# HG changeset patch
# User Elliott Baron Implements pluggable Datatypes.
null
, first try using the
+ * context class loader followed by the current (i.e. bootstrap) class
+ * loader.
++ *
++ * Use bootstrap classLoader if cl = null and useBSClsLoader is true
+ */
+ static private Class getProviderClass(String className, ClassLoader cl,
+- boolean doFallback) throws ClassNotFoundException
++ boolean doFallback, boolean useBSClsLoader) throws ClassNotFoundException
+ {
+ try {
+ if (cl == null) {
+- cl = ss.getContextClassLoader();
+- if (cl == null) {
+- throw new ClassNotFoundException();
+- }
+- else {
+- return cl.loadClass(className);
++ if (useBSClsLoader) {
++ return Class.forName(className, true, FactoryFinder.class.getClassLoader());
++ } else {
++ cl = ss.getContextClassLoader();
++ if (cl == null) {
++ throw new ClassNotFoundException();
++ }
++ else {
++ return cl.loadClass(className);
++ }
+ }
+ }
+ else {
+@@ -131,8 +135,8 @@
+ * @param className Name of the concrete class corresponding to the
+ * service provider
+ *
+- * @param cl ClassLoader to use to load the class, null means to use
+- * the bootstrap ClassLoader
++ * @param cl ClassLoader
used to load the factory class. If null
++ * current Thread
's context classLoader is used to load the factory class.
+ *
+ * @param doFallback True if the current ClassLoader should be tried as
+ * a fallback if the class is not found using cl
+@@ -140,8 +144,30 @@
+ static Object newInstance(String className, ClassLoader cl, boolean doFallback)
+ throws ConfigurationError
+ {
++ return newInstance(className, cl, doFallback, false);
++ }
++
++ /**
++ * Create an instance of a class. Delegates to method
++ * getProviderClass()
in order to load the class.
++ *
++ * @param className Name of the concrete class corresponding to the
++ * service provider
++ *
++ * @param cl ClassLoader
used to load the factory class. If null
++ * current Thread
's context classLoader is used to load the factory class.
++ *
++ * @param doFallback True if the current ClassLoader should be tried as
++ * a fallback if the class is not found using cl
++ *
++ * @param useBSClsLoader True if cl=null actually meant bootstrap classLoader. This parameter
++ * is needed since DocumentBuilderFactory/SAXParserFactory defined null as context classLoader.
++ */
++ static Object newInstance(String className, ClassLoader cl, boolean doFallback, boolean useBSClsLoader)
++ throws ConfigurationError
++ {
+ try {
+- Class providerClass = getProviderClass(className, cl, doFallback);
++ Class providerClass = getProviderClass(className, cl, doFallback, useBSClsLoader);
+ Object instance = providerClass.newInstance();
+ if (debug) { // Extra check to avoid computing cl strings
+ dPrint("created new instance of " + providerClass +
+@@ -244,6 +270,7 @@
+
+ // First try the Context ClassLoader
+ ClassLoader cl = ss.getContextClassLoader();
++ boolean useBSClsLoader = false;
+ if (cl != null) {
+ is = ss.getResourceAsStream(cl, serviceId);
+
+@@ -251,11 +278,13 @@
+ if (is == null) {
+ cl = FactoryFinder.class.getClassLoader();
+ is = ss.getResourceAsStream(cl, serviceId);
++ useBSClsLoader = true;
+ }
+ } else {
+ // No Context ClassLoader, try the current ClassLoader
+ cl = FactoryFinder.class.getClassLoader();
+ is = ss.getResourceAsStream(cl, serviceId);
++ useBSClsLoader = true;
+ }
+
+ if (is == null) {
+@@ -293,7 +322,7 @@
+ // ClassLoader because we want to avoid the case where the
+ // resource file was found using one ClassLoader and the
+ // provider class was instantiated using a different one.
+- return newInstance(factoryClassName, cl, false);
++ return newInstance(factoryClassName, cl, false, useBSClsLoader);
+ }
+
+ // No provider found
+diff -ur openjdk/jaxp/drop_included/jaxp_src/src/javax/xml/transform/FactoryFinder.java openjdk.new/jaxp/drop_included/jaxp_src/src/javax/xml/transform/FactoryFinder.java
+--- openjdk/jaxp/drop_included/jaxp_src/src/javax/xml/transform/FactoryFinder.java 2013-04-22 12:37:39.312820966 -0400
++++ openjdk.new/jaxp/drop_included/jaxp_src/src/javax/xml/transform/FactoryFinder.java 2013-04-22 12:35:08.715478293 -0400
+@@ -25,15 +25,12 @@
+
+ package javax.xml.transform;
+
+-import java.io.File;
+-import java.io.FileInputStream;
+-
+-import java.util.Properties;
+ import java.io.BufferedReader;
++import java.io.File;
+ import java.io.IOException;
+ import java.io.InputStream;
+ import java.io.InputStreamReader;
+-import java.net.URL;
++import java.util.Properties;
+
+ /**
+ * Implements pluggable Datatypes.
