Mercurial > hg > release > icedtea6-1.12
view patches/openjdk/8006900-new_date_time.patch @ 3029:dfef77966f7c
Add 2013/10/15 security fixes.
2013-10-29 Andrew John Hughes <gnu.andrew@redhat.com>
* Makefile.am:
(SECURITY_PATCHES): Add security update.
* NEWS: Updated.
* patches/jtreg-LastErrorString.patch,
* patches/use-idx_t.patch,
* patches/openjdk/7162902-corba_fixes.patch,
* patches/openjdk/7196533-timezone_bottleneck.patch,
* patches/openjdk/8010727-empty_logger_name.patch,
* patches/openjdk/8010939-logmanager_deadlock.patch,
* patches/openjdk/8012617-arrayindexoutofbounds_linebreakmeasurer.patch,
* patches/openjdk/8014718-remove_logging_suntoolkit.patch:
Regenerated.
* patches/nss-config.patch: Fix path to java.security.
* patches/openjdk/4075303-javap_update.patch,
* patches/openjdk/4111861-static_fields.patch,
* patches/openjdk/4501661-disallow_mixing.patch,
* patches/openjdk/4884240-javap_additional_option.patch,
* patches/openjdk/6708729-javap_makefile_update.patch,
* patches/openjdk/6715767-javap_crash.patch,
* patches/openjdk/6819246-javap_instruction_decoding.patch,
* patches/openjdk/6824493-experimental.patch,
* patches/openjdk/6841419-classfile_iterator.patch,
* patches/openjdk/6841420-classfile_methods.patch,
* patches/openjdk/6843013-missing_experimental.patch,
* patches/openjdk/6852856-javap_subclasses.patch,
* patches/openjdk/6867671-javap_whitespace.patch,
* patches/openjdk/6868539-constant_pool_tags.patch,
* patches/openjdk/6902264-fix_indentation.patch,
* patches/openjdk/6954275-big_xml_signatures.patch,
* patches/openjdk/7146431-java.security_files.patch,
* patches/openjdk/8000450-restrict_access.patch,
* patches/openjdk/8002070-remove_logger_stack_search.patch,
* patches/openjdk/8003992-embedded_nulls.patch,
* patches/openjdk/8004188-rename_java.security.patch,
* patches/openjdk/8006882-jmockit.patch,
* patches/openjdk/8006900-new_date_time.patch,
* patches/openjdk/8008589-better_mbean_permission_validation.patch,
* patches/openjdk/8010118-caller_sensitive.patch,
* patches/openjdk/8011071-better_crypto_provider_handling.patch,
* patches/openjdk/8011081-improve_jhat.patch,
* patches/openjdk/8011139-revise_checking_getenclosingclass.patch,
* patches/openjdk/8011157-improve_corba_portability-jdk.patch,
* patches/openjdk/8011157-improve_corba_portability.patch,
* patches/openjdk/8011990-logger_test_urls.patch,
* patches/openjdk/8012071-better_bean_building.patch,
* patches/openjdk/8012147-improve_tool.patch,
* patches/openjdk/8012243-serial_regression.patch,
* patches/openjdk/8012277-improve_dataflavour.patch,
* patches/openjdk/8012425-transform_transformfactory.patch,
* patches/openjdk/8012453-runtime.exec.patch,
* patches/openjdk/8013380-logger_stack_walk_glassfish.patch,
* patches/openjdk/8013503-improve_stream_factories.patch,
* patches/openjdk/8013506-better_pack200.patch,
* patches/openjdk/8013510-augment_image_writing.patch,
