From e8b79573d2009d2a714afe73608235e87e2a4245 Mon Sep 17 00:00:00 2001 From: Weijun Wang Date: Wed, 9 Feb 2011 11:50:29 +0800 Subject: [PATCH 01/14] 6618658: Deserialization allows creation of mutable SignedObject Reviewed-by: hawtin, mullan --- .../classes/java/security/SignedObject.java | 12 ++-- .../security/SignedObject/Correctness.java | 71 +++++++++++++++++++ 2 files changed, 77 insertions(+), 6 deletions(-) create mode 100644 jdk/test/java/security/SignedObject/Correctness.java diff --git a/jdk/src/share/classes/java/security/SignedObject.java b/jdk/src/share/classes/java/security/SignedObject.java index 8d5631d9ff9..1f901fa1c77 100644 --- a/jdk/src/share/classes/java/security/SignedObject.java +++ b/jdk/src/share/classes/java/security/SignedObject.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2003, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -249,10 +249,10 @@ public final class SignedObject implements Serializable { * a stream. */ private void readObject(java.io.ObjectInputStream s) - throws java.io.IOException, ClassNotFoundException - { - s.defaultReadObject(); - content = content.clone(); - signature = signature.clone(); + throws java.io.IOException, ClassNotFoundException { + java.io.ObjectInputStream.GetField fields = s.readFields(); + content = ((byte[])fields.get("content", null)).clone(); + signature = ((byte[])fields.get("signature", null)).clone(); + thealgorithm = (String)fields.get("thealgorithm", null); } } diff --git a/jdk/test/java/security/SignedObject/Correctness.java b/jdk/test/java/security/SignedObject/Correctness.java new file mode 100644 index 00000000000..26430cdbec7 --- /dev/null +++ b/jdk/test/java/security/SignedObject/Correctness.java @@ -0,0 +1,71 @@ +/* + * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 6618658 + * @summary Deserialization allows creation of mutable SignedObject + */ + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.ObjectInputStream; +import java.io.ObjectOutputStream; +import java.security.KeyPair; +import java.security.KeyPairGenerator; +import java.security.Signature; +import java.security.SignedObject; + + +public class Correctness { + + public static void main(String[] args) throws Exception { + + String SIGALG = "SHA1withRSA"; + KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA"); + KeyPair kp = kpg.generateKeyPair(); + + SignedObject so1 = new SignedObject("Hello", kp.getPrivate(), + Signature.getInstance(SIGALG)); + + ByteArrayOutputStream byteOut = new ByteArrayOutputStream(); + ObjectOutputStream out = new ObjectOutputStream(byteOut); + out.writeObject(so1); + out.close(); + + byte[] data = byteOut.toByteArray(); + + SignedObject so2 = (SignedObject)new ObjectInputStream( + new ByteArrayInputStream(data)).readObject(); + + if (!so2.getObject().equals("Hello")) { + throw new Exception("Content changed"); + } + if (!so2.getAlgorithm().equals(SIGALG)) { + throw new Exception("Signature algorithm unknown"); + } + if (!so2.verify(kp.getPublic(), Signature.getInstance(SIGALG))) { + throw new Exception("Not verified"); + } + } +} From 0c700cc07d05b7dd968e75c22f2e47099d2eeeab Mon Sep 17 00:00:00 2001 From: Andrew Brygin Date: Thu, 17 Feb 2011 12:21:49 +0300 Subject: [PATCH 02/14] 7013519: [parfait] Integer overflows in 2D code Reviewed-by: prr, valeriep --- jdk/src/share/native/sun/awt/image/jpeg/imageioJPEG.c | 7 +++++++ jdk/src/share/native/sun/font/layout/SunLayoutEngine.cpp | 6 +++++- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/jdk/src/share/native/sun/awt/image/jpeg/imageioJPEG.c b/jdk/src/share/native/sun/awt/image/jpeg/imageioJPEG.c index 04a87fd1cac..7f0c3aac9a0 100644 --- a/jdk/src/share/native/sun/awt/image/jpeg/imageioJPEG.c +++ b/jdk/src/share/native/sun/awt/image/jpeg/imageioJPEG.c @@ -1971,6 +1971,13 @@ Java_com_sun_imageio_plugins_jpeg_JPEGImageReader_readImage return data->abortFlag; } + if (cinfo->output_components <= 0 || + cinfo->image_width > (0xffffffffu / (unsigned int)cinfo->output_components)) + { + JNU_ThrowByName(env, "javax/imageio/IIOException", + "Invalid number of output components"); + return data->abortFlag; + } // Allocate a 1-scanline buffer scanLinePtr = (JSAMPROW)malloc(cinfo->image_width*cinfo->output_components); diff --git a/jdk/src/share/native/sun/font/layout/SunLayoutEngine.cpp b/jdk/src/share/native/sun/font/layout/SunLayoutEngine.cpp index 553334a1895..c7db94829f4 100644 --- a/jdk/src/share/native/sun/font/layout/SunLayoutEngine.cpp +++ b/jdk/src/share/native/sun/font/layout/SunLayoutEngine.cpp @@ -186,7 +186,11 @@ JNIEXPORT void JNICALL Java_sun_font_SunLayoutEngine_nativeLayout jchar buffer[256]; jchar* chars = buffer; if (len > 256) { - chars = (jchar*)malloc(len * sizeof(jchar)); + size_t size = len * sizeof(jchar); + if (size / sizeof(jchar) != len) { + return; + } + chars = (jchar*)malloc(size); if (chars == 0) { return; } From bbcb5e8be370849ece7914a875f2aa43eac7399a Mon Sep 17 00:00:00 2001 From: Chris Hegarty Date: Fri, 18 Feb 2011 13:31:57 +0000 Subject: [PATCH 03/14] 7013969: NetworkInterface.toString can reveal bindings Reviewed-by: alanb, michaelm, hawtin --- jdk/src/share/classes/java/net/NetworkInterface.java | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/jdk/src/share/classes/java/net/NetworkInterface.java b/jdk/src/share/classes/java/net/NetworkInterface.java index 1a0fab28cfa..c384380a2fa 100644 --- a/jdk/src/share/classes/java/net/NetworkInterface.java +++ b/jdk/src/share/classes/java/net/NetworkInterface.java @@ -547,13 +547,8 @@ public final class NetworkInterface { if (displayName != null) { result += " (" + displayName + ")"; } - result += " index: "+index+" addresses:\n"; - for (Enumeration e = getInetAddresses(); e.hasMoreElements(); ) { - InetAddress addr = (InetAddress)e.nextElement(); - result += addr+";\n"; - } return result; } - private static native void init(); + private static native void init(); } From a6c14fb5129ad481b5d538030f25a47443da59ab Mon Sep 17 00:00:00 2001 From: Dmitry Cherepanov Date: Fri, 25 Feb 2011 15:54:54 +0300 Subject: [PATCH 04/14] 7012520: Heap overflow vulnerability in FileDialog.show() Reviewed-by: art, anthony --- jdk/src/windows/native/sun/windows/awt_FileDialog.