changeset 1645:1b40ae740b78 jdk8u162-b02

Merge
author asaha
date Wed, 04 Oct 2017 14:20:50 -0700
parents 03791220212b 819ee87a39ab
children b28af4ff80a9
files .hgtags
diffstat 3 files changed, 138 insertions(+), 7 deletions(-) [+]
line wrap: on
line diff
--- a/.hgtags	Tue Oct 03 18:40:24 2017 -0700
+++ b/.hgtags	Wed Oct 04 14:20:50 2017 -0700
@@ -745,6 +745,19 @@
 4f242f33e89a7900f2fcdcd9402058b6d01f340c jdk8u141-b15
 77461a27d91fcb53106e6b3234468bff4d0eec9e jdk8u144-b00
 0d5d2e29f93b01ffa4998c2e3a61d2e6eaa96b1b jdk8u144-b01
+2dbdceff6ade82aa9942cdea6b62d5655d65183c jdk8u151-b00
+4449c73dbfdf2e32889e3ce769bd4160daa48b71 jdk8u151-b01
+ffa099d5b88ff14cea677d2afa4229354e9404d0 jdk8u151-b02
+a6814326f989837019ff7dd0d9b0e57065499bc5 jdk8u151-b03
+cefb3694f8565e1f23ff3231fd21523f52161a95 jdk8u151-b04
+8977426affc02fdf74b1163865059ec86ddccb61 jdk8u151-b05
+3289ad7e88f3aa38fdaa4910e9eeed5e1e5430b1 jdk8u151-b06
+d41040488bbb511d64c6c2533d642e52675edfde jdk8u151-b07
+5d079476bf24cb8143473d2a0880e0b2e032b1eb jdk8u151-b08
+c5f095a1df38d9be119adcab5bbd7e4365e21871 jdk8u151-b09
+05a4bb70c2d84442e505b40e2059399da3f65633 jdk8u151-b10
+ea10de07bc171c8cf89f2acbc4a1288d4dc0f2d6 jdk8u151-b11
+87aaf4f5274e047cd1e0822a6b57dafcb987544b jdk8u151-b12
 58d0ffe75dc5597310d422e214dc077476bd2338 jdk8u122-b00
 a87b06da783bb5a11f7857220789979129e39e7c jdk8u122-b01
 8684348ae5eb6f895d19e4752dea567642dbcec4 jdk8u122-b02
@@ -761,5 +774,16 @@
 d36e9c6f195c5604626f7c836c17826960ca2a11 jdk8u152-b03
 4f94cc55256028ab54390abe212959c241b0670f jdk8u152-b04
 2917e61cfadab474625d19fb7775ccdec5584738 jdk8u152-b05
+bc6e4d3f7a20c34dcdccc1be17792188ccdcb917 jdk8u152-b06
+87992ac3484c6c2ae5cad4ad14701a03a9ec963c jdk8u152-b07
+1f7bbfb8b2632ac610c3a0d7d944ff0a3967469a jdk8u152-b08
+a9e83644bd11b5da49bb4424eed9c5a34003085c jdk8u152-b09
+3c302cc47b26715fb9ae863a477d6d0366feb713 jdk8u152-b10
+56a5346ca6448c188eb09de3856cbadf1532ffc4 jdk8u152-b11
+122a325c8bea6d8f49126ddc1644803d213197ae jdk8u152-b12
+f33390314a7d9311dc9474106ad6e66d71751e6d jdk8u152-b13
+2b4802994bf5a4a634258c9ff06d3da474130f8b jdk8u152-b14
+f89071fbde60b327d6940a34fcdeed96b6440dd2 jdk8u152-b15
+674aecf3d87ae774e2026a1cb2a60eaa651bc7c2 jdk8u152-b16
 1160ad38fc7495c01c25421ae89689232481eb6b jdk8u162-b00
 86b1cd17fde74427ac4b9312cc56bafc57b32fb4 jdk8u162-b01
--- a/THIRD_PARTY_README	Tue Oct 03 18:40:24 2017 -0700
+++ b/THIRD_PARTY_README	Wed Oct 04 14:20:50 2017 -0700
@@ -2808,12 +2808,12 @@
 
 -------------------------------------------------------------------------------
 
-%% This notice is provided with respect to zlib v1.2.8, which may be included 
+%% This notice is provided with respect to zlib v1.2.11, which may be included 
 with JRE 8, JDK 8, and OpenJDK 8.
 
