Mercurial > hg > release > icedtea7-forest-2.0 > jdk
changeset 4567:6384285f36bb
7019773, CVE-2011-3548: mutable static AWTKeyStroke.ctor
author | andrew |
---|---|
date | Fri, 14 Oct 2011 00:50:05 +0100 |
parents | 48f1bca75df4 |
children | 770d063de148 |
files | src/share/classes/java/awt/AWTKeyStroke.java |
diffstat | 1 files changed, 39 insertions(+), 13 deletions(-) [+] |
line wrap: on
line diff
--- a/src/share/classes/java/awt/AWTKeyStroke.java Fri Oct 14 00:49:20 2011 +0100 +++ b/src/share/classes/java/awt/AWTKeyStroke.java Fri Oct 14 00:50:05 2011 +0100 @@ -25,6 +25,7 @@ package java.awt; import java.awt.event.KeyEvent; +import sun.awt.AppContext; import java.awt.event.InputEvent; import java.util.Collections; import java.util.HashMap; @@ -66,9 +67,6 @@ public class AWTKeyStroke implements Serializable { static final long serialVersionUID = -6430539691155161871L; - private static Map cache; - private static AWTKeyStroke cacheKey; - private static Constructor ctor = getCtor(AWTKeyStroke.class); private static Map modifierKeywords; /** * Associates VK_XXX (as a String) with code (as Integer). This is @@ -77,6 +75,25 @@ */ private static VKCollection vks; + //A key for the collection of AWTKeyStrokes within AppContext. + private static Object APP_CONTEXT_CACHE_KEY = new Object(); + //A key withing the cache + private static AWTKeyStroke APP_CONTEXT_KEYSTROKE_KEY = new AWTKeyStroke(); + + /* + * Reads keystroke class from AppContext and if null, puts there the + * AWTKeyStroke class. + * Must be called under locked AWTKeyStroke.class + */ + private static Class getAWTKeyStrokeClass() { + Class clazz = (Class)AppContext.getAppContext().get(AWTKeyStroke.class); + if (clazz == null) { + clazz = AWTKeyStroke.class; + AppContext.getAppContext().put(AWTKeyStroke.class, AWTKeyStroke.class); + } + return clazz; + } + private char keyChar = KeyEvent.CHAR_UNDEFINED; private int keyCode = KeyEvent.VK_UNDEFINED; private int modifiers; @@ -164,9 +181,12 @@ if (subclass == null) { throw new IllegalArgumentException("subclass cannot be null"); } - if (AWTKeyStroke.ctor.getDeclaringClass().equals(subclass)) { - // Already registered - return; + synchronized (AWTKeyStroke.class) { + Class keyStrokeClass = (Class)AppContext.getAppContext().get(AWTKeyStroke.class); + if (keyStrokeClass != null && keyStrokeClass.equals(subclass)){ + // Already registered + return; + } } if (!AWTKeyStroke.class.isAssignableFrom(subclass)) { throw new ClassCastException("subclass is not derived from AWTKeyStroke"); @@ -197,9 +217,9 @@ } synchronized (AWTKeyStroke.class) { - AWTKeyStroke.ctor = ctor; - cache = null; - cacheKey = null; + AppContext.getAppContext().put(AWTKeyStroke.class, subclass); + AppContext.getAppContext().remove(APP_CONTEXT_CACHE_KEY); + AppContext.getAppContext().remove(APP_CONTEXT_KEYSTROKE_KEY); } } @@ -229,13 +249,19 @@ private static synchronized AWTKeyStroke getCachedStroke (char keyChar, int keyCode, int modifiers, boolean onKeyRelease) { + Map cache = (Map)AppContext.getAppContext().get(APP_CONTEXT_CACHE_KEY); + AWTKeyStroke cacheKey = (AWTKeyStroke)AppContext.getAppContext().get(APP_CONTEXT_KEYSTROKE_KEY); + if (cache == null) { cache = new HashMap(); + AppContext.getAppContext().put(APP_CONTEXT_CACHE_KEY, cache); } if (cacheKey == null) { try { - cacheKey = (AWTKeyStroke)ctor.newInstance((Object[]) null); + Class clazz = getAWTKeyStrokeClass(); + cacheKey = (AWTKeyStroke)getCtor(clazz).newInstance((Object[]) null); + AppContext.getAppContext().put(APP_CONTEXT_KEYSTROKE_KEY, cacheKey); } catch (InstantiationException e) { assert(false); } catch (IllegalAccessException e) { @@ -253,9 +279,8 @@ if (stroke == null) { stroke = cacheKey; cache.put(stroke, stroke); - cacheKey = null; + AppContext.getAppContext().remove(APP_CONTEXT_KEYSTROKE_KEY); } - return stroke; } @@ -778,7 +803,8 @@ protected Object readResolve() throws java.io.ObjectStreamException { synchronized (AWTKeyStroke.class) { Class newClass = getClass(); - if (!newClass.equals(ctor.getDeclaringClass())) { + Class awtKeyStrokeClass = getAWTKeyStrokeClass(); + if (!newClass.equals(awtKeyStrokeClass)) { registerSubclass(newClass); } return getCachedStroke(keyChar, keyCode, modifiers, onKeyRelease);