stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge

Browse Source
This commit is contained in:
Alejandro Murillo 2016-07-21 17:14:44 +00:00
commit e6ef95a71b
3 changed files with 37 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
corba/src/java.corba/share/classes/com/sun/corba/se/impl/activation/ORBD.java
View File

@ -1,5 +1,4 @@
/* /*
*
* Copyright (c) 1997, 2004, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1997, 2004, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
@ -22,7 +21,6 @@
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any * or visit www.oracle.com if you need additional information or have any
* questions. * questions.
*
*/ */
package com.sun.corba.se.impl.activation; package com.sun.corba.se.impl.activation;

33
corba/src/java.corba/share/classes/com/sun/corba/se/impl/orbutil/ORBUtility.java
View File

@ -34,21 +34,13 @@ import java.security.PermissionCollection;
import java.security.Policy; import java.security.Policy;
import java.security.PrivilegedAction; import java.security.PrivilegedAction;
import java.security.ProtectionDomain; import java.security.ProtectionDomain;
import java.util.ArrayList; import java.security.PrivilegedActionException;
import java.util.Arrays; import java.security.PrivilegedExceptionAction;
import java.util.Map;
import java.util.List;
import java.util.ListIterator;
import java.util.Set;
import java.util.Map.Entry;
import java.util.Collection;
import java.util.HashMap; import java.util.HashMap;
import java.util.HashSet; import java.util.HashSet;
import java.util.Hashtable; import java.util.Hashtable;
import java.util.Iterator; import java.util.Iterator;
import java.util.Enumeration; import java.util.Enumeration;
import java.util.Properties;
import java.util.IdentityHashMap;
import java.util.StringTokenizer; import java.util.StringTokenizer;
import java.util.NoSuchElementException; import java.util.NoSuchElementException;
@ -165,8 +157,18 @@ public final class ORBUtility {
* Return default ValueHandler * Return default ValueHandler
*/ */
public static ValueHandler createValueHandler() { public static ValueHandler createValueHandler() {
ValueHandler vh;
try {
vh = AccessController.doPrivileged(new PrivilegedExceptionAction<ValueHandler>() {
public ValueHandler run() throws Exception {
return Util.createValueHandler(); return Util.createValueHandler();
} }
});
} catch (PrivilegedActionException e) {
throw new InternalError(e.getCause());
}
return vh;
}
/** /**
* Returns true if it was accurately determined that the remote ORB is * Returns true if it was accurately determined that the remote ORB is
@ -664,7 +666,16 @@ public final class ORBUtility {
* ValueHandler. * ValueHandler.
*/ */
public static byte getMaxStreamFormatVersion() { public static byte getMaxStreamFormatVersion() {
ValueHandler vh = Util.createValueHandler(); ValueHandler vh;
try {
vh = AccessController.doPrivileged(new PrivilegedExceptionAction<ValueHandler>() {
public ValueHandler run() throws Exception {
return Util.createValueHandler();
}
});
} catch (PrivilegedActionException e) {
throw new InternalError(e.getCause());
}
if (!(vh instanceof javax.rmi.CORBA.ValueHandlerMultiFormat)) if (!(vh instanceof javax.rmi.CORBA.ValueHandlerMultiFormat))
return ORBConstants.STREAM_FORMAT_VERSION_1; return ORBConstants.STREAM_FORMAT_VERSION_1;

17
corba/src/java.corba/share/classes/javax/rmi/CORBA/Util.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1998, 2015, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1998, 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -45,6 +45,7 @@ import javax.rmi.CORBA.Tie;
import java.rmi.Remote; import java.rmi.Remote;
import java.io.File; import java.io.File;
import java.io.FileInputStream; import java.io.FileInputStream;
import java.io.SerializablePermission;
import java.net.MalformedURLException ; import java.net.MalformedURLException ;
import java.security.AccessController; import java.security.AccessController;
import java.security.PrivilegedAction; import java.security.PrivilegedAction;
@ -195,6 +196,8 @@ public class Util {
*/ */
public static ValueHandler createValueHandler() { public static ValueHandler createValueHandler() {
isCustomSerializationPermitted();
if (utilDelegate != null) { if (utilDelegate != null) {
return utilDelegate.createValueHandler(); return utilDelegate.createValueHandler();
} }
@ -337,6 +340,7 @@ public class Util {
// security reasons. If you know a better solution how to share this code // security reasons. If you know a better solution how to share this code
// then remove it from PortableRemoteObject. Also in Stub.java // then remove it from PortableRemoteObject. Also in Stub.java
private static Object createDelegate(String classKey) { private static Object createDelegate(String classKey) {
String className = (String) String className = (String)
AccessController.doPrivileged(new GetPropertyAction(classKey)); AccessController.doPrivileged(new GetPropertyAction(classKey));
if (className == null) { if (className == null) {
@ -345,7 +349,6 @@ public class Util {
className = props.getProperty(classKey); className = props.getProperty(classKey);
} }
} }
if (className == null) { if (className == null) {
return new com.sun.corba.se.impl.javax.rmi.CORBA.Util(); return new com.sun.corba.se.impl.javax.rmi.CORBA.Util();
} }
@ -389,4 +392,14 @@ public class Util {
new GetORBPropertiesFileAction()); new GetORBPropertiesFileAction());
} }
private static void isCustomSerializationPermitted() {
SecurityManager sm = System.getSecurityManager();
if ( sm != null) {
// check that a serialization permission has been
// set to allow the loading of the Util delegate
// which provides access to custom ValueHandler
sm.checkPermission(new SerializablePermission(
"enableCustomValueHandler"));
}
}
} }