+@@ -42,6 +39,7 @@ + * sync. It is package private for secure class loading. + * + * @author Santiago.PericasGeertsen@sun.com ++ * @author Huizhe.Wang@oracle.com + */ + class FactoryFinder { + +@@ -95,18 +93,24 @@ + * If the class loader supplied isnull
, first try using the
+ * context class loader followed by the current (i.e. bootstrap) class
+ * loader.
++ *
++ * Use bootstrap classLoader if cl = null and useBSClsLoader is true
+ */
+ static private Class getProviderClass(String className, ClassLoader cl,
+- boolean doFallback) throws ClassNotFoundException
++ boolean doFallback, boolean useBSClsLoader) throws ClassNotFoundException
+ {
+ try {
+ if (cl == null) {
+- cl = ss.getContextClassLoader();
+- if (cl == null) {
+- throw new ClassNotFoundException();
+- }
+- else {
+- return cl.loadClass(className);
++ if (useBSClsLoader) {
++ return Class.forName(className, true, FactoryFinder.class.getClassLoader());
++ } else {
++ cl = ss.getContextClassLoader();
++ if (cl == null) {
++ throw new ClassNotFoundException();
++ }
++ else {
++ return cl.loadClass(className);
++ }
+ }
+ }
+ else {
+@@ -131,8 +135,8 @@
+ * @param className Name of the concrete class corresponding to the
+ * service provider
+ *
+- * @param cl ClassLoader to use to load the class, null means to use
+- * the bootstrap ClassLoader
++ * @param cl ClassLoader
used to load the factory class. If null
++ * current Thread
's context classLoader is used to load the factory class.
+ *
+ * @param doFallback True if the current ClassLoader should be tried as
+ * a fallback if the class is not found using cl
+@@ -140,8 +144,30 @@
+ static Object newInstance(String className, ClassLoader cl, boolean doFallback)
+ throws ConfigurationError
+ {
++ return newInstance(className, cl, doFallback, false);
++ }
++
++ /**
++ * Create an instance of a class. Delegates to method
++ * getProviderClass()
in order to load the class.
++ *
++ * @param className Name of the concrete class corresponding to the
++ * service provider
++ *
++ * @param cl ClassLoader
used to load the factory class. If null
++ * current Thread
's context classLoader is used to load the factory class.
++ *
++ * @param doFallback True if the current ClassLoader should be tried as
++ * a fallback if the class is not found using cl
++ *
++ * @param useBSClsLoader True if cl=null actually meant bootstrap classLoader. This parameter
++ * is needed since DocumentBuilderFactory/SAXParserFactory defined null as context classLoader.
++ */
++ static Object newInstance(String className, ClassLoader cl, boolean doFallback, boolean useBSClsLoader)
++ throws ConfigurationError
++ {
+ try {
+- Class providerClass = getProviderClass(className, cl, doFallback);
++ Class providerClass = getProviderClass(className, cl, doFallback, useBSClsLoader);
+ Object instance = providerClass.newInstance();
+ if (debug) { // Extra check to avoid computing cl strings
+ dPrint("created new instance of " + providerClass +
+@@ -182,7 +208,7 @@
+ String systemProp = ss.getSystemProperty(factoryId);
+ if (systemProp != null) {
+ dPrint("found system property, value=" + systemProp);
+- return newInstance(systemProp, null, true);
++ return newInstance(systemProp, null, true, false);
+ }
+ }
+ catch (SecurityException se) {
+@@ -210,7 +236,7 @@
+
+ if (factoryClassName != null) {
+ dPrint("found in $java.home/jaxp.properties, value=" + factoryClassName);
+- return newInstance(factoryClassName, null, true);
++ return newInstance(factoryClassName, null, true, false);
+ }
+ }
+ catch (Exception ex) {
+@@ -228,7 +254,7 @@
+ }
+
+ dPrint("loaded from fallback value: " + fallbackClassName);
+- return newInstance(fallbackClassName, null, true);
++ return newInstance(fallbackClassName, null, true, false);
+ }
+
+ /*
+@@ -244,6 +270,7 @@
+
+ // First try the Context ClassLoader
+ ClassLoader cl = ss.getContextClassLoader();
++ boolean useBSClsLoader = false;
+ if (cl != null) {
+ is = ss.getResourceAsStream(cl, serviceId);
+
+@@ -251,11 +278,13 @@
+ if (is == null) {
+ cl = FactoryFinder.class.getClassLoader();
+ is = ss.getResourceAsStream(cl, serviceId);
+- }
++ useBSClsLoader = true;
++ }
+ } else {
+ // No Context ClassLoader, try the current ClassLoader
+ cl = FactoryFinder.class.getClassLoader();
+ is = ss.getResourceAsStream(cl, serviceId);
++ useBSClsLoader = true;
+ }
+
+ if (is == null) {
+@@ -293,7 +322,7 @@
+ // ClassLoader because we want to avoid the case where the
+ // resource file was found using one ClassLoader and the
+ // provider class was instantiated using a different one.
