Merge

Author: slowhog

src/hotspot/share/oops/klassVtable.cpp

@@ -291,23 +291,26 @@ InstanceKlass* klassVtable::find_transitive_override(InstanceKlass* initialsuper
  int vtable_index, Handle target_loader, Symbol* target_classname, Thread * THREAD) {
  InstanceKlass* superk = initialsuper;
  while (superk != NULL && superk->super() != NULL) {
- InstanceKlass* supersuperklass = InstanceKlass::cast(superk->super());
- klassVtable ssVtable = supersuperklass->vtable();
+ klassVtable ssVtable = (superk->super())->vtable();
  if (vtable_index < ssVtable.length()) {
  Method* super_method = ssVtable.method_at(vtable_index);
+ // get the class holding the matching method
+ // make sure you use that class for is_override
+ InstanceKlass* supermethodholder = super_method->method_holder();
 #ifndef PRODUCT
  Symbol* name= target_method()->name();
  Symbol* signature = target_method()->signature();
  assert(super_method->name() == name && super_method->signature() == signature, "vtable entry name/sig mismatch");
 #endif
- if (supersuperklass->is_override(methodHandle(THREAD, super_method), target_loader, target_classname, THREAD)) {
+
+ if (supermethodholder->is_override(methodHandle(THREAD, super_method), target_loader, target_classname, THREAD)) {
  if (log_develop_is_enabled(Trace, vtables)) {
  ResourceMark rm(THREAD);
  LogTarget(Trace, vtables) lt;
  LogStream ls(lt);
  char* sig = target_method()->name_and_sig_as_C_string();
  ls.print("transitive overriding superclass %s with %s index %d, original flags: ",
- supersuperklass->internal_name(),
+ supermethodholder->internal_name(),
  sig, vtable_index);
  super_method->print_linkage_flags(&ls);
  ls.print("overriders flags: ");

src/java.base/share/classes/com/sun/crypto/provider/JceKeyStore.java

@@ -26,6 +26,7 @@
 package com.sun.crypto.provider;
 
 import sun.security.util.Debug;
+import sun.security.util.IOUtils;
 
 import java.io.*;
 import java.util.*;
@@ -73,7 +74,7 @@ public final class JceKeyStore extends KeyStoreSpi {
  private static final class PrivateKeyEntry {
  Date date; // the creation date of this entry
  byte[] protectedKey;
- Certificate chain[];
+ Certificate[] chain;
  };
 
  // Secret key
@@ -742,51 +743,36 @@ public void engineLoad(InputStream stream, char[] password)
  entry.date = new Date(dis.readLong());
 
  // read the private key
- try {
- entry.protectedKey = new byte[dis.readInt()];
- } catch (OutOfMemoryError e) {
- throw new IOException("Keysize too big");
- }
- dis.readFully(entry.protectedKey);
+ entry.protectedKey = IOUtils.readExactlyNBytes(dis, dis.readInt());
 
  // read the certificate chain
  int numOfCerts = dis.readInt();
- try {
- if (numOfCerts > 0) {
- entry.chain = new Certificate[numOfCerts];
- }
- } catch (OutOfMemoryError e) {
- throw new IOException("Too many certificates in "
- + "chain");
- }
+ List<Certificate> tmpCerts = new ArrayList<>();
  for (int j = 0; j < numOfCerts; j++) {
  if (xVersion == 2) {
  // read the certificate type, and instantiate a
  // certificate factory of that type (reuse
  // existing factory if possible)
  String certType = dis.readUTF();
  if (cfs.containsKey(certType)) {
- // reuse certificate factory
+  // reuse certificate factory
  cf = cfs.get(certType);
  } else {
- // create new certificate factory
+  // create new certificate factory
  cf = CertificateFactory.getInstance(
  certType);
- // store the certificate factory so we can
- // reuse it later
+  // store the certificate factory so we can
+  // reuse it later
  cfs.put(certType, cf);
  }
  }
  // instantiate the certificate
- try {
- encoded = new byte[dis.readInt()];
- } catch (OutOfMemoryError e) {
- throw new IOException("Certificate too big");
- }
- dis.readFully(encoded);
+ encoded = IOUtils.readExactlyNBytes(dis, dis.readInt());
  bais = new ByteArrayInputStream(encoded);
- entry.chain[j] = cf.generateCertificate(bais);
+ tmpCerts.add(cf.generateCertificate(bais));
  }
+ entry.chain = tmpCerts.toArray(
+ new Certificate[numOfCerts]);
 
  // Add the entry to the list
  entries.put(alias, entry);
@@ -818,12 +804,7 @@ public void engineLoad(InputStream stream, char[] password)
  cfs.put(certType, cf);
  }
  }
- try {
- encoded = new byte[dis.readInt()];
- } catch (OutOfMemoryError e) {
- throw new IOException("Certificate too big");
- }
- dis.readFully(encoded);
+ encoded = IOUtils.readExactlyNBytes(dis, dis.readInt());
  bais = new ByteArrayInputStream(encoded);
  entry.cert = cf.generateCertificate(bais);
 
@@ -882,18 +863,14 @@ public void engineLoad(InputStream stream, char[] password)
  * with
  */
  if (password != null) {
- byte computed[], actual[];
- computed = md.digest();
- actual = new byte[computed.length];
- dis.readFully(actual);
- for (int i = 0; i < computed.length; i++) {
- if (computed[i] != actual[i]) {
- throw new IOException(
+ byte[] computed = md.digest();
+ byte[] actual = IOUtils.readExactlyNBytes(dis, computed.length);
+ if (!MessageDigest.isEqual(computed, actual)) {
+ throw new IOException(
  "Keystore was tampered with, or "
  + "password was incorrect",
- new UnrecoverableKeyException(
- "Password verification failed"));
- }
+ new UnrecoverableKeyException(
+ "Password verification failed"));
  }
  }
  } finally {

src/java.base/share/classes/java/io/ObjectInputFilter.java

@@ -35,6 +35,7 @@
 import java.util.function.Function;
 
 import jdk.internal.access.SharedSecrets;
+import jdk.internal.util.StaticProperty;
 
 /**
  * Filter classes, array lengths, and graph metrics during deserialization.
@@ -205,15 +206,17 @@ enum Status {
  * <p>
  * The filter is configured during the initialization of the {@code ObjectInputFilter.Config}
  * class. For example, by calling {@link #getSerialFilter() Config.getSerialFilter}.
- * If the system property {@systemProperty jdk.serialFilter} is defined, it is used
- * to configure the filter.
- * If the system property is not defined, and the {@link java.security.Security}
- * property {@code jdk.serialFilter} is defined then it is used to configure the filter.
- * Otherwise, the filter is not configured during initialization.
+ * If the system property {@systemProperty jdk.serialFilter} is defined on the command line,
+ * it is used to configure the filter.
+ * If the system property is not defined on the command line, and the
+ * {@link java.security.Security} property {@code jdk.serialFilter} is defined
+ * then it is used to configure the filter.
+ * Otherwise, the filter is not configured during initialization and
+ * can be set with {@link #setSerialFilter(ObjectInputFilter) