From 68ef8f60358ff88311655c87781f71db7dc68bb1 Mon Sep 17 00:00:00 2001
From: Brian Burkhalter <bpb@openjdk.org>
Date: Thu, 12 Feb 2015 12:56:48 -0800
Subject: [PATCH] 8068373: (prefs) FileSystemPreferences writes \0 to XML
 storage, causing loss of all preferences

Disallow entries whose key or value contains the null control character '\u0000' from being stored in the preferences node.

Reviewed-by: psandoz, rriggs
---
 .../classes/java/util/prefs/Preferences.java  |  4 +-
 .../util/prefs/FileSystemPreferences.java     | 14 ++-
 .../util/prefs/CodePointZeroPrefsTest.java    | 89 +++++++++++++++++++
 3 files changed, 105 insertions(+), 2 deletions(-)
 create mode 100644 jdk/test/java/util/prefs/CodePointZeroPrefsTest.java

diff --git a/jdk/src/java.prefs/share/classes/java/util/prefs/Preferences.java b/jdk/src/java.prefs/share/classes/java/util/prefs/Preferences.java
index 3b7b47f30cf..beb0b0fa1a9 100644
--- a/jdk/src/java.prefs/share/classes/java/util/prefs/Preferences.java
+++ b/jdk/src/java.prefs/share/classes/java/util/prefs/Preferences.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -489,6 +489,8 @@ public abstract class Preferences {
      *       <tt>MAX_VALUE_LENGTH</tt>.
      * @throws IllegalStateException if this node (or an ancestor) has been
      *         removed with the {@link #removeNode()} method.
+     * @throws IllegalArgumentException if either the key or the value contain
+     *         the null control character, code point U+0000.
      */
     public abstract void put(String key, String value);
 
diff --git a/jdk/src/java.prefs/unix/classes/java/util/prefs/FileSystemPreferences.java b/jdk/src/java.prefs/unix/classes/java/util/prefs/FileSystemPreferences.java
index ebbca48a255..7bcd1d3ad24 100644
--- a/jdk/src/java.prefs/unix/classes/java/util/prefs/FileSystemPreferences.java
+++ b/jdk/src/java.prefs/unix/classes/java/util/prefs/FileSystemPreferences.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -49,6 +49,13 @@ import sun.util.logging.PlatformLogger;
  */
 class FileSystemPreferences extends AbstractPreferences {
 
+    /**
+     * The code point U+0000, assigned to the null control character, is the
+     * only character encoded in Unicode and ISO/IEC 10646 that is always
+     * invalid in any XML 1.0 and 1.1 document.
+     */
+    private static final String CODE_POINT_U0000 = String.valueOf('\u0000');
+
     static {
         PrivilegedAction<Void> load = () -> {
             System.loadLibrary("prefs");
@@ -525,6 +532,11 @@ class FileSystemPreferences extends AbstractPreferences {
     }
 
     protected void putSpi(String key, String value) {
+        if (key.indexOf(CODE_POINT_U0000) != -1) {
+            throw new IllegalArgumentException("Key contains code point U+0000");
+        } else if (value.indexOf(CODE_POINT_U0000) != -1) {
+            throw new IllegalArgumentException("Value contains code point U+0000");
+        }
         initCacheIfNecessary();
         changeLog.add(new Put(key, value));
         prefsCache.put(key, value);
diff --git a/jdk/test/java/util/prefs/CodePointZeroPrefsTest.java b/jdk/test/java/util/prefs/CodePointZeroPrefsTest.java
new file mode 100644
index 00000000000..8a63b86caf9
--- /dev/null
+++ b/jdk/test/java/util/prefs/CodePointZeroPrefsTest.java
@@ -0,0 +1,89 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+import java.lang.reflect.Constructor;
+import java.util.prefs.Preferences;
+import java.util.prefs.PreferencesFactory;
+
+/*
+ * @test
+ * @bug 8068373
+ * @summary Ensure writing a code point U+0000 null control character is detected.
+ */
+public class CodePointZeroPrefsTest
+{
+    public static void main(String[] args) throws Exception
+    {
+        int failures = 0;
+
+        // Deliberately reflect so you can reproduce it on any platform.
+        Constructor<? extends PreferencesFactory> constructor =
+            Class.forName("java.util.prefs.FileSystemPreferencesFactory").asSubclass(PreferencesFactory.class).getDeclaredConstructor();
+        constructor.setAccessible(true);
+        PreferencesFactory factory = constructor.newInstance();
+
+        Preferences node = factory.userRoot().node("com/acme/testing");
+
+        // legal key and value
+        try {
+            node.put("a", "1");
+        } catch (IllegalArgumentException iae) {
+            System.err.println("Unexpected IllegalArgumentException for legal key");
+            failures++;
+        }
+
+        // illegal key only
+        int numIAEs = 0;
+        try {
+            node.put("a\u0000b", "1");
+            System.err.println("IllegalArgumentException not thrown for illegal key");
+            failures++;
+        } catch (IllegalArgumentException iae) {
+            // do nothing
+        }
+
+        // illegal value only
+        numIAEs = 0;
+        try {
+            node.put("ab", "2\u00003");
+            System.err.println("IllegalArgumentException not thrown for illegal value");
+            failures++;
+        } catch (IllegalArgumentException iae) {
+            // do nothing
+        }
+
+        // illegal key and value
+        numIAEs = 0;
+        try {
+            node.put("a\u0000b", "2\u00003");
+            System.err.println("IllegalArgumentException not thrown for illegal entry");
+            failures++;
+        } catch (IllegalArgumentException iae) {
+            // do nothing
+        }
+
+        if (failures != 0) {
+            throw new RuntimeException("CodePointZeroPrefsTest failed with "
+                + failures + " errors!");
+        }
+    }
+}