提交 fbacd3c5 编写于 作者: A asaha

Merge

......@@ -695,3 +695,4 @@ f5d0aadb4d1ca74eda4e98cc0030f1618ef4c870 jdk8u131-b07
c0091a673d766ce2e76a945bab6de325fe78dd88 jdk8u131-b10
3ab471c4760a808e39406303ff33a25a542b9c75 jdk8u131-b11
a160009bbe1417d85f1c0eec890fdb17391b3637 jdk8u141-b00
e95a13de2d36050302a1af422967f5260fc8eabd jdk8u141-b01
......@@ -34,6 +34,10 @@
*/
package java.util.concurrent;
import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.concurrent.locks.AbstractQueuedSynchronizer;
import java.util.concurrent.locks.Condition;
import java.util.concurrent.locks.ReentrantLock;
......@@ -569,6 +573,9 @@ public class ThreadPoolExecutor extends AbstractExecutorService {
private static final RuntimePermission shutdownPerm =
new RuntimePermission("modifyThread");
/* The context to be used when executing the finalizer, or null. */
private final AccessControlContext acc;
/**
* Class Worker mainly maintains interrupt control state for
* threads running tasks, along with other minor bookkeeping.
......@@ -1307,6 +1314,9 @@ public class ThreadPoolExecutor extends AbstractExecutorService {
throw new IllegalArgumentException();
if (workQueue == null || threadFactory == null || handler == null)
throw new NullPointerException();
this.acc = System.getSecurityManager() == null ?
null :
AccessController.getContext();
this.corePoolSize = corePoolSize;
this.maximumPoolSize = maximumPoolSize;
this.workQueue = workQueue;
......@@ -1472,9 +1482,18 @@ public class ThreadPoolExecutor extends AbstractExecutorService {
/**
* Invokes {@code shutdown} when this executor is no longer
* referenced and it has no threads.
*
* <p>This method is invoked with privileges that are restricted by
* the security context of the caller that invokes the constructor.
*/
protected void finalize() {
shutdown();
SecurityManager sm = System.getSecurityManager();
if (sm == null || acc == null) {
shutdown();
} else {
PrivilegedAction<Void> pa = () -> { shutdown(); return null; };
AccessController.doPrivileged(pa, acc);
}
}
/**
......
/*
* Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
......@@ -180,10 +180,12 @@ class JarVerifier {
// only set the jev object for entries that have a signature
// (either verified or not)
if (sigFileSigners.get(name) != null ||
verifiedSigners.get(name) != null) {
mev.setEntry(name, je);
return;
if (!name.equals(JarFile.MANIFEST_NAME)) {
if (sigFileSigners.get(name) != null ||
verifiedSigners.get(name) != null) {
mev.setEntry(name, je);
return;
}
}
// don't compute the digest for this entry
......
......@@ -26,6 +26,9 @@
package javax.imageio.spi;
import java.io.File;
import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
......@@ -701,11 +704,12 @@ class SubRegistry {
Class category;
// Provider Objects organized by partial oridering
PartiallyOrderedSet poset = new PartiallyOrderedSet();
// Provider Objects organized by partial ordering
final PartiallyOrderedSet poset = new PartiallyOrderedSet();
// Class -> Provider Object of that class
Map<Class<?>,Object> map = new HashMap();
final Map<Class<?>,Object> map = new HashMap();
final Map<Class<?>,AccessControlContext> accMap = new HashMap<>();
public SubRegistry(ServiceRegistry registry, Class category) {
this.registry = registry;
......@@ -720,6 +724,7 @@ class SubRegistry {
deregisterServiceProvider(oprovider);
}
map.put(provider.getClass(), provider);
accMap.put(provider.getClass(), AccessController.getContext());
poset.add(provider);
if (provider instanceof RegisterableService) {
RegisterableService rs = (RegisterableService)provider;
......@@ -739,6 +744,7 @@ class SubRegistry {
if (provider == oprovider) {
map.remove(provider.getClass());
accMap.remove(provider.getClass());
poset.remove(provider);
if (provider instanceof RegisterableService) {
RegisterableService rs = (RegisterableService)provider;
......@@ -785,10 +791,17 @@ class SubRegistry {
if (provider instanceof RegisterableService) {
RegisterableService rs = (RegisterableService)provider;
rs.onDeregistration(registry, category);
AccessControlContext acc = accMap.get(provider.getClass());
if (acc != null || System.getSecurityManager() == null) {
AccessController.doPrivileged((PrivilegedAction<Void>) () -> {
rs.onDeregistration(registry, category);
return null;
}, acc);
}
}
}
poset.clear();
accMap.clear();
}
public void finalize() {
......
......@@ -29,6 +29,10 @@ import java.lang.ref.WeakReference;
import java.awt.Image;
import java.awt.image.ImageObserver;
import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.PrivilegedAction;
public abstract class ImageWatched {
public static Link endlink = new Link();
......@@ -85,16 +89,26 @@ public abstract class ImageWatched {
}
}
static class AccWeakReference<T> extends WeakReference<T> {
private final AccessControlContext acc;
AccWeakReference(T ref) {
super(ref);
acc = AccessController.getContext();
}
}
/*
* Standard Link implementation to manage a Weak Reference
* to an ImageObserver.