+- return newInstance(factoryClassName, cl, false);
++ return newInstance(factoryClassName, cl, false, useBSClsLoader);
+ }
+
+ // No provider found
diff -r 460828862a9e -r 148faa0f0f08 patches/security/20130416/6657673-jaxp-backport-factoryfinder.patch
--- a/patches/security/20130416/6657673-jaxp-backport-factoryfinder.patch Fri Apr 19 14:38:19 2013 -0400
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,303 +0,0 @@
-diff -ur openjdk/jaxp/drop_included/jaxp_src/src/javax/xml/parsers/FactoryFinder.java openjdk.new/jaxp/openjdk/jaxp/drop_included_included/jaxp_src/src/javax/xml/parsers/FactoryFinder.java
---- openjdk/jaxp/drop_included/jaxp_src/src/javax/xml/parsers/FactoryFinder.java 2013-04-19 12:18:45.225000000 -0400
-+++ openjdk.new/jaxp/openjdk/jaxp/drop_included_included/jaxp_src/src/javax/xml/parsers/FactoryFinder.java 2013-04-19 11:53:01.791879226 -0400
-@@ -25,15 +25,12 @@
-
- package javax.xml.parsers;
-
--import java.io.File;
--import java.io.FileInputStream;
--
--import java.util.Properties;
- import java.io.BufferedReader;
-+import java.io.File;
- import java.io.IOException;
- import java.io.InputStream;
- import java.io.InputStreamReader;
--import java.net.URL;
-+import java.util.Properties;
-
- /**
- * Implements pluggable Datatypes.
-@@ -42,9 +39,10 @@ - * sync. It is package private for secure class loading. - * - * @author Santiago.PericasGeertsen@sun.com -+ * @author Huizhe.Wang@oracle.com - */ - class FactoryFinder { -- -+ private static final String DEFAULT_PACKAGE = "com.sun.org.apache.xerces.internal"; - /** - * Internal debug flag. - */ -@@ -95,18 +93,24 @@ - * If the class loader supplied isnull
, first try using the
- * context class loader followed by the current (i.e. bootstrap) class
- * loader.
-+ *
-+ * Use bootstrap classLoader if cl = null and useBSClsLoader is true
- */
- static private Class getProviderClass(String className, ClassLoader cl,
-- boolean doFallback) throws ClassNotFoundException
-+ boolean doFallback, boolean useBSClsLoader) throws ClassNotFoundException
- {
- try {
- if (cl == null) {
-- cl = ss.getContextClassLoader();
-- if (cl == null) {
-- throw new ClassNotFoundException();
-- }
-- else {
-- return cl.loadClass(className);
-+ if (useBSClsLoader) {
-+ return Class.forName(className, true, FactoryFinder.class.getClassLoader());
-+ } else {
-+ cl = ss.getContextClassLoader();
-+ if (cl == null) {
-+ throw new ClassNotFoundException();
-+ }
-+ else {
-+ return cl.loadClass(className);
-+ }
- }
- }
- else {
-@@ -131,8 +135,8 @@
- * @param className Name of the concrete class corresponding to the
- * service provider
- *
-- * @param cl ClassLoader to use to load the class, null means to use
-- * the bootstrap ClassLoader
-+ * @param cl ClassLoader
used to load the factory class. If null
-+ * current Thread
's context classLoader is used to load the factory class.
