Mercurial > hg > release > icedtea6-1.12
view patches/security/20130618/8001038-resourcefully_handle_resources.patch @ 3004:08ce3247b5b0
Add 2013/06/18 security patches.
2013-06-22 Andrew John Hughes <gnu.andrew@member.fsf.org>
* patches/idresolver_fix.patch:
Removed. Part of 6469266.
* Makefile.am:
(SECURITY_PATCHES): Add new ones.
(SPECIAL_SECURITY_PATCH_1): Renamed from
SPECIAL_SECURITY_PATCH.
(SPECIAL_SECURITY_PATCH_2): Add 8009071, which
needs to be applied after some AWT backports.
(ICEDTEA_PATCHES): Use SPECIAL_SECURITY_PATCH_{1,2}.
Move 8005615, 8007393 & 8007611 to SECURITY_PATCHES
as must be applied before 8004584. Add 7171223 to
end.
* patches/openjdk/6307603-xrender-01.patch,
* patches/openjdk/6469266-xmlsec_1.4.2.patch,
* patches/openjdk/6656651-windows_lcd_glyphs.patch,
* patches/openjdk/6786028-wcag_bold_tags.patch,
* patches/openjdk/6786682-wcag_lang.patch,
* patches/openjdk/6786688-wcag_table.patch,
* patches/openjdk/6786690-wcag_dl.patch,
* patches/openjdk/6802694-no_deprecated.patch,
* patches/openjdk/6851834-restructure.patch,
* patches/openjdk/6888167-medialib_memory_leaks.patch,
* patches/openjdk/6961178-doclet_xml.patch,
* patches/openjdk/6990754-use_native_memory_for_symboltable.patch,
* patches/openjdk/7006270-regressions.patch,
* patches/openjdk/7008809-report_class_in_arraystoreexception.patch,
* patches/openjdk/7014851-unused_parallel_compaction_code.patch,
* patches/openjdk/7017732-move_static_fields_to_class.patch,
* patches/openjdk/7036747-elfstringtable.patch,
* patches/openjdk/7086585-flexible_field_injection.patch,
* patches/openjdk/7171223-strict_aliasing.patch,
* patches/openjdk/7195301-no_instanceof_node.patch,
* patches/security/20130618/6741606-apache_santuario.patch,
* patches/security/20130618/7158805-nested_subroutine_rewriting.patch,
* patches/security/20130618/7170730-windows_network_stack.patch,
* patches/security/20130618/8000638-improve_deserialization.patch,
* patches/security/20130618/8000642-better_transportation_handling.patch,
* patches/security/20130618/8001032-restrict_object_access-corba.patch,
* patches/security/20130618/8001032-restrict_object_access-jdk.patch,
* patches/security/20130618/8001033-refactor_address_handling.patch,
* patches/security/20130618/8001034-memory_management.patch,
* patches/security/20130618/8001038-resourcefully_handle_resources.patch,
* patches/security/20130618/8001043-clarify_definition_restrictions.patch,
* patches/security/20130618/8001309-better_handling_of_annotation_interfaces.patch,
* patches/security/20130618/8001318-6_fixup.patch,
* patches/security/20130618/8001318-socket_getlocaladdress_consistency.patch,
* patches/security/20130618/8001330-checking_order_improvement.patch,
* patches/security/20130618/8001330-improve_checking_order.patch,
* patches/security/20130618/8003703-update_rmi_connection_dialog.patch,
* patches/security/20130618/8004584-augment_applet_contextualization.patch,
* patches/security/20130618/8005007-better_glyph_processing.patch,
* patches/security/20130618/8006328-6_fixup.patch,
* patches/security/20130618/8006328-sound_class_robustness.patch,
* patches/security/20130618/8006611-improve_scripting.patch,
* patches/security/20130618/8007467-improve_jmx_internal_api_robustness.patch,
* patches/security/20130618/8007471-6_fixup.patch,
* patches/security/20130618/8007471-improve_mbean_notifications.patch,
* patches/security/20130618/8007812-getenclosingmethod.patch,
* patches/security/20130618/8008120-improve_jmx_class_checking.patch,
* patches/security/20130618/8008124-better_compliance_testing.patch,
* patches/security/20130618/8008128-better_jmx_api_coherence.patch,
* patches/security/20130618/8008132-better_serialization.patch,
* patches/security/20130618/8008585-jmx_data_handling.patch,
* patches/security/20130618/8008593-better_urlclassloader.patch,
* patches/security/20130618/8008603-jmx_provider_provision.patch,
* patches/security/20130618/8008611-6_fixup.patch,
* patches/security/20130618/8008611-jmx_annotations.patch,
* patches/security/20130618/8008615-jmx_internal_api_robustness.patch,
* patches/security/20130618/8008623-mbeanserver_handling.patch,
