stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

8344064: Remove doPrivileged calls from print/imageio/media classes in the java.desktop module

Browse Source 
Reviewed-by: kizune
This commit is contained in:
Phil Race 2024-11-20 18:45:49 +00:00
parent 27fda0ea1f
commit 22a39dc858
19 changed files with 102 additions and 289 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/java.desktop/share/classes/com/sun/imageio/plugins/bmp/BMPImageReader.java
View File

@ -48,8 +48,6 @@ import java.awt.image.WritableRaster;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.nio.ByteOrder;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
@ -2039,17 +2037,9 @@ public class BMPImageReader extends ImageReader implements BMPConstants {
private static Boolean isLinkedProfileAllowed = null;
@SuppressWarnings("removal")
private static boolean isLinkedProfileAllowed() {
if (isLinkedProfileAllowed == null) {
PrivilegedAction<Boolean> a = new PrivilegedAction<Boolean>() {
@Override
public Boolean run() {
return Boolean.
getBoolean("sun.imageio.bmp.enableLinkedProfiles");
}
};
isLinkedProfileAllowed = AccessController.doPrivileged(a);
isLinkedProfileAllowed = Boolean.getBoolean("sun.imageio.bmp.enableLinkedProfiles");
}
return isLinkedProfileAllowed;
}

9
src/java.desktop/share/classes/com/sun/imageio/plugins/jpeg/JPEGImageReader.java
View File

@ -90,16 +90,9 @@ public class JPEGImageReader extends ImageReader {
initStatic();
}
@SuppressWarnings({"removal", "restricted"})
@SuppressWarnings("restricted")
private static void initStatic() {
java.security.AccessController.doPrivileged(
new java.security.PrivilegedAction<Void>() {
@Override
public Void run() {
System.loadLibrary("javajpeg");
return null;
}
});
initReaderIDs(ImageInputStream.class,
JPEGQTable.class,
JPEGHuffmanTable.class);

9
src/java.desktop/share/classes/com/sun/imageio/plugins/jpeg/JPEGImageWriter.java
View File

@ -175,16 +175,9 @@ public class JPEGImageWriter extends ImageWriter {
initStatic();
}
@SuppressWarnings({"removal", "restricted"})
@SuppressWarnings("restricted")
private static void initStatic() {
java.security.AccessController.doPrivileged(
new java.security.PrivilegedAction<Void>() {
@Override
public Void run() {
System.loadLibrary("javajpeg");
return null;
}
});
initWriterIDs(JPEGQTable.class,
JPEGHuffmanTable.class);
}

5
src/java.desktop/share/classes/com/sun/imageio/stream/StreamCloser.java
View File

@ -28,8 +28,6 @@ package com.sun.imageio.stream;
import sun.awt.util.ThreadGroupUtils;
import java.io.IOException;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.Set;
import java.util.WeakHashMap;
import javax.imageio.stream.ImageInputStream;
@ -86,7 +84,6 @@ public class StreamCloser {
}
};
AccessController.doPrivileged((PrivilegedAction<Object>) () -> {
/* The thread must be a member of a thread group
* which will not get GCed before VM exit.
* Make its parent the top-level thread group.
@ -99,8 +96,6 @@ public class StreamCloser {
*/
streamCloser.setContextClassLoader(null);
Runtime.getRuntime().addShutdownHook(streamCloser);
return null;
});
}
}
}

32
src/java.desktop/share/classes/com/sun/java/swing/plaf/gtk/Metacity.java
View File