- *
- * @param doFallback True if the current ClassLoader should be tried as
- * a fallback if the class is not found using cl
-@@ -140,8 +144,38 @@
- static Object newInstance(String className, ClassLoader cl, boolean doFallback)
- throws ConfigurationError
- {
-+ return newInstance(className, cl, doFallback, false);
-+ }
-+
-+ /**
-+ * Create an instance of a class. Delegates to method
-+ * getProviderClass()
in order to load the class.
-+ *
-+ * @param className Name of the concrete class corresponding to the
-+ * service provider
-+ *
-+ * @param cl ClassLoader
used to load the factory class. If null
-+ * current Thread
's context classLoader is used to load the factory class.
-+ *
-+ * @param doFallback True if the current ClassLoader should be tried as
-+ * a fallback if the class is not found using cl
-+ *
-+ * @param useBSClsLoader True if cl=null actually meant bootstrap classLoader. This parameter
-+ * is needed since DocumentBuilderFactory/SAXParserFactory defined null as context classLoader.
-+ */
-+ static Object newInstance(String className, ClassLoader cl, boolean doFallback, boolean useBSClsLoader)
-+ throws ConfigurationError
-+ {
-+ // make sure we have access to restricted packages
-+ if (System.getSecurityManager() != null) {
-+ if (className != null && className.startsWith(DEFAULT_PACKAGE)) {
-+ cl = null;
-+ useBSClsLoader = true;
-+ }
-+ }
-+
- try {
-- Class providerClass = getProviderClass(className, cl, doFallback);
-+ Class providerClass = getProviderClass(className, cl, doFallback, useBSClsLoader);
- Object instance = providerClass.newInstance();
- if (debug) { // Extra check to avoid computing cl strings
- dPrint("created new instance of " + providerClass +
-@@ -244,6 +278,7 @@
-
- // First try the Context ClassLoader
- ClassLoader cl = ss.getContextClassLoader();
-+ boolean useBSClsLoader = false;
- if (cl != null) {
- is = ss.getResourceAsStream(cl, serviceId);
-
-@@ -251,11 +286,13 @@
- if (is == null) {
- cl = FactoryFinder.class.getClassLoader();
- is = ss.getResourceAsStream(cl, serviceId);
-+ useBSClsLoader = true;
- }
- } else {
- // No Context ClassLoader, try the current ClassLoader
- cl = FactoryFinder.class.getClassLoader();
- is = ss.getResourceAsStream(cl, serviceId);
-+ useBSClsLoader = true;
- }
-
- if (is == null) {
-@@ -293,7 +330,7 @@
- // ClassLoader because we want to avoid the case where the
- // resource file was found using one ClassLoader and the
- // provider class was instantiated using a different one.
-- return newInstance(factoryClassName, cl, false);
-+ return newInstance(factoryClassName, cl, false, useBSClsLoader);
- }
-
- // No provider found
-diff -ur openjdk/jaxp/drop_included/jaxp_src/src/javax/xml/transform/FactoryFinder.java openjdk.new/jaxp/openjdk/jaxp/drop_included_included/jaxp_src/src/javax/xml/transform/FactoryFinder.java
---- openjdk/jaxp/drop_included/jaxp_src/src/javax/xml/transform/FactoryFinder.java 2013-04-19 12:18:45.225000000 -0400
-+++ openjdk.new/jaxp/openjdk/jaxp/drop_included_included/jaxp_src/src/javax/xml/transform/FactoryFinder.java 2013-04-19 12:13:52.618746094 -0400
-@@ -42,8 +42,10 @@
- * sync. It is package private for secure class loading.
- *
- * @author Santiago.PericasGeertsen@sun.com
-+ * @author Huizhe.Wang@oracle.com
- */
- class FactoryFinder {
-+ private static final String DEFAULT_PACKAGE = "com.sun.org.apache.xalan.internal.";
-
- /**
- * Internal debug flag.
-@@ -95,18 +97,24 @@
- * If the class loader supplied is null
, first try using the
- * context class loader followed by the current (i.e. bootstrap) class
- * loader.
