Wed, 04 Oct 2017 14:20:50 -0700
Merge
.hgtags | file | annotate | diff | comparison | revisions |
1.1 --- a/.hgtags Tue Oct 03 18:40:24 2017 -0700 1.2 +++ b/.hgtags Wed Oct 04 14:20:50 2017 -0700 1.3 @@ -745,6 +745,19 @@ 1.4 4f242f33e89a7900f2fcdcd9402058b6d01f340c jdk8u141-b15 1.5 77461a27d91fcb53106e6b3234468bff4d0eec9e jdk8u144-b00 1.6 0d5d2e29f93b01ffa4998c2e3a61d2e6eaa96b1b jdk8u144-b01 1.7 +2dbdceff6ade82aa9942cdea6b62d5655d65183c jdk8u151-b00 1.8 +4449c73dbfdf2e32889e3ce769bd4160daa48b71 jdk8u151-b01 1.9 +ffa099d5b88ff14cea677d2afa4229354e9404d0 jdk8u151-b02 1.10 +a6814326f989837019ff7dd0d9b0e57065499bc5 jdk8u151-b03 1.11 +cefb3694f8565e1f23ff3231fd21523f52161a95 jdk8u151-b04 1.12 +8977426affc02fdf74b1163865059ec86ddccb61 jdk8u151-b05 1.13 +3289ad7e88f3aa38fdaa4910e9eeed5e1e5430b1 jdk8u151-b06 1.14 +d41040488bbb511d64c6c2533d642e52675edfde jdk8u151-b07 1.15 +5d079476bf24cb8143473d2a0880e0b2e032b1eb jdk8u151-b08 1.16 +c5f095a1df38d9be119adcab5bbd7e4365e21871 jdk8u151-b09 1.17 +05a4bb70c2d84442e505b40e2059399da3f65633 jdk8u151-b10 1.18 +ea10de07bc171c8cf89f2acbc4a1288d4dc0f2d6 jdk8u151-b11 1.19 +87aaf4f5274e047cd1e0822a6b57dafcb987544b jdk8u151-b12 1.20 58d0ffe75dc5597310d422e214dc077476bd2338 jdk8u122-b00 1.21 a87b06da783bb5a11f7857220789979129e39e7c jdk8u122-b01 1.22 8684348ae5eb6f895d19e4752dea567642dbcec4 jdk8u122-b02 1.23 @@ -761,5 +774,16 @@ 1.24 d36e9c6f195c5604626f7c836c17826960ca2a11 jdk8u152-b03 1.25 4f94cc55256028ab54390abe212959c241b0670f jdk8u152-b04 1.26 2917e61cfadab474625d19fb7775ccdec5584738 jdk8u152-b05 1.27 +bc6e4d3f7a20c34dcdccc1be17792188ccdcb917 jdk8u152-b06 1.28 +87992ac3484c6c2ae5cad4ad14701a03a9ec963c jdk8u152-b07 1.29 +1f7bbfb8b2632ac610c3a0d7d944ff0a3967469a jdk8u152-b08 1.30 +a9e83644bd11b5da49bb4424eed9c5a34003085c jdk8u152-b09 1.31 +3c302cc47b26715fb9ae863a477d6d0366feb713 jdk8u152-b10 1.32 +56a5346ca6448c188eb09de3856cbadf1532ffc4 jdk8u152-b11 1.33 +122a325c8bea6d8f49126ddc1644803d213197ae jdk8u152-b12 1.34 +f33390314a7d9311dc9474106ad6e66d71751e6d jdk8u152-b13 1.35 +2b4802994bf5a4a634258c9ff06d3da474130f8b jdk8u152-b14 1.36 +f89071fbde60b327d6940a34fcdeed96b6440dd2 jdk8u152-b15 1.37 +674aecf3d87ae774e2026a1cb2a60eaa651bc7c2 jdk8u152-b16 1.38 1160ad38fc7495c01c25421ae89689232481eb6b jdk8u162-b00 1.39 86b1cd17fde74427ac4b9312cc56bafc57b32fb4 jdk8u162-b01
2.1 --- a/THIRD_PARTY_README Tue Oct 03 18:40:24 2017 -0700 2.2 +++ b/THIRD_PARTY_README Wed Oct 04 14:20:50 2017 -0700 2.3 @@ -2808,12 +2808,12 @@ 2.4 2.5 ------------------------------------------------------------------------------- 2.6 2.7 -%% This notice is provided with respect to zlib v1.2.8, which may be included 2.8 +%% This notice is provided with respect to zlib v1.2.11, which may be included 2.9 with JRE 8, JDK 8, and OpenJDK 8. 2.10 2.11 --- begin of LICENSE --- 2.12 2.13 - version 1.2.8, April 28th, 2013 2.14 + version 1.2.11, January 15th, 2017 2.15 2.16 Copyright (C) 1995-2017 Jean-loup Gailly and Mark Adler 2.17
