Mercurial > hg > release > icedtea7-forest-2.0 > jdk

changeset 4567:6384285f36bb

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
7019773, CVE-2011-3548: mutable static AWTKeyStroke.ctor
author andrew
date Fri, 14 Oct 2011 00:50:05 +0100
parents 48f1bca75df4
children 770d063de148
files src/share/classes/java/awt/AWTKeyStroke.java
diffstat 1 files changed, 39 insertions(+), 13 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/classes/java/awt/AWTKeyStroke.java	Fri Oct 14 00:49:20 2011 +0100
+++ b/src/share/classes/java/awt/AWTKeyStroke.java	Fri Oct 14 00:50:05 2011 +0100
@@ -25,6 +25,7 @@
 package java.awt;
 
 import java.awt.event.KeyEvent;
+import sun.awt.AppContext;
 import java.awt.event.InputEvent;
 import java.util.Collections;
 import java.util.HashMap;
@@ -66,9 +67,6 @@
 public class AWTKeyStroke implements Serializable {
     static final long serialVersionUID = -6430539691155161871L;
 
-    private static Map cache;
-    private static AWTKeyStroke cacheKey;
-    private static Constructor ctor = getCtor(AWTKeyStroke.class);
     private static Map modifierKeywords;
     /**
      * Associates VK_XXX (as a String) with code (as Integer). This is
@@ -77,6 +75,25 @@
      */
     private static VKCollection vks;
 
+    //A key for the collection of AWTKeyStrokes within AppContext.
+    private static Object APP_CONTEXT_CACHE_KEY = new Object();
+    //A key withing the cache
+    private static AWTKeyStroke APP_CONTEXT_KEYSTROKE_KEY = new AWTKeyStroke();
+
+    /*
+     * Reads keystroke class from AppContext and if null, puts there the
+     * AWTKeyStroke class.
+     * Must be called under locked AWTKeyStroke.class 
+     */
+    private static Class getAWTKeyStrokeClass() {
+        Class clazz = (Class)AppContext.getAppContext().get(AWTKeyStroke.class);
+        if (clazz == null) {
+            clazz = AWTKeyStroke.class;
+            AppContext.getAppContext().put(AWTKeyStroke.class, AWTKeyStroke.class);
+        }
+        return clazz;
+    }
+
     private char keyChar = KeyEvent.CHAR_UNDEFINED;
     private int keyCode = KeyEvent.VK_UNDEFINED;
     private int modifiers;
@@ -164,9 +181,12 @@
         if (subclass == null) {
             throw new IllegalArgumentException("subclass cannot be null");
         }
-        if (AWTKeyStroke.ctor.getDeclaringClass().equals(subclass)) {
-            // Already registered
-            return;
+        synchronized (AWTKeyStroke.class) {
+            Class keyStrokeClass = (Class)AppContext.getAppContext().get(AWTKeyStroke.class);
+            if (keyStrokeClass != null && keyStrokeClass.equals(subclass)){
+                // Already registered
+                return;
+            }
         }
         if (!AWTKeyStroke.class.isAssignableFrom(subclass)) {
             throw new ClassCastException("subclass is not derived from AWTKeyStroke");
@@ -197,9 +217,9 @@
         }
 
         synchronized (AWTKeyStroke.class) {
-            AWTKeyStroke.ctor = ctor;
-            cache = null;
-            cacheKey = null;
+            AppContext.getAppContext().put(AWTKeyStroke.class, subclass);
+            AppContext.getAppContext().remove(APP_CONTEXT_CACHE_KEY);
+            AppContext.getAppContext().remove(APP_CONTEXT_KEYSTROKE_KEY);
         }
     }
 
@@ -229,13 +249,19 @@
     private static synchronized AWTKeyStroke getCachedStroke
         (char keyChar, int keyCode, int modifiers, boolean onKeyRelease)
     {
+        Map cache = (Map)AppContext.getAppContext().get(APP_CONTEXT_CACHE_KEY);
+        AWTKeyStroke cacheKey = (AWTKeyStroke)AppContext.getAppContext().get(APP_CONTEXT_KEYSTROKE_KEY);
+
         if (cache == null) {
             cache = new HashMap();
+            AppContext.getAppContext().put(APP_CONTEXT_CACHE_KEY, cache);
         }
 
         if (cacheKey == null) {
             try {
-                cacheKey = (AWTKeyStroke)ctor.newInstance((Object[]) null);
+                Class clazz = getAWTKeyStrokeClass();
+                cacheKey = (AWTKeyStroke)getCtor(clazz).newInstance((Object[]) null);
+                AppContext.getAppContext().put(APP_CONTEXT_KEYSTROKE_KEY, cacheKey);
             } catch (InstantiationException e) {
                 assert(false);
             } catch (IllegalAccessException e) {
@@ -253,9 +279,8 @@
         if (stroke == null) {
             stroke = cacheKey;
             cache.put(stroke, stroke);
-            cacheKey = null;
+            AppContext.getAppContext().remove(APP_CONTEXT_KEYSTROKE_KEY);
         }
-
         return stroke;
     }
 
@@ -778,7 +803,8 @@
     protected Object readResolve() throws java.io.ObjectStreamException {
         synchronized (AWTKeyStroke.class) {
             Class newClass = getClass();
-            if (!newClass.equals(ctor.getDeclaringClass())) {
+            Class awtKeyStrokeClass = getAWTKeyStrokeClass();
+            if (!newClass.equals(awtKeyStrokeClass)) {
                 registerSubclass(newClass);
             }
             return getCachedStroke(keyChar, keyCode, modifiers, onKeyRelease);