8208754: The fix for JDK-8194534 needs updates

Reviewed-by: alanb, igerasim, rhalade, mullan

8208754: The fix for JDK-8194534 needs updates
Reviewed-by: alanb, igerasim, rhalade, mullan
86de24e1 · igerasim · b66797e1 · 86de24e1 · 86de24e1 · 86de24e1
5 changed file
--- a/src/share/classes/java/util/jar/JarFile.java
+++ b/src/share/classes/java/util/jar/JarFile.java
@@ -602,7 +602,7 @@ class JarFile extends ZipFile {
        return false;
    }

-    private synchronized void ensureInitialization() {
+    synchronized void ensureInitialization() {
        try {
            maybeInstantiateVerifier();
        } catch (IOException e) {

--- a/src/share/classes/java/util/jar/JavaUtilJarAccessImpl.java
+++ b/src/share/classes/java/util/jar/JavaUtilJarAccessImpl.java
@@ -65,4 +65,7 @@ class JavaUtilJarAccessImpl implements JavaUtilJarAccess {
        return man.getTrustedAttributes(name);
    }

+    public void ensureInitialization(JarFile jar) {
+        jar.ensureInitialization();
+    }
 }
--- a/src/share/classes/java/util/jar/Manifest.java
+++ b/src/share/classes/java/util/jar/Manifest.java
@@ -150,6 +150,10 @@ public class Manifest implements Cloneable {
     *      does not exist in SF files of all signers).
     */
    Attributes getTrustedAttributes(String name) {
+        // Note: Before the verification of MANIFEST.MF/.SF/.RSA files is done,
+        // jv.isTrustedManifestEntry() isn't able to detect MANIFEST.MF change.
+        // Users of this method should call SharedSecrets.javaUtilJarAccess()
+        // .ensureInitialization() first.
        Attributes result = getAttributes(name);
        if (result != null && jv != null && ! jv.isTrustedManifestEntry(name)) {
            throw new SecurityException("Untrusted manifest entry: " + name);

--- a/src/share/classes/sun/misc/JavaUtilJarAccess.java
+++ b/src/share/classes/sun/misc/JavaUtilJarAccess.java
@@ -44,4 +44,5 @@ public interface JavaUtilJarAccess {
    public void setEagerValidation(JarFile jar, boolean eager);
    public List<Object> getManifestDigests(JarFile jar);
    public Attributes getTrustedAttributes(Manifest man, String name);
+    public void ensureInitialization(JarFile jar);
 }
--- a/src/share/classes/sun/misc/URLClassPath.java
+++ b/src/share/classes/sun/misc/URLClassPath.java
@@ -987,8 +987,10 @@ public class URLClassPath {
                    { return jar.getInputStream(entry); }
                public int getContentLength()
                    { return (int)entry.getSize(); }
-                public Manifest getManifest() throws IOException
-                    { return jar.getManifest(); };
+                public Manifest getManifest() throws IOException {
+                    SharedSecrets.javaUtilJarAccess().ensureInitialization(jar);
+                    return jar.getManifest();
+                }
                public Certificate[] getCertificates()
                    { return entry.getCertificates(); };
                public CodeSigner[] getCodeSigners()