * weak reference is tagged with the factory's class name so the + * class can be reloaded if the reference is cleared. +- ++ * + * @param factories A non-null list + * @param loader The class loader of the list's contents ++ * ++ * This internal method is used with Thread Context Class Loader (TCCL), ++ * please don't expose this method as public. + */ + FactoryEnumeration(List factories, ClassLoader loader) { + this.factories = factories; +@@ -77,7 +80,9 @@ + + try { + if (answer == null) { // reload class if weak ref cleared +- answer = Class.forName(className, true, loader); ++ Class<?> cls = Class.forName(className, true, loader); ++ VersionHelper12.checkPackageAccess(cls); ++ answer = cls; + } + // Instantiate Class to get factory + answer = ((Class) answer).newInstance(); +diff -Nru openjdk/jdk/src/share/classes/com/sun/naming/internal/VersionHelper12.java openjdk/jdk/src/share/classes/com/sun/naming/internal/VersionHelper12.java +--- openjdk/jdk/src/share/classes/com/sun/naming/internal/VersionHelper12.java ++++ openjdk/jdk/src/share/classes/com/sun/naming/internal/VersionHelper12.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 1999, 2006, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -35,11 +35,11 @@ + import java.security.PrivilegedActionException; + import java.security.PrivilegedExceptionAction; + import java.util.Enumeration; +-import java.util.Hashtable; + import java.util.NoSuchElementException; + import java.util.Properties; + + import javax.naming.*; ++import sun.reflect.misc.ReflectUtil; + + /** + * VersionHelper was used by JNDI to accommodate differences between +@@ -54,21 +54,37 @@ + + final class VersionHelper12 extends VersionHelper { + +- private boolean getSystemPropsFailed = false; ++ // workaround to disable additional package access control with ++ // Thread Context Class Loader (TCCL). ++ private final static boolean noPackageAccessWithTCCL = "true".equals( ++ AccessController.doPrivileged( ++ new PrivilegedAction<String>() { ++ public String run() { ++ return System.getProperty( ++ "com.sun.naming.untieAccessContextWithTCCL"); ++ } ++ } ++ )); + +- VersionHelper12() {} // Disallow external from creating one of these. ++ // Disallow external from creating one of these. ++ VersionHelper12() { ++ } + + public Class loadClass(String className) throws ClassNotFoundException { +- ClassLoader cl = getContextClassLoader(); +- return Class.forName(className, true, cl); ++ return loadClass(className, getContextClassLoader()); + } + + /** +- * Package private. +- */ ++ * Package private. ++ * ++ * This internal method is used with Thread Context Class Loader (TCCL), ++ * please don't expose this method as public. ++ */ + Class loadClass(String className, ClassLoader cl) + throws ClassNotFoundException { +- return Class.forName(className, true, cl); ++ Class<?> cls = Class.forName(className, true, cl); ++ checkPackageAccess(cls); ++ return cls; + } + + /** +@@ -77,12 +93,45 @@ + */ + public Class loadClass(String className, String codebase) + throws ClassNotFoundException, MalformedURLException { +- ClassLoader cl; + + ClassLoader parent = getContextClassLoader(); +- cl = URLClassLoader.newInstance(getUrlArray(codebase), parent); ++ ClassLoader cl = ++ URLClassLoader.newInstance(getUrlArray(codebase), parent); + +- return Class.forName(className, true, cl); ++ return loadClass(className, cl); ++ } ++ ++ /** ++ * check package access of a class that is loaded with Thread Context ++ * Class Loader (TCCL). ++ * ++ * Similar to java.lang.ClassLoader.checkPackageAccess() ++ */ ++ static void checkPackageAccess(Class<?> cls) { ++ if (noPackageAccessWithTCCL) { ++ return; ++ } ++ ++ final SecurityManager sm = System.getSecurityManager(); ++ if (sm != null) { ++ if (ReflectUtil.isNonPublicProxyClass(cls)) { ++ for (Class<?> intf: cls.getInterfaces()) { ++ checkPackageAccess(intf); ++ } ++ return; ++ } ++ ++ final String name = cls.getName(); ++ final int i = name.lastIndexOf('.'); ++ if (i != -1) { ++ AccessController.doPrivileged(new PrivilegedAction<Void>() { ++ public Void run() { ++ sm.checkPackageAccess(name.substring(0, i)); ++ return null; ++ } ++ }, AccessController.getContext()); ++ } ++ } + } + + String getJndiProperty(final int i) { +@@ -100,16 +149,12 @@ + } + + String[] getJndiProperties() { +- if (getSystemPropsFailed) { +- return null; // after one failure, don't bother trying again +- } + Properties sysProps = (Properties) AccessController.doPrivileged( + new PrivilegedAction() { + public Object run() { + try { + return System.getProperties(); + } catch (SecurityException e) { +- getSystemPropsFailed = true; + return null; + } + } +@@ -175,6 +220,15 @@ + return new InputStreamEnumeration(urls); + } + ++ /** ++ * Package private. ++ * ++ * This internal method makes use of Thread Context Class Loader (TCCL), ++ * please don't expose this method as public. ++ * ++ * Please take care of package access control on the current context ++ * whenever using TCCL. ++ */ + ClassLoader getContextClassLoader() { + return (ClassLoader) AccessController.doPrivileged( + new PrivilegedAction() { +@@ -185,7 +239,6 @@ + ); + } + +- + /** + * Given an enumeration of URLs, an instance of this class represents + * an enumeration of their InputStreams. Each operation on the URL
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/20140114/8025767-corba_iiop_streams.patch Wed Jan 15 12:52:12 2014 -0500 @@ -0,0 +1,738 @@ +# HG changeset patch +# User msheppar +# Date 1383355443 0 +# Sat Nov 02 01:24:03 2013 +0000 +# Node ID a107c678dde3a3700ff0aa37c2cc111d43d277db +# Parent 8662d95ebee18761895cbeacb674cdb187163f03 +8025767: Enhance IIOP Streams +Summary: modify org.omg.CORBA_2_3.portable.InputStream inheritance structure. +Reviewed-by: alanb, coffeys, skoivu + +diff -Nru openjdk/corba/src/share/classes/com/sun/corba/se/impl/corba/AnyImpl.java openjdk/corba/src/share/classes/com/sun/corba/se/impl/corba/AnyImpl.java +--- openjdk/corba/src/share/classes/com/sun/corba/se/impl/corba/AnyImpl.java ++++ openjdk/corba/src/share/classes/com/sun/corba/se/impl/corba/AnyImpl.java +@@ -82,11 +82,18 @@ + super((ORB)orb); + } + +- public org.omg.CORBA.portable.InputStream create_input_stream() +- { +- return new AnyInputStream( +- (com.sun.corba.se.impl.encoding.EncapsInputStream) +- super.create_input_stream()); ++ public org.omg.CORBA.portable.InputStream create_input_stream() { ++ final org.omg.CORBA.portable.InputStream is = super ++ .create_input_stream(); ++ AnyInputStream aIS = AccessController ++ .doPrivileged(new PrivilegedAction<AnyInputStream>() { ++ @Override ++ public AnyInputStream run() { ++ return new AnyInputStream( ++ (com.sun.corba.se.impl.encoding.EncapsInputStream) is); ++ } ++ }); ++ return aIS; + } + } + +diff -Nru openjdk/corba/src/share/classes/com/sun/corba/se/impl/encoding/EncapsInputStream.java openjdk/corba/src/share/classes/com/sun/corba/se/impl/encoding/EncapsInputStream.java +--- openjdk/corba/src/share/classes/com/sun/corba/se/impl/encoding/EncapsInputStream.java ++++ openjdk/corba/src/share/classes/com/sun/corba/se/impl/encoding/EncapsInputStream.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2001, 2004, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 2001, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -36,11 +36,10 @@ + import com.sun.corba.se.impl.protocol.giopmsgheaders.Message; + + import com.sun.corba.se.spi.orb.ORB; +- + import com.sun.corba.se.spi.logging.CORBALogDomains; +- + import com.sun.corba.se.impl.logging.ORBUtilSystemException; + ++import sun.corba.EncapsInputStreamFactory; + /** + * Encapsulations are supposed to explicitly define their + * code sets and GIOP version. The original resolution to issue 2784 +@@ -148,7 +147,7 @@ + } + + public CDRInputStream dup() { +- return new EncapsInputStream(this); ++ return EncapsInputStreamFactory.newEncapsInputStream(this); + } + + protected CodeSetConversion.BTCConverter createCharBTCConverter() { +diff -Nru openjdk/corba/src/share/classes/com/sun/corba/se/impl/encoding/EncapsOutputStream.java openjdk/corba/src/share/classes/com/sun/corba/se/impl/encoding/EncapsOutputStream.java +--- openjdk/corba/src/share/classes/com/sun/corba/se/impl/encoding/EncapsOutputStream.java ++++ openjdk/corba/src/share/classes/com/sun/corba/se/impl/encoding/EncapsOutputStream.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2001, 2004, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 2001, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -39,6 +39,8 @@ + import com.sun.corba.se.impl.protocol.giopmsgheaders.Message; + import com.sun.corba.se.impl.orbutil.ORBConstants; + ++import sun.corba.EncapsInputStreamFactory; ++ + /** + * Encapsulations are supposed to explicitly define their + * code sets and GIOP version. The original resolution to issue 2784 +@@ -107,11 +109,11 @@ + public org.omg.CORBA.portable.InputStream create_input_stream() { + freeInternalCaches(); + +- return new EncapsInputStream(orb(), +- getByteBuffer(), +- getSize(), +- isLittleEndian(), +- getGIOPVersion()); ++ return EncapsInputStreamFactory.newEncapsInputStream(orb(), ++ getByteBuffer(), ++ getSize(), ++ isLittleEndian(), ++ getGIOPVersion()); + } + + protected CodeSetConversion.CTBConverter createCharCTBConverter() { +diff -Nru openjdk/corba/src/share/classes/com/sun/corba/se/impl/encoding/TypeCodeInputStream.java openjdk/corba/src/share/classes/com/sun/corba/se/impl/encoding/TypeCodeInputStream.java +--- openjdk/corba/src/share/classes/com/sun/corba/se/impl/encoding/TypeCodeInputStream.java ++++ openjdk/corba/src/share/classes/com/sun/corba/se/impl/encoding/TypeCodeInputStream.