@ -60,8 +60,6 @@ import java.io.InputStreamReader;
import java.io.Reader;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;
@ -506,21 +504,12 @@ class Metacity implements SynthConstants {
private static class Privileged implements PrivilegedAction<Object> {
private static class ThemeGetter {
private static int GET_THEME_DIR = 0;
private static int GET_USER_THEME = 1;
private static int GET_IMAGE = 2;
private int type;
private Object arg;
@SuppressWarnings("removal")
public Object doPrivileged(int type, Object arg) {
this.type = type;
this.arg = arg;
return AccessController.doPrivileged(this);
}
public Object run() {
public Object getThemeItem(int type, Object arg) {
if (type == GET_THEME_DIR) {
String sep = File.separator;
String[] dirs = new String[] {
@ -618,11 +607,11 @@ class Metacity implements SynthConstants {
}
private static URL getThemeDir(String themeName) {
return (URL)new Privileged().doPrivileged(Privileged.GET_THEME_DIR, themeName);
return (URL)new ThemeGetter().getThemeItem(ThemeGetter.GET_THEME_DIR, themeName);
}
private static String getUserTheme() {
return (String)new Privileged().doPrivileged(Privileged.GET_USER_THEME, null);
return (String)new ThemeGetter().getThemeItem(ThemeGetter.GET_USER_THEME, null);
}
protected void tileImage(Graphics g, Image image, int x0, int y0, int w, int h, float[] alphas) {
@ -673,7 +662,7 @@ class Metacity implements SynthConstants {
try {
@SuppressWarnings("deprecation")
URL url = new URL(themeDir, key);
image = (Image)new Privileged().doPrivileged(Privileged.GET_IMAGE, url);
image = (Image)new ThemeGetter().getThemeItem(ThemeGetter.GET_IMAGE, url);
} catch (MalformedURLException ex) {
//log("Bad image url: "+ themeDir + "/" + key);
}
@ -1587,18 +1576,11 @@ class Metacity implements SynthConstants {
documentBuilder =
DocumentBuilderFactory.newInstance().newDocumentBuilder();
}
@SuppressWarnings("removal")
InputStream inputStream =
AccessController.doPrivileged(new PrivilegedAction<InputStream>() {
public InputStream run() {
InputStream inputStream = null;
try {
return new BufferedInputStream(xmlFile.openStream());
inputStream = new BufferedInputStream(xmlFile.openStream());
} catch (IOException ex) {
return null;
}
}
});
Document doc = null;
if (inputStream != null) {
doc = documentBuilder.parse(inputStream);

6
src/java.desktop/share/classes/com/sun/media/sound/JARSoundbankReader.java
View File

@ -32,7 +32,6 @@ import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.URL;
import java.net.URLClassLoader;
import java.security.AccessController;
import java.util.ArrayList;
import java.util.Objects;
@ -55,10 +54,7 @@ public final class JARSoundbankReader extends SoundbankReader {
* {@code true} if jar sound bank is allowed to be loaded default is
* {@code false}.
*/
@SuppressWarnings("removal")
private static final boolean JAR_SOUNDBANK_ENABLED =
AccessController.doPrivileged(
new GetBooleanAction("jdk.sound.jarsoundbank"));
private static final boolean JAR_SOUNDBANK_ENABLED = Boolean.getBoolean("jdk.sound.jarsoundbank");
private static boolean isZIP(URL url) {
boolean ok = false;

6
src/java.desktop/share/classes/com/sun/media/sound/JDK13Services.java
View File

@ -25,8 +25,6 @@
package com.sun.media.sound;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
@ -170,9 +168,7 @@ public final class JDK13Services {
return null;
}
String name = typeClass.getName();
@SuppressWarnings("removal")
String value = AccessController.doPrivileged(
(PrivilegedAction<String>) () -> System.getProperty(name));
String value = System.getProperty(name);
if (value == null) {
value = getProperties().getProperty(name);
}

37
src/java.desktop/share/classes/com/sun/media/sound/JSSecurityManager.java
View File