* patches/openjdk/8013514-improve_cmap_stability.patch,
* patches/openjdk/8013739-better_ldap_resource_management.patch,
* patches/openjdk/8013744-better_tabling.patch,
* patches/openjdk/8013827-createtempfile_hang.patch,
* patches/openjdk/8014085-better_serialization.patch,
* patches/openjdk/8014093-improve_image_parsing.patch,
* patches/openjdk/8014102-improve_image_conversion.patch,
* patches/openjdk/8014341-better_kerberos_service.patch,
* patches/openjdk/8014349-getdeclaredclass_fix.patch,
* patches/openjdk/8014530-better_dsp.patch,
* patches/openjdk/8014534-better_profiling.patch,
* patches/openjdk/8014745-logger_stack_walk_switch.patch,
* patches/openjdk/8014987-augment_serialization.patch,
* patches/openjdk/8015144-performance_regression.patch,
* patches/openjdk/8015614-update_build.patch,
* patches/openjdk/8015731-auth_improvements.patch,
* patches/openjdk/8015743-address_internet_addresses.patch,
* patches/openjdk/8015965-typo_in_property_name.patch,
* patches/openjdk/8015978-incorrect_transformation.patch,
* patches/openjdk/8016256-finalization_final.patch,
* patches/openjdk/8016357-update_hs_diagnostic_class.patch,
* patches/openjdk/8016653-ignoreable_characters.patch,
* patches/openjdk/8016675-robust_javadoc.patch,
* patches/openjdk/8017196-ensure_proxies_are_handled_appropriately-jdk.patch,
* patches/openjdk/8017196-ensure_proxies_are_handled_appropriately.patch,
* patches/openjdk/8017287-better_resource_disposal.patch,
* patches/openjdk/8017291-cast_proxies_aside.patch,
* patches/openjdk/8017298-better_xml_support.patch,
* patches/openjdk/8017300-improve_interface_implementation.patch,
* patches/openjdk/8017505-better_client_service.patch,
* patches/openjdk/8017566-backout_part_of_8000450.patch,
* patches/openjdk/8019292-better_attribute_value_exceptions.patch,
* patches/openjdk/8019584-invalid_notification_fix.patch,
* patches/openjdk/8019617-better_view_of_objects.patch,
* patches/openjdk/8019969-inet6_test_case_fix.patch,
* patches/openjdk/8019979-better_access_test.patch,
* patches/openjdk/8020293-jvm_crash.patch,
* patches/openjdk/8021290-signature_validation.patch,
* patches/openjdk/8021355-splashscreen_regression.patch,
* patches/openjdk/8021366-jaxp_test_fix-01.patch,
* patches/openjdk/8021577-bean_serialization_fix.patch,
* patches/openjdk/8021933-jaxp_test_fix-02.patch,
* patches/openjdk/8021969-jnlp_load_failure.patch,
* patches/openjdk/8022661-writeobject_flush.patch,
* patches/openjdk/8022682-supporting_xom.patch,
* patches/openjdk/8022940-enhance_corba_translations.patch,
* patches/openjdk/8023683-enhance_class_file_parsing.patch,
* patches/openjdk/8023964-ignore_test.patch,
* patches/openjdk/8024914-swapped_usage.patch,
* patches/openjdk/8025128-createtempfile_absolute_prefix.patch,
* patches/openjdk/oj6-19-fix_8010118_test_cases.patch,
* patches/openjdk/oj6-20-merge.patch,
* patches/openjdk/oj6-21-overrides.patch: Added.