 --- begin of LICENSE ---
 
-  version 1.2.8, April 28th, 2013
+  version 1.2.11, January 15th, 2017
 
   Copyright (C) 1995-2017 Jean-loup Gailly and Mark Adler
 
--- a/src/share/classes/com/sun/corba/se/impl/io/ObjectStreamClass.java	Tue Oct 03 18:40:24 2017 -0700
+++ b/src/share/classes/com/sun/corba/se/impl/io/ObjectStreamClass.java	Wed Oct 04 14:20:50 2017 -0700
@@ -31,13 +31,17 @@
 
 package com.sun.corba.se.impl.io;
 
+import java.security.AccessControlContext;
+import java.security.AccessController;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.security.DigestOutputStream;
-import java.security.AccessController;
+import java.security.PermissionCollection;
+import java.security.Permissions;
 import java.security.PrivilegedExceptionAction;
 import java.security.PrivilegedActionException;
 import java.security.PrivilegedAction;
+import java.security.ProtectionDomain;
 
 import java.lang.reflect.Modifier;
 import java.lang.reflect.Array;
@@ -47,6 +51,7 @@
 import java.lang.reflect.Constructor;
 import java.lang.reflect.Proxy;
 import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.UndeclaredThrowableException;
 
 import java.io.IOException;
 import java.io.DataOutputStream;
@@ -57,6 +62,11 @@
 
 import java.util.Arrays;
 import java.util.Comparator;
+import java.util.HashSet;
+import java.util.Set;
+
+import sun.misc.JavaSecurityAccess;
+import sun.misc.SharedSecrets;
 
 import com.sun.corba.se.impl.util.RepositoryId;
 
@@ -418,6 +428,65 @@
     private static final PersistentFieldsValue persistentFieldsValue =
         new PersistentFieldsValue();
 
+    /**
+     * Creates a PermissionDomain that grants no permission.
+     */
+    private ProtectionDomain noPermissionsDomain() {
+        PermissionCollection perms = new Permissions();
+        perms.setReadOnly();
+        return new ProtectionDomain(null, perms);
+    }
+
+    /**
+     * Aggregate the ProtectionDomains of all the classes that separate
+     * a concrete class {@code cl} from its ancestor's class declaring
+     * a constructor {@code cons}.
+     *
+     * If {@code cl} is defined by the boot loader, or the constructor
+     * {@code cons} is declared by {@code cl}, or if there is no security
+     * manager, then this method does nothing and {@code null} is returned.
+     *
+     * @param cons A constructor declared by {@code cl} or one of its
+     *             ancestors.
+     * @param cl A concrete class, which is either the class declaring
+     *           the constructor {@code cons}, or a serializable subclass
+     *           of that class.
+     * @return An array of ProtectionDomain representing the set of
+     *         ProtectionDomain that separate the concrete class {@code cl}
+     *         from its ancestor's declaring {@code cons}, or {@code null}.
+     */
+    private ProtectionDomain[] getProtectionDomains(Constructor<?> cons,
+                                                    Class<?> cl) {
+        ProtectionDomain[] domains = null;
+        if (cons != null && cl.getClassLoader() != null
+                && System.getSecurityManager() != null) {
+            Class<?> cls = cl;
+            Class<?> fnscl = cons.getDeclaringClass();
+            Set<ProtectionDomain> pds = null;
+            while (cls != fnscl) {
+                ProtectionDomain pd = cls.getProtectionDomain();
+                if (pd != null) {
+                    if (pds == null) pds = new HashSet<>();
+                    pds.add(pd);
+                }
+                cls = cls.getSuperclass();
+                if (cls == null) {
+                    // that's not supposed to happen
+                    // make a ProtectionDomain with no permission.
+                    // should we throw instead?
+                    if (pds == null) pds = new HashSet<>();
+                    else pds.clear();
+                    pds.add(noPermissionsDomain());
+                    break;
+                }
+            }
+            if (pds != null) {
+                domains = pds.toArray(new ProtectionDomain[0]);
+            }
+        }
+        return domains;
+    }
+
     /*
      * Initialize class descriptor.  This method is only invoked on class
      * descriptors created via calls to lookupInternal().  This method is kept
@@ -551,11 +620,15 @@
                 readResolveObjectMethod = ObjectStreamClass.getInheritableMethod(cl,
                     "readResolve", noTypesList, Object.class);
 