@ -29,8 +29,6 @@ import java.io.Reader;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
@ -41,7 +39,7 @@ import javax.sound.sampled.AudioPermission;
/** Managing security in the Java Sound implementation.
* This class contains all code that uses and is used by
* SecurityManager.doPrivileged().
* SecurityManager
*
* @author Matthias Pfisterer
*/
@ -74,24 +72,18 @@ final class JSSecurityManager {
* @param properties the properties bundle to store the values of the
* properties file
*/
@SuppressWarnings("removal")
static void loadProperties(final Properties properties) {
final String customFile = AccessController.doPrivileged(
(PrivilegedAction<String>) () -> System.getProperty(
"javax.sound.config.file"));
final String customFile = System.getProperty("javax.sound.config.file");
if (customFile != null) {
if (loadPropertiesImpl(properties, customFile)) {
return;
}
}
AccessController.doPrivileged((PrivilegedAction<Void>) () -> {
final String home = System.getProperty("java.home");
if (home == null) {
throw new Error("Can't find java.home ??");
}
loadPropertiesImpl(properties, home, "conf", "sound.properties");
return null;
});
}
private static boolean loadPropertiesImpl(final Properties properties,
@ -124,32 +116,11 @@ final class JSSecurityManager {
return thread;
}
@SuppressWarnings("removal")
static synchronized <T> List<T> getProviders(final Class<T> providerClass) {
List<T> p = new ArrayList<>(7);
// ServiceLoader creates "lazy" iterator instance, but it ensures that
// next/hasNext run with permissions that are restricted by whatever
// creates the ServiceLoader instance, so it requires to be called from
// privileged section
final PrivilegedAction<Iterator<T>> psAction =
new PrivilegedAction<Iterator<T>>() {
@Override
public Iterator<T> run() {
return ServiceLoader.load(providerClass).iterator();
}
};
final Iterator<T> ps = AccessController.doPrivileged(psAction);
final Iterator<T> ps = ServiceLoader.load(providerClass).iterator();
// the iterator's hasNext() method looks through classpath for
// the provider class names, so it requires read permissions
PrivilegedAction<Boolean> hasNextAction = new PrivilegedAction<Boolean>() {
@Override
public Boolean run() {
return ps.hasNext();
}
};
while (AccessController.doPrivileged(hasNextAction)) {
while (ps.hasNext()) {
try {
// the iterator's next() method creates instances of the
// providers and it should be called in the current security

7
src/java.desktop/share/classes/com/sun/media/sound/Platform.java
View File

@ -25,8 +25,6 @@
package com.sun.media.sound;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.StringTokenizer;
/**
@ -74,15 +72,12 @@ final class Platform {
/**
* Load the native library or libraries.
*/
@SuppressWarnings({"removal", "restricted"})
@SuppressWarnings("restricted")
private static void loadLibraries() {
// load the native library
isNativeLibLoaded = true;
try {
AccessController.doPrivileged((PrivilegedAction<Void>) () -> {
System.loadLibrary(libName);
return null;
});
} catch (Throwable t) {
if (Printer.err) Printer.err("Couldn't load library "+libName+": "+t.toString());
isNativeLibLoaded = false;

5
src/java.desktop/share/classes/com/sun/media/sound/Printer.java
View File

@ -25,7 +25,6 @@
package com.sun.media.sound;
import java.security.AccessController;
import sun.security.action.GetPropertyAction;
@ -66,9 +65,7 @@ final class Printer {
* Returns {@code true} if the build of the current jdk is "internal".
*/
private static boolean isBuildInternal() {
@SuppressWarnings("removal")
String javaVersion = AccessController.doPrivileged(
new GetPropertyAction("java.version"));
String javaVersion = System.getProperty("java.version");
return javaVersion != null && javaVersion.contains("internal");
}

32
src/java.desktop/share/classes/com/sun/media/sound/SoftSynthesizer.java
View File

@ -36,8 +36,6 @@ import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.lang.ref.WeakReference;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
@ -634,15 +632,19 @@ public final class SoftSynthesizer implements AudioSynthesizer,
}
}
static interface RunnableAction<T> {
T run();
}
@Override
public Soundbank getDefaultSoundbank() {
synchronized (SoftSynthesizer.class) {
if (defaultSoundBank != null)
return defaultSoundBank;
List<PrivilegedAction<InputStream>> actions = new ArrayList<>();
List<RunnableAction<InputStream>> actions = new ArrayList<>();
actions.add(new PrivilegedAction<InputStream>() {
actions.add(new RunnableAction<InputStream>() {
@Override
public InputStream run() {
File javahome = new File(System.getProperties()
@ -678,7 +680,7 @@ public final class SoftSynthesizer implements AudioSynthesizer,
}
});
actions.add(new PrivilegedAction<InputStream>() {
actions.add(new RunnableAction<InputStream>() {
@Override
public InputStream run() {
if (OSInfo.getOSType() == OSInfo.OSType.LINUX) {
@ -712,7 +714,7 @@ public final class SoftSynthesizer implements AudioSynthesizer,
}
});
actions.add(new PrivilegedAction<InputStream>() {
actions.add(new RunnableAction<InputStream>() {
@Override
public InputStream run() {
if (OSInfo.getOSType() == OSInfo.OSType.WINDOWS) {
@ -729,7 +731,7 @@ public final class SoftSynthesizer implements AudioSynthesizer,
}
});
actions.add(new PrivilegedAction<InputStream>() {
actions.add(new RunnableAction<InputStream>() {
@Override
public InputStream run() {
/*
@ -749,10 +751,9 @@ public final class SoftSynthesizer implements AudioSynthesizer,
}
});
for (PrivilegedAction<InputStream> action : actions) {
for (RunnableAction<InputStream> action : actions) {
try {
@SuppressWarnings("removal")
InputStream is = AccessController.doPrivileged(action);
InputStream is = action.run();
if(is == null) continue;
Soundbank sbk;
try (is) {
@ -778,9 +779,8 @@ public final class SoftSynthesizer implements AudioSynthesizer,
/*
* Save generated soundbank to disk for faster future use.
*/
@SuppressWarnings("removal")
OutputStream out = AccessController
.doPrivileged((PrivilegedAction<OutputStream>) () -> {
OutputStream out =
((RunnableAction<OutputStream>) () -> {
try {
File userhome = new File(System
.getProperty("user.home"), ".gervill");
@ -798,7 +798,7 @@ public final class SoftSynthesizer implements AudioSynthesizer,
} catch (final FileNotFoundException ignored) {
}
return null;
});
}).run();
if (out != null) {
try (out) {
((SF2Soundbank) defaultSoundBank).save(out);
@ -897,10 +897,7 @@ public final class SoftSynthesizer implements AudioSynthesizer,
return info;
}
@SuppressWarnings("removal")
private Properties getStoredProperties() {
return AccessController
.doPrivileged((PrivilegedAction<Properties>) () -> {
Properties p = new Properties();
String notePath = "/com/sun/media/sound/softsynthesizer";
try {
@ -918,7 +915,6 @@ public final class SoftSynthesizer implements AudioSynthesizer,
} catch (final BackingStoreException ignored) {
}
return p;
});
}
@Override

4
src/java.desktop/share/classes/javax/imageio/ImageIO.java
View File

@ -165,10 +165,8 @@ public final class ImageIO {
* Returns the default temporary (cache) directory as defined by the
* java.io.tmpdir system property.
*/
@SuppressWarnings("removal")
private static String getTempDir() {
GetPropertyAction a = new GetPropertyAction("java.io.tmpdir");
return AccessController.doPrivileged(a);
return System.getProperty("java.io.tmpdir");
}
/**

7
src/java.desktop/share/classes/javax/imageio/metadata/IIOMetadata.java
View File

@ -28,8 +28,6 @@ package javax.imageio.metadata;
import org.w3c.dom.Node;
import java.lang.reflect.Method;
import java.security.AccessController;
import java.security.PrivilegedAction;
/**
* An abstract class to be extended by objects that represent metadata
@ -398,12 +396,9 @@ public abstract class IIOMetadata {
throw new IllegalArgumentException("Unsupported format name");
}
try {
final String className = formatClassName;
// Try to load from the module of the IIOMetadata implementation
// for this plugin since the IIOMetadataImpl is part of the plugin
PrivilegedAction<Class<?>> pa = () -> { return getMetadataFormatClass(className); };
@SuppressWarnings("removal")
Class<?> cls = AccessController.doPrivileged(pa);
Class<?> cls = getMetadataFormatClass(formatClassName);
Method meth = cls.getMethod("getInstance");
return (IIOMetadataFormat) meth.invoke(null);
} catch (Exception e) {

