8213429: Windows file handling redux

8167646: Better invalid FilePermission
Reviewed-by: mbalao

src/share/classes/java/io/FilePermission.java

@@ -25,12 +25,16 @@
 
 package java.io;
 
+import java.net.URI;
+import java.nio.file.InvalidPathException;
 import java.security.*;
 import java.util.Enumeration;
 import java.util.List;
 import java.util.ArrayList;
 import java.util.Vector;
 import java.util.Collections;
+
+import sun.nio.fs.DefaultFileSystemProvider;
 import sun.security.util.SecurityConstants;
 
 /**
@@ -152,6 +156,8 @@ public final class FilePermission extends Permission implements Serializable {
 
     private transient String cpath;
 
+    private transient boolean invalid;  // whether input path is invalid
+
     // static Strings used by init(int mask)
     private static final char RECURSIVE_CHAR = '-';
     private static final char WILD_CHAR = '*';
@@ -173,6 +179,14 @@ public final class FilePermission extends Permission implements Serializable {
 
     private static final long serialVersionUID = 7930732926638008763L;
 
+    /**
+     * Always use the internal default file system, in case it was modified
+     * with java.nio.file.spi.DefaultFileSystemProvider.
+     */
+    private static final java.nio.file.FileSystem builtInFS =
+            DefaultFileSystemProvider.create()
+                    .getFileSystem(URI.create("file:///"));
+
     /**
      * initialize a FilePermission object. Common to all constructors.
      * Also called during de-serialization.
@@ -199,6 +213,20 @@ public final class FilePermission extends Permission implements Serializable {
             return;
         }
 
+        // Validate path by platform's default file system
+        // Note: this check does not apply during FilePermission
+        // class initialization.
+        if (builtInFS != null) {
+            try {
+                String name = cpath.endsWith("*") ?
+                        cpath.substring(0, cpath.length() - 1) + "-" : cpath;
+                builtInFS.getPath(new File(name).getPath());
+            } catch (InvalidPathException ipe) {
+                invalid = true;
+                return;
+            }
+        }
+
         // store only the canonical cpath if possible
         cpath = AccessController.doPrivileged(new PrivilegedAction<String>() {
             public String run() {
@@ -335,6 +363,12 @@ public final class FilePermission extends Permission implements Serializable {
      * @return the effective mask
      */
     boolean impliesIgnoreMask(FilePermission that) {
+        if (this == that) {
+            return true;
+        }
+        if (this.invalid || that.invalid) {
+            return false;
+        }
         if (this.directory) {
             if (this.recursive) {
                 // make sure that.path is longer then path so
@@ -395,6 +429,9 @@ public final class FilePermission extends Permission implements Serializable {
 
         FilePermission that = (FilePermission) obj;
 
+        if (this.invalid || that.invalid) {
+            return false;
+        }
         return (this.mask == that.mask) &&
             this.cpath.equals(that.cpath) &&
             (this.directory == that.directory) &&

src/share/classes/sun/misc/Launcher.java

@@ -85,6 +85,9 @@ public class Launcher {
         // Finally, install a security manager if requested
         String s = System.getProperty("java.security.manager");
         if (s != null) {
+            // init FileSystem machinery before SecurityManager installation
+            sun.nio.fs.DefaultFileSystemProvider.create();
+
             SecurityManager sm = null;
             if ("".equals(s) || "default".equals(s)) {
                 sm = new java.lang.SecurityManager();

test/java/io/FilePermission/Invalid.java

+/*
+ * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/**
+ *
+ * @test
+ * @bug 8167646
+ * @summary Better invalid FilePermission
+ * @library /lib/testlibrary
+ */
+
+import jdk.testlibrary.Asserts;
+
+import java.io.FilePermission;
+
+public class Invalid {
+
+    public static void main(String args[]) throws Exception {
+
+        // Normal
+        FilePermission fp = new FilePermission("a", "read");
+
+        // Invalid
+        FilePermission fp1 = new FilePermission("a\000", "read");
+        FilePermission fp2 = new FilePermission("a\000", "read");
+        FilePermission fp3 = new FilePermission("b\000", "read");
+
+        // Invalid equals to itself
+        Asserts.assertEQ(fp1, fp1);
+
+        // and not equals to anything else, including other invalid ones
+        Asserts.assertNE(fp, fp1);
+        Asserts.assertNE(fp1, fp);
+        Asserts.assertNE(fp1, fp2);
+        Asserts.assertNE(fp1, fp3);
+
+        // Invalid implies itself
+        Asserts.assertTrue(fp1.implies(fp1));
+
+        // and not implies or implied by anything else, including other
+        // invalid ones
+        Asserts.assertFalse(fp.implies(fp1));
+        Asserts.assertFalse(fp1.implies(fp));
+        Asserts.assertFalse(fp1.implies(fp2));
+        Asserts.assertFalse(fp1.implies(fp3));
+    }
+}