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2002, 2003, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 2002, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -64,6 +64,8 @@ + import com.sun.corba.se.impl.encoding.CDROutputStream; + import com.sun.corba.se.impl.encoding.MarshalInputStream; + ++import sun.corba.EncapsInputStreamFactory; ++ + public class TypeCodeInputStream extends EncapsInputStream implements TypeCodeReader + { + private Map typeMap = null; +@@ -157,11 +159,13 @@ + + // create an encapsulation using the marshal buffer + if (is instanceof CDRInputStream) { +- encap = new TypeCodeInputStream((ORB)_orb, encapBuffer, encapBuffer.length, +- ((CDRInputStream)is).isLittleEndian(), +- ((CDRInputStream)is).getGIOPVersion()); ++ encap = EncapsInputStreamFactory.newTypeCodeInputStream((ORB) _orb, ++ encapBuffer, encapBuffer.length, ++ ((CDRInputStream) is).isLittleEndian(), ++ ((CDRInputStream) is).getGIOPVersion()); + } else { +- encap = new TypeCodeInputStream((ORB)_orb, encapBuffer, encapBuffer.length); ++ encap = EncapsInputStreamFactory.newTypeCodeInputStream((ORB) _orb, ++ encapBuffer, encapBuffer.length); + } + encap.setEnclosingInputStream(is); + encap.makeEncapsulation(); +diff -Nru openjdk/corba/src/share/classes/com/sun/corba/se/impl/encoding/TypeCodeOutputStream.java openjdk/corba/src/share/classes/com/sun/corba/se/impl/encoding/TypeCodeOutputStream.java +--- openjdk/corba/src/share/classes/com/sun/corba/se/impl/encoding/TypeCodeOutputStream.java ++++ openjdk/corba/src/share/classes/com/sun/corba/se/impl/encoding/TypeCodeOutputStream.java +@@ -61,6 +61,8 @@ + import java.math.BigInteger; + import java.nio.ByteBuffer; + ++import sun.corba.EncapsInputStreamFactory; ++ + public final class TypeCodeOutputStream extends EncapsOutputStream + { + private OutputStream enclosure = null; +@@ -77,9 +79,9 @@ + + public org.omg.CORBA.portable.InputStream create_input_stream() + { +- //return new TypeCodeInputStream((ORB)orb(), getByteBuffer(), getIndex(), isLittleEndian()); +- TypeCodeInputStream tcis +- = new TypeCodeInputStream((ORB)orb(), getByteBuffer(), getIndex(), isLittleEndian(), getGIOPVersion()); ++ TypeCodeInputStream tcis = EncapsInputStreamFactory ++ .newTypeCodeInputStream((ORB) orb(), getByteBuffer(), ++ getIndex(), isLittleEndian(), getGIOPVersion()); + //if (TypeCodeImpl.debug) { + //System.out.println("Created TypeCodeInputStream " + tcis + " with no parent"); + //tcis.printBuffer(); +diff -Nru openjdk/corba/src/share/classes/com/sun/corba/se/impl/interceptors/CDREncapsCodec.java openjdk/corba/src/share/classes/com/sun/corba/se/impl/interceptors/CDREncapsCodec.java +--- openjdk/corba/src/share/classes/com/sun/corba/se/impl/interceptors/CDREncapsCodec.java ++++ openjdk/corba/src/share/classes/com/sun/corba/se/impl/interceptors/CDREncapsCodec.java +@@ -33,6 +33,8 @@ + import com.sun.corba.se.spi.ior.iiop.GIOPVersion; + import com.sun.corba.se.spi.logging.CORBALogDomains; + ++import sun.corba.EncapsInputStreamFactory; ++ + import com.sun.corba.se.impl.corba.AnyImpl; + import com.sun.corba.se.impl.encoding.EncapsInputStream; + import com.sun.corba.se.impl.encoding.EncapsOutputStream; +@@ -193,8 +195,9 @@ + // it is turned into a FormatMismatch exception. + + try { +- EncapsInputStream cdrIn = new EncapsInputStream( orb, data, +- data.length, giopVersion ); ++ EncapsInputStream cdrIn = EncapsInputStreamFactory.newEncapsInputStream( orb, data, ++ data.length, giopVersion ); ++ + + cdrIn.consumeEndian(); + +diff -Nru openjdk/corba/src/share/classes/com/sun/corba/se/impl/io/IIOPInputStream.java openjdk/corba/src/share/classes/com/sun/corba/se/impl/io/IIOPInputStream.java +--- openjdk/corba/src/share/classes/com/sun/corba/se/impl/io/IIOPInputStream.java ++++ openjdk/corba/src/share/classes/com/sun/corba/se/impl/io/IIOPInputStream.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 1998, 2011, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -370,7 +370,7 @@ + * @exception IOException Any of the usual Input/Output related exceptions. + * @since JDK1.1 + */ +- public final Object readObjectDelegate() throws IOException ++ public final synchronized Object readObjectDelegate() throws IOException + { + try { + +@@ -389,7 +389,7 @@ + } + } + +- final Object simpleReadObject(Class clz, ++ final synchronized Object simpleReadObject(Class clz, + String repositoryID, + com.sun.org.omg.SendingContext.CodeBase sender, + int offset) +@@ -461,7 +461,7 @@ + return obj; + } + +- public final void simpleSkipObject(String repositoryID, ++ public final synchronized void simpleSkipObject(String repositoryID, + com.sun.org.omg.SendingContext.CodeBase sender) + /* throws OptionalDataException, ClassNotFoundException, IOException */ + { +@@ -559,7 +559,7 @@ + * objects. + * @since JDK1.1 + */ +- public final void defaultReadObjectDelegate() ++ final synchronized void defaultReadObjectDelegate() + /* throws IOException, ClassNotFoundException, NotActiveException */ + { + try { +@@ -988,7 +988,7 @@ + } + } + +- private Object inputObject(Class clz, ++ private synchronized Object inputObject(Class clz, + String repositoryID, + com.sun.org.omg.SendingContext.CodeBase sender, + int offset) +@@ -1313,7 +1313,7 @@ + * a form of custom marshaling. + * + */ +- private Object inputObjectUsingFVD(Class clz, ++ private synchronized Object inputObjectUsingFVD(Class clz, + String repositoryID, + com.sun.org.omg.SendingContext.CodeBase sender, + int offset) +diff -Nru openjdk/corba/src/share/classes/com/sun/corba/se/impl/io/InputStreamHook.java openjdk/corba/src/share/classes/com/sun/corba/se/impl/io/InputStreamHook.java +--- openjdk/corba/src/share/classes/com/sun/corba/se/impl/io/InputStreamHook.java ++++ openjdk/corba/src/share/classes/com/sun/corba/se/impl/io/InputStreamHook.java +@@ -201,7 +201,7 @@ + readObjectState.endDefaultReadObject(this); + } + +- public abstract void defaultReadObjectDelegate(); ++ abstract void defaultReadObjectDelegate(); + + abstract void readFields(java.util.Map fieldToValueMap) + throws java.io.InvalidClassException, java.io.StreamCorruptedException, +diff -Nru openjdk/corba/src/share/classes/com/sun/corba/se/impl/ior/EncapsulationUtility.java openjdk/corba/src/share/classes/com/sun/corba/se/impl/ior/EncapsulationUtility.java +--- openjdk/corba/src/share/classes/com/sun/corba/se/impl/ior/EncapsulationUtility.java ++++ openjdk/corba/src/share/classes/com/sun/corba/se/impl/ior/EncapsulationUtility.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2000, 2003, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -47,6 +47,8 @@ + import com.sun.corba.se.impl.encoding.EncapsOutputStream ; + import com.sun.corba.se.impl.encoding.EncapsInputStream ; + ++import sun.corba.EncapsInputStreamFactory; ++ + /** + * This static utility class contains various utility methods for reading and + * writing CDR encapsulations. +@@ -108,8 +110,8 @@ + static public InputStream getEncapsulationStream( InputStream is ) + { + byte[] data = readOctets( is ) ; +- EncapsInputStream result = new EncapsInputStream( is.orb(), data, +- data.length ) ; ++ EncapsInputStream result = EncapsInputStreamFactory.newEncapsInputStream( is.orb(), data, ++ data.length ) ; + result.consumeEndian() ; + return result ; + } +diff -Nru openjdk/corba/src/share/classes/com/sun/corba/se/impl/ior/ObjectKeyFactoryImpl.java openjdk/corba/src/share/classes/com/sun/corba/se/impl/ior/ObjectKeyFactoryImpl.java +--- openjdk/corba/src/share/classes/com/sun/corba/se/impl/ior/ObjectKeyFactoryImpl.java ++++ openjdk/corba/src/share/classes/com/sun/corba/se/impl/ior/ObjectKeyFactoryImpl.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2000, 2003, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -49,6 +49,8 @@ + import com.sun.corba.se.impl.logging.IORSystemException ; + + import com.sun.corba.se.impl.encoding.EncapsInputStream ; ++import sun.corba.EncapsInputStreamFactory; ++ + + /** Based on the magic and scid, return the appropriate + * ObjectKeyTemplate. Expects to be called with a valid +@@ -217,7 +219,7 @@ + public ObjectKey create( byte[] key ) + { + OctetSeqHolder osh = new OctetSeqHolder() ; +- EncapsInputStream is = new EncapsInputStream( orb, key, key.length ) ; ++ EncapsInputStream is = EncapsInputStreamFactory.newEncapsInputStream( orb, key, key.length ); + + ObjectKeyTemplate oktemp = create( is, fullKey, osh ) ; + if (oktemp == null) +diff -Nru openjdk/corba/src/share/classes/com/sun/corba/se/impl/ior/iiop/IIOPProfileImpl.java openjdk/corba/src/share/classes/com/sun/corba/se/impl/ior/iiop/IIOPProfileImpl.java +--- openjdk/corba/src/share/classes/com/sun/corba/se/impl/ior/iiop/IIOPProfileImpl.java ++++ openjdk/corba/src/share/classes/com/sun/corba/se/impl/ior/iiop/IIOPProfileImpl.java +@@ -70,6 +70,8 @@ + import com.sun.corba.se.impl.encoding.EncapsInputStream ; + import com.sun.corba.se.impl.encoding.EncapsOutputStream ; + ++import sun.corba.EncapsInputStreamFactory; ++ + import com.sun.corba.se.impl.util.JDKBridge; + + import com.sun.corba.se.impl.logging.IORSystemException; +@@ -170,8 +172,8 @@ + throw wrapper.invalidTaggedProfile() ; + } + +- EncapsInputStream istr = new EncapsInputStream((ORB)orb, profile.profile_data, +- profile.profile_data.length); ++ EncapsInputStream istr = EncapsInputStreamFactory.newEncapsInputStream((ORB)orb, profile.profile_data, ++ profile.profile_data.length); + istr.consumeEndian(); + init( istr ) ; + } +diff -Nru openjdk/corba/src/share/classes/com/sun/corba/se/impl/protocol/CorbaClientRequestDispatcherImpl.java openjdk/corba/src/share/classes/com/sun/corba/se/impl/protocol/CorbaClientRequestDispatcherImpl.java +--- openjdk/corba/src/share/classes/com/sun/corba/se/impl/protocol/CorbaClientRequestDispatcherImpl.java ++++ openjdk/corba/src/share/classes/com/sun/corba/se/impl/protocol/CorbaClientRequestDispatcherImpl.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2001, 2004, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 2001, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -112,6 +112,7 @@ + import com.sun.corba.se.impl.protocol.giopmsgheaders.ReferenceAddr; + import com.sun.corba.se.impl.transport.CorbaContactInfoListIteratorImpl; + import com.sun.corba.se.impl.util.JDKBridge; ++import sun.corba.EncapsInputStreamFactory; + + /** + * ClientDelegate is the RMI client-side subcontract or representation +@@ -805,8 +806,8 @@ + } + byte[] data = ((UnknownServiceContext)sc).getData(); + EncapsInputStream in = +- new EncapsInputStream((ORB)messageMediator.getBroker(), +- data, data.length); ++ EncapsInputStreamFactory.newEncapsInputStream((ORB)messageMediator.getBroker(), ++ data, data.length); + in.consumeEndian(); + + String msg = +diff -Nru openjdk/corba/src/share/classes/com/sun/corba/se/impl/protocol/SharedCDRClientRequestDispatcherImpl.java openjdk/corba/src/share/classes/com/sun/corba/se/impl/protocol/SharedCDRClientRequestDispatcherImpl.java +--- openjdk/corba/src/share/classes/com/sun/corba/se/impl/protocol/SharedCDRClientRequestDispatcherImpl.java ++++ openjdk/corba/src/share/classes/com/sun/corba/se/impl/protocol/SharedCDRClientRequestDispatcherImpl.