18
src/java.desktop/share/classes/javax/imageio/spi/IIORegistry.java
View File

@ -25,8 +25,6 @@
package javax.imageio.spi;
import java.security.PrivilegedAction;
import java.security.AccessController;
import java.util.Iterator;
import com.sun.imageio.spi.FileImageInputStreamSpi;
import com.sun.imageio.spi.FileImageOutputStreamSpi;
@ -197,18 +195,7 @@ public final class IIORegistry extends ServiceRegistry {
}
}
@SuppressWarnings("removal")
private void registerInstalledProviders() {
/*
We need to load installed providers
in the privileged mode in order to
be able read corresponding jar files even if
file read capability is restricted (like the
applet context case).
*/
PrivilegedAction<Object> doRegistration =
new PrivilegedAction<Object>() {
public Object run() {
Iterator<Class<?>> categories = getCategories();
while (categories.hasNext()) {
@SuppressWarnings("unchecked")
@ -217,10 +204,5 @@ public final class IIORegistry extends ServiceRegistry {
registerServiceProvider(p);
}
}
return this;
}
};
AccessController.doPrivileged(doRegistration);
}
}

7
src/java.desktop/share/classes/javax/imageio/spi/ImageReaderWriterSpi.java
View File

@ -26,8 +26,6 @@
package javax.imageio.spi;
import java.lang.reflect.Method;
import java.security.AccessController;
import java.security.PrivilegedAction;
import javax.imageio.metadata.IIOMetadata;
import javax.imageio.metadata.IIOMetadataFormat;
import javax.imageio.metadata.IIOMetadataFormatImpl;
@ -584,10 +582,7 @@ public abstract class ImageReaderWriterSpi extends IIOServiceProvider {
}
try {
// Try to load from the same location as the module of the SPI
final String className = formatClassName;
PrivilegedAction<Class<?>> pa = () -> { return getMetadataFormatClass(className); };
@SuppressWarnings("removal")
Class<?> cls = AccessController.doPrivileged(pa);
Class<?> cls = getMetadataFormatClass(formatClassName);
Method meth = cls.getMethod("getInstance");
return (IIOMetadataFormat) meth.invoke(null);
} catch (Exception e) {

18
src/java.desktop/share/classes/javax/imageio/spi/ServiceRegistry.java
View File

@ -25,9 +25,6 @@
package javax.imageio.spi;
import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
@ -731,8 +728,6 @@ class SubRegistry {
// No way to express heterogeneous map, we want
// Map<Class<T>, T>, where T is ?
final Map<Class<?>, Object> map = new HashMap<>();
@SuppressWarnings("removal")
final Map<Class<?>, AccessControlContext> accMap = new HashMap<>();
public SubRegistry(ServiceRegistry registry, Class<?> category) {
this.registry = registry;
@ -748,7 +743,6 @@ class SubRegistry {
deregisterServiceProvider(oprovider);
}
map.put(provider.getClass(), provider);
accMap.put(provider.getClass(), AccessController.getContext());
poset.add(provider);
if (provider instanceof RegisterableService) {
RegisterableService rs = (RegisterableService)provider;
@ -773,7 +767,6 @@ class SubRegistry {
if (provider == oprovider) {
map.remove(provider.getClass());
accMap.remove(provider.getClass());
poset.remove(provider);
if (provider instanceof RegisterableService) {
RegisterableService rs = (RegisterableService)provider;
@ -815,26 +808,17 @@ class SubRegistry {
return (T)map.get(providerClass);
}
@SuppressWarnings("removal")
public synchronized void clear() {
Iterator<Object> iter = map.values().iterator();
while (iter.hasNext()) {
Object provider = iter.next();
iter.remove();
if (provider instanceof RegisterableService) {
RegisterableService rs = (RegisterableService)provider;
AccessControlContext acc = accMap.get(provider.getClass());
if (acc != null || System.getSecurityManager() == null) {
AccessController.doPrivileged((PrivilegedAction<Void>) () -> {
if (provider instanceof RegisterableService rs) {
rs.onDeregistration(registry, category);
return null;
}, acc);
}
}
}
poset.clear();
accMap.clear();
}
@SuppressWarnings("removal")