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/jdk/src/windows/native/sun/windows/awt_FileDialog.cpp b/jdk/src/windows/native/sun/windows/awt_FileDialog.cpp index a0762b4eaaf..e47f0433638 100644 --- a/jdk/src/windows/native/sun/windows/awt_FileDialog.cpp +++ b/jdk/src/windows/native/sun/windows/awt_FileDialog.cpp @@ -285,7 +285,7 @@ AwtFileDialog::Show(void *p) file = (jstring)env->GetObjectField(target, AwtFileDialog::fileID); if (file != NULL) { LPCTSTR tmp = JNU_GetStringPlatformChars(env, file, NULL); - _tcscpy(fileBuffer, tmp); + _tcsncpy(fileBuffer, tmp, bufferLimit - 2); // the fileBuffer is double null terminated string JNU_ReleaseStringPlatformChars(env, file, tmp); } else { fileBuffer[0] = _T('\0'); From 799cba0df4eba55b082e9a9628cce3308ac9c81c Mon Sep 17 00:00:00 2001 From: Jim Graham Date: Wed, 2 Mar 2011 05:35:14 -0800 Subject: [PATCH 05/14] 7016495: Crash in Java 2D transforming an image with scale close to zero Reviewed-by: prr, bae --- .../classes/sun/java2d/pipe/DrawImage.java | 3 + .../native/sun/java2d/loops/TransformHelper.c | 312 +++++++++++++++--- .../awt/image/BufferedImage/TinyScale.java | 68 ++++ 3 files changed, 339 insertions(+), 44 deletions(-) create mode 100644 jdk/test/java/awt/image/BufferedImage/TinyScale.java diff --git a/jdk/src/share/classes/sun/java2d/pipe/DrawImage.java b/jdk/src/share/classes/sun/java2d/pipe/DrawImage.java index dccaba7432f..f702a68be68 100644 --- a/jdk/src/share/classes/sun/java2d/pipe/DrawImage.java +++ b/jdk/src/share/classes/sun/java2d/pipe/DrawImage.java @@ -509,6 +509,9 @@ public class DrawImage implements DrawImagePipe * edges thus has to be h*2+2 in length */ int edges[] = new int[(dy2-dy1)*2+2]; + // It is important that edges[0]=edges[1]=0 when we call + // Transform in case it must return early and we would + // not want to render anything on an error condition. helper.Transform(tmpmaskblit, srcData, tmpData, AlphaComposite.Src, null, itx, interpType, diff --git a/jdk/src/share/native/sun/java2d/loops/TransformHelper.c b/jdk/src/share/native/sun/java2d/loops/TransformHelper.c index 7ccfb0694dc..a5117747476 100644 --- a/jdk/src/share/native/sun/java2d/loops/TransformHelper.c +++ b/jdk/src/share/native/sun/java2d/loops/TransformHelper.c @@ -74,6 +74,94 @@ static TransformInterpFunc BicubicInterpStub; TransformInterpFunc *pBilinearFunc = BilinearInterp; TransformInterpFunc *pBicubicFunc = BicubicInterp; +/* + * The dxydxy parameters of the inverse transform determine how + * quickly we step through the source image. For tiny scale + * factors (on the order of 1E-16 or so) the stepping distances + * are huge. The image has been scaled so small that stepping + * a single pixel in device space moves the sampling point by + * billions (or more) pixels in the source image space. These + * huge stepping values can overflow the whole part of the longs + * we use for the fixed point stepping equations and so we need + * a more robust solution. We could simply iterate over every + * device pixel, use the inverse transform to transform it back + * into the source image coordinate system and then test it for + * being in range and sample pixel-by-pixel, but that is quite + * a bit more expensive. Fortunately, if the scale factors are + * so tiny that we overflow our long values then the number of + * pixels we are planning to visit should be very tiny. The only + * exception to that rule is if the scale factor along one + * dimension is tiny (creating the huge stepping values), and + * the scale factor along the other dimension is fairly regular + * or an up-scale. In that case we have a lot of pixels along + * the direction of the larger axis to sample, but few along the + * smaller axis. Though, pessimally, with an added shear factor + * such a linearly tiny image could have bounds that cover a large + * number of pixels. Such odd transformations should be very + * rare and the absolute limit on calculations would involve a + * single reverse transform of every pixel in the output image + * which is not fast, but it should not cause an undue stall + * of the rendering software. + * + * The specific test we will use is to calculate the inverse + * transformed values of every corner of the destination bounds + * (in order to be user-clip independent) and if we can + * perform a fixed-point-long inverse transform of all of + * those points without overflowing we will use the fast + * fixed point algorithm. Otherwise we will use the safe + * per-pixel transform algorithm. + * The 4 corners are 0,0, 0,dsth, dstw,0, dstw,dsth + * Transformed they are: + * tx, ty + * tx +dxdy*H, ty +dydy*H + * tx+dxdx*W, ty+dydx*W + * tx+dxdx*W+dxdy*H, ty+dydx*W+dydy*H + */ +/* We reject coordinates not less than 1<<30 so that the distance between */ +/* any 2 of them is less than 1<<31 which would overflow into the sign */ +/* bit of a signed long value used to represent fixed point coordinates. */ +#define TX_FIXED_UNSAFE(v) (fabs(v) >= (1<<30)) +static jboolean +checkOverflow(jint dxoff, jint dyoff, + SurfaceDataBounds *pBounds, + TransformInfo *pItxInfo, + jdouble *retx, jdouble *rety) +{ + jdouble x, y; + + x = dxoff+pBounds->x1+0.5; /* Center of pixel x1 */ + y = dyoff+pBounds->y1+0.5; /* Center of pixel y1 */ + Transform_transform(pItxInfo, &x, &y); + *retx = x; + *rety = y; + if (TX_FIXED_UNSAFE(x) || TX_FIXED_UNSAFE(y)) { + return JNI_TRUE; + } + + x = dxoff+pBounds->x2-0.5; /* Center of pixel x2-1 */ + y = dyoff+pBounds->y1+0.5; /* Center of pixel y1 */ + Transform_transform(pItxInfo, &x, &y); + if (TX_FIXED_UNSAFE(x) || TX_FIXED_UNSAFE(y)) { + return JNI_TRUE; + } + + x = dxoff+pBounds->x1+0.5; /* Center of pixel x1 */ + y = dyoff+pBounds->y2-0.5; /* Center of pixel y2-1 */ + Transform_transform(pItxInfo, &x, &y); + if (TX_FIXED_UNSAFE(x) || TX_FIXED_UNSAFE(y)) { + return JNI_TRUE; + } + + x = dxoff+pBounds->x2-0.5; /* Center of pixel x2-1 */ + y = dyoff+pBounds->y2-0.5; /* Center of pixel y2-1 */ + Transform_transform(pItxInfo, &x, &y); + if (TX_FIXED_UNSAFE(x) || TX_FIXED_UNSAFE(y)) { + return JNI_TRUE; + } + + return JNI_FALSE; +} + /* * Fill the edge buffer with pairs of coordinates representing the maximum * left and right pixels of the destination surface that should be processed @@ -82,21 +170,19 @@ TransformInterpFunc *pBicubicFunc = BicubicInterp; * Only pixels that map back through the specified (inverse) transform to a * source coordinate that falls within the (0, 0, sw, sh) bounds of the * source image should be processed. - * pEdgeBuf points to an array of jints that holds MAXEDGES*2 values. - * If more storage is needed, then this function allocates a new buffer. - * In either case, a pointer to the buffer actually used to store the - * results is returned. - * The caller is responsible for freeing the buffer if the return value - * is not the same as the original pEdgeBuf passed in. + * pEdges points to an array of jints that holds 2 + numedges*2 values where + * numedges should match (pBounds->y2 - pBounds->y1). + * The first two jints in pEdges should be set to y1 and y2 and every pair + * of jints after that represent the xmin,xmax of all pixels in range of + * the transformed blit for the corresponding scanline. */ -static jint * -calculateEdges(jint *pEdgeBuf, +static void +calculateEdges(jint *pEdges, SurfaceDataBounds *pBounds, TransformInfo *pItxInfo, jlong xbase, jlong ybase, juint sw, juint sh) { - jint *pEdges; jlong dxdxlong, dydxlong; jlong dxdylong, dydylong; jlong drowxlong, drowylong; @@ -111,10 +197,8 @@ calculateEdges(jint *pEdgeBuf, dy1 = pBounds->y1; dx2 = pBounds->x2; dy2 = pBounds->y2; - if ((dy2-dy1) > MAXEDGES) { - pEdgeBuf = malloc(2 * (dy2-dy1) * sizeof (*pEdges)); - } - pEdges = pEdgeBuf; + *pEdges++ = dy1; + *pEdges++ = dy2; drowxlong = (dx2-dx1-1) * dxdxlong; drowylong = (dx2-dx1-1) * dydxlong; @@ -155,10 +239,22 @@ calculateEdges(jint *pEdgeBuf, ybase += dydylong; dy1++; } - - return pEdgeBuf; } +static void +Transform_SafeHelper(JNIEnv *env, + SurfaceDataOps *srcOps, + SurfaceDataOps *dstOps, + SurfaceDataRasInfo *pSrcInfo, + SurfaceDataRasInfo *pDstInfo, + NativePrimitive *pMaskBlitPrim, + CompositeInfo *pCompInfo, + TransformHelperFunc *pHelperFunc, + TransformInterpFunc *pInterpFunc, + RegionData *pClipInfo, TransformInfo *pItxInfo, + jint *pData, jint *pEdges, + jint dxoff, jint dyoff, jint sw, jint sh); + /* * Class: sun_java2d_loops_TransformHelper * Method: Transform @@ -187,12 +283,14 @@ Java_sun_java2d_loops_TransformHelper_Transform jint maxlinepix; TransformHelperFunc *pHelperFunc; TransformInterpFunc *pInterpFunc; - jint edgebuf[MAXEDGES * 2]; + jdouble xorig, yorig; + jint numedges; jint *pEdges; - jdouble x, y; - jlong xbase, ybase; - jlong dxdxlong, dydxlong; - jlong dxdylong, dydylong; + jint edgebuf[2 + MAXEDGES * 2]; + union { + jlong align; + jint data[LINE_SIZE]; + } rgb; #ifdef MAKE_STUBS static int th_initialized; @@ -269,39 +367,62 @@ Java_sun_java2d_loops_TransformHelper_Transform if (srcOps->Lock(env, srcOps, &srcInfo, pHelperPrim->srcflags) != SD_SUCCESS) { + /* edgeArray should already contain zeros for min/maxy */ return; } if (dstOps->Lock(env, dstOps, &dstInfo, pMaskBlitPrim->dstflags) != SD_SUCCESS) { SurfaceData_InvokeUnlock(env, srcOps, &srcInfo); + /* edgeArray should already contain zeros for min/maxy */ return; } Region_IntersectBounds(&clipInfo, &dstInfo.bounds); - Transform_GetInfo(env, itxform, &itxInfo); - dxdxlong = DblToLong(itxInfo.dxdx); - dydxlong = DblToLong(itxInfo.dydx); - dxdylong = DblToLong(itxInfo.dxdy); - dydylong = DblToLong(itxInfo.dydy); - x = dxoff+dstInfo.bounds.x1+0.5; /* Center of pixel x1 */ - y = dyoff+dstInfo.bounds.y1+0.5; /* Center of pixel y1 */ - Transform_transform(&itxInfo, &x, &y); - xbase = DblToLong(x); - ybase = DblToLong(y); + numedges = (dstInfo.bounds.y2 - dstInfo.bounds.y1); + if (numedges > MAXEDGES) { + pEdges = malloc((2 + 2 * numedges) * sizeof (*pEdges)); + if (pEdges == NULL) { + SurfaceData_InvokeUnlock(env, dstOps, &dstInfo); + SurfaceData_InvokeUnlock(env, srcOps, &srcInfo); + /* edgeArray should already contain zeros for min/maxy */ + return; + } + } else { + pEdges = edgebuf; + } - pEdges = calculateEdges(edgebuf, &dstInfo.bounds, &itxInfo, - xbase, ybase, sx2-sx1, sy2-sy1); + Transform_GetInfo(env, itxform, &itxInfo); if (!Region_IsEmpty(&clipInfo)) { srcOps->GetRasInfo(env, srcOps, &srcInfo); dstOps->GetRasInfo(env, dstOps, &dstInfo); - if (srcInfo.rasBase && dstInfo.rasBase) { - union { - jlong align; - jint data[LINE_SIZE]; - } rgb; + if (srcInfo.rasBase == NULL || dstInfo.rasBase == NULL) { + pEdges[0] = pEdges[1] = 0; + } else if (checkOverflow(dxoff, dyoff, &dstInfo.bounds, + &itxInfo, &xorig, &yorig)) + { + Transform_SafeHelper(env, srcOps, dstOps, + &srcInfo, &dstInfo, + pMaskBlitPrim, &compInfo, + pHelperFunc, pInterpFunc, + &clipInfo, &itxInfo, rgb.data, pEdges, + dxoff, dyoff, sx2-sx1, sy2-sy1); + } else { SurfaceDataBounds span; + jlong dxdxlong, dydxlong; + jlong dxdylong, dydylong; + jlong xbase, ybase; + + dxdxlong = DblToLong(itxInfo.dxdx); + dydxlong = DblToLong(itxInfo.dydx); + dxdylong = DblToLong(itxInfo.dxdy); + dydylong = DblToLong(itxInfo.dydy); + xbase = DblToLong(xorig); + ybase = DblToLong(yorig); + + calculateEdges(pEdges, &dstInfo.bounds, &itxInfo, + xbase, ybase, sx2-sx1, sy2-sy1); Region_StartIteration(env, &clipInfo); while (Region_NextIteration(&clipInfo, &span)) { @@ -318,8 +439,8 @@ Java_sun_java2d_loops_TransformHelper_Transform /* Note - process at most one scanline at a time. */ - dx1 = pEdges[(dy1 - dstInfo.bounds.y1) * 2]; - dx2 = pEdges[(dy1 - dstInfo.bounds.y1) * 2 + 1]; + dx1 = pEdges[(dy1 - dstInfo.bounds.y1) * 2 + 2]; + dx2 = pEdges[(dy1 - dstInfo.bounds.y1) * 2 + 3]; if (dx1 < span.x1) dx1 = span.x1; if (dx2 > span.x2) dx2 = span.x2; @@ -376,21 +497,124 @@ Java_sun_java2d_loops_TransformHelper_Transform } SurfaceData_InvokeRelease(env, dstOps, &dstInfo); SurfaceData_InvokeRelease(env, srcOps, &srcInfo); + } else { + pEdges[0] = pEdges[1] = 0; } SurfaceData_InvokeUnlock(env, dstOps, &dstInfo); SurfaceData_InvokeUnlock(env, srcOps, &srcInfo); if (!JNU_IsNull(env, edgeArray)) { - (*env)->SetIntArrayRegion(env, edgeArray, 0, 1, &dstInfo.bounds.y1); - (*env)->SetIntArrayRegion(env, edgeArray, 1, 1, &dstInfo.bounds.y2); - (*env)->SetIntArrayRegion(env, edgeArray, - 2, (dstInfo.bounds.y2 - dstInfo.bounds.y1)*2, - pEdges); + (*env)->SetIntArrayRegion(env, edgeArray, 0, 2+numedges*2, pEdges); } if (pEdges != edgebuf) { free(pEdges); } } +static void +Transform_SafeHelper(JNIEnv *env, + SurfaceDataOps *srcOps, + SurfaceDataOps *dstOps, + SurfaceDataRasInfo *pSrcInfo, + SurfaceDataRasInfo *pDstInfo, + NativePrimitive *pMaskBlitPrim, + CompositeInfo *pCompInfo, + TransformHelperFunc *pHelperFunc, + TransformInterpFunc *pInterpFunc, + RegionData *pClipInfo, TransformInfo *pItxInfo, + jint *pData, jint *pEdges, + jint dxoff, jint dyoff, jint sw, jint sh) +{ + SurfaceDataBounds span; + jint dx1, dx2; + jint dy1, dy2; + jint i, iy; + + dy1 = pDstInfo->bounds.y1; + dy2 = pDstInfo->bounds.y2; + dx1 = pDstInfo->bounds.x1; + dx2 = pDstInfo->bounds.x2; + pEdges[0] = dy1; + pEdges[1] = dy2; + for (iy = dy1; iy < dy2; iy++) { + jint i = (iy - dy1) * 2; + /* row spans are set to max,min until we find a pixel in range below */ + pEdges[i + 2] = dx2; + pEdges[i + 3] = dx1; + } + + Region_StartIteration(env, pClipInfo); + while (Region_NextIteration(pClipInfo, &span)) { + dy1 = span.y1; + dy2 = span.y2; + while (dy1 < dy2) { + dx1 = span.x1; + dx2 = span.x2; + i = (dy1 - pDstInfo->bounds.y1) * 2; + while (dx1 < dx2) { + jdouble x, y; + jlong xlong, ylong; + + x = dxoff + dx1 + 0.5; + y = dyoff + dy1 + 0.5; + Transform_transform(pItxInfo, &x, &y); + xlong = DblToLong(x); + ylong = DblToLong(y); + + /* Process only pixels with centers in bounds + * Test double values to avoid overflow in conversion + * to long values and then also test the long values + * in case they rounded up and out of bounds during + * the conversion. + */ + if (x >= 0 && y >= 0 && x < sw && y < sh && + WholeOfLong(xlong) < sw && + WholeOfLong(ylong) < sh) + { + void *pDst; + + if (pEdges[i + 2] > dx1) { + pEdges[i + 2] = dx1; + } + if (pEdges[i + 3] <= dx1) { + pEdges[i + 3] = dx1 + 1; + } + + /* Get IntArgbPre pixel data from source */ + (*pHelperFunc)(pSrcInfo, + pData, 1, + xlong, 0, + ylong, 0); + + /* Interpolate result pixels if needed */ + if (pInterpFunc) { + (*pInterpFunc)(pData, 1, + FractOfLong(xlong-LongOneHalf), 0, + FractOfLong(ylong-LongOneHalf), 0); + } + + /* Store/Composite interpolated pixels into dest */ + pDst = PtrCoord(pDstInfo->rasBase, + dx1, pDstInfo->pixelStride, + dy1, pDstInfo->scanStride); + (*pMaskBlitPrim->funcs.maskblit)(pDst, pData, + 0, 0, 0, + 1, 1, + pDstInfo, pSrcInfo, + pMaskBlitPrim, + pCompInfo); + } + + /* Increment to next input pixel */ + dx1++; + } + + /* Increment to next scanline */ + dy1++; + } + } + Region_EndIteration(env, pClipInfo); +} + #define BL_INTERP_V1_to_V2_by_F(v1, v2, f) \ (((v1)<<8) + ((v2)-(v1))*(f)) diff --git a/jdk/test/java/awt/image/BufferedImage/TinyScale.java b/jdk/test/java/awt/image/BufferedImage/TinyScale.java new file mode 100644 index 00000000000..83a5dbcccae --- /dev/null +++ b/jdk/test/java/awt/image/BufferedImage/TinyScale.java @@ -0,0 +1,68 @@ +/* + * @test %W% %E% + * @bug 7016495 + * @summary Test tiny scales of BufferedImage + */ + +import java.awt.*; +import java.awt.geom.