* patches/security/20130618/8008744-6741606_rework.patch,
* patches/security/20130618/8008982-jmx_interface_changes.patch,
* patches/security/20130618/8009004-rmi_connection_improvement.patch,
* patches/security/20130618/8009013-t2k_glyphs.patch,
* patches/security/20130618/8009034-jmx_notification_improvement.patch,
* patches/security/20130618/8009038-jmx_notification_support_improvement.patch,
* patches/security/20130618/8009067-improve_key_storing.patch,
* patches/security/20130618/8009071-improve_shape_handling.patch,
* patches/security/20130618/8009235-improve_tsa_data_handling.patch,
* patches/security/20130618/8009554-serialjavaobject.patch,
* patches/security/20130618/8011243-improve_imaginglib.patch,
* patches/security/20130618/8011248-better_component_rasters.patch,
* patches/security/20130618/8011253-better_short_component_rasters.patch,
* patches/security/20130618/8011257-better_byte_component_rasters.patch,
* patches/security/20130618/8011557-improve_reflection.patch,
* patches/security/20130618/8012375-javadoc_framing.patch,
* patches/security/20130618/8012421-better_positioning.patch,
* patches/security/20130618/8012438-better_image_validation.patch,
* patches/security/20130618/8012597-better_image_channel_validation.patch,
* patches/security/20130618/8012601-better_layout_validation.patch,
* patches/security/20130618/8014281-better_xml_signature_checking.patch,
* patches/security/20130618/8015997-more_javadoc_framing.patch,
* patches/security/20130618/diamond_fix.patch,
* patches/security/20130618/handle_npe.patch,
* patches/security/20130618/hs_merge-01.patch,
* patches/security/20130618/hs_merge-02.patch,
* patches/security/20130618/hs_merge-03.patch,
* patches/security/20130618/hs_merge-04.patch,
* patches/security/20130618/javac_issue.patch,
* patches/security/20130618/langtools_generics.patch,
* patches/security/20130618/langtools_merge-01.patch,
* patches/security/20130618/langtools_merge-02.patch,
* patches/security/20130618/langtools_merge-03.patch:
2013/06/18 security patches.
* patches/apache-xml-internal-fix-bug-38655.patch: Remove.
| author | Andrew John Hughes <gnu.andrew@redhat.com> |
|---|---|
| date | Sat, 22 Jun 2013 16:38:24 -0500 |
| parents | |
| children |
line wrap: on
line source
# HG changeset patch # User bae # Date 1364494624 -14400 # Node ID d514062cbfff28dc38f4b429df12f0d174f960e6 # Parent 5b6f070ddeab14b2d7a731c5f4c61eea406638da 8001038: Resourcefully handle resources Reviewed-by: mschoene, prr, bae Contributed-by: jia-hong.chen@oracle.com diff --git a/src/share/classes/java/awt/Font.java b/src/share/classes/java/awt/Font.java --- openjdk/jdk/src/share/classes/java/awt/Font.java +++ openjdk/jdk/src/share/classes/java/awt/Font.java @@ -850,6 +850,33 @@ public static Font createFont(int fontFormat, InputStream fontStream) throws java.awt.FontFormatException, java.io.IOException { + if (hasTempPermission()) { + return createFont0(fontFormat, fontStream, null); + } + + // Otherwise, be extra conscious of pending temp file creation and + // resourcefully handle the temp file resources, among other things. + CreatedFontTracker tracker = CreatedFontTracker.getTracker(); + boolean acquired = false; + try { + acquired = tracker.acquirePermit(); + if (!acquired) { + throw new IOException("Timed out waiting for resources."); + } + return createFont0(fontFormat, fontStream, tracker); + } catch (InterruptedException e) { + throw new IOException("Problem reading font data."); + } finally { + if (acquired) { + tracker.releasePermit(); + } + } + } + + private static Font createFont0(int fontFormat, InputStream fontStream, + CreatedFontTracker tracker) + throws java.awt.FontFormatException, java.io.IOException { + if (fontFormat != Font.TRUETYPE_FONT && fontFormat != Font.TYPE1_FONT) { throw new IllegalArgumentException ("font format not recognized"); @@ -864,9 +891,11 @@ } } ); + if (tracker != null) { + tracker.add(tFile); + } int totalSize = 0; - CreatedFontTracker tracker = null; try { final OutputStream outStream = AccessController.doPrivileged( @@ -876,8 +905,8 @@ } } ); - if (!hasTempPermission()) { - tracker = CreatedFontTracker.getTracker(); + if (tracker != null) { + tracker.set(tFile, outStream); } try { byte[] buf = new byte[8192]; @@ -892,7 +921,7 @@ } if (totalSize+tracker.getNumBytes() > tracker.MAX_TOTAL_BYTES) - { + { throw new IOException("Total files too big."); } totalSize += bytesRead; @@ -918,6 +947,9 @@ Font font = new Font(tFile, fontFormat, true, tracker); return font; } finally { + if (tracker != null) { + tracker.remove(tFile); + } if (!copiedFontData) { if (tracker != null) { tracker.subBytes(totalSize); diff --git a/src/share/classes/sun/font/CreatedFontTracker.java b/src/share/classes/sun/font/CreatedFontTracker.java --- openjdk/jdk/src/share/classes/sun/font/CreatedFontTracker.java +++ openjdk/jdk/src/share/classes/sun/font/CreatedFontTracker.java @@ -25,13 +25,22 @@ package sun.font; +import java.io.File; +import java.io.OutputStream; +import java.util.HashMap; +import java.util.Map; +import java.util.concurrent.Semaphore; +import java.util.concurrent.TimeUnit; + +import sun.awt.AppContext; + public class CreatedFontTracker { public static final int MAX_FILE_SIZE = 32 * 1024 * 1024; public static final int MAX_TOTAL_BYTES = 10 * MAX_FILE_SIZE; - static int numBytes; static CreatedFontTracker tracker; + int numBytes; public static synchronized CreatedFontTracker getTracker() { if (tracker == null) { @@ -40,6 +49,10 @@ return tracker; } + private CreatedFontTracker() { + numBytes = 0; + } + public synchronized int getNumBytes() { return numBytes; } @@ -51,4 +64,108 @@ public synchronized void subBytes(int sz) { numBytes -= sz; } + + /** + * Returns an AppContext-specific counting semaphore. + */ + private static synchronized Semaphore getCS() { + final AppContext appContext = AppContext.getAppContext(); + Semaphore cs = (Semaphore) appContext.get(CreatedFontTracker.class); + if (cs == null) { + // Make a semaphore with 5 permits that obeys the first-in first-out + // granting of permits. + cs = new Semaphore(5, true); + appContext.put(CreatedFontTracker.class, cs); + } + return cs; + } + + public boolean acquirePermit() throws InterruptedException { + // This does a timed-out wait. + return getCS().tryAcquire(120, TimeUnit.SECONDS); + } + + public void releasePermit() { + getCS().release(); + } + + public void add(File file) { + TempFileDeletionHook.add(file); + } + + public void set(File file, OutputStream os) { + TempFileDeletionHook.set(file, os); + } + + public void remove(File file) { + TempFileDeletionHook.remove(file); + } + + /** + * Helper class for cleanup of temp files created while processing fonts. + * Note that this only applies to createFont() from an InputStream object. + */ + private static class TempFileDeletionHook { + private static HashMap<File, OutputStream> files = new HashMap<>(); + + private static Thread t = null; + static void init() { + if (t == null) { + // Add a shutdown hook to remove the temp file. + java.security.AccessController.doPrivileged( + new java.security.PrivilegedAction() { + public Object run() { + /* The thread must be a member of a thread group + * which will not get GCed before VM exit. + * Make its parent the top-level thread group. + */ + ThreadGroup tg = + Thread.currentThread().getThreadGroup(); + for (ThreadGroup tgn = tg; + tgn != null; + tg = tgn, tgn = tg.getParent()); + t = new Thread(tg, new Runnable() { + public void run() { + runHooks(); + } + }); + t.setContextClassLoader(null); + Runtime.getRuntime().addShutdownHook(t); + return null; + } + }); + } + } + + private TempFileDeletionHook() {} + + static synchronized void add(File file) { + init(); + files.put(file, null); + } + + static synchronized void set(File file, OutputStream os) { + files.put(file, os); + } + + static synchronized void remove(File file) { + files.remove(file); + } + + static synchronized void runHooks() { + if (files.isEmpty()) { + return; + } + + for (Map.Entry<File, OutputStream> entry : files.entrySet()) { + // Close the associated output stream, and then delete the file. + try { + if (entry.getValue() != null) { + entry.getValue().close(); + } + } catch (Exception e) {} + entry.getKey().delete(); + } + } + } }