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2003, 2004, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -36,7 +36,8 @@ + import java.util.Iterator; + import java.rmi.RemoteException; + import java.nio.ByteBuffer; +- ++import java.security.AccessController; ++import java.security.PrivilegedAction; + import javax.rmi.CORBA.Util; + import javax.rmi.CORBA.Tie; + +@@ -111,6 +112,7 @@ + import com.sun.corba.se.impl.protocol.giopmsgheaders.ProfileAddr; + import com.sun.corba.se.impl.protocol.giopmsgheaders.ReferenceAddr; + import com.sun.corba.se.impl.transport.CorbaContactInfoListIteratorImpl; ++import com.sun.corba.se.impl.protocol.giopmsgheaders.Message; + import com.sun.corba.se.impl.util.JDKBridge; + + /** +@@ -156,10 +158,17 @@ + + ByteBufferWithInfo bbwi = cdrOutputObject.getByteBufferWithInfo(); + cdrOutputObject.getMessageHeader().setSize(bbwi.byteBuffer, bbwi.getSize()); +- +- CDRInputObject cdrInputObject = +- new CDRInputObject(orb, null, bbwi.byteBuffer, +- cdrOutputObject.getMessageHeader()); ++ final ORB inOrb = orb; ++ final ByteBuffer inBuffer = bbwi.byteBuffer; ++ final Message inMsg = cdrOutputObject.getMessageHeader(); ++ CDRInputObject cdrInputObject = AccessController ++ .doPrivileged(new PrivilegedAction<CDRInputObject>() { ++ @Override ++ public CDRInputObject run() { ++ return new CDRInputObject(inOrb, null, inBuffer, ++ inMsg); ++ } ++ }); + messageMediator.setInputObject(cdrInputObject); + cdrInputObject.setMessageMediator(messageMediator); + +@@ -192,9 +201,17 @@ + cdrOutputObject = (CDROutputObject) messageMediator.getOutputObject(); + bbwi = cdrOutputObject.getByteBufferWithInfo(); + cdrOutputObject.getMessageHeader().setSize(bbwi.byteBuffer, bbwi.getSize()); +- cdrInputObject = +- new CDRInputObject(orb, null, bbwi.byteBuffer, +- cdrOutputObject.getMessageHeader()); ++ final ORB inOrb2 = orb; ++ final ByteBuffer inBuffer2 = bbwi.byteBuffer; ++ final Message inMsg2 = cdrOutputObject.getMessageHeader(); ++ cdrInputObject = AccessController ++ .doPrivileged(new PrivilegedAction<CDRInputObject>() { ++ @Override ++ public CDRInputObject run() { ++ return new CDRInputObject(inOrb2, null, inBuffer2, ++ inMsg2); ++ } ++ }); + messageMediator.setInputObject(cdrInputObject); + cdrInputObject.setMessageMediator(messageMediator); + +diff -Nru openjdk/corba/src/share/classes/com/sun/corba/se/impl/resolver/INSURLOperationImpl.java openjdk/corba/src/share/classes/com/sun/corba/se/impl/resolver/INSURLOperationImpl.java +--- openjdk/corba/src/share/classes/com/sun/corba/se/impl/resolver/INSURLOperationImpl.java ++++ openjdk/corba/src/share/classes/com/sun/corba/se/impl/resolver/INSURLOperationImpl.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 1998, 2007, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -36,6 +36,8 @@ + import org.omg.CosNaming.NamingContextExt ; + import org.omg.CosNaming.NamingContextExtHelper ; + ++import sun.corba.EncapsInputStreamFactory; ++ + import com.sun.corba.se.spi.ior.IOR; + import com.sun.corba.se.spi.ior.IORTemplate; + import com.sun.corba.se.spi.ior.ObjectKey; +@@ -114,8 +116,8 @@ + buf[j] = (byte)((ORBUtility.hexOf(str.charAt(i)) << UN_SHIFT) & 0xF0); + buf[j] |= (byte)(ORBUtility.hexOf(str.charAt(i+1)) & 0x0F); + } +- EncapsInputStream s = new EncapsInputStream(orb, buf, buf.length, +- orb.getORBData().getGIOPVersion()); ++ EncapsInputStream s = EncapsInputStreamFactory.newEncapsInputStream(orb, buf, buf.length, ++ orb.getORBData().getGIOPVersion()); + s.consumeEndian(); + return s.read_Object() ; + } +diff -Nru openjdk/corba/src/share/classes/com/sun/corba/se/spi/servicecontext/ServiceContexts.java openjdk/corba/src/share/classes/com/sun/corba/se/spi/servicecontext/ServiceContexts.java +--- openjdk/corba/src/share/classes/com/sun/corba/se/spi/servicecontext/ServiceContexts.java ++++ openjdk/corba/src/share/classes/com/sun/corba/se/spi/servicecontext/ServiceContexts.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 1999, 2004, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -58,6 +58,9 @@ + import com.sun.corba.se.impl.util.Utility ; + import com.sun.corba.se.impl.logging.ORBUtilSystemException ; + ++import sun.corba.EncapsInputStreamFactory; ++ ++ + public class ServiceContexts { + private static boolean isDebugging( OutputStream os ) + { +@@ -198,11 +201,11 @@ + // Note: As of Jan 2001, no standard OMG or Sun service contexts + // ship wchar data or are defined as using anything but GIOP 1.0 CDR. + EncapsInputStream eis +- = new EncapsInputStream(orb, +- data, +- data.length, +- giopVersion, +- codeBase); ++ = EncapsInputStreamFactory.newEncapsInputStream(orb, ++ data, ++ data.length, ++ giopVersion, ++ codeBase); + eis.consumeEndian(); + + // Now the input stream passed to a ServiceContext +diff -Nru openjdk/corba/src/share/classes/org/omg/CORBA_2_3/portable/InputStream.java openjdk/corba/src/share/classes/org/omg/CORBA_2_3/portable/InputStream.java +--- openjdk/corba/src/share/classes/org/omg/CORBA_2_3/portable/InputStream.java ++++ openjdk/corba/src/share/classes/org/omg/CORBA_2_3/portable/InputStream.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 1998, 2000, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -31,6 +31,10 @@ + + package org.omg.CORBA_2_3.portable; + ++import java.io.SerializablePermission; ++import java.security.AccessController; ++import java.security.PrivilegedAction; ++ + /** + * InputStream provides for the reading of all of the mapped IDL types + * from the stream. It extends org.omg.CORBA.portable.InputStream. This +@@ -43,6 +47,43 @@ + + public abstract class InputStream extends org.omg.CORBA.portable.InputStream { + ++ ++ private static final String ALLOW_SUBCLASS_PROP = "jdk.corba.allowInputStreamSubclass"; ++ ++ private static final boolean allowSubclass = AccessController.doPrivileged( ++ new PrivilegedAction<Boolean>() { ++ @Override ++ public Boolean run() { ++ String prop = System.getProperty(ALLOW_SUBCLASS_PROP); ++ return prop == null ? false : ++ (prop.equalsIgnoreCase("false") ? false : true); ++ } ++ }); ++ ++ private static Void checkPermission() { ++ SecurityManager sm = System.getSecurityManager(); ++ if (sm != null) { ++ if (!allowSubclass) ++ sm.checkPermission(new ++ SerializablePermission("enableSubclassImplementation")); ++ } ++ return null; ++ } ++ ++ private InputStream(Void ignore) { } ++ ++ /** ++ * Create a new instance of this class. ++ * ++ * throw SecurityException if SecurityManager is installed and ++ * enableSubclassImplementation SerializablePermission ++ * is not granted or jdk.corba.allowOutputStreamSubclass system ++ * property is either not set or is set to 'false' ++ */ ++ public InputStream() { ++ this(checkPermission()); ++ } ++ + /** + * Unmarshalls a value type from the input stream. + * @return the value type unmarshalled from the input stream +diff -Nru openjdk/corba/src/share/classes/sun/corba/EncapsInputStreamFactory.java openjdk/corba/src/share/classes/sun/corba/EncapsInputStreamFactory.java +new file mode 100644 +--- /dev/null ++++ openjdk/corba/src/share/classes/sun/corba/EncapsInputStreamFactory.java +@@ -0,0 +1,153 @@ ++/* ++ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * ++ * This code is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License version 2 only, as ++ * published by the Free Software Foundation. Oracle designates this ++ * particular file as subject to the "Classpath" exception as provided ++ * by Oracle in the LICENSE file that accompanied this code. ++ * ++ * This code is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * version 2 for more details (a copy is included in the LICENSE file that ++ * accompanied this code). ++ * ++ * You should have received a copy of the GNU General Public License version ++ * 2 along with this work; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA ++ * or visit www.oracle.com if you need additional information or have any ++ * questions. ++ */ ++package sun.corba; ++ ++import java.nio.ByteBuffer; ++import java.security.AccessController; ++import java.security.PrivilegedAction; ++ ++ ++import com.sun.corba.se.impl.encoding.EncapsInputStream; ++import com.sun.corba.se.impl.encoding.TypeCodeInputStream; ++import com.sun.corba.se.impl.protocol.giopmsgheaders.Message; ++import com.sun.corba.se.pept.protocol.MessageMediator; ++import com.sun.corba.se.spi.ior.iiop.GIOPVersion; ++import com.sun.corba.se.spi.orb.ORB; ++import com.sun.org.omg.SendingContext.CodeBase; ++ ++public class EncapsInputStreamFactory { ++ ++ public static EncapsInputStream newEncapsInputStream( ++ final org.omg.CORBA.ORB orb, final byte[] buf, final int size, ++ final boolean littleEndian, final GIOPVersion version) { ++ return AccessController ++ .doPrivileged(new PrivilegedAction<EncapsInputStream>() { ++ @Override ++ public EncapsInputStream run() { ++ return new EncapsInputStream(orb, buf, size, ++ littleEndian, version); ++ } ++ }); ++ } ++ ++ public static EncapsInputStream newEncapsInputStream( ++ final org.omg.CORBA.ORB orb, final ByteBuffer byteBuffer, ++ final int size, final boolean littleEndian, ++ final GIOPVersion version) { ++ return AccessController ++ .doPrivileged(new PrivilegedAction<EncapsInputStream>() { ++ @Override ++ public EncapsInputStream run() { ++ return new EncapsInputStream(orb, byteBuffer, size, ++ littleEndian, version); ++ } ++ }); ++ } ++ ++ public static EncapsInputStream newEncapsInputStream( ++ final org.omg.CORBA.ORB orb, final byte[] data, final int size) { ++ return AccessController ++ .doPrivileged(new PrivilegedAction<EncapsInputStream>() { ++ @Override ++ public EncapsInputStream run() { ++ return new EncapsInputStream(orb, data, size); ++ } ++ }); ++ } ++ ++ public static EncapsInputStream newEncapsInputStream( ++ final EncapsInputStream eis) { ++ return AccessController ++ .doPrivileged(new PrivilegedAction<EncapsInputStream>() { ++ @Override ++ public EncapsInputStream run() { ++ return new EncapsInputStream(eis); ++ } ++ }); ++ } ++ ++ public static EncapsInputStream newEncapsInputStream( ++ final org.omg.CORBA.ORB orb, final byte[] data, final int size, ++ final GIOPVersion version) { ++ return AccessController ++ .doPrivileged(new PrivilegedAction<EncapsInputStream>() { ++ @Override ++ public EncapsInputStream run() { ++ return new EncapsInputStream(orb, data, size, version); ++ } ++ }); ++ } ++ ++ public static EncapsInputStream newEncapsInputStream( ++ final org.omg.CORBA.ORB orb, final byte[] data, final int size, ++ final GIOPVersion version, final CodeBase codeBase) { ++ return AccessController ++ .doPrivileged(new PrivilegedAction<EncapsInputStream>() { ++ @Override ++ public EncapsInputStream run() { ++ return new EncapsInputStream(orb, data, size, version, ++ codeBase); ++ } ++ }); ++ } ++ ++ public static TypeCodeInputStream newTypeCodeInputStream( ++ final org.omg.CORBA.ORB orb, final byte[] buf, final int size, ++ final boolean littleEndian, final GIOPVersion version) { ++ return AccessController ++ .doPrivileged(new PrivilegedAction<TypeCodeInputStream>() { ++ @Override ++ public TypeCodeInputStream run() { ++ return new TypeCodeInputStream(orb, buf, size, ++ littleEndian, version); ++ } ++ }); ++ } ++ ++ public static TypeCodeInputStream newTypeCodeInputStream( ++ final org.omg.CORBA.ORB orb, final ByteBuffer byteBuffer, ++ final int size, final boolean littleEndian, ++ final GIOPVersion version) { ++ return AccessController ++ .doPrivileged(new PrivilegedAction<TypeCodeInputStream>() { ++ @Override ++ public TypeCodeInputStream run() { ++ return new TypeCodeInputStream(orb, byteBuffer, size, ++ littleEndian, version); ++ } ++ }); ++ } ++ ++ public static TypeCodeInputStream newTypeCodeInputStream( ++ final org.omg.CORBA.ORB orb, final byte[] data, final int size) { ++ return AccessController ++ .doPrivileged(new PrivilegedAction<TypeCodeInputStream>() { ++ @Override ++ public TypeCodeInputStream run() { ++ return new TypeCodeInputStream(orb, data, size); ++ } ++ }); ++ } ++}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/20140114/8026172-ui_management.patch Wed Jan 15 12:52:12 2014 -0500 @@ -0,0 +1,28 @@ +# HG changeset patch +# User malenkov +# Date 1381917764 -14400 +# Wed Oct 16 14:02:44 2013 +0400 +# Node ID c12624b110764c74f7dcc1e9ad3b6f313484157c +# Parent 7e5e673c706f12d4c3bf5ace73af8df58f853894 +8026172: Enhance UI Management +Reviewed-by: art, skoivu + +diff -Nru openjdk/jdk/src/share/classes/javax/swing/SwingUtilities.java openjdk/jdk/src/share/classes/javax/swing/SwingUtilities.java +--- openjdk/jdk/src/share/classes/javax/swing/SwingUtilities.java ++++ openjdk/jdk/src/share/classes/javax/swing/SwingUtilities.java +@@ -24,6 +24,7 @@ + */ + package javax.swing; + ++import sun.reflect.misc.ReflectUtil; + import sun.swing.SwingUtilities2; + import sun.swing.UIAction; + +@@ -1872,6 +1873,7 @@ + + + static Class loadSystemClass(String className) throws ClassNotFoundException { ++ ReflectUtil.checkPackageAccess(className); + return Class.forName(className, true, Thread.currentThread(). + getContextClassLoader()); + }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/20140114/8026176-document_printing.patch Wed Jan 15 12:52:12 2014 -0500 @@ -0,0 +1,24 @@ +# HG changeset patch +# User prr +# Date 1381862078 25200 +# Tue Oct 15 11:34:38 2013 -0700 +# Node ID 67935d4cb42df261b41e8d1709fead4715bd8692 +# Parent e78f7f39740968bdc1f8f86bd5ab08dce06d8370 +8026176: Enhance document printing +Reviewed-by: bae, jgodinez + +diff -Nru openjdk/jdk/src/share/classes/javax/print/SimpleDoc.java openjdk/jdk/src/share/classes/javax/print/SimpleDoc.java +--- openjdk/jdk/src/share/classes/javax/print/SimpleDoc.java ++++ openjdk/jdk/src/share/classes/javax/print/SimpleDoc.java +@@ -91,7 +91,10 @@ + + Class repClass = null; + try { +- repClass = Class.forName(flavor.getRepresentationClassName()); ++ String className = flavor.getRepresentationClassName(); ++ sun.reflect.misc.ReflectUtil.checkPackageAccess(className); ++ repClass = Class.forName(className, false, ++ Thread.currentThread().getContextClassLoader()); + } catch (Throwable e) { + throw new IllegalArgumentException("unknown representation class"); + }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/20140114/8026193-corba_stub_factories.patch Wed Jan 15 12:52:12 2014 -0500 @@ -0,0 +1,100 @@ +# HG changeset patch +# User msheppar +# Date 1383354473 0 +# Sat Nov 02 01:07:53 2013 +0000 +# Node ID c58a65985c4179a06049ca9516278595bf68d701 +# Parent a107c678dde3a3700ff0aa37c2cc111d43d277db +8026193: Enhance CORBA stub factories +Summary: modify com.sun.corba.se.impl.presenetation.rmi.StubFactoryDynamicBase inheritance structure. +Reviewed-by: alanb, coffeys, ahgross + +diff -Nru openjdk/corba/src/share/classes/com/sun/corba/se/impl/presentation/rmi/StubFactoryDynamicBase.java openjdk/corba/src/share/classes/com/sun/corba/se/impl/presentation/rmi/StubFactoryDynamicBase.java +--- openjdk/corba/src/share/classes/com/sun/corba/se/impl/presentation/rmi/StubFactoryDynamicBase.java ++++ openjdk/corba/src/share/classes/com/sun/corba/se/impl/presentation/rmi/StubFactoryDynamicBase.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2004, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -25,6 +25,7 @@ + + package com.sun.corba.se.impl.presentation.rmi ; + ++import java.io.SerializablePermission; + import java.lang.reflect.InvocationHandler ; + import java.lang.reflect.Proxy ; + +@@ -38,11 +39,18 @@ + { + protected final ClassLoader loader ; + +- public StubFactoryDynamicBase( PresentationManager.ClassData classData, +- ClassLoader loader ) +- { +- super( classData ) ; ++ private static Void checkPermission() { ++ SecurityManager sm = System.getSecurityManager(); ++ if (sm != null) { ++ sm.checkPermission(new SerializablePermission( ++ "enableSubclassImplementation")); ++ } ++ return null; ++ } + ++ private StubFactoryDynamicBase(Void unused, ++ PresentationManager.ClassData classData, ClassLoader loader) { ++ super(classData); + // this.loader must not be null, or the newProxyInstance call + // will fail. + if (loader == null) { +@@ -55,5 +63,11 @@ + } + } + ++ public StubFactoryDynamicBase( PresentationManager.ClassData classData, ++ ClassLoader loader ) ++ { ++ this (checkPermission(), classData, loader); ++ } ++ + public abstract org.omg.CORBA.Object makeStub() ; + } +diff -Nru openjdk/corba/src/share/classes/com/sun/corba/se/impl/presentation/rmi/StubFactoryFactoryProxyImpl.java openjdk/corba/src/share/classes/com/sun/corba/se/impl/presentation/rmi/StubFactoryFactoryProxyImpl.java +--- openjdk/corba/src/share/classes/com/sun/corba/se/impl/presentation/rmi/StubFactoryFactoryProxyImpl.java ++++ openjdk/corba/src/share/classes/com/sun/corba/se/impl/presentation/rmi/StubFactoryFactoryProxyImpl.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2004, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -25,14 +25,23 @@ + + package com.sun.corba.se.impl.presentation.rmi; + ++import java.security.AccessController; ++import java.security.PrivilegedAction; ++ + import com.sun.corba.se.spi.presentation.rmi.PresentationManager ; + + public class StubFactoryFactoryProxyImpl extends StubFactoryFactoryDynamicBase + { + public PresentationManager.StubFactory makeDynamicStubFactory( +- PresentationManager pm, PresentationManager.ClassData classData, +- ClassLoader classLoader ) ++ PresentationManager pm, final PresentationManager.ClassData classData, ++ final ClassLoader classLoader ) + { +- return new StubFactoryProxyImpl( classData, classLoader ) ; ++ return AccessController ++ .doPrivileged(new PrivilegedAction<StubFactoryProxyImpl>() { ++ @Override ++ public StubFactoryProxyImpl run() { ++ return new StubFactoryProxyImpl(classData, classLoader); ++ } ++ }); + } + }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/20140114/8026204-auth_login_contexts.patch Wed Jan 15 12:52:12 2014 -0500 @@ -0,0 +1,307 @@ +# HG changeset patch +# User xuelei +# Date 1381893320 25200 +# Tue Oct 15 20:15:20 2013 -0700 +# Node ID c331d7827c61b73b362121f902b38224d7112955 +# Parent d6b926b610d956b000045f41e469555a2e241ea7 +8026204: Enhance auth login contexts +Summary: Enforce package access control with current context. Also reviewed by Alexander Fomin <alexander.fomin@oracle.com> +Reviewed-by: weijun, ahgross + +diff -Nru openjdk/jdk/src/share/classes/javax/security/auth/login/LoginContext.java openjdk/jdk/src/share/classes/javax/security/auth/login/LoginContext.java +--- openjdk/jdk/src/share/classes/javax/security/auth/login/LoginContext.java ++++ openjdk/jdk/src/share/classes/javax/security/auth/login/LoginContext.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 1998, 2006, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -37,8 +37,10 @@ + import javax.security.auth.callback.*; + import java.security.AccessController; + import java.security.AccessControlContext; ++import java.security.PrivilegedAction; + import sun.security.util.PendingException; + import sun.security.util.ResourcesMgr; ++import sun.reflect.misc.ReflectUtil; + + /** + * <p> The <code>LoginContext</code> class describes the basic methods used +@@ -217,8 +219,7 @@ + private Map state = new HashMap(); + + private Configuration config; +- private boolean configProvided = false; +- private AccessControlContext creatorAcc = null; ++ private AccessControlContext creatorAcc = null; // customized config only + private ModuleInfo[] moduleStack; + private ClassLoader contextClassLoader = null; + private static final Class[] PARAMS = { }; +@@ -234,10 +235,23 @@ + private static final sun.security.util.Debug debug = + sun.security.util.Debug.getInstance("logincontext", "\t[LoginContext]"); + ++ // workaround to disable additional package access control with ++ // Thread Context Class Loader (TCCL). ++ private static final boolean noPackageAccessWithTCCL = "true".equals( ++ AccessController.doPrivileged( ++ new PrivilegedAction<String>() { ++ public String run() { ++ return System.getProperty( ++ "auth.login.untieAccessContextWithTCCL"); ++ } ++ } ++ )); ++ ++ + private void init(String name) throws LoginException { + + SecurityManager sm = System.getSecurityManager(); +- if (sm != null && !configProvided) { ++ if (sm != null && creatorAcc == null) { + sm.checkPermission(new AuthPermission + ("createLoginContext." + name)); + } +@@ -260,7 +274,7 @@ + AppConfigurationEntry[] entries = config.getAppConfigurationEntry(name); + if (entries == null) { + +- if (sm != null && !configProvided) { ++ if (sm != null && creatorAcc == null) { + sm.checkPermission(new AuthPermission + ("createLoginContext." + OTHER)); + } +@@ -306,10 +320,10 @@ + (DEFAULT_HANDLER); + if (defaultHandler == null || defaultHandler.length() == 0) + return null; +- Class c = Class.forName(defaultHandler, +- true, +- finalLoader); +- return (CallbackHandler)c.newInstance(); ++ Class<? extends CallbackHandler> c = Class.forName( ++ defaultHandler, true, ++ finalLoader).asSubclass(CallbackHandler.class); ++ return c.newInstance(); + } + }); + } catch (java.security.PrivilegedActionException pae) { +@@ -317,7 +331,7 @@ + } + + // secure it with the caller's ACC +- if (this.callbackHandler != null && !configProvided) { ++ if (this.callbackHandler != null && creatorAcc == null) { + this.callbackHandler = new SecureCallbackHandler + (java.security.AccessController.getContext(), + this.callbackHandler); +@@ -506,8 +520,7 @@ + CallbackHandler callbackHandler, + Configuration config) throws LoginException { + this.config = config; +- configProvided = (config != null) ? true : false; +- if (configProvided) { ++ if (config != null) { + creatorAcc = java.security.AccessController.getContext(); + } + +@@ -518,7 +531,7 @@ + } + if (callbackHandler == null) { + loadDefaultCallbackHandler(); +- } else if (!configProvided) { ++ } else if (creatorAcc == null) { + this.callbackHandler = new SecureCallbackHandler + (java.security.AccessController.getContext(), + callbackHandler); +@@ -585,23 +598,13 @@ + } + + try { +- if (configProvided) { +- // module invoked in doPrivileged with creatorAcc +- invokeCreatorPriv(LOGIN_METHOD); +- invokeCreatorPriv(COMMIT_METHOD); +- } else { +- // module invoked in doPrivileged +- invokePriv(LOGIN_METHOD); +- invokePriv(COMMIT_METHOD); +- } ++ // module invoked in doPrivileged ++ invokePriv(LOGIN_METHOD); ++ invokePriv(COMMIT_METHOD); + loginSucceeded = true; + } catch (LoginException le) { + try { +- if (configProvided) { +- invokeCreatorPriv(ABORT_METHOD); +- } else { +- invokePriv(ABORT_METHOD); +- } ++ invokePriv(ABORT_METHOD); + } catch (LoginException le2) { + throw le; + } +@@ -636,13 +639,8 @@ + ("null subject - logout called before login")); + } + +- if (configProvided) { +- // module invoked in doPrivileged with creatorAcc +- invokeCreatorPriv(LOGOUT_METHOD); +- } else { +- // module invoked in doPrivileged +- invokePriv(LOGOUT_METHOD); +- } ++ // module invoked in doPrivileged ++ invokePriv(LOGOUT_METHOD); + } + + /** +@@ -685,7 +683,8 @@ + + /** + * Invokes the login, commit, and logout methods +- * from a LoginModule inside a doPrivileged block. ++ * from a LoginModule inside a doPrivileged block restricted ++ * by creatorAcc (may be null). + * + * This version is called if the caller did not instantiate + * the LoginContext with a Configuration object. +@@ -698,29 +697,6 @@ + invoke(methodName); + return null; + } +- }); +- } catch (java.security.PrivilegedActionException pae) { +- throw (LoginException)pae.getException(); +- } +- } +- +- /** +- * Invokes the login, commit, and logout methods +- * from a LoginModule inside a doPrivileged block restricted +- * by creatorAcc +- * +- * This version is called if the caller instantiated +- * the LoginContext with a Configuration object. +- */ +- private void invokeCreatorPriv(final String methodName) +- throws LoginException { +- try { +- java.security.AccessController.doPrivileged +- (new java.security.PrivilegedExceptionAction<Void>() { +- public Void run() throws LoginException { +- invoke(methodName); +- return null; +- } + }, creatorAcc); + } catch (java.security.PrivilegedActionException pae) { + throw (LoginException)pae.getException(); +@@ -743,24 +719,30 @@ + } else { + + // instantiate the LoginModule +- Class c = Class.forName +- (moduleStack[i].entry.getLoginModuleName(), ++ // ++ // Allow any object to be a LoginModule as long as it ++ // conforms to the interface if no customized config or ++ // noPackageAccessWithTCCL is true. ++ Class<?> c = Class.forName( ++ moduleStack[i].entry.getLoginModuleName(), + true, + contextClassLoader); ++ // check package access for customized config ++ if (!noPackageAccessWithTCCL && creatorAcc != null) { ++ c.asSubclass(javax.security.auth.spi.LoginModule.class); ++ checkPackageAccess(c, creatorAcc); ++ } + + Constructor constructor = c.getConstructor(PARAMS); + Object[] args = { }; +- +- // allow any object to be a LoginModule +- // as long as it conforms to the interface + moduleStack[i].module = constructor.newInstance(args); + ++ // call the LoginModule's initialize method + methods = moduleStack[i].module.getClass().getMethods(); +- +- // call the LoginModule's initialize method + for (mIndex = 0; mIndex < methods.length; mIndex++) { +- if (methods[mIndex].getName().equals(INIT_METHOD)) ++ if (methods[mIndex].getName().equals(INIT_METHOD)) { + break; ++ } + } + + Object[] initArgs = {subject, +@@ -768,19 +750,28 @@ + state, + moduleStack[i].entry.getOptions() }; + // invoke the LoginModule initialize method ++ // ++ // Throws ArrayIndexOutOfBoundsException if no such ++ // method defined. May improve to use LoginException in ++ // the future. + methods[mIndex].invoke(moduleStack[i].module, initArgs); + } + + // find the requested method in the LoginModule + for (mIndex = 0; mIndex < methods.length; mIndex++) { +- if (methods[mIndex].getName().equals(methodName)) ++ if (methods[mIndex].getName().equals(methodName)) { + break; ++ } + } + + // set up the arguments to be passed to the LoginModule method + Object[] args = { }; + + // invoke the LoginModule method ++ // ++ // Throws ArrayIndexOutOfBoundsException if no such ++ // method defined. May improve to use LoginException in ++ // the future. + boolean status = ((Boolean)methods[mIndex].invoke + (moduleStack[i].module, args)).booleanValue(); + +@@ -945,6 +936,35 @@ + } + + /** ++ * check package access of a class that is loaded with Thread Context ++ * Class Loader (TCCL) with specified access control context. ++ * ++ * Similar to java.lang.ClassLoader.checkPackageAccess() ++ */ ++ static void checkPackageAccess(Class<?> cls, AccessControlContext context) { ++ final SecurityManager sm = System.getSecurityManager(); ++ if (sm != null) { ++ if (ReflectUtil.isNonPublicProxyClass(cls)) { ++ for (Class<?> intf: cls.getInterfaces()) { ++ checkPackageAccess(intf, context); ++ } ++ return; ++ } ++ ++ final String name = cls.getName(); ++ final int i = name.lastIndexOf('.'); ++ if (i != -1) { ++ AccessController.doPrivileged(new PrivilegedAction<Void>() { ++ public Void run() { ++ sm.checkPackageAccess(name.substring(0, i)); ++ return null; ++ } ++ }, context); ++ } ++ } ++ } ++ ++ /** + * Wrap the caller-specified CallbackHandler in our own + * and invoke it within a privileged block, constrained by + * the caller's AccessControlContext.
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/20140114/8026417-xml_canonicalization.patch Wed Jan 15 12:52:12 2014 -0500 @@ -0,0 +1,201 @@ +# HG changeset patch +# User xuelei +# Date 1382589172 25200 +# Wed Oct 23 21:32:52 2013 -0700 +# Node ID 7e5e673c706f12d4c3bf5ace73af8df58f853894 +# Parent 67935d4cb42df261b41e8d1709fead4715bd8692 +8026417: Enhance XML canonicalization +Summary: Copy before use mutable byte arrays. Also reviewed by Alexander Fomin <alexander.fomin@oracle.com> +Reviewed-by: weijun, mullan, hawtin, ahgross + +diff -Nru openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/CanonicalizerBase.java openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/CanonicalizerBase.java +--- openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/CanonicalizerBase.java ++++ openjdk/jdk/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/implementations/CanonicalizerBase.java +@@ -63,6 +63,9 @@ + public abstract class CanonicalizerBase extends CanonicalizerSpi { + //Constants to be outputed, In char array form, so + //less garbage is generate when outputed. ++ // ++ // Make sure you clone the following mutable arrays before passing to ++ // potentially untrusted objects such as OutputStreams. + private static final byte[] _END_PI = {'?','>'}; + private static final byte[] _BEGIN_PI = {'<','?'}; + private static final byte[] _END_COMM = {'-','-','>'}; +@@ -75,10 +78,11 @@ + private static final byte[] _LT_ = {'&','l','t',';'}; + private static final byte[] _END_TAG = {'<','/'}; + private static final byte[] _AMP_ = {'&','a','m','p',';'}; ++ private static final byte[] _EQUALS_STR = {'=','\"'}; ++ + final static AttrCompare COMPARE=new AttrCompare(); + final static String XML="xml"; + final static String XMLNS="xmlns"; +- final static byte[] equalsStr= {'=','\"'}; + static final int NODE_BEFORE_DOCUMENT_ELEMENT = -1; + static final int NODE_NOT_BEFORE_OR_AFTER_DOCUMENT_ELEMENT = 0; + static final int NODE_AFTER_DOCUMENT_ELEMENT = 1; +@@ -309,7 +313,7 @@ + writer.write('>'); + sibling= currentNode.getFirstChild(); + if (sibling==null) { +- writer.write(_END_TAG); ++ writer.write(_END_TAG.clone()); + UtfHelpper.writeStringToUtf8(name,writer); + writer.write('>'); + //We fineshed with this level, pop to the previous definitions. +@@ -323,7 +327,7 @@ + break; + } + while (sibling==null && parentNode!=null) { +- writer.write(_END_TAG); ++ writer.write(_END_TAG.clone()); + UtfHelpper.writeByte(((Element)parentNode).getTagName(),writer,cache); + writer.write('>'); + //We fineshed with this level, pop to the previous definitions. +@@ -479,7 +483,7 @@ + + if (sibling==null) { + if (currentNodeIsVisible) { +- writer.write(_END_TAG); ++ writer.write(_END_TAG.clone()); + UtfHelpper.writeByte(name,writer,cache); + writer.write('>'); + //We fineshed with this level, pop to the previous definitions. +@@ -497,7 +501,7 @@ + } + while (sibling==null && parentNode!=null) { + if (isVisible(parentNode)) { +- writer.write(_END_TAG); ++ writer.write(_END_TAG.clone()); + UtfHelpper.writeByte(((Element)parentNode).getTagName(),writer,cache); + writer.write('>'); + //We fineshed with this level, pop to the previous definitions. +@@ -659,7 +663,7 @@ + final Map cache) throws IOException { + writer.write(' '); + UtfHelpper.writeByte(name,writer,cache); +- writer.write(equalsStr); ++ writer.write(_EQUALS_STR.clone()); + byte []toWrite; + final int length = value.length(); + int i=0; +@@ -669,27 +673,27 @@ + switch (c) { + + case '&' : +- toWrite=_AMP_; ++ toWrite=_AMP_.clone(); + break; + + case '<' : +- toWrite=_LT_; ++ toWrite=_LT_.clone(); + break; + + case '"' : +- toWrite=_QUOT_; ++ toWrite=_QUOT_.clone(); + break; + + case 0x09 : // '\t' +- toWrite=__X9_; ++ toWrite=__X9_.clone(); + break; + + case 0x0A : // '\n' +- toWrite=__XA_; ++ toWrite=__XA_.clone(); + break; + + case 0x0D : // '\r' +- toWrite=__XD_; ++ toWrite=__XD_.clone(); + break; + + default : +@@ -718,7 +722,7 @@ + if (position == NODE_AFTER_DOCUMENT_ELEMENT) { + writer.write('\n'); + } +- writer.write(_BEGIN_PI); ++ writer.write(_BEGIN_PI.clone()); + + final String target = currentPI.getTarget(); + int length = target.length(); +@@ -726,7 +730,7 @@ + for (int i = 0; i < length; i++) { + char c=target.charAt(i); + if (c==0x0D) { +- writer.write(__XD_); ++ writer.write(__XD_.clone()); + } else { + if (c < 0x80) { + writer.write(c); +@@ -746,14 +750,14 @@ + for (int i = 0; i < length; i++) { + char c=data.charAt(i); + if (c==0x0D) { +- writer.write(__XD_); ++ writer.write(__XD_.clone()); + } else { + UtfHelpper.writeCharToUtf8(c,writer); + } + } + } + +- writer.write(_END_PI); ++ writer.write(_END_PI.clone()); + if (position == NODE_BEFORE_DOCUMENT_ELEMENT) { + writer.write('\n'); + } +@@ -770,7 +774,7 @@ + if (position == NODE_AFTER_DOCUMENT_ELEMENT) { + writer.write('\n'); + } +- writer.write(_BEGIN_COMM); ++ writer.write(_BEGIN_COMM.clone()); + + final String data = currentComment.getData(); + final int length = data.length(); +@@ -778,7 +782,7 @@ + for (int i = 0; i < length; i++) { + char c=data.charAt(i); + if (c==0x0D) { +- writer.write(__XD_); ++ writer.write(__XD_.clone()); + } else { + if (c < 0x80) { + writer.write(c); +@@ -788,7 +792,7 @@ + } + } + +- writer.write(_END_COMM); ++ writer.write(_END_COMM.clone()); + if (position == NODE_BEFORE_DOCUMENT_ELEMENT) { + writer.write('\n'); + } +@@ -810,19 +814,19 @@ + switch (c) { + + case '&' : +- toWrite=_AMP_; ++ toWrite=_AMP_.clone(); + break; + + case '<' : +- toWrite=_LT_; ++ toWrite=_LT_.clone(); + break; + + case '>' : +- toWrite=_GT_; ++ toWrite=_GT_.clone(); + break; + + case 0xD : +- toWrite=__XD_; ++ toWrite=__XD_.clone(); + break; + + default :