5
src/java.desktop/share/classes/javax/print/DocFlavor.java
View File

@ -410,10 +410,7 @@ public class DocFlavor implements Serializable, Cloneable {
* @spec https://www.rfc-editor.org/info/rfc2278
* RFC 2278: IANA Charset Registration Procedures
*/
@SuppressWarnings("removal")
public static final String hostEncoding =
java.security.AccessController.doPrivileged(
new sun.security.action.GetPropertyAction("file.encoding"));
public static final String hostEncoding = System.getProperty("file.encoding");
/**
* MIME type.

24
src/java.desktop/share/classes/javax/print/PrintServiceLookup.java
View File

@ -335,7 +335,6 @@ public abstract class PrintServiceLookup {
*
* @return all lookup services for this environment
*/
@SuppressWarnings("removal")
private static ArrayList<PrintServiceLookup> getAllLookupServices() {
synchronized (PrintServiceLookup.class) {
ArrayList<PrintServiceLookup> listOfLookupServices = getListOfLookupServices();
@ -344,32 +343,11 @@ public abstract class PrintServiceLookup {
} else {
listOfLookupServices = initListOfLookupServices();
}
try {
java.security.AccessController.doPrivileged(
new java.security.PrivilegedExceptionAction<Object>() {
public Object run() {
Iterator<PrintServiceLookup> iterator =
ServiceLoader.load(PrintServiceLookup.class).
iterator();
Iterator<PrintServiceLookup> iterator = ServiceLoader.load(PrintServiceLookup.class).iterator();
ArrayList<PrintServiceLookup> los = getListOfLookupServices();
while (iterator.hasNext()) {
try {
los.add(iterator.next());
} catch (ServiceConfigurationError err) {
/* In the applet case, we continue */
if (System.getSecurityManager() != null) {
err.printStackTrace();
} else {
throw err;
}
}
}
return null;
}
});
} catch (java.security.PrivilegedActionException e) {
}
return listOfLookupServices;
}
}

22
src/java.desktop/share/classes/javax/print/StreamPrintServiceFactory.java
View File

@ -183,7 +183,6 @@ public abstract class StreamPrintServiceFactory {
*
* @return all factories
*/
@SuppressWarnings("removal")
private static ArrayList<StreamPrintServiceFactory> getAllFactories() {
synchronized (StreamPrintServiceFactory.class) {
@ -194,30 +193,11 @@ public abstract class StreamPrintServiceFactory {
listOfFactories = initListOfFactories();
}
try {
java.security.AccessController.doPrivileged(
new java.security.PrivilegedExceptionAction<Object>() {
public Object run() {
Iterator<StreamPrintServiceFactory> iterator =
ServiceLoader.load
(StreamPrintServiceFactory.class).iterator();
ServiceLoader.load(StreamPrintServiceFactory.class).iterator();
ArrayList<StreamPrintServiceFactory> lof = getListOfFactories();
while (iterator.hasNext()) {
try {
lof.add(iterator.next());
} catch (ServiceConfigurationError err) {
/* In the applet case, we continue */
if (System.getSecurityManager() != null) {
err.printStackTrace();
} else {
throw err;
}
}
}
return null;
}
});
} catch (java.security.PrivilegedActionException e) {
}
return listOfFactories;
}