8068373: (prefs) FileSystemPreferences writes \0 to XML storage, causing loss of all preferences

Disallow entries whose key or value contains the null control character '\u0000' from being stored in the preferences node.

Reviewed-by: psandoz, rriggs

jdk/src/java.prefs/share/classes/java/util/prefs/Preferences.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -489,6 +489,8 @@ public abstract class Preferences {
      *       <tt>MAX_VALUE_LENGTH</tt>.
      * @throws IllegalStateException if this node (or an ancestor) has been
      *         removed with the {@link #removeNode()} method.
+     * @throws IllegalArgumentException if either the key or the value contain
+     *         the null control character, code point U+0000.
      */
     public abstract void put(String key, String value);
 

jdk/src/java.prefs/unix/classes/java/util/prefs/FileSystemPreferences.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -49,6 +49,13 @@ import sun.util.logging.PlatformLogger;
  */
 class FileSystemPreferences extends AbstractPreferences {
 
+    /**
+     * The code point U+0000, assigned to the null control character, is the
+     * only character encoded in Unicode and ISO/IEC 10646 that is always
+     * invalid in any XML 1.0 and 1.1 document.
+     */
+    private static final String CODE_POINT_U0000 = String.valueOf('\u0000');
+
     static {
         PrivilegedAction<Void> load = () -> {
             System.loadLibrary("prefs");
@@ -525,6 +532,11 @@ class FileSystemPreferences extends AbstractPreferences {
     }
 
     protected void putSpi(String key, String value) {
+        if (key.indexOf(CODE_POINT_U0000) != -1) {
+            throw new IllegalArgumentException("Key contains code point U+0000");
+        } else if (value.indexOf(CODE_POINT_U0000) != -1) {
+            throw new IllegalArgumentException("Value contains code point U+0000");
+        }
         initCacheIfNecessary();
         changeLog.add(new Put(key, value));
         prefsCache.put(key, value);

jdk/test/java/util/prefs/CodePointZeroPrefsTest.java

@@ -0,0 +1,89 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+import java.lang.reflect.Constructor;
+import java.util.prefs.Preferences;
+import java.util.prefs.PreferencesFactory;
+
+/*
+ * @test
+ * @bug 8068373
+ * @summary Ensure writing a code point U+0000 null control character is detected.
+ */
+public class CodePointZeroPrefsTest
+{
+    public static void main(String[] args) throws Exception
+    {
+        int failures = 0;
+
+        // Deliberately reflect so you can reproduce it on any platform.
+        Constructor<? extends PreferencesFactory> constructor =
+            Class.forName("java.util.prefs.FileSystemPreferencesFactory").asSubclass(PreferencesFactory.class).getDeclaredConstructor();
+        constructor.setAccessible(true);
+        PreferencesFactory factory = constructor.newInstance();
+
+        Preferences node = factory.userRoot().node("com/acme/testing");
+
+        // legal key and value
+        try {
+            node.put("a", "1");
+        } catch (IllegalArgumentException iae) {
+            System.err.println("Unexpected IllegalArgumentException for legal key");
+            failures++;
+        }
+
+        // illegal key only
+        int numIAEs = 0;
+        try {
+            node.put("a\u0000b", "1");
+            System.err.println("IllegalArgumentException not thrown for illegal key");
+            failures++;
+        } catch (IllegalArgumentException iae) {
+            // do nothing
+        }
+
+        // illegal value only
+        numIAEs = 0;
+        try {
+            node.put("ab", "2\u00003");
+            System.err.println("IllegalArgumentException not thrown for illegal value");
+            failures++;
+        } catch (IllegalArgumentException iae) {
+            // do nothing
+        }
+
+        // illegal key and value
+        numIAEs = 0;
+        try {
+            node.put("a\u0000b", "2\u00003");
+            System.err.println("IllegalArgumentException not thrown for illegal entry");
+            failures++;
+        } catch (IllegalArgumentException iae) {
+            // do nothing
+        }
+
+        if (failures != 0) {
+            throw new RuntimeException("CodePointZeroPrefsTest failed with "
+                + failures + " errors!");
+        }
+    }
+}