-+ *
-+ * Use bootstrap classLoader if cl = null and useBSClsLoader is true
- */
- static private Class getProviderClass(String className, ClassLoader cl,
-- boolean doFallback) throws ClassNotFoundException
-+ boolean doFallback, boolean useBSClsLoader) throws ClassNotFoundException
- {
- try {
- if (cl == null) {
-- cl = ss.getContextClassLoader();
-- if (cl == null) {
-- throw new ClassNotFoundException();
-- }
-- else {
-- return cl.loadClass(className);
-+ if (useBSClsLoader) {
-+ return Class.forName(className, true, FactoryFinder.class.getClassLoader());
-+ } else {
-+ cl = ss.getContextClassLoader();
-+ if (cl == null) {
-+ throw new ClassNotFoundException();
-+ }
-+ else {
-+ return cl.loadClass(className);
-+ }
- }
- }
- else {
-@@ -131,8 +139,8 @@
- * @param className Name of the concrete class corresponding to the
- * service provider
- *
-- * @param cl ClassLoader to use to load the class, null means to use
-- * the bootstrap ClassLoader
-+ * @param cl ClassLoader
used to load the factory class. If null
-+ * current Thread
's context classLoader is used to load the factory class.
- *
- * @param doFallback True if the current ClassLoader should be tried as
- * a fallback if the class is not found using cl
-@@ -140,8 +148,38 @@
- static Object newInstance(String className, ClassLoader cl, boolean doFallback)
- throws ConfigurationError
- {
-+ return newInstance(className, cl, doFallback, false);
-+ }
-+
-+ /**
-+ * Create an instance of a class. Delegates to method
-+ * getProviderClass()
in order to load the class.
-+ *
-+ * @param className Name of the concrete class corresponding to the
-+ * service provider
-+ *
-+ * @param cl ClassLoader
used to load the factory class. If null
-+ * current Thread
's context classLoader is used to load the factory class.
-+ *
-+ * @param doFallback True if the current ClassLoader should be tried as
-+ * a fallback if the class is not found using cl
-+ *
-+ * @param useBSClsLoader True if cl=null actually meant bootstrap classLoader. This parameter
-+ * is needed since DocumentBuilderFactory/SAXParserFactory defined null as context classLoader.
-+ */
-+ static Object newInstance(String className, ClassLoader cl, boolean doFallback, boolean useBSClsLoader)
-+ throws ConfigurationError
-+ {
-+ // make sure we have access to restricted packages
-+ if (System.getSecurityManager() != null) {
-+ if (className != null && className.startsWith(DEFAULT_PACKAGE)) {
-+ cl = null;
-+ useBSClsLoader = true;
-+ }
-+ }
-+
- try {
-- Class providerClass = getProviderClass(className, cl, doFallback);
-+ Class providerClass = getProviderClass(className, cl, doFallback, useBSClsLoader);
- Object instance = providerClass.newInstance();
- if (debug) { // Extra check to avoid computing cl strings
- dPrint("created new instance of " + providerClass +
-@@ -182,7 +220,7 @@
- String systemProp = ss.getSystemProperty(factoryId);
- if (systemProp != null) {
- dPrint("found system property, value=" + systemProp);
-- return newInstance(systemProp, null, true);
-+ return newInstance(systemProp, null, true, false);
- }
- }
- catch (SecurityException se) {
-@@ -210,7 +248,7 @@
-
- if (factoryClassName != null) {
- dPrint("found in $java.home/jaxp.properties, value=" + factoryClassName);
-- return newInstance(factoryClassName, null, true);
-+ return newInstance(factoryClassName, null, true, false);
- }
- }
- catch (Exception ex) {
-@@ -228,7 +266,7 @@
- }
-
- dPrint("loaded from fallback value: " + fallbackClassName);
-- return newInstance(fallbackClassName, null, true);
-+ return newInstance(fallbackClassName, null, true, false);
- }
-
- /*
-@@ -244,6 +282,7 @@
-
- // First try the Context ClassLoader
- ClassLoader cl = ss.getContextClassLoader();
-+ boolean useBSClsLoader = false;
- if (cl != null) {
- is = ss.getResourceAsStream(cl, serviceId);
-
-@@ -251,11 +290,13 @@
- if (is == null) {
- cl = FactoryFinder.class.getClassLoader();
- is = ss.getResourceAsStream(cl, serviceId);
-- }
-+ useBSClsLoader = true;
-+ }
- } else {
- // No Context ClassLoader, try the current ClassLoader
- cl = FactoryFinder.class.getClassLoader();
- is = ss.getResourceAsStream(cl, serviceId);
-+ useBSClsLoader = true;
- }
-
- if (is == null) {
-@@ -293,7 +334,7 @@
- // ClassLoader because we want to avoid the case where the
- // resource file was found using one ClassLoader and the
- // provider class was instantiated using a different one.
-- return newInstance(factoryClassName, cl, false);
-+ return newInstance(factoryClassName, cl, false, useBSClsLoader);
- }
-
- // No provider found