提交 49a8393e 编写于 作者: S sherman

6544278: SecurityException not thrown for Indexed Jar file whose signature is corrupted

Summary: Added code to deal with the index case specially.
Reviewed-by: mullan
上级 a7688ae1
...@@ -28,6 +28,7 @@ package java.util.jar; ...@@ -28,6 +28,7 @@ package java.util.jar;
import java.util.zip.*; import java.util.zip.*;
import java.io.*; import java.io.*;
import sun.security.util.ManifestEntryVerifier; import sun.security.util.ManifestEntryVerifier;
import sun.misc.JarIndex;
/** /**
* The <code>JarInputStream</code> class is used to read the contents of * The <code>JarInputStream</code> class is used to read the contents of
...@@ -47,7 +48,8 @@ class JarInputStream extends ZipInputStream { ...@@ -47,7 +48,8 @@ class JarInputStream extends ZipInputStream {
private JarEntry first; private JarEntry first;
private JarVerifier jv; private JarVerifier jv;
private ManifestEntryVerifier mev; private ManifestEntryVerifier mev;
private final boolean doVerify;
private boolean tryManifest;
/** /**
* Creates a new <code>JarInputStream</code> and reads the optional * Creates a new <code>JarInputStream</code> and reads the optional
...@@ -72,25 +74,33 @@ class JarInputStream extends ZipInputStream { ...@@ -72,25 +74,33 @@ class JarInputStream extends ZipInputStream {
*/ */
public JarInputStream(InputStream in, boolean verify) throws IOException { public JarInputStream(InputStream in, boolean verify) throws IOException {
super(in); super(in);
JarEntry e = (JarEntry)super.getNextEntry(); this.doVerify = verify;
// This implementation assumes the META-INF/MANIFEST.MF entry
// should be either the first or the second entry (when preceded
// by the dir META-INF/). It skips the META-INF/ and then
// "consumes" the MANIFEST.MF to initialize the Manifest object.
JarEntry e = (JarEntry)super.getNextEntry();
if (e != null && e.getName().equalsIgnoreCase("META-INF/")) if (e != null && e.getName().equalsIgnoreCase("META-INF/"))
e = (JarEntry)super.getNextEntry(); e = (JarEntry)super.getNextEntry();
first = checkManifest(e);
}
private JarEntry checkManifest(JarEntry e)
throws IOException
{
if (e != null && JarFile.MANIFEST_NAME.equalsIgnoreCase(e.getName())) { if (e != null && JarFile.MANIFEST_NAME.equalsIgnoreCase(e.getName())) {
man = new Manifest(); man = new Manifest();
byte bytes[] = getBytes(new BufferedInputStream(this)); byte bytes[] = getBytes(new BufferedInputStream(this));
man.read(new ByteArrayInputStream(bytes)); man.read(new ByteArrayInputStream(bytes));
//man.read(new BufferedInputStream(this));
closeEntry(); closeEntry();
if (verify) { if (doVerify) {
jv = new JarVerifier(bytes); jv = new JarVerifier(bytes);
mev = new ManifestEntryVerifier(man); mev = new ManifestEntryVerifier(man);
} }
first = getNextJarEntry(); return (JarEntry)super.getNextEntry();
} else {
first = e;
} }
return e;
} }
private byte[] getBytes(InputStream is) private byte[] getBytes(InputStream is)
...@@ -98,10 +108,7 @@ class JarInputStream extends ZipInputStream { ...@@ -98,10 +108,7 @@ class JarInputStream extends ZipInputStream {
{ {
byte[] buffer = new byte[8192]; byte[] buffer = new byte[8192];
ByteArrayOutputStream baos = new ByteArrayOutputStream(2048); ByteArrayOutputStream baos = new ByteArrayOutputStream(2048);
int n; int n;
baos.reset();
while ((n = is.read(buffer, 0, buffer.length)) != -1) { while ((n = is.read(buffer, 0, buffer.length)) != -1) {
baos.write(buffer, 0, n); baos.write(buffer, 0, n);
} }
...@@ -133,8 +140,14 @@ class JarInputStream extends ZipInputStream { ...@@ -133,8 +140,14 @@ class JarInputStream extends ZipInputStream {
JarEntry e; JarEntry e;
if (first == null) { if (first == null) {
e = (JarEntry)super.getNextEntry(); e = (JarEntry)super.getNextEntry();
if (tryManifest) {
e = checkManifest(e);
tryManifest = false;
}
} else { } else {
e = first; e = first;
if (first.getName().equalsIgnoreCase(JarIndex.INDEX_NAME))
tryManifest = true;
first = null; first = null;
} }
if (jv != null && e != null) { if (jv != null && e != null) {
......
/*
* Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* @test
* @bug 6544278
* @summary Confirm the JarInputStream throws the SecurityException when
* verifying an indexed jar file with corrupted signature
*/
import java.io.IOException;
import java.io.FileInputStream;
import java.util.jar.JarEntry;
import java.util.jar.JarInputStream;
public class TestIndexedJarWithBadSignature {
public static void main(String...args) throws Throwable {
try (JarInputStream jis = new JarInputStream(
new FileInputStream(System.getProperty("tst.src", ".") +
System.getProperty("file.separator") +
"BadSignedJar.jar")))
{
JarEntry je1 = jis.getNextJarEntry();
while(je1!=null){
System.out.println("Jar Entry1==>"+je1.getName());
je1 = jis.getNextJarEntry(); // This should throw Security Exception
}
throw new RuntimeException(
"Test Failed:Security Exception not being thrown");
} catch (IOException ie){
ie.printStackTrace();
} catch (SecurityException e) {
System.out.println("Test passed: Security Exception thrown as expected");
}
}
}
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册