Mercurial > hg > release > icedtea6-1.7

view patches/security/20101012/6622002.patch @ 1993:1cdd796efef3

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Second batch of security updates. 2010-10-11 Andrew John Hughes <ahughes@redhat.com> * patches/icedtea-timerqueue.patch: Dropped; superceded by 6623943. * Makefile.am: Add new security patches. * NEWS: List new security patches. * patches/security/20101012/6622002.patch, * patches/security/20101012/6623943.patch, * patches/security/20101012/6952017.patch, * patches/security/20101012/6952603.patch, * patches/security/20101012/6961084.patch, * patches/security/20101012/6963285.patch, * patches/security/20101012/6981426.patch, * patches/security/20101012/6990437.patch: Added.
author Andrew John Hughes <ahughes@redhat.com>
date Mon, 11 Oct 2010 21:52:05 +0100
parents
children
line wrap: on
line source

# HG changeset patch
# User alexp
# Date 1285685944 -14400
# Node ID bb1c74cae929a5903c0aca64b9e5a7f67726b02a
# Parent  1eaaf0f77762dfa6120921f1d2d6ce96e7086513
6622002: UIDefault.ProxyLazyValue has unsafe reflection usage
Reviewed-by: malenkov

diff --git a/src/share/classes/javax/swing/UIDefaults.java b/src/share/classes/javax/swing/UIDefaults.java
--- openjdk.orig/jdk/src/share/classes/javax/swing/UIDefaults.java
+++ openjdk/jdk/src/share/classes/javax/swing/UIDefaults.java
@@ -52,6 +52,7 @@ import java.security.PrivilegedAction;
 import java.security.PrivilegedAction;
 
 import sun.reflect.misc.MethodUtil;
+import sun.reflect.misc.ReflectUtil;
 import sun.util.CoreResourceBundleControl;
 
 /**
@@ -1079,6 +1080,9 @@ public class UIDefaults extends Hashtabl
             // In order to pick up the security policy in effect at the
             // time of creation we use a doPrivileged with the
             // AccessControlContext that was in place when this was created.
+            if (acc == null && System.getSecurityManager() != null) {
+                throw new SecurityException("null AccessControlContext");
+            } 
             return AccessController.doPrivileged(new PrivilegedAction() {
                 public Object run() {
                     try {
@@ -1094,7 +1098,9 @@ public class UIDefaults extends Hashtabl
                                 cl = ClassLoader.getSystemClassLoader();
                             }
                         }
+                        ReflectUtil.checkPackageAccess(className);
                         c = Class.forName(className, true, (ClassLoader)cl);
+                        checkAccess(c.getModifiers());
                         if (methodName != null) {
                             Class[] types = getClassArray(args);
                             Method m = c.getMethod(methodName, types);
@@ -1102,6 +1108,7 @@ public class UIDefaults extends Hashtabl
                         } else {
                             Class[] types = getClassArray(args);
                             Constructor constructor = c.getConstructor(types);
+                            checkAccess(constructor.getModifiers());
                             return constructor.newInstance(args);
                         }
                     } catch(Exception e) {
@@ -1115,8 +1122,15 @@ public class UIDefaults extends Hashtabl
                 }
             }, acc);
         }
+        
+        private void checkAccess(int modifiers) {
+            if(System.getSecurityManager() != null && 
+                    !Modifier.isPublic(modifiers)) {
+                throw new SecurityException("Resource is not accessible");
+            }
+        }
 
-        /*
+        /* 
          * Coerce the array of class types provided into one which
          * looks the way the Reflection APIs expect.  This is done
          * by substituting primitive types for their Object counterparts,