3.1 --- a/src/share/classes/com/sun/corba/se/impl/io/ObjectStreamClass.java Tue Oct 03 18:40:24 2017 -0700 3.2 +++ b/src/share/classes/com/sun/corba/se/impl/io/ObjectStreamClass.java Wed Oct 04 14:20:50 2017 -0700 3.3 @@ -31,13 +31,17 @@ 3.4 3.5 package com.sun.corba.se.impl.io; 3.6 3.7 +import java.security.AccessControlContext; 3.8 +import java.security.AccessController; 3.9 import java.security.MessageDigest; 3.10 import java.security.NoSuchAlgorithmException; 3.11 import java.security.DigestOutputStream; 3.12 -import java.security.AccessController; 3.13 +import java.security.PermissionCollection; 3.14 +import java.security.Permissions; 3.15 import java.security.PrivilegedExceptionAction; 3.16 import java.security.PrivilegedActionException; 3.17 import java.security.PrivilegedAction; 3.18 +import java.security.ProtectionDomain; 3.19 3.20 import java.lang.reflect.Modifier; 3.21 import java.lang.reflect.Array; 3.22 @@ -47,6 +51,7 @@ 3.23 import java.lang.reflect.Constructor; 3.24 import java.lang.reflect.Proxy; 3.25 import java.lang.reflect.InvocationTargetException; 3.26 +import java.lang.reflect.UndeclaredThrowableException; 3.27 3.28 import java.io.IOException; 3.29 import java.io.DataOutputStream; 3.30 @@ -57,6 +62,11 @@ 3.31 3.32 import java.util.Arrays; 3.33 import java.util.Comparator; 3.34 +import java.util.HashSet; 3.35 +import java.util.Set; 3.36 + 3.37 +import sun.misc.JavaSecurityAccess; 3.38 +import sun.misc.SharedSecrets; 3.39 3.40 import com.sun.corba.se.impl.util.RepositoryId; 3.41 3.42 @@ -418,6 +428,65 @@ 3.43 private static final PersistentFieldsValue persistentFieldsValue = 3.44 new PersistentFieldsValue(); 3.45 3.46 + /** 3.47 + * Creates a PermissionDomain that grants no permission. 3.48 + */ 3.49 + private ProtectionDomain noPermissionsDomain() { 3.50 + PermissionCollection perms = new Permissions(); 3.51 + perms.setReadOnly(); 3.52 + return new ProtectionDomain(null, perms); 3.53 + } 3.54 + 3.55 + /** 3.56 + * Aggregate the ProtectionDomains of all the classes that separate 3.57 + * a concrete class {@code cl} from its ancestor's class declaring 3.58 + * a constructor {@code cons}. 3.59 + * 3.60 + * If {@code cl} is defined by the boot loader, or the constructor 3.61 + * {@code cons} is declared by {@code cl}, or if there is no security 3.62 + * manager, then this method does nothing and {@code null} is returned. 3.63 + * 3.64 + * @param cons A constructor declared by {@code cl} or one of its 3.65 + * ancestors. 3.66 + * @param cl A concrete class, which is either the class declaring 3.67 + * the constructor {@code cons}, or a serializable subclass 3.68 + * of that class. 3.69 + * @return An array of ProtectionDomain representing the set of 3.70 + * ProtectionDomain that separate the concrete class {@code cl} 3.71 + * from its ancestor's declaring {@code cons}, or {@code null}. 3.72 + */ 3.73 + private ProtectionDomain[] getProtectionDomains(Constructor<?> cons, 3.74 + Class<?> cl) { 3.75 + ProtectionDomain[] domains = null; 3.76 + if (cons != null && cl.getClassLoader() != null 3.77 + && System.getSecurityManager() != null) { 3.78 + Class<?> cls = cl; 3.79 + Class<?> fnscl = cons.getDeclaringClass(); 3.80 + Set<ProtectionDomain> pds = null; 3.81 + while (cls != fnscl) { 3.82 + ProtectionDomain pd = cls.getProtectionDomain(); 3.83 + if (pd != null) { 3.84 + if (pds == null) pds = new HashSet<>(); 3.85 + pds.add(pd); 3.86 + } 3.87 + cls = cls.getSuperclass(); 3.88 + if (cls == null) { 3.89 + // that's not supposed to happen 3.90 + // make a ProtectionDomain with no permission. 3.91 + // should we throw instead? 