stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

8079718: IIOP Input Stream Hooking

Browse Source 
Reviewed-by: rriggs, ahgross, coffeys, skoivu
This commit is contained in:
Mark Sheppard 2016-01-25 22:32:25 +00:00
parent 378ab9dd25
commit e8619ccfa0
2 changed files with 37 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
corba/src/java.corba/share/classes/com/sun/corba/se/impl/orbutil/ORBUtility.java
View File

@ -34,21 +34,13 @@ import java.security.PermissionCollection;
import java.security.Policy;
import java.security.PrivilegedAction;
import java.security.ProtectionDomain;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Map;
import java.util.List;
import java.util.ListIterator;
import java.util.Set;
import java.util.Map.Entry;
import java.util.Collection;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Enumeration;
import java.util.Properties;
import java.util.IdentityHashMap;
import java.util.StringTokenizer;
import java.util.NoSuchElementException;
@ -165,8 +157,18 @@ public final class ORBUtility {
* Return default ValueHandler
*/
public static ValueHandler createValueHandler() {
ValueHandler vh;
try {
vh = AccessController.doPrivileged(new PrivilegedExceptionAction<ValueHandler>() {
public ValueHandler run() throws Exception {
return Util.createValueHandler();
}
});
} catch (PrivilegedActionException e) {
throw new InternalError(e.getCause());
}
return vh;
}
/**
* Returns true if it was accurately determined that the remote ORB is
@ -664,7 +666,16 @@ public final class ORBUtility {
* ValueHandler.
*/
public static byte getMaxStreamFormatVersion() {
ValueHandler vh = Util.createValueHandler();
ValueHandler vh;
try {
vh = AccessController.doPrivileged(new PrivilegedExceptionAction<ValueHandler>() {
public ValueHandler run() throws Exception {
return Util.createValueHandler();
}
});
} catch (PrivilegedActionException e) {
throw new InternalError(e.getCause());
}
if (!(vh instanceof javax.rmi.CORBA.ValueHandlerMultiFormat))
return ORBConstants.STREAM_FORMAT_VERSION_1;

17
corba/src/java.corba/share/classes/javax/rmi/CORBA/Util.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1998, 2015, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1998, 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -45,6 +45,7 @@ import javax.rmi.CORBA.Tie;
import java.rmi.Remote;
import java.io.File;
import java.io.FileInputStream;
import java.io.SerializablePermission;
import java.net.MalformedURLException ;
import java.security.AccessController;
import java.security.PrivilegedAction;
@ -195,6 +196,8 @@ public class Util {
*/
public static ValueHandler createValueHandler() {
isCustomSerializationPermitted();
if (utilDelegate != null) {
return utilDelegate.createValueHandler();
}
@ -337,6 +340,7 @@ public class Util {
// security reasons. If you know a better solution how to share this code
// then remove it from PortableRemoteObject. Also in Stub.java
private static Object createDelegate(String classKey) {
String className = (String)
AccessController.doPrivileged(new GetPropertyAction(classKey));
if (className == null) {
@ -345,7 +349,6 @@ public class Util {
className = props.getProperty(classKey);
}
}
if (className == null) {
return new com.sun.corba.se.impl.javax.rmi.CORBA.Util();
}
@ -389,4 +392,14 @@ public class Util {
new GetORBPropertiesFileAction());
}
private static void isCustomSerializationPermitted() {
SecurityManager sm = System.getSecurityManager();
if ( sm != null) {
// check that a serialization permission has been
// set to allow the loading of the Util delegate
// which provides access to custom ValueHandler
sm.checkPermission(new SerializablePermission(
"enableCustomValueHandler"));
}
}
}