*/
public static class WeakLink extends Link {
private WeakReference<ImageObserver> myref;
private final AccWeakReference<ImageObserver> myref;
private Link next;
public WeakLink(ImageObserver obs, Link next) {
myref = new WeakReference<ImageObserver>(obs);
myref = new AccWeakReference<ImageObserver>(obs);
this.next = next;
}
......@@ -120,6 +134,19 @@ public abstract class ImageWatched {
return this;
}
private static boolean update(ImageObserver iw, AccessControlContext acc,
Image img, int info,
int x, int y, int w, int h) {
if (acc != null || System.getSecurityManager() != null) {
return AccessController.doPrivileged(
(PrivilegedAction<Boolean>) () -> {
return iw.imageUpdate(img, info, x, y, w, h);
}, acc);
}
return false;
}
public boolean newInfo(Image img, int info,
int x, int y, int w, int h)
{
......@@ -129,7 +156,7 @@ public abstract class ImageWatched {
if (myiw == null) {
// My referent is null so we must prune in a second pass.
ret = true;
} else if (myiw.imageUpdate(img, info, x, y, w, h) == false) {
} else if (update(myiw, myref.acc, img, info, x, y, w, h) == false) {
// My referent has lost interest so clear it and ask
// for a pruning pass to remove it later.
myref.clear();
......
/*
* Copyright (c) 2008, 2009, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2008, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
......@@ -246,13 +246,16 @@ abstract class AsynchronousChannelGroupImpl
abstract void shutdownHandlerTasks();
private void shutdownExecutors() {
AccessController.doPrivileged(new PrivilegedAction<Void>() {
public Void run() {
pool.executor().shutdown();
timeoutExecutor.shutdown();
return null;
}
});
AccessController.doPrivileged(
new PrivilegedAction<Void>() {
public Void run() {
pool.executor().shutdown();
timeoutExecutor.shutdown();
return null;
}
},
null,
new RuntimePermission("modifyThread"));
}
@Override
......
/*
* Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
......@@ -107,6 +107,8 @@ public class ManifestEntryVerifier {
/* get the headers from the manifest for this entry */
/* if there aren't any, we can't verify any digests for this entry */
skip = false;
Attributes attr = man.getAttributes(name);
if (attr == null) {
// ugh. we should be able to remove this at some point.
......@@ -141,7 +143,6 @@ public class ManifestEntryVerifier {
}
if (digest != null) {
skip = false;
digest.reset();
digests.add(digest);
manifestHashes.add(
......@@ -197,6 +198,10 @@ public class ManifestEntryVerifier {
return null;
}
if (digests.isEmpty()) {
throw new SecurityException("digest missing for " + name);
}
if (signers != null)
return signers;
......
......@@ -457,6 +457,8 @@ static void *CCalloc(context_type *context, int size, jboolean zero);
static fullinfo_type cp_index_to_class_fullinfo(context_type *, int, int);
static const char* get_result_signature(const char* signature);
static char signature_to_fieldtype(context_type *context,
const char **signature_p, fullinfo_type *info);
......@@ -2775,7 +2777,7 @@ push_stack(context_type *context, unsigned int inumber, stack_info_type *new_sta
operand);
const char *result_signature;
check_and_push(context, signature, VM_STRING_UTF);
result_signature = strchr(signature, JVM_SIGNATURE_ENDFUNC);
result_signature = get_result_signature(signature);
if (result_signature++ == NULL) {
CCerror(context, "Illegal signature %s", signature);
}
......@@ -3698,6 +3700,42 @@ CFerror(context_type *context, char *format, ...)
longjmp(context->jump_buffer, 1);
}
/*
* Need to scan the entire signature to find the result type because
* types in the arg list and the result type could contain embedded ')'s.
*/
static const char* get_result_signature(const char* signature) {
const char *p;
for (p = signature; *p != JVM_SIGNATURE_ENDFUNC; p++) {
switch (*p) {
case JVM_SIGNATURE_BOOLEAN:
case JVM_SIGNATURE_BYTE:
case JVM_SIGNATURE_CHAR:
case JVM_SIGNATURE_SHORT:
case JVM_SIGNATURE_INT:
case JVM_SIGNATURE_FLOAT:
case JVM_SIGNATURE_DOUBLE:
case JVM_SIGNATURE_LONG:
case JVM_SIGNATURE_FUNC: /* ignore initial (, if given */
break;
case JVM_SIGNATURE_CLASS:
while (*p != JVM_SIGNATURE_ENDCLASS) p++;
break;
case JVM_SIGNATURE_ARRAY:
while (*p == JVM_SIGNATURE_ARRAY) p++;
/* If an array of classes, skip over class name, too. */
if (*p == JVM_SIGNATURE_CLASS) {
while (*p != JVM_SIGNATURE_ENDCLASS) p++;
}
break;
default:
/* Indicate an error. */
return NULL;
}
}
return p++; /* skip over ')'. */
}
static char
signature_to_fieldtype(context_type *context,
const char **signature_p, fullinfo_type *full_info_p)
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册