3.92 + if (pds == null) pds = new HashSet<>(); 3.93 + else pds.clear(); 3.94 + pds.add(noPermissionsDomain()); 3.95 + break; 3.96 + } 3.97 + } 3.98 + if (pds != null) { 3.99 + domains = pds.toArray(new ProtectionDomain[0]); 3.100 + } 3.101 + } 3.102 + return domains; 3.103 + } 3.104 + 3.105 /* 3.106 * Initialize class descriptor. This method is only invoked on class 3.107 * descriptors created via calls to lookupInternal(). This method is kept 3.108 @@ -551,11 +620,15 @@ 3.109 readResolveObjectMethod = ObjectStreamClass.getInheritableMethod(cl, 3.110 "readResolve", noTypesList, Object.class); 3.111 3.112 + domains = new ProtectionDomain[] {noPermissionsDomain()}; 3.113 + 3.114 if (externalizable) 3.115 cons = getExternalizableConstructor(cl) ; 3.116 else 3.117 cons = getSerializableConstructor(cl) ; 3.118 3.119 + domains = getProtectionDomains(cons, cl); 3.120 + 3.121 if (serializable && !forProxyClass) { 3.122 /* Look for the writeObject method 3.123 * Set the accessible flag on it here. ObjectOutputStream 3.124 @@ -902,20 +975,53 @@ 3.125 throws InstantiationException, InvocationTargetException, 3.126 UnsupportedOperationException 3.127 { 3.128 + if (!initialized) 3.129 + throw new InternalError("Unexpected call when not initialized"); 3.130 if (cons != null) { 3.131 try { 3.132 - return cons.newInstance(new Object[0]); 3.133 + if (domains == null || domains.length == 0) { 3.134 + return cons.newInstance(); 3.135 + } else { 3.136 + JavaSecurityAccess jsa = SharedSecrets.getJavaSecurityAccess(); 3.137 + PrivilegedAction<?> pea = (PrivilegedAction<?>) new PrivilegedAction() { 3.138 + public Object run() { 3.139 + try { 3.140 + return cons.newInstance(); 3.141 + } catch (InstantiationException 3.142 + | InvocationTargetException 3.143 + | IllegalAccessException x) { 3.144 + throw new UndeclaredThrowableException(x); 3.145 + } 3.146 + } 3.147 + }; // Can't use PrivilegedExceptionAction with jsa 3.148 + try { 3.149 + return jsa.doIntersectionPrivilege(pea, 3.150 + AccessController.getContext(), 3.151 + new AccessControlContext(domains)); 3.152 + } catch (UndeclaredThrowableException x) { 3.153 + Throwable cause = x.getCause(); 3.154 + if (cause instanceof InstantiationException) 3.155 + throw (InstantiationException) cause; 3.156 + if (cause instanceof InvocationTargetException) 3.157 + throw (InvocationTargetException) cause; 3.158 + if (cause instanceof IllegalAccessException) 3.159 + throw (IllegalAccessException) cause; 3.160 + // not supposed to happen 3.161 + throw x; 3.162 + } 3.163 + } 3.164 } catch (IllegalAccessException ex) { 3.165 // should not occur, as access checks have been suppressed 3.166 InternalError ie = new InternalError(); 3.167 - ie.initCause( ex ) ; 3.168 - throw ie ; 3.169 + ie.initCause(ex); 3.170 + throw ie; 3.171 } 3.172 } else { 3.173 throw new UnsupportedOperationException(); 3.174 } 3.175 } 3.176 3.177 + 3.178 /** 3.179 * Returns public no-arg constructor of given class, or null if none found. 3.180 * Access checks are disabled on the returned constructor (if any), since 3.181 @@ -1526,7 +1632,8 @@ 3.182 Method readObjectMethod; 3.183 private transient Method writeReplaceObjectMethod; 3.184 private transient Method readResolveObjectMethod; 3.185 - private Constructor cons ; 3.186 + private Constructor<?> cons; 3.187 + private transient ProtectionDomain[] domains; 3.188 3.189 /** 3.190 * Beginning in Java to IDL ptc/02-01-12, RMI-IIOP has a