*; +import java.awt.image.*; + +public class TinyScale { + static double tinyscales[] = { + 1E-0, + 1E-1, + 1E-2, + 1E-3, + 1E-4, + 1E-5, + 1E-6, + 1E-7, + 1E-8, + 1E-9, + 1E-10, + 1E-11, + 1E-12, + 1E-13, + 1E-14, + 1E-15, + 1E-16, + 1E-17, + 1E-18, + 1E-19, + 1E-20, + 1E-21, + 1E-22, + 1E-23, + 1E-24, + 1E-25, + 1E-26, + 1E-27, + 1E-28, + 1E-29, + }; + + static void test(BufferedImage rendImg, BufferedImage drawImg, double s) { + Graphics2D g = drawImg.createGraphics(); + g.transform(new AffineTransform(s, 0.0, -1.0, 1.0, 0.0, 0.0)); + g.drawImage(rendImg, + -rendImg.getWidth() / 2, + -rendImg.getHeight() / 2, + null); + g.drawImage(rendImg, 0, 0, null); + g.dispose(); + } + + public static void main(String[] args) { + BufferedImage rendImg = + new BufferedImage(100, 100, BufferedImage.TYPE_3BYTE_BGR); + BufferedImage drawImg = + new BufferedImage(100, 100, BufferedImage.TYPE_INT_ARGB); + for (double s: tinyscales) { + test(rendImg, drawImg, s); + for (int i = 0; args.length > 0 && i < 10; i++) { + test(rendImg, drawImg, Math.random()*s); + } + } + } +} From 7b37da872697a17aef6dae132e4277f9895eef2d Mon Sep 17 00:00:00 2001 From: Kumar Srinivasan Date: Thu, 3 Mar 2011 14:16:57 -0800 Subject: [PATCH 06/14] 7016985: (launcher) implement safe secure dll loading Reviewed-by: mchung --- jdk/src/windows/bin/java_md.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/jdk/src/windows/bin/java_md.c b/jdk/src/windows/bin/java_md.c index dfa50ac8af8..4353ec5a12f 100644 --- a/jdk/src/windows/bin/java_md.c +++ b/jdk/src/windows/bin/java_md.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -1212,11 +1212,22 @@ jclass FindBootStrapClass(JNIEnv *env, const char *classname) return findBootClass(env, classname); } +typedef BOOL (WINAPI *pfn_SetDllDirectory)(LPCTSTR); + void InitLauncher(boolean javaw) { INITCOMMONCONTROLSEX icx; + // Launcher links with kernel32 + HMODULE hKernel32 = GetModuleHandle(TEXT("kernel32.dll")); + pfn_SetDllDirectory fn = (pfn_SetDllDirectory) GetProcAddress(hKernel32, + "SetDllDirectory"); + if (fn != NULL) { + // Exclude CWD from Dll search path + fn(""); + } + /* * Required for javaw mode MessageBox output as well as for * HotSpot -XX:+ShowMessageBoxOnError in java mode, an empty From e33b64329afefe0a96a86062839cf675c4ba7dff Mon Sep 17 00:00:00 2001 From: Chris Hegarty Date: Tue, 5 Apr 2011 14:49:03 +0100 Subject: [PATCH 07/14] 7033865: JDK: Add private API for secure/restrictive loading of system dlls Reviewed-by: alanb --- jdk/src/share/native/common/jdk_util.h | 1 + jdk/src/solaris/native/common/jdk_util_md.h | 26 +++++++++++++ jdk/src/windows/native/common/jdk_util_md.c | 24 +++++++++++- jdk/src/windows/native/common/jdk_util_md.h | 42 +++++++++++++++++++++ 4 files changed, 92 insertions(+), 1 deletion(-) create mode 100644 jdk/src/solaris/native/common/jdk_util_md.h create mode 100644 jdk/src/windows/native/common/jdk_util_md.h diff --git a/jdk/src/share/native/common/jdk_util.h b/jdk/src/share/native/common/jdk_util.h index 8c15a4dcc35..d64e51e658d 100644 --- a/jdk/src/share/native/common/jdk_util.h +++ b/jdk/src/share/native/common/jdk_util.h @@ -28,6 +28,7 @@ #include "jni.h" #include "jvm.h" +#include "jdk_util_md.h" #ifdef __cplusplus extern "C" { diff --git a/jdk/src/solaris/native/common/jdk_util_md.h b/jdk/src/solaris/native/common/jdk_util_md.h new file mode 100644 index 00000000000..6361fe01eba --- /dev/null +++ b/jdk/src/solaris/native/common/jdk_util_md.h @@ -0,0 +1,26 @@ +/* + * Copyright (c) 2011 Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Oracle designates this + * particular file as subject to the "Classpath" exception as provided + * by Oracle in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +// Currently, there are no unix specific functions defined. diff --git a/jdk/src/windows/native/common/jdk_util_md.c b/jdk/src/windows/native/common/jdk_util_md.c index 05c2193df12..65d20f55b3b 100644 --- a/jdk/src/windows/native/common/jdk_util_md.c +++ b/jdk/src/windows/native/common/jdk_util_md.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004, 2005, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2004, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -38,3 +38,25 @@ int JDK_InitJvmHandle() { void* JDK_FindJvmEntry(const char* name) { return (void*) GetProcAddress(jvm_handle, name); } + +JNIEXPORT HMODULE JDK_LoadSystemLibrary(const char* name) { + HMODULE handle = NULL; + char path[MAX_PATH]; + int ret; + + if (GetSystemDirectory(path, sizeof(path)) != 0) { + strcat(path, "\\"); + strcat(path, name); + handle = LoadLibrary(path); + } + + if (handle == NULL) { + if (GetWindowsDirectory(path, sizeof(path)) != 0) { + strcat(path, "\\"); + strcat(path, name); + handle = LoadLibrary(path); + } + } + return handle; +} + diff --git a/jdk/src/windows/native/common/jdk_util_md.h b/jdk/src/windows/native/common/jdk_util_md.h new file mode 100644 index 00000000000..0bb9149354f --- /dev/null +++ b/jdk/src/windows/native/common/jdk_util_md.h @@ -0,0 +1,42 @@ +/* + * Copyright (c) 2011 Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Oracle designates this + * particular file as subject to the "Classpath" exception as provided + * by Oracle in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + + +#ifndef JDK_UTIL_MD_H +#define JDK_UTIL_MD_H + +#include "jni.h" + +#ifdef __cplusplus +extern "C" { +#endif + +JNIEXPORT HMODULE JDK_LoadSystemLibrary(const char* name); + +#ifdef __cplusplus +} /* extern "C" */ +#endif /* __cplusplus */ + +#endif /* JDK_UTIL_MD_H */ From d9a3f235e27463901f5fcb3a7836ac5d2dbb2cd2 Mon Sep 17 00:00:00 2001 From: Kumar Srinivasan Date: Tue, 5 Apr 2011 16:19:37 -0700 Subject: [PATCH 08/14] 7032593: DLL_LOADING: Upgrade solution to 7016985 to reflect JDK7 solution Reviewed-by: mchung, asaha --- jdk/src/windows/bin/java_md.c | 13 +------------ 1 file changed, 1 insertion(+), 12 deletions(-) diff --git a/jdk/src/windows/bin/java_md.c b/jdk/src/windows/bin/java_md.c index 4353ec5a12f..dfa50ac8af8 100644 --- a/jdk/src/windows/bin/java_md.c +++ b/jdk/src/windows/bin/java_md.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2010, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -1212,22 +1212,11 @@ jclass FindBootStrapClass(JNIEnv *env, const char *classname) return findBootClass(env, classname); } -typedef BOOL (WINAPI *pfn_SetDllDirectory)(LPCTSTR); - void InitLauncher(boolean javaw) { INITCOMMONCONTROLSEX icx; - // Launcher links with kernel32 - HMODULE hKernel32 = GetModuleHandle(TEXT("kernel32.dll")); - pfn_SetDllDirectory fn = (pfn_SetDllDirectory) GetProcAddress(hKernel32, - "SetDllDirectory"); - if (fn != NULL) { - // Exclude CWD from Dll search path - fn(""); - } - /* * Required for javaw mode MessageBox output as well as for * HotSpot -XX:+ShowMessageBoxOnError in java mode, an empty From 060de5281240383dc75aebb993d87b55b9c65c79 Mon Sep 17 00:00:00 2001 From: Dmitry Cherepanov Date: Fri, 8 Apr 2011 16:44:14 +0400 Subject: [PATCH 09/14] 7003962: AWT: securely load DLLs and launch executables using fully qualified path Reviewed-by: art, bae, alanb --- .../native/sun/java2d/d3d/D3DPipelineManager.cpp | 2 +- .../windows/native/sun/java2d/opengl/OGLFuncs_md.h | 2 +- jdk/src/windows/native/sun/windows/DllUtil.cpp | 5 +++-- jdk/src/windows/native/sun/windows/DllUtil.h | 4 ++-- .../windows/native/sun/windows/ShellFolder2.cpp | 9 +++++---- jdk/src/windows/native/sun/windows/ThemeReader.cpp | 2 +- jdk/src/windows/native/sun/windows/awt_Mlib.cpp | 14 ++++++-------- .../windows/native/sun/windows/awt_TextArea.cpp | 2 +- .../windows/native/sun/windows/awt_TrayIcon.cpp | 2 +- .../native/sun/windows/awt_Win32GraphicsEnv.cpp | 2 +- jdk/src/windows/native/sun/windows/stdhdrs.h | 1 + 11 files changed, 23 insertions(+), 22 deletions(-) diff --git a/jdk/src/windows/native/sun/java2d/d3d/D3DPipelineManager.cpp b/jdk/src/windows/native/sun/java2d/d3d/D3DPipelineManager.cpp index a7da3f3b38c..0f884e83b5d 100644 --- a/jdk/src/windows/native/sun/java2d/d3d/D3DPipelineManager.cpp +++ b/jdk/src/windows/native/sun/java2d/d3d/D3DPipelineManager.cpp @@ -117,7 +117,7 @@ HRESULT D3DPipelineManager::InitD3D(void) { typedef IDirect3D9 * WINAPI FnDirect3DCreate9(UINT SDKVersion); - hLibD3D9 = ::LoadLibrary(TEXT("d3d9.dll")); + hLibD3D9 = JDK_LoadSystemLibrary("d3d9.dll"); if (hLibD3D9 == NULL) { J2dRlsTraceLn(J2D_TRACE_ERROR, "InitD3D: no d3d9.dll"); return E_FAIL; diff --git a/jdk/src/windows/native/sun/java2d/opengl/OGLFuncs_md.h b/jdk/src/windows/native/sun/java2d/opengl/OGLFuncs_md.h index df300e93150..9852f8f8094 100644 --- a/jdk/src/windows/native/sun/java2d/opengl/OGLFuncs_md.h +++ b/jdk/src/windows/native/sun/java2d/opengl/OGLFuncs_md.h @@ -60,7 +60,7 @@ typedef const char *(GLAPIENTRY *wglGetExtensionsStringARBType)(HDC hdc); #define OGL_LIB_IS_UNINITIALIZED() \ (OGL_LIB_HANDLE == 0) #define OGL_OPEN_LIB() \ - OGL_LIB_HANDLE = LoadLibrary(L"opengl32.dll") + OGL_LIB_HANDLE = JDK_LoadSystemLibrary("opengl32.dll") #define OGL_CLOSE_LIB() \ FreeLibrary(OGL_LIB_HANDLE) #define OGL_GET_PROC_ADDRESS(f) \ diff --git a/jdk/src/windows/native/sun/windows/DllUtil.cpp b/jdk/src/windows/native/sun/windows/DllUtil.cpp index 907f05dc5a9..c20ed209b21 100644 --- a/jdk/src/windows/native/sun/windows/DllUtil.cpp +++ b/jdk/src/windows/native/sun/windows/DllUtil.cpp @@ -25,6 +25,7 @@ #include "DllUtil.h" +#include // Disable warning about using this in the initializer list. #pragma warning( disable : 4355) @@ -40,7 +41,7 @@ DllUtil::~DllUtil() HMODULE DllUtil::GetModule() { if (!module) { - module = ::LoadLibrary(name); + module = JDK_LoadSystemLibrary(name); } return module; } @@ -60,7 +61,7 @@ DwmAPI & DwmAPI::GetInstance() } DwmAPI::DwmAPI() : - DllUtil(_T("DWMAPI.DLL")), + DllUtil("DWMAPI.DLL"), DwmIsCompositionEnabledFunction((DllUtil*)this, "DwmIsCompositionEnabled"), DwmGetWindowAttributeFunction((DllUtil*)this, "DwmGetWindowAttribute") { diff --git a/jdk/src/windows/native/sun/windows/DllUtil.h b/jdk/src/windows/native/sun/windows/DllUtil.h index e2892fc01f4..17ebae0de18 100644 --- a/jdk/src/windows/native/sun/windows/DllUtil.h +++ b/jdk/src/windows/native/sun/windows/DllUtil.h @@ -43,7 +43,7 @@ class DllUtil { FARPROC GetProcAddress(LPCSTR name); protected: - DllUtil(const TCHAR * name) : name(name), module(NULL) {} + DllUtil(const char * name) : name(name), module(NULL) {} virtual ~DllUtil(); HMODULE GetModule(); @@ -68,7 +68,7 @@ class DllUtil { }; private: - const TCHAR * const name; + const char * const name; HMODULE module; }; diff --git a/jdk/src/windows/native/sun/windows/ShellFolder2.cpp b/jdk/src/windows/native/sun/windows/ShellFolder2.cpp index 80c445d6045..7a18213d879 100644 --- a/jdk/src/windows/native/sun/windows/ShellFolder2.cpp +++ b/jdk/src/windows/native/sun/windows/ShellFolder2.cpp @@ -120,15 +120,15 @@ static BOOL initShellProcs() return TRUE; } // Load libraries - libShell32 = LoadLibrary(TEXT("shell32.dll")); + libShell32 = JDK_LoadSystemLibrary("shell32.dll"); if (libShell32 == NULL) { return FALSE; } - libUser32 = LoadLibrary(TEXT("user32.dll")); + libUser32 = JDK_LoadSystemLibrary("user32.dll"); if (libUser32 == NULL) { return FALSE; } - libComCtl32 = LoadLibrary(TEXT("comctl32.dll")); + libComCtl32 = JDK_LoadSystemLibrary("comctl32.dll"); if (libComCtl32 == NULL) { return FALSE; } @@ -1021,7 +1021,8 @@ JNIEXPORT jlong JNICALL Java_sun_awt_shell_Win32ShellFolder2_getIconResource (JNIEnv* env, jclass cls, jstring libName, jint iconID, jint cxDesired, jint cyDesired, jboolean useVGAColors) { - HINSTANCE libHandle = LoadLibrary(JNU_GetStringPlatformChars(env, libName, NULL)); + const char *pLibName = env->GetStringUTFChars(libName, NULL); + HINSTANCE libHandle = (HINSTANCE)JDK_LoadSystemLibrary(pLibName); if (libHandle != NULL) { UINT fuLoad = (useVGAColors && !IS_WINXP) ? LR_VGACOLOR : 0; return ptr_to_jlong(LoadImage(libHandle, MAKEINTRESOURCE(iconID), diff --git a/jdk/src/windows/native/sun/windows/ThemeReader.cpp b/jdk/src/windows/native/sun/windows/ThemeReader.cpp index ff683dcbf65..be5ae611074 100644 --- a/jdk/src/windows/native/sun/windows/ThemeReader.cpp +++ b/jdk/src/windows/native/sun/windows/ThemeReader.cpp @@ -150,7 +150,7 @@ static PFNGETTHEMETRANSITIONDURATION GetThemeTransitionDuration = NULL; BOOL InitThemes() { static HMODULE hModThemes = NULL; - hModThemes = LoadLibrary(TEXT("UXTHEME.DLL")); + hModThemes = JDK_LoadSystemLibrary("UXTHEME.DLL"); DTRACE_PRINTLN1("InitThemes hModThemes = %x\n", hModThemes); if(hModThemes) { DTRACE_PRINTLN("Loaded UxTheme.dll\n"); diff --git a/jdk/src/windows/native/sun/windows/awt_Mlib.cpp b/jdk/src/windows/native/sun/windows/awt_Mlib.cpp index 03eda215a0e..022ebd0419a 100644 --- a/jdk/src/windows/native/sun/windows/awt_Mlib.cpp +++ b/jdk/src/windows/native/sun/windows/awt_Mlib.cpp @@ -43,12 +43,13 @@ extern "C" mlibSysFnS_t tempSysFns; mlib_status ret = MLIB_SUCCESS; - /* Try to load library. Routine should find the library successfully - * because this library is already loaded to the process space by - * the System.loadLibrary() call. Here we just need to get handle to - * initialize the pointers to required mlib routines. + /* Try to receive handle for the library. Routine should find + * the library successfully because this library is already + * loaded to the process space by the System.loadLibrary() call. + * Here we just need to get handle to initialize the pointers to + * required mlib routines. */ - hDLL = ::LoadLibrary(TEXT("mlib_image.dll")); + hDLL = ::GetModuleHandle(TEXT("mlib_image.dll")); if (hDLL == NULL) { return MLIB_FAILURE; @@ -94,9 +95,6 @@ extern "C" i++; } - if (ret != MLIB_SUCCESS) { - ::FreeLibrary(hDLL); - } return ret; } diff --git a/jdk/src/windows/native/sun/windows/awt_TextArea.cpp b/jdk/src/windows/native/sun/windows/awt_TextArea.cpp index 350efdd91b1..16d36ad4480 100644 --- a/jdk/src/windows/native/sun/windows/awt_TextArea.cpp +++ b/jdk/src/windows/native/sun/windows/awt_TextArea.cpp @@ -77,7 +77,7 @@ void AwtTextArea::Dispose() LPCTSTR AwtTextArea::GetClassName() { static BOOL richedLibraryLoaded = FALSE; if (!richedLibraryLoaded) { - ::LoadLibrary(TEXT("RICHED20.DLL")); + JDK_LoadSystemLibrary("RICHED20.DLL"); richedLibraryLoaded = TRUE; } return RICHEDIT_CLASS; diff --git a/jdk/src/windows/native/sun/windows/awt_TrayIcon.cpp b/jdk/src/windows/native/sun/windows/awt_TrayIcon.cpp index e43c8130405..354dba91f94 100644 --- a/jdk/src/windows/native/sun/windows/awt_TrayIcon.cpp +++ b/jdk/src/windows/native/sun/windows/awt_TrayIcon.cpp @@ -185,7 +185,7 @@ void AwtTrayIcon::InitNID(UINT uID) int shellVersion = 5; // WIN_2000 // MSDN: DllGetVersion should not be implicitly called, but rather // loaded using GetProcAddress - HMODULE hShell = LoadLibrary(TEXT("Shell32.dll")); + HMODULE hShell = JDK_LoadSystemLibrary("Shell32.dll"); if (hShell != NULL) { DLLGETVERSIONPROC proc = (DLLGETVERSIONPROC)GetProcAddress(hShell, "DllGetVersion"); if (proc != NULL) { diff --git a/jdk/src/windows/native/sun/windows/awt_Win32GraphicsEnv.cpp b/jdk/src/windows/native/sun/windows/awt_Win32GraphicsEnv.cpp index efe485230a7..7a7939a7026 100644 --- a/jdk/src/windows/native/sun/windows/awt_Win32GraphicsEnv.cpp +++ b/jdk/src/windows/native/sun/windows/awt_Win32GraphicsEnv.cpp @@ -63,7 +63,7 @@ SetProcessDPIAwareProperty() bAlreadySet = TRUE; - HMODULE hLibUser32Dll = ::LoadLibrary(TEXT("user32.dll")); + HMODULE hLibUser32Dll = JDK_LoadSystemLibrary("user32.dll"); if (hLibUser32Dll != NULL) { SetProcessDPIAwareFunc *lpSetProcessDPIAware = diff --git a/jdk/src/windows/native/sun/windows/stdhdrs.h b/jdk/src/windows/native/sun/windows/stdhdrs.h index 68420470436..21aaaeb2b18 100644 --- a/jdk/src/windows/native/sun/windows/stdhdrs.h +++ b/jdk/src/windows/native/sun/windows/stdhdrs.h @@ -47,6 +47,7 @@ extern "C" { // standard Java headers #include #include +#include } // extern "C" From 2049b7016eceeff777660ba39d36c04cf0b87675 Mon Sep 17 00:00:00 2001 From: Dmitry Cherepanov Date: Fri, 8 Apr 2011 17:58:18 +0400 Subject: [PATCH 10/14] 7035077: Minor addition to the changes for 7003962 Reviewed-by: chegar --- jdk/src/windows/native/sun/windows/DllUtil.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/jdk/src/windows/native/sun/windows/DllUtil.cpp b/jdk/src/windows/native/sun/windows/DllUtil.cpp index c20ed209b21..7c6d00af0bf 100644 --- a/jdk/src/windows/native/sun/windows/DllUtil.cpp +++ b/jdk/src/windows/native/sun/windows/DllUtil.cpp @@ -25,7 +25,7 @@ #include "DllUtil.h" -#include +#include // Disable warning about using this in the initializer list. #pragma warning( disable : 4355) From ee231d325a54544ae960246ba7020071ad1679a3 Mon Sep 17 00:00:00 2001 From: Dmitry Cherepanov Date: Fri, 15 Apr 2011 17:06:21 +0400 Subject: [PATCH 11/14] 7036952: build warning after the changes for 7003962 Reviewed-by: art, bae --- jdk/src/windows/native/sun/java2d/opengl/OGLFuncs_md.h | 1 + 1 file changed, 1 insertion(+) diff --git a/jdk/src/windows/native/sun/java2d/opengl/OGLFuncs_md.h b/jdk/src/windows/native/sun/java2d/opengl/OGLFuncs_md.h index 9852f8f8094..cfeb81bf9ed 100644 --- a/jdk/src/windows/native/sun/java2d/opengl/OGLFuncs_md.h +++ b/jdk/src/windows/native/sun/java2d/opengl/OGLFuncs_md.h @@ -29,6 +29,7 @@ #include #include "J2D_GL/wglext.h" #include "OGLFuncMacros.h" +#include /** * Core WGL functions From 6c5cc4e2d9bd226c1cc392e750e8b949f325201d Mon Sep 17 00:00:00 2001 From: Zhengyu Gu Date: Fri, 15 Apr 2011 09:53:05 -0400 Subject: [PATCH 12/14] 7003964: SERV: securely load DLLs and launch executables using fully qualified path Linked in Windows libraries that are available on jdk7 supported platforms, and used GetModuleHandle instead of LoadLibrary for already loaded Dlls. Reviewed-by: dcubed, alanb --- jdk/make/com/sun/tools/attach/Makefile | 3 ++ .../tools/attach/WindowsAttachProvider.java | 16 ------- .../sun/tools/attach/WindowsAttachProvider.c | 42 ++----------------- .../sun/tools/attach/WindowsVirtualMachine.c | 23 ++++------ .../sun/tracing/dtrace/jvm_symbols_md.c | 2 +- jdk/src/windows/npt/npt_md.h | 2 +- 6 files changed, 18 insertions(+), 70 deletions(-) diff --git a/jdk/make/com/sun/tools/attach/Makefile b/jdk/make/com/sun/tools/attach/Makefile index 0fa41d9d9ca..1e450133451 100644 --- a/jdk/make/com/sun/tools/attach/Makefile +++ b/jdk/make/com/sun/tools/attach/Makefile @@ -48,6 +48,9 @@ include Exportedfiles.gmk ifeq ($(PLATFORM), solaris) OTHER_LDLIBS += -ldoor endif +ifeq ($(PLATFORM), windows) +EXTRA_LIBS += psapi.lib +endif vpath %.c $(PLATFORM_SRC)/native/sun/tools/attach diff --git a/jdk/src/windows/classes/sun/tools/attach/WindowsAttachProvider.java b/jdk/src/windows/classes/sun/tools/attach/WindowsAttachProvider.java index b915ab89534..cda6a73bc29 100644 --- a/jdk/src/windows/classes/sun/tools/attach/WindowsAttachProvider.java +++ b/jdk/src/windows/classes/sun/tools/attach/WindowsAttachProvider.java @@ -126,16 +126,6 @@ public class WindowsAttachProvider extends HotSpotAttachProvider { * of the process list. */ private List listJavaProcesses() { - // ensure that process status helper is loaded (psapi.dll) - if (!isProcessStatusHelperInitialized) { - synchronized (WindowsAttachProvider.class) { - if (!isProcessStatusHelperInitialized) { - initializeProcessStatusHelper(); - isProcessStatusHelperInitialized = true; - } - } - } - ArrayList list = new ArrayList(); @@ -172,12 +162,6 @@ public class WindowsAttachProvider extends HotSpotAttachProvider { return list; } - // indicates if psapi.dll has been initialized - private static volatile boolean isProcessStatusHelperInitialized; - - // loads psapi - private static native void initializeProcessStatusHelper(); - // enumerates processes using psapi's EnumProcesses private static native int enumProcesses(int[] processes, int max); diff --git a/jdk/src/windows/native/sun/tools/attach/WindowsAttachProvider.c b/jdk/src/windows/native/sun/tools/attach/WindowsAttachProvider.c index 8ddccd7ce21..bbd6f400a24 100644 --- a/jdk/src/windows/native/sun/tools/attach/WindowsAttachProvider.c +++ b/jdk/src/windows/native/sun/tools/attach/WindowsAttachProvider.c @@ -25,6 +25,7 @@ #include #include #include +#include #include "jni.h" #include "jni_util.h" @@ -96,41 +97,6 @@ Java_sun_tools_attach_WindowsAttachProvider_volumeFlags(JNIEnv *env, jclass cls, } -/* - * Process status helper library functions - */ -static BOOL (WINAPI *_EnumProcesses) (DWORD *, DWORD, DWORD *); -static BOOL (WINAPI *_EnumProcessModules)(HANDLE, HMODULE *, DWORD, LPDWORD); -static DWORD (WINAPI *_GetModuleBaseName) (HANDLE, HMODULE, LPTSTR, DWORD); - - -/* - * Class: sun_tools_attach_WindowsAttachProvider - * Method: initializeProcessStatusHelper - * Signature: ()V - */ -JNIEXPORT void JNICALL -Java_sun_tools_attach_WindowsAttachProvider_initializeProcessStatusHelper(JNIEnv *env, jclass cls) -{ - HINSTANCE psapi = LoadLibrary("PSAPI.DLL") ; - if (psapi != NULL) { - _EnumProcesses = (BOOL(WINAPI *)(DWORD *, DWORD, DWORD *)) - GetProcAddress(psapi, "EnumProcesses") ; - _EnumProcessModules = (BOOL(WINAPI *)(HANDLE, HMODULE *, DWORD, LPDWORD)) - GetProcAddress(psapi, "EnumProcessModules"); - _GetModuleBaseName = (DWORD(WINAPI *)(HANDLE, HMODULE, LPTSTR, DWORD)) - GetProcAddress(psapi, "GetModuleBaseNameA"); - } - - if ((_EnumProcesses == NULL) || - (_EnumProcessModules == NULL) || - (_GetModuleBaseName == NULL)) - { - JNU_ThrowInternalError(env, "Unable to initialize process status helper library"); - } -} - - /* * Class: sun_tools_attach_WindowsAttachProvider * Method: enumProcesses @@ -147,7 +113,7 @@ Java_sun_tools_attach_WindowsAttachProvider_enumProcesses(JNIEnv *env, jclass cl size = max * sizeof(DWORD); ptr = (DWORD*)malloc(size); if (ptr != NULL) { - BOOL res = (*_EnumProcesses)(ptr, size, &bytesReturned); + BOOL res = EnumProcesses(ptr, size, &bytesReturned); if (res != 0) { result = (jint)(bytesReturned / sizeof(DWORD)); (*env)->SetIntArrayRegion(env, arr, 0, (jsize)result, (jint*)ptr); @@ -192,13 +158,13 @@ Java_sun_tools_attach_WindowsAttachProvider_isLibraryLoadedByProcess(JNIEnv *env size = 1024 * sizeof(HMODULE); ptr = (HMODULE*)malloc(size); if (ptr != NULL) { - BOOL res = (*_EnumProcessModules)(hProcess, ptr, size, &bytesReturned); + BOOL res = EnumProcessModules(hProcess, ptr, size, &bytesReturned); if (res != 0) { int count = bytesReturned / sizeof(HMODULE); int i = 0; while (i < count) { char base[256]; - BOOL res = (*_GetModuleBaseName)(hProcess, ptr[i], base, sizeof(base)); + BOOL res = GetModuleBaseName(hProcess, ptr[i], base, sizeof(base)); if (res != 0) { if (strcmp(base, lib) == 0) { result = JNI_TRUE; diff --git a/jdk/src/windows/native/sun/tools/attach/WindowsVirtualMachine.c b/jdk/src/windows/native/sun/tools/attach/WindowsVirtualMachine.c index 6086ddf30f0..a956730d8ca 100644 --- a/jdk/src/windows/native/sun/tools/attach/WindowsVirtualMachine.c +++ b/jdk/src/windows/native/sun/tools/attach/WindowsVirtualMachine.c @@ -32,13 +32,13 @@ /* kernel32 */ -typedef HINSTANCE (WINAPI* LoadLibraryFunc) (LPCTSTR); +typedef HINSTANCE (WINAPI* GetModuleHandleFunc) (LPCTSTR); typedef FARPROC (WINAPI* GetProcAddressFunc)(HMODULE, LPCSTR); /* only on Windows 64-bit or 32-bit application running under WOW64 */ typedef BOOL (WINAPI *IsWow64ProcessFunc) (HANDLE, PBOOL); -static LoadLibraryFunc _LoadLibrary; +static GetModuleHandleFunc _GetModuleHandle; static GetProcAddressFunc _GetProcAddress; static IsWow64ProcessFunc _IsWow64Process; @@ -70,7 +70,7 @@ static void jstring_to_cstring(JNIEnv* env, jstring jstr, char* cstr, int len); #define MAX_PIPE_NAME_LENGTH 256 typedef struct { - LoadLibraryFunc _LoadLibrary; + GetModuleHandleFunc _GetModuleHandle; GetProcAddressFunc _GetProcAddress; char jvmLib[MAX_LIBNAME_LENGTH]; /* "jvm.dll" */ char func1[MAX_FUNC_LENGTH]; @@ -96,7 +96,7 @@ static DWORD WINAPI thread_func(DataBlock *pData) HINSTANCE h; EnqueueOperationFunc addr; - h = pData->_LoadLibrary(pData->jvmLib); + h = pData->_GetModuleHandle(pData->jvmLib); if (h == NULL) { return ERR_OPEN_JVM_FAIL; } @@ -131,15 +131,10 @@ static void thread_end (void) { JNIEXPORT void JNICALL Java_sun_tools_attach_WindowsVirtualMachine_init (JNIEnv *env, jclass cls) { - HINSTANCE h = LoadLibrary("kernel32"); - if (h != NULL) { - _LoadLibrary = (LoadLibraryFunc) GetProcAddress(h, "LoadLibraryA"); - _GetProcAddress = (GetProcAddressFunc)GetProcAddress(h, "GetProcAddress"); - _IsWow64Process = (IsWow64ProcessFunc)GetProcAddress(h, "IsWow64Process"); - } - if (_LoadLibrary == NULL || _GetProcAddress == NULL) { - JNU_ThrowInternalError(env, "Unable to get address of LoadLibraryA or GetProcAddress"); - } + // All following APIs exist on Windows XP with SP2/Windows Server 2008 + _GetModuleHandle = (GetModuleHandleFunc)GetModuleHandle; + _GetProcAddress = (GetProcAddressFunc)GetProcAddress; + _IsWow64Process = (IsWow64ProcessFunc)IsWow64Process; } @@ -375,7 +370,7 @@ JNIEXPORT void JNICALL Java_sun_tools_attach_WindowsVirtualMachine_enqueue /* * Setup data to copy to target process */ - data._LoadLibrary = _LoadLibrary; + data._GetModuleHandle = _GetModuleHandle; data._GetProcAddress = _GetProcAddress; strcpy(data.jvmLib, "jvm"); diff --git a/jdk/src/windows/native/sun/tracing/dtrace/jvm_symbols_md.c b/jdk/src/windows/native/sun/tracing/dtrace/jvm_symbols_md.c index f7ae46ecd8f..dd4d5d03fc8 100644 --- a/jdk/src/windows/native/sun/tracing/dtrace/jvm_symbols_md.c +++ b/jdk/src/windows/native/sun/tracing/dtrace/jvm_symbols_md.c @@ -35,7 +35,7 @@ JvmSymbols* lookupJvmSymbols() { JvmSymbols* syms = (JvmSymbols*)malloc(sizeof(JvmSymbols)); if (syms != NULL) { - HINSTANCE jvm = LoadLibrary("jvm.dll"); + HINSTANCE jvm = GetModuleHandle("jvm.dll"); if (jvm == NULL) { free(syms); return NULL; diff --git a/jdk/src/windows/npt/npt_md.h b/jdk/src/windows/npt/npt_md.h index 394a8dc3b5e..4cf2176db1c 100644 --- a/jdk/src/windows/npt/npt_md.h +++ b/jdk/src/windows/npt/npt_md.h @@ -47,7 +47,7 @@ _handle = NULL; \ *(pnpt) = NULL; \ buf[0] = 0; \ - jvm = LoadLibrary("jvm.dll"); \ + jvm = GetModuleHandle("jvm.dll"); \ if ( jvm == NULL ) NPT_ERROR("Cannot find jvm.dll"); \ GetModuleFileName(jvm, buf, FILENAME_MAX); \ lastSlash = strrchr(buf, '\\'); \ From b0c37f182fc8d3d6562920e129f3b63f95a9d9a8 Mon Sep 17 00:00:00 2001 From: Valerie Peng Date: Tue, 26 Apr 2011 15:59:51 -0700 Subject: [PATCH 13/14] 7003952: SEC: securely load DLLs and launch executables using fully qualified path Enforce full path when specifying library locations. Reviewed-by: wetmore, ohair --- jdk/make/sun/security/pkcs11/Makefile | 2 +- .../classes/sun/security/pkcs11/Config.java | 9 ++- .../classes/sun/security/pkcs11/Secmod.java | 15 +++-- .../native/sun/security/pkcs11/j2secmod.c | 11 ++-- .../sun/security/pkcs11/Provider/Absolute.cfg | 10 +++ .../security/pkcs11/Provider/Absolute.java | 63 +++++++++++++++++++ 6 files changed, 97 insertions(+), 13 deletions(-) create mode 100644 jdk/test/sun/security/pkcs11/Provider/Absolute.cfg create mode 100644 jdk/test/sun/security/pkcs11/Provider/Absolute.java diff --git a/jdk/make/sun/security/pkcs11/Makefile b/jdk/make/sun/security/pkcs11/Makefile index c7c33504f55..a63198f5fb4 100644 --- a/jdk/make/sun/security/pkcs11/Makefile +++ b/jdk/make/sun/security/pkcs11/Makefile @@ -147,7 +147,7 @@ OTHER_INCLUDES += \ # Rules # CLASSDESTDIR = $(TEMPDIR)/classes -JAVAHFLAGS += -classpath $(CLASSDESTDIR) +JAVAHFLAGS += -Xbootclasspath/p:$(CLASSDESTDIR) include $(BUILDDIR)/common/Mapfile-vers.gmk diff --git a/jdk/src/share/classes/sun/security/pkcs11/Config.java b/jdk/src/share/classes/sun/security/pkcs11/Config.java index 6506e40e966..46a0075c5b9 100644 --- a/jdk/src/share/classes/sun/security/pkcs11/Config.java +++ b/jdk/src/share/classes/sun/security/pkcs11/Config.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -653,6 +653,13 @@ final class Config { } } debug(keyword + ": " + lib); + + // Check to see if full path is specified to prevent the DLL + // preloading attack + if (!(new File(lib)).isAbsolute()) { + throw new ConfigurationException( + "Absolute path required for library value: " + lib); + } return lib; } diff --git a/jdk/src/share/classes/sun/security/pkcs11/Secmod.java b/jdk/src/share/classes/sun/security/pkcs11/Secmod.java index 20775444731..4f32e33d2a8 100644 --- a/jdk/src/share/classes/sun/security/pkcs11/Secmod.java +++ b/jdk/src/share/classes/sun/security/pkcs11/Secmod.