+                domains = new ProtectionDomain[] {noPermissionsDomain()};
+
                 if (externalizable)
                     cons = getExternalizableConstructor(cl) ;
                 else
                     cons = getSerializableConstructor(cl) ;
 
+                domains = getProtectionDomains(cons, cl);
+
                 if (serializable && !forProxyClass) {
                     /* Look for the writeObject method
                      * Set the accessible flag on it here. ObjectOutputStream
@@ -902,20 +975,53 @@
         throws InstantiationException, InvocationTargetException,
                UnsupportedOperationException
     {
+        if (!initialized)
+            throw new InternalError("Unexpected call when not initialized");
         if (cons != null) {
             try {
-                return cons.newInstance(new Object[0]);
+                if (domains == null || domains.length == 0) {
+                    return cons.newInstance();
+                } else {
+                    JavaSecurityAccess jsa = SharedSecrets.getJavaSecurityAccess();
+                    PrivilegedAction<?> pea = (PrivilegedAction<?>) new PrivilegedAction() {
+                        public Object run() {
+                            try {
+                                return cons.newInstance();
+                            } catch (InstantiationException
+                                     | InvocationTargetException
+                                     | IllegalAccessException x) {
+                                throw new UndeclaredThrowableException(x);
+                            }
+                        }
+                    }; // Can't use PrivilegedExceptionAction with jsa
+                    try {
+                        return jsa.doIntersectionPrivilege(pea,
+                                   AccessController.getContext(),
+                                   new AccessControlContext(domains));
+                    } catch (UndeclaredThrowableException x) {
+                        Throwable cause = x.getCause();
+                        if (cause instanceof InstantiationException)
+                            throw (InstantiationException) cause;
+                        if (cause instanceof InvocationTargetException)
+                            throw (InvocationTargetException) cause;
+                        if (cause instanceof IllegalAccessException)
+                            throw (IllegalAccessException) cause;
+                        // not supposed to happen
+                        throw x;
+                    }
+                }
             } catch (IllegalAccessException ex) {
                 // should not occur, as access checks have been suppressed
                 InternalError ie = new InternalError();
-                ie.initCause( ex ) ;
-                throw ie ;
+                ie.initCause(ex);
+                throw ie;
             }
         } else {
             throw new UnsupportedOperationException();
         }
     }
 
+
     /**
      * Returns public no-arg constructor of given class, or null if none found.
      * Access checks are disabled on the returned constructor (if any), since
@@ -1526,7 +1632,8 @@
     Method readObjectMethod;
     private transient Method writeReplaceObjectMethod;
     private transient Method readResolveObjectMethod;
-    private Constructor cons ;
+    private Constructor<?> cons;
+    private transient ProtectionDomain[] domains;
 
     /**
      * Beginning in Java to IDL ptc/02-01-12, RMI-IIOP has a