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/20140114/8026826-fix_build.patch Wed Jan 15 12:52:12 2014 -0500 @@ -0,0 +1,639 @@ +# HG changeset patch +# User mullan +# Date 1382045866 14400 +# Thu Oct 17 17:37:46 2013 -0400 +# Node ID 8e6877caefcb68257ce71c0426fda9a40c4faf09 +# Parent c74cb93ad96e4e91e53524bb50415f785f5766e6 +8026826: JDK 7 fix for 8010935 broke the build +Reviewed-by: prr + +diff -Nru openjdk/jaxws/drop_included/jaxws_src/src/com/sun/tools/internal/xjc/model/nav/Utils.java openjdk/jaxws/drop_included/jaxws_src/src/com/sun/tools/internal/xjc/model/nav/Utils.java +new file mode 100644 +--- /dev/null ++++ openjdk/jaxws/drop_included/jaxws_src/src/com/sun/tools/internal/xjc/model/nav/Utils.java +@@ -0,0 +1,85 @@ ++/* ++ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * ++ * This code is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License version 2 only, as ++ * published by the Free Software Foundation. Oracle designates this ++ * particular file as subject to the "Classpath" exception as provided ++ * by Oracle in the LICENSE file that accompanied this code. ++ * ++ * This code is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * version 2 for more details (a copy is included in the LICENSE file that ++ * accompanied this code). ++ * ++ * You should have received a copy of the GNU General Public License version ++ * 2 along with this work; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA ++ * or visit www.oracle.com if you need additional information or have any ++ * questions. ++ */ ++ ++package com.sun.tools.internal.xjc.model.nav; ++ ++import com.sun.xml.internal.bind.v2.model.nav.Navigator; ++ ++import java.lang.reflect.Field; ++import java.lang.reflect.InvocationTargetException; ++import java.lang.reflect.Method; ++import java.lang.reflect.Type; ++import java.util.logging.Level; ++import java.util.logging.Logger; ++ ++/** ++ * Utils class. ++ * ++ * WARNING: If you are doing any changes don't forget to change other Utils classes in different packages. ++ * ++ * Has *package private* access to avoid inappropriate usage. ++ */ ++/* package */ final class Utils { ++ ++ private static final Logger LOGGER = Logger.getLogger(Utils.class.getName()); ++ ++ /** ++ * static ReflectionNavigator field to avoid usage of reflection every time we use it. ++ */ ++ /* package */ static final Navigator<Type, Class, Field, Method> REFLECTION_NAVIGATOR; ++ ++ static { // we statically initializing REFLECTION_NAVIGATOR property ++ Class refNav = null; ++ try { ++ refNav = Class.forName("com.sun.xml.internal.bind.v2.model.nav.ReflectionNavigator"); ++ //noinspection unchecked ++ Method getInstance = refNav.getDeclaredMethod("getInstance"); ++ getInstance.setAccessible(true); ++ //noinspection unchecked ++ REFLECTION_NAVIGATOR = (Navigator<Type, Class, Field, Method>) getInstance.invoke(null); ++ } catch (ClassNotFoundException e) { ++ e.printStackTrace(); ++ throw new IllegalStateException("Can't find ReflectionNavigator class"); ++ } catch (InvocationTargetException e) { ++ e.printStackTrace(); ++ throw new IllegalStateException("ReflectionNavigator.getInstance throws the exception"); ++ } catch (NoSuchMethodException e) { ++ e.printStackTrace(); ++ throw new IllegalStateException("ReflectionNavigator.getInstance can't be found"); ++ } catch (IllegalAccessException e) { ++ e.printStackTrace(); ++ throw new IllegalStateException("ReflectionNavigator.getInstance method is inaccessible"); ++ } catch (SecurityException e) { ++ LOGGER.log(Level.FINE, "Unable to access ReflectionNavigator.getInstance", e); ++ throw e; ++ } ++ } ++ ++ /** ++ * private constructor to avoid util class instantiating ++ */ ++ private Utils() { ++ } ++} +diff -Nru openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/api/Utils.java openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/api/Utils.java +new file mode 100644 +--- /dev/null ++++ openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/api/Utils.java +@@ -0,0 +1,85 @@ ++/* ++ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * ++ * This code is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License version 2 only, as ++ * published by the Free Software Foundation. Oracle designates this ++ * particular file as subject to the "Classpath" exception as provided ++ * by Oracle in the LICENSE file that accompanied this code. ++ * ++ * This code is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * version 2 for more details (a copy is included in the LICENSE file that ++ * accompanied this code). ++ * ++ * You should have received a copy of the GNU General Public License version ++ * 2 along with this work; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA ++ * or visit www.oracle.com if you need additional information or have any ++ * questions. ++ */ ++ ++package com.sun.xml.internal.bind.api; ++ ++import com.sun.xml.internal.bind.v2.model.nav.Navigator; ++ ++import java.lang.reflect.Field; ++import java.lang.reflect.InvocationTargetException; ++import java.lang.reflect.Method; ++import java.lang.reflect.Type; ++import java.util.logging.Level; ++import java.util.logging.Logger; ++ ++/** ++ * Utils class. ++ * ++ * WARNING: If you are doing any changes don't forget to change other Utils classes in different packages. ++ * ++ * Has *package private* access to avoid inappropriate usage. ++ */ ++/* package */ final class Utils { ++ ++ private static final Logger LOGGER = Logger.getLogger(Utils.class.getName()); ++ ++ /** ++ * static ReflectionNavigator field to avoid usage of reflection every time we use it. ++ */ ++ /* package */ static final Navigator<Type, Class, Field, Method> REFLECTION_NAVIGATOR; ++ ++ static { // we statically initializing REFLECTION_NAVIGATOR property ++ Class refNav = null; ++ try { ++ refNav = Class.forName("com.sun.xml.internal.bind.v2.model.nav.ReflectionNavigator"); ++ //noinspection unchecked ++ Method getInstance = refNav.getDeclaredMethod("getInstance"); ++ getInstance.setAccessible(true); ++ //noinspection unchecked ++ REFLECTION_NAVIGATOR = (Navigator<Type, Class, Field, Method>) getInstance.invoke(null); ++ } catch (ClassNotFoundException e) { ++ e.printStackTrace(); ++ throw new IllegalStateException("Can't find ReflectionNavigator class"); ++ } catch (InvocationTargetException e) { ++ e.printStackTrace(); ++ throw new IllegalStateException("ReflectionNavigator.getInstance throws the exception"); ++ } catch (NoSuchMethodException e) { ++ e.printStackTrace(); ++ throw new IllegalStateException("ReflectionNavigator.getInstance can't be found"); ++ } catch (IllegalAccessException e) { ++ e.printStackTrace(); ++ throw new IllegalStateException("ReflectionNavigator.getInstance method is inaccessible"); ++ } catch (SecurityException e) { ++ LOGGER.log(Level.FINE, "Unable to access ReflectionNavigator.getInstance", e); ++ throw e; ++ } ++ } ++ ++ /** ++ * private constructor to avoid util class instantiating ++ */ ++ private Utils() { ++ } ++} +diff -Nru openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/impl/Utils.java openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/impl/Utils.java +new file mode 100644 +--- /dev/null ++++ openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/model/impl/Utils.java +@@ -0,0 +1,85 @@ ++/* ++ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * ++ * This code is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License version 2 only, as ++ * published by the Free Software Foundation. Oracle designates this ++ * particular file as subject to the "Classpath" exception as provided ++ * by Oracle in the LICENSE file that accompanied this code. ++ * ++ * This code is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * version 2 for more details (a copy is included in the LICENSE file that ++ * accompanied this code). ++ * ++ * You should have received a copy of the GNU General Public License version ++ * 2 along with this work; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA ++ * or visit www.oracle.com if you need additional information or have any ++ * questions. ++ */ ++ ++package com.sun.xml.internal.bind.v2.model.impl; ++ ++import com.sun.xml.internal.bind.v2.model.nav.Navigator; ++ ++import java.lang.reflect.Field; ++import java.lang.reflect.InvocationTargetException; ++import java.lang.reflect.Method; ++import java.lang.reflect.Type; ++import java.util.logging.Level; ++import java.util.logging.Logger; ++ ++/** ++ * Utils class. ++ * ++ * WARNING: If you are doing any changes don't forget to change other Utils classes in different packages. ++ * ++ * Has *package private* access to avoid inappropriate usage. ++ */ ++/* package */ final class Utils { ++ ++ private static final Logger LOGGER = Logger.getLogger(Utils.class.getName()); ++ ++ /** ++ * static ReflectionNavigator field to avoid usage of reflection every time we use it. ++ */ ++ /* package */ static final Navigator<Type, Class, Field, Method> REFLECTION_NAVIGATOR; ++ ++ static { // we statically initializing REFLECTION_NAVIGATOR property ++ Class refNav = null; ++ try { ++ refNav = Class.forName("com.sun.xml.internal.bind.v2.model.nav.ReflectionNavigator"); ++ //noinspection unchecked ++ Method getInstance = refNav.getDeclaredMethod("getInstance"); ++ getInstance.setAccessible(true); ++ //noinspection unchecked ++ REFLECTION_NAVIGATOR = (Navigator<Type, Class, Field, Method>) getInstance.invoke(null); ++ } catch (ClassNotFoundException e) { ++ e.printStackTrace(); ++ throw new IllegalStateException("Can't find ReflectionNavigator class"); ++ } catch (InvocationTargetException e) { ++ e.printStackTrace(); ++ throw new IllegalStateException("ReflectionNavigator.getInstance throws the exception"); ++ } catch (NoSuchMethodException e) { ++ e.printStackTrace(); ++ throw new IllegalStateException("ReflectionNavigator.getInstance can't be found"); ++ } catch (IllegalAccessException e) { ++ e.printStackTrace(); ++ throw new IllegalStateException("ReflectionNavigator.getInstance method is inaccessible"); ++ } catch (SecurityException e) { ++ LOGGER.log(Level.FINE, "Unable to access ReflectionNavigator.getInstance", e); ++ throw e; ++ } ++ } ++ ++ /** ++ * private constructor to avoid util class instantiating ++ */ ++ private Utils() { ++ } ++} +diff -Nru openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/runtime/Utils.java openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/runtime/Utils.java +new file mode 100644 +--- /dev/null ++++ openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/runtime/Utils.java +@@ -0,0 +1,85 @@ ++/* ++ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * ++ * This code is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License version 2 only, as ++ * published by the Free Software Foundation. Oracle designates this ++ * particular file as subject to the "Classpath" exception as provided ++ * by Oracle in the LICENSE file that accompanied this code. ++ * ++ * This code is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * version 2 for more details (a copy is included in the LICENSE file that ++ * accompanied this code). ++ * ++ * You should have received a copy of the GNU General Public License version ++ * 2 along with this work; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA ++ * or visit www.oracle.com if you need additional information or have any ++ * questions. ++ */ ++ ++package com.sun.xml.internal.bind.v2.runtime; ++ ++import com.sun.xml.internal.bind.v2.model.nav.Navigator; ++ ++import java.lang.reflect.Field; ++import java.lang.reflect.InvocationTargetException; ++import java.lang.reflect.Method; ++import java.lang.reflect.Type; ++import java.util.logging.Level; ++import java.util.logging.Logger; ++ ++/** ++ * Utils class. ++ * ++ * WARNING: If you are doing any changes don't forget to change other Utils classes in different packages. ++ * ++ * Has *package private* access to avoid inappropriate usage. ++ */ ++/* package */ final class Utils { ++ ++ private static final Logger LOGGER = Logger.getLogger(Utils.class.getName()); ++ ++ /** ++ * static ReflectionNavigator field to avoid usage of reflection every time we use it. ++ */ ++ /* package */ static final Navigator<Type, Class, Field, Method> REFLECTION_NAVIGATOR; ++ ++ static { // we statically initializing REFLECTION_NAVIGATOR property ++ Class refNav = null; ++ try { ++ refNav = Class.forName("com.sun.xml.internal.bind.v2.model.nav.ReflectionNavigator"); ++ //noinspection unchecked ++ Method getInstance = refNav.getDeclaredMethod("getInstance"); ++ getInstance.setAccessible(true); ++ //noinspection unchecked ++ REFLECTION_NAVIGATOR = (Navigator<Type, Class, Field, Method>) getInstance.invoke(null); ++ } catch (ClassNotFoundException e) { ++ e.printStackTrace(); ++ throw new IllegalStateException("Can't find ReflectionNavigator class"); ++ } catch (InvocationTargetException e) { ++ e.printStackTrace(); ++ throw new IllegalStateException("ReflectionNavigator.getInstance throws the exception"); ++ } catch (NoSuchMethodException e) { ++ e.printStackTrace(); ++ throw new IllegalStateException("ReflectionNavigator.getInstance can't be found"); ++ } catch (IllegalAccessException e) { ++ e.printStackTrace(); ++ throw new IllegalStateException("ReflectionNavigator.getInstance method is inaccessible"); ++ } catch (SecurityException e) { ++ LOGGER.log(Level.FINE, "Unable to access ReflectionNavigator.getInstance", e); ++ throw e; ++ } ++ } ++ ++ /** ++ * private constructor to avoid util class instantiating ++ */ ++ private Utils() { ++ } ++} +diff -Nru openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/runtime/property/Utils.java openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/runtime/property/Utils.java +new file mode 100644 +--- /dev/null ++++ openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/runtime/property/Utils.java +@@ -0,0 +1,85 @@ ++/* ++ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * ++ * This code is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License version 2 only, as ++ * published by the Free Software Foundation. Oracle designates this ++ * particular file as subject to the "Classpath" exception as provided ++ * by Oracle in the LICENSE file that accompanied this code. ++ * ++ * This code is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * version 2 for more details (a copy is included in the LICENSE file that ++ * accompanied this code). ++ * ++ * You should have received a copy of the GNU General Public License version ++ * 2 along with this work; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA ++ * or visit www.oracle.com if you need additional information or have any ++ * questions. ++ */ ++ ++package com.sun.xml.internal.bind.v2.runtime.property; ++ ++import com.sun.xml.internal.bind.v2.model.nav.Navigator; ++ ++import java.lang.reflect.Field; ++import java.lang.reflect.InvocationTargetException; ++import java.lang.reflect.Method; ++import java.lang.reflect.Type; ++import java.util.logging.Level; ++import java.util.logging.Logger; ++ ++/** ++ * Utils class. ++ * ++ * WARNING: If you are doing any changes don't forget to change other Utils classes in different packages. ++ * ++ * Has *package private* access to avoid inappropriate usage. ++ */ ++/* package */ final class Utils { ++ ++ private static final Logger LOGGER = Logger.getLogger(Utils.class.getName()); ++ ++ /** ++ * static ReflectionNavigator field to avoid usage of reflection every time we use it. ++ */ ++ /* package */ static final Navigator<Type, Class, Field, Method> REFLECTION_NAVIGATOR; ++ ++ static { // we statically initializing REFLECTION_NAVIGATOR property ++ Class refNav = null; ++ try { ++ refNav = Class.forName("com.sun.xml.internal.bind.v2.model.nav.ReflectionNavigator"); ++ //noinspection unchecked ++ Method getInstance = refNav.getDeclaredMethod("getInstance"); ++ getInstance.setAccessible(true); ++ //noinspection unchecked ++ REFLECTION_NAVIGATOR = (Navigator<Type, Class, Field, Method>) getInstance.invoke(null); ++ } catch (ClassNotFoundException e) { ++ e.printStackTrace(); ++ throw new IllegalStateException("Can't find ReflectionNavigator class"); ++ } catch (InvocationTargetException e) { ++ e.printStackTrace(); ++ throw new IllegalStateException("ReflectionNavigator.getInstance throws the exception"); ++ } catch (NoSuchMethodException e) { ++ e.printStackTrace(); ++ throw new IllegalStateException("ReflectionNavigator.getInstance can't be found"); ++ } catch (IllegalAccessException e) { ++ e.printStackTrace(); ++ throw new IllegalStateException("ReflectionNavigator.getInstance method is inaccessible"); ++ } catch (SecurityException e) { ++ LOGGER.log(Level.FINE, "Unable to access ReflectionNavigator.getInstance", e); ++ throw e; ++ } ++ } ++ ++ /** ++ * private constructor to avoid util class instantiating ++ */ ++ private Utils() { ++ } ++} +diff -Nru openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/runtime/reflect/Utils.java openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/runtime/reflect/Utils.java +new file mode 100644 +--- /dev/null ++++ openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/bind/v2/runtime/reflect/Utils.java +@@ -0,0 +1,85 @@ ++/* ++ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * ++ * This code is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License version 2 only, as ++ * published by the Free Software Foundation. Oracle designates this ++ * particular file as subject to the "Classpath" exception as provided ++ * by Oracle in the LICENSE file that accompanied this code. ++ * ++ * This code is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * version 2 for more details (a copy is included in the LICENSE file that ++ * accompanied this code). ++ * ++ * You should have received a copy of the GNU General Public License version ++ * 2 along with this work; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA ++ * or visit www.oracle.com if you need additional information or have any ++ * questions. ++ */ ++ ++package com.sun.xml.internal.bind.v2.runtime.reflect; ++ ++import com.sun.xml.internal.bind.v2.model.nav.Navigator; ++ ++import java.lang.reflect.Field; ++import java.lang.reflect.InvocationTargetException; ++import java.lang.reflect.Method; ++import java.lang.reflect.Type; ++import java.util.logging.Level; ++import java.util.logging.Logger; ++ ++/** ++ * Utils class. ++ * ++ * WARNING: If you are doing any changes don't forget to change other Utils classes in different packages. ++ * ++ * Has *package private* access to avoid inappropriate usage. ++ */ ++/* package */ final class Utils { ++ ++ private static final Logger LOGGER = Logger.getLogger(Utils.class.getName()); ++ ++ /** ++ * static ReflectionNavigator field to avoid usage of reflection every time we use it. ++ */ ++ /* package */ static final Navigator<Type, Class, Field, Method> REFLECTION_NAVIGATOR; ++ ++ static { // we statically initializing REFLECTION_NAVIGATOR property ++ Class refNav = null; ++ try { ++ refNav = Class.forName("com.sun.xml.internal.bind.v2.model.nav.ReflectionNavigator"); ++ //noinspection unchecked ++ Method getInstance = refNav.getDeclaredMethod("getInstance"); ++ getInstance.setAccessible(true); ++ //noinspection unchecked ++ REFLECTION_NAVIGATOR = (Navigator<Type, Class, Field, Method>) getInstance.invoke(null); ++ } catch (ClassNotFoundException e) { ++ e.printStackTrace(); ++ throw new IllegalStateException("Can't find ReflectionNavigator class"); ++ } catch (InvocationTargetException e) { ++ e.printStackTrace(); ++ throw new IllegalStateException("ReflectionNavigator.getInstance throws the exception"); ++ } catch (NoSuchMethodException e) { ++ e.printStackTrace(); ++ throw new IllegalStateException("ReflectionNavigator.getInstance can't be found"); ++ } catch (IllegalAccessException e) { ++ e.printStackTrace(); ++ throw new IllegalStateException("ReflectionNavigator.getInstance method is inaccessible"); ++ } catch (SecurityException e) { ++ LOGGER.log(Level.FINE, "Unable to access ReflectionNavigator.getInstance", e); ++ throw e; ++ } ++ } ++ ++ /** ++ * private constructor to avoid util class instantiating ++ */ ++ private Utils() { ++ } ++} +diff -Nru openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/ws/model/Utils.java openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/ws/model/Utils.java +new file mode 100644 +--- /dev/null ++++ openjdk/jaxws/drop_included/jaxws_src/src/com/sun/xml/internal/ws/model/Utils.java +@@ -0,0 +1,85 @@ ++/* ++ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * ++ * This code is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License version 2 only, as ++ * published by the Free Software Foundation. Oracle designates this ++ * particular file as subject to the "Classpath" exception as provided ++ * by Oracle in the LICENSE file that accompanied this code. ++ * ++ * This code is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * version 2 for more details (a copy is included in the LICENSE file that ++ * accompanied this code). ++ * ++ * You should have received a copy of the GNU General Public License version ++ * 2 along with this work; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA ++ * or visit www.oracle.com if you need additional information or have any ++ * questions. ++ */ ++ ++package com.sun.xml.internal.ws.model; ++ ++import com.sun.xml.internal.bind.v2.model.nav.Navigator; ++ ++import java.lang.reflect.Field; ++import java.lang.reflect.InvocationTargetException; ++import java.lang.reflect.Method; ++import java.lang.reflect.Type; ++import java.util.logging.Level; ++import java.util.logging.Logger; ++ ++/** ++ * Utils class. ++ * ++ * WARNING: If you are doing any changes don't forget to change other Utils classes in different packages. ++ * ++ * Has *package private* access to avoid inappropriate usage. ++ */ ++/* package */ final class Utils { ++ ++ private static final Logger LOGGER = Logger.getLogger(Utils.class.getName()); ++ ++ /** ++ * static ReflectionNavigator field to avoid usage of reflection every time we use it. ++ */ ++ /* package */ static final Navigator<Type, Class, Field, Method> REFLECTION_NAVIGATOR; ++ ++ static { // we statically initializing REFLECTION_NAVIGATOR property ++ Class refNav = null; ++ try { ++ refNav = Class.forName("com.sun.xml.internal.bind.v2.model.nav.ReflectionNavigator"); ++ //noinspection unchecked ++ Method getInstance = refNav.getDeclaredMethod("getInstance"); ++ getInstance.setAccessible(true); ++ //noinspection unchecked ++ REFLECTION_NAVIGATOR = (Navigator<Type, Class, Field, Method>) getInstance.invoke(null); ++ } catch (ClassNotFoundException e) { ++ e.printStackTrace(); ++ throw new IllegalStateException("Can't find ReflectionNavigator class"); ++ } catch (InvocationTargetException e) { ++ e.printStackTrace(); ++ throw new IllegalStateException("ReflectionNavigator.getInstance throws the exception"); ++ } catch (NoSuchMethodException e) { ++ e.printStackTrace(); ++ throw new IllegalStateException("ReflectionNavigator.getInstance can't be found"); ++ } catch (IllegalAccessException e) { ++ e.printStackTrace(); ++ throw new IllegalStateException("ReflectionNavigator.getInstance method is inaccessible"); ++ } catch (SecurityException e) { ++ LOGGER.log(Level.FINE, "Unable to access ReflectionNavigator.getInstance", e); ++ throw e; ++ } ++ } ++ ++ /** ++ * private constructor to avoid util class instantiating ++ */ ++ private Utils() { ++ } ++}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/patches/security/20140114/8027201-jaxp_setup.patch Wed Jan 15 12:52:12 2014 -0500 @@ -0,0 +1,197 @@ +# HG changeset patch +# User joehw +# Date 1384451244 28800 +# Thu Nov 14 09:47:24 2013 -0800 +# Node ID 674054141ddda3a76dd6e2cf9405a7928dd89afb +# Parent 1502dbf19fe21111593ee0d88f262d0cfd9b359a +8027201: Enhance JAX-P set up +Reviewed-by: alanb, dfuchs, lancea, hawtin + +diff -Nru openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xalan/internal/lib/ExsltStrings.java openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xalan/internal/lib/ExsltStrings.java +--- openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xalan/internal/lib/ExsltStrings.java ++++ openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xalan/internal/lib/ExsltStrings.java +@@ -227,7 +227,7 @@ + token = str.substring(fromIndex); + } + +- Document doc = DocumentHolder.m_doc; ++ Document doc = getDocument(); + synchronized (doc) + { + Element element = doc.createElement("token"); +@@ -291,7 +291,7 @@ + { + StringTokenizer lTokenizer = new StringTokenizer(toTokenize, delims); + +- Document doc = DocumentHolder.m_doc; ++ Document doc = getDocument(); + synchronized (doc) + { + while (lTokenizer.hasMoreTokens()) +@@ -307,7 +307,7 @@ + else + { + +- Document doc = DocumentHolder.m_doc; ++ Document doc = getDocument(); + synchronized (doc) + { + for (int i = 0; i < toTokenize.length(); i++) +@@ -329,35 +329,23 @@ + { + return tokenize(toTokenize, " \t\n\r"); + } ++ + /** +- * This class is not loaded until first referenced (see Java Language +- * Specification by Gosling/Joy/Steele, section 12.4.1) +- * +- * The static members are created when this class is first referenced, as a +- * lazy initialization not needing checking against null or any +- * synchronization. +- * ++ * @return an instance of DOM Document + */ +- private static class DocumentHolder +- { +- // Reuse the Document object to reduce memory usage. +- private static final Document m_doc; +- static { +- try +- { +- if (System.getSecurityManager() == null) { +- m_doc = DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument(); +- } else { +- m_doc = DocumentBuilderFactory.newInstance(JDK_DEFAULT_DOM, null).newDocumentBuilder().newDocument(); +- } ++ private static Document getDocument() ++ { ++ try ++ { ++ if (System.getSecurityManager() == null) { ++ return DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument(); ++ } else { ++ return DocumentBuilderFactory.newInstance(JDK_DEFAULT_DOM, null).newDocumentBuilder().newDocument(); + } +- +- catch(ParserConfigurationException pce) +- { +- throw new com.sun.org.apache.xml.internal.utils.WrappedRuntimeException(pce); +- } +- ++ } ++ catch(ParserConfigurationException pce) ++ { ++ throw new com.sun.org.apache.xml.internal.utils.WrappedRuntimeException(pce); + } + } +- + } +diff -Nru openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xalan/internal/lib/Extensions.java openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xalan/internal/lib/Extensions.java +--- openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xalan/internal/lib/Extensions.java ++++ openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xalan/internal/lib/Extensions.java +@@ -114,23 +114,14 @@ + + // This no longer will work right since the DTM. + // Document myDoc = myProcessor.getContextNode().getOwnerDocument(); +- try +- { +- DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); +- DocumentBuilder db = dbf.newDocumentBuilder(); +- Document myDoc = db.newDocument(); ++ Document myDoc = getDocument(); + +- Text textNode = myDoc.createTextNode(textNodeValue); +- DocumentFragment docFrag = myDoc.createDocumentFragment(); ++ Text textNode = myDoc.createTextNode(textNodeValue); ++ DocumentFragment docFrag = myDoc.createDocumentFragment(); + +- docFrag.appendChild(textNode); ++ docFrag.appendChild(textNode); + +- return new NodeSet(docFrag); +- } +- catch(ParserConfigurationException pce) +- { +- throw new com.sun.org.apache.xml.internal.utils.WrappedRuntimeException(pce); +- } ++ return new NodeSet(docFrag); + } + } + +@@ -249,8 +240,7 @@ + public static NodeList tokenize(String toTokenize, String delims) + { + +- Document doc = DocumentHolder.m_doc; +- ++ Document doc = getDocument(); + + StringTokenizer lTokenizer = new StringTokenizer(toTokenize, delims); + NodeSet resultSet = new NodeSet(); +@@ -308,17 +298,7 @@ + public static Node checkEnvironment(ExpressionContext myContext) + { + +- Document factoryDocument; +- try +- { +- DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); +- DocumentBuilder db = dbf.newDocumentBuilder(); +- factoryDocument = db.newDocument(); +- } +- catch(ParserConfigurationException pce) +- { +- throw new com.sun.org.apache.xml.internal.utils.WrappedRuntimeException(pce); +- } ++ Document factoryDocument = getDocument(); + + Node resultNode = null; + try +@@ -392,34 +372,21 @@ + } + + /** +- * This class is not loaded until first referenced (see Java Language +- * Specification by Gosling/Joy/Steele, section 12.4.1) +- * +- * The static members are created when this class is first referenced, as a +- * lazy initialization not needing checking against null or any +- * synchronization. +- * ++ * @return an instance of DOM Document + */ +- private static class DocumentHolder +- { +- // Reuse the Document object to reduce memory usage. +- private static final Document m_doc; +- static ++ private static Document getDocument() ++ { ++ try + { +- try +- { +- if (System.getSecurityManager() == null) { +- m_doc = DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument(); +- } else { +- m_doc = DocumentBuilderFactory.newInstance(JDK_DEFAULT_DOM, null).newDocumentBuilder().newDocument(); +- } ++ if (System.getSecurityManager() == null) { ++ return DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument(); ++ } else { ++ return DocumentBuilderFactory.newInstance(JDK_DEFAULT_DOM, null).newDocumentBuilder().newDocument(); + } +- +- catch(ParserConfigurationException pce) +- { +- throw new com.sun.org.apache.xml.internal.utils.WrappedRuntimeException(pce); +- } +- ++ } ++ catch(ParserConfigurationException pce) ++ { ++ throw new com.sun.org.apache.xml.internal.utils.WrappedRuntimeException(pce); + } + } + }