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -236,7 +236,8 @@ public final class Secmod { throw new IllegalStateException(e); } if (modules == null) { - List modules = (List)nssGetModuleList(nssHandle); + List modules = (List)nssGetModuleList(nssHandle, + nssLibDir); this.modules = Collections.unmodifiableList(modules); } return modules; @@ -358,7 +359,7 @@ public final class Secmod { * A representation of one PKCS#11 slot in a PKCS#11 module. */ public static final class Module { - // name of the native library + // path of the native library final String libraryName; // descriptive name used by NSS final String commonName; @@ -371,8 +372,10 @@ public final class Secmod { // trust attributes. Used for the KEYSTORE and TRUSTANCHOR modules only private Map trust; - Module(String libraryName, String commonName, boolean fips, int slot) { + Module(String libraryDir, String libraryName, String commonName, + boolean fips, int slot) { ModuleType type; + if ((libraryName == null) || (libraryName.length() == 0)) { // must be softtoken libraryName = System.mapLibraryName(SOFTTOKEN_LIB_NAME); @@ -397,7 +400,7 @@ public final class Secmod { + "module: " + libraryName + ", " + commonName); } } - this.libraryName = libraryName; + this.libraryName = (new File(libraryDir, libraryName)).getPath(); this.commonName = commonName; this.slot = slot; this.type = type; @@ -752,6 +755,6 @@ public final class Secmod { private static native boolean nssInit(String functionName, long handle, String configDir); - private static native Object nssGetModuleList(long handle); + private static native Object nssGetModuleList(long handle, String libDir); } diff --git a/jdk/src/share/native/sun/security/pkcs11/j2secmod.c b/jdk/src/share/native/sun/security/pkcs11/j2secmod.c index 485df26595d..79ad8709e12 100644 --- a/jdk/src/share/native/sun/security/pkcs11/j2secmod.c +++ b/jdk/src/share/native/sun/security/pkcs11/j2secmod.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -74,7 +74,7 @@ JNIEXPORT jboolean JNICALL Java_sun_security_pkcs11_Secmod_nssInit } JNIEXPORT jobject JNICALL Java_sun_security_pkcs11_Secmod_nssGetModuleList - (JNIEnv *env, jclass thisClass, jlong jHandle) + (JNIEnv *env, jclass thisClass, jlong jHandle, jstring jLibDir) { FPTR_GetDBModuleList getModuleList = (FPTR_GetDBModuleList)findFunction(env, jHandle, "SECMOD_GetDefaultModuleList"); @@ -104,8 +104,8 @@ JNIEXPORT jobject JNICALL Java_sun_security_pkcs11_Secmod_nssGetModuleList jList = (*env)->NewObject(env, jListClass, jListConstructor); jModuleClass = (*env)->FindClass(env, "sun/security/pkcs11/Secmod$Module"); - jModuleConstructor = (*env)->GetMethodID - (env, jModuleClass, "", "(Ljava/lang/String;Ljava/lang/String;ZI)V"); + jModuleConstructor = (*env)->GetMethodID(env, jModuleClass, "", + "(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;ZI)V"); while (list != NULL) { module = list->module; @@ -124,7 +124,8 @@ JNIEXPORT jobject JNICALL Java_sun_security_pkcs11_Secmod_nssGetModuleList } jFIPS = module->isFIPS; for (i = 0; i < module->slotCount; i++ ) { - jModule = (*env)->NewObject(env, jModuleClass, jModuleConstructor, jDllName, jCommonName, jFIPS, i); + jModule = (*env)->NewObject(env, jModuleClass, jModuleConstructor, + jLibDir, jDllName, jCommonName, jFIPS, i); (*env)->CallVoidMethod(env, jList, jAdd, jModule); } list = list->next; diff --git a/jdk/test/sun/security/pkcs11/Provider/Absolute.cfg b/jdk/test/sun/security/pkcs11/Provider/Absolute.cfg new file mode 100644 index 00000000000..7b525dacd98 --- /dev/null +++ b/jdk/test/sun/security/pkcs11/Provider/Absolute.cfg @@ -0,0 +1,10 @@ +# +# Configuration file to allow the SunPKCS11 provider to utilize +# the Solaris Cryptographic Framework, if it is available +# + +name = Absolute + +description = SunPKCS11 using a relative path + +library = ./libpkcs11.so diff --git a/jdk/test/sun/security/pkcs11/Provider/Absolute.java b/jdk/test/sun/security/pkcs11/Provider/Absolute.java new file mode 100644 index 00000000000..e35f9c60c58 --- /dev/null +++ b/jdk/test/sun/security/pkcs11/Provider/Absolute.java @@ -0,0 +1,63 @@ +/* + * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ +/** + * @test + * @bug 7003952 + * @summary load DLLs and launch executables using fully qualified path + */ +import java.security.*; +import java.lang.reflect.*; +import sun.security.pkcs11.*; + +public class Absolute { + + public static void main(String[] args) throws Exception { + Constructor cons; + try { + Class clazz = Class.forName("sun.security.pkcs11.SunPKCS11"); + cons = clazz.getConstructor(new Class[] {String.class}); + } catch (Exception ex) { + System.out.println("Skipping test - no PKCS11 provider available"); + return; + } + + String config = + System.getProperty("test.src", ".") + "/Absolute.cfg"; + + try { + Object obj = cons.newInstance(new Object[] {config}); + } catch (InvocationTargetException ite) { + Throwable cause = ite.getCause(); + if (cause instanceof ProviderException) { + Throwable cause2 = cause.getCause(); + if ((cause2 == null) || + !cause2.getMessage().startsWith( + "Absolute path required for library value:")) { + // rethrow + throw (ProviderException) cause; + } + System.out.println("Caught expected Exception: \n" + cause2); + } + } + } +} From b2607ad0a10ab609edb2d3f39e8d40a5571c5a6c Mon Sep 17 00:00:00 2001 From: Alexander Potochkin Date: Wed, 4 May 2011 11:35:46 -0700 Subject: [PATCH 14/14] 7020198: ImageIcon creates Component with null acc Reviewed-by: rupashka, hawtin --- .../share/classes/javax/swing/ImageIcon.java | 42 +++++++++++++------ 1 file changed, 30 insertions(+), 12 deletions(-) diff --git a/jdk/src/share/classes/javax/swing/ImageIcon.java b/jdk/src/share/classes/javax/swing/ImageIcon.java index f9318abea41..b16a62fe6b3 100644 --- a/jdk/src/share/classes/javax/swing/ImageIcon.java +++ b/jdk/src/share/classes/javax/swing/ImageIcon.java @@ -40,8 +40,7 @@ import javax.accessibility.*; import sun.awt.AppContext; import java.lang.reflect.Field; -import java.security.PrivilegedAction; -import java.security.AccessController; +import java.security.*; /** * An implementation of the Icon interface that paints Icons @@ -81,32 +80,51 @@ public class ImageIcon implements Icon, Serializable, Accessible { ImageObserver imageObserver; String description = null; + // Fields for twisted backward compatibility only. DO NOT USE. protected final static Component component; protected final static MediaTracker tracker; static { - component = new Component() {}; - AccessController.doPrivileged(new PrivilegedAction() { - public Object run() { + component = AccessController.doPrivileged(new PrivilegedAction() { + public Component run() { try { + final Component component = createNoPermsComponent(); + // 6482575 - clear the appContext field so as not to leak it Field appContextField = - Component.class.getDeclaredField("appContext"); + + Component.class.getDeclaredField("appContext"); appContextField.setAccessible(true); appContextField.set(component, null); - } - catch (NoSuchFieldException e) { + + return component; + } catch (Throwable e) { + // We don't care about component. + // So don't prevent class initialisation. e.printStackTrace(); + return null; } - catch (IllegalAccessException e) { - e.printStackTrace(); - } - return null; } }); tracker = new MediaTracker(component); } + private static Component createNoPermsComponent() { + // 7020198 - set acc field to no permissions and no subject + // Note, will have appContext set. + return AccessController.doPrivileged( + new PrivilegedAction() { + public Component run() { + return new Component() { + }; + } + }, + new AccessControlContext(new ProtectionDomain[]{ + new ProtectionDomain(null, null) + }) + ); + } + /** * Id used in loading images from MediaTracker. */