| author | Andrew John Hughes <gnu.andrew@redhat.com> |
|---|---|
| date | Wed, 20 Nov 2013 22:56:43 +0000 |
| parents | |
| children |
line wrap: on
line source
# HG changeset patch # User okutsu # Date 1374215521 -32400 # Fri Jul 19 15:32:01 2013 +0900 # Node ID f38a3c5421df4697851a4b4d491071c3a30e5378 # Parent 5d81a5f8a3791316367990b35b1ad5faef42d773 8006900: Add new date/time capability Reviewed-by: mchung, hawtin diff -r 5d81a5f8a379 -r f38a3c5421df src/share/classes/java/util/TimeZone.java --- openjdk/jdk/src/share/classes/java/util/TimeZone.java Tue Oct 15 15:04:24 2013 +0100 +++ openjdk/jdk/src/share/classes/java/util/TimeZone.java Fri Jul 19 15:32:01 2013 +0900 @@ -170,6 +170,11 @@ // Proclaim serialization compatibility with JDK 1.1 static final long serialVersionUID = 3581463369166924961L; + // TimeZone.setDefault maintains the compatible behavior of the AppContext-based + // default setting for untrusted code if allowSetDefault is true. + private static final boolean allowSetDefault = AccessController.doPrivileged( + new sun.security.action.GetPropertyAction("jdk.util.TimeZone.allowSetDefault")) != null; + /** * Gets the time zone offset, for current date, modified in case of * daylight savings. This is the offset to add to UTC to get local time. @@ -616,6 +621,9 @@ sm.checkPermission(new PropertyPermission ("user.timezone", "write")); } catch (SecurityException e) { + if (!allowSetDefault) { + throw e; + } hasPermission = false; } } @@ -646,6 +654,7 @@ * Returns the default TimeZone in an AppContext if any AppContext * has ever used. null is returned if any AppContext hasn't been * used or if the AppContext doesn't have the default TimeZone. + * null is also returned if allowSetDefault is false. * * Note that javaAWTAccess may be null if sun.awt.AppContext class hasn't * been loaded. If so, it implies that AWTSecurityManager is not our @@ -653,18 +662,20 @@ * This works around a build time issue. */ private static TimeZone getDefaultInAppContext() { - // JavaAWTAccess provides access implementation-private methods without using reflection. - JavaAWTAccess javaAWTAccess = SharedSecrets.getJavaAWTAccess(); - if (javaAWTAccess == null) { - return mainAppContextDefault; - } else { - if (!javaAWTAccess.isDisposed()) { - TimeZone tz = (TimeZone) - javaAWTAccess.get(TimeZone.class); - if (tz == null && javaAWTAccess.isMainAppContext()) { - return mainAppContextDefault; - } else { - return tz; + if (allowSetDefault) { + // JavaAWTAccess provides access implementation-private methods without using reflection. + JavaAWTAccess javaAWTAccess = SharedSecrets.getJavaAWTAccess(); + if (javaAWTAccess == null) { + return mainAppContextDefault; + } else { + if (!javaAWTAccess.isDisposed()) { + TimeZone tz = (TimeZone) + javaAWTAccess.get(TimeZone.class); + if (tz == null && javaAWTAccess.isMainAppContext()) { + return mainAppContextDefault; + } else { + return tz; + } } } } @@ -672,9 +683,9 @@ } /** - * Sets the default TimeZone in the AppContext to the given - * tz. null is handled special: do nothing if any AppContext - * hasn't been used, remove the default TimeZone in the + * Sets the default TimeZone in the AppContext to the given tz if + * allowSetDefault is true. null is handled special: do nothing if any + * AppContext hasn't been used, remove the default TimeZone in the * AppContext otherwise. * * Note that javaAWTAccess may be null if sun.awt.AppContext class hasn't @@ -683,15 +694,17 @@ * This works around a build time issue. */ private static void setDefaultInAppContext(TimeZone tz) { - // JavaAWTAccess provides access implementation-private methods without using reflection. - JavaAWTAccess javaAWTAccess = SharedSecrets.getJavaAWTAccess(); - if (javaAWTAccess == null) { - mainAppContextDefault = tz; - } else { - if (!javaAWTAccess.isDisposed()) { - javaAWTAccess.put(TimeZone.class, tz); - if (javaAWTAccess.isMainAppContext()) { - mainAppContextDefault = null; + if (allowSetDefault) { + // JavaAWTAccess provides access implementation-private methods without using reflection. + JavaAWTAccess javaAWTAccess = SharedSecrets.getJavaAWTAccess(); + if (javaAWTAccess == null) { + mainAppContextDefault = tz; + } else { + if (!javaAWTAccess.isDisposed()) { + javaAWTAccess.put(TimeZone.class, tz); + if (javaAWTAccess.isMainAppContext()) { + mainAppContextDefault = null; + } } } }