Skip to content

D
dragonwell8_jdk

openanolis / dragonwell8_jdk

通知 4
Star 2
Fork 0
D
dragonwell8_jdk
提交 5cc024d8 编写于 作者: W weijun
浏览文件
操作

8000210: Improve JarFile code quality 

Reviewed-by: ahgross, xuelei, mschoene
上级 b501a9be
显示空白变更内容
内联 并排
Showing with 15 addition and 10 deletion
src/share/classes/java/util/jar/JarFile.java
浏览文件 @ 5cc024d8
...@@ -34,6 +34,7 @@ import java.security.CodeSigner; ...@@ -34,6 +34,7 @@ import java.security.CodeSigner;
import java.security.cert.Certificate; import java.security.cert.Certificate;
import java.security.AccessController; import java.security.AccessController;
import java.security.CodeSource; import java.security.CodeSource;
import sun.misc.IOUtils;
import sun.security.action.GetPropertyAction; import sun.security.action.GetPropertyAction;
import sun.security.util.ManifestEntryVerifier; import sun.security.util.ManifestEntryVerifier;
import sun.misc.SharedSecrets; import sun.misc.SharedSecrets;
...@@ -329,6 +330,9 @@ class JarFile extends ZipFile { ...@@ -329,6 +330,9 @@ class JarFile extends ZipFile {
if (names != null) { if (names != null) {
for (int i = 0; i < names.length; i++) { for (int i = 0; i < names.length; i++) {
JarEntry e = getJarEntry(names[i]); JarEntry e = getJarEntry(names[i]);
if (e == null) {
throw new JarException("corrupted jar file");
}
if (!e.isDirectory()) { if (!e.isDirectory()) {
if (mev == null) { if (mev == null) {
mev = new ManifestEntryVerifier mev = new ManifestEntryVerifier
...@@ -348,6 +352,10 @@ class JarFile extends ZipFile { ...@@ -348,6 +352,10 @@ class JarFile extends ZipFile {
// treat the jar file as being unsigned // treat the jar file as being unsigned
jv = null; jv = null;
verify = false; verify = false;
if (JarVerifier.debug != null) {
JarVerifier.debug.println("jarfile parsing error!");
ex.printStackTrace();
}
} }
// if after initializing the verifier we have nothing // if after initializing the verifier we have nothing
...@@ -375,11 +383,9 @@ class JarFile extends ZipFile { ...@@ -375,11 +383,9 @@ class JarFile extends ZipFile {
* META-INF files. * META-INF files.
*/ */
private byte[] getBytes(ZipEntry ze) throws IOException { private byte[] getBytes(ZipEntry ze) throws IOException {
byte[] b = new byte[(int)ze.getSize()]; try (InputStream is = super.getInputStream(ze)) {
try (DataInputStream is = new DataInputStream(super.getInputStream(ze))) { return IOUtils.readFully(is, (int)ze.getSize(), true);
is.readFully(b, 0, b.length);
} }
return b;
} }
/** /**
...@@ -479,12 +485,7 @@ class JarFile extends ZipFile { ...@@ -479,12 +485,7 @@ class JarFile extends ZipFile {
if (!isKnownToNotHaveClassPathAttribute()) { if (!isKnownToNotHaveClassPathAttribute()) {
JarEntry manEntry = getManEntry(); JarEntry manEntry = getManEntry();
if (manEntry != null) { if (manEntry != null) {
byte[] b = new byte[(int)manEntry.getSize()]; byte[] b = getBytes(manEntry);
try (DataInputStream dis = new DataInputStream(
super.getInputStream(manEntry))) {
dis.readFully(b, 0, b.length);
}
int last = b.length - src.length; int last = b.length - src.length;
int i = 0; int i = 0;
next: next:
......
src/share/classes/sun/security/util/DerIndefLenConverter.java
浏览文件 @ 5cc024d8
...@@ -325,6 +325,10 @@ class DerIndefLenConverter { ...@@ -325,6 +325,10 @@ class DerIndefLenConverter {
} }
} }
if (unresolved != 0) {
throw new IOException("not all indef len BER resolved");
}
newData = new byte[dataSize + numOfTotalLenBytes + unused]; newData = new byte[dataSize + numOfTotalLenBytes + unused];
dataPos=0; newDataPos=0; index=0; dataPos=0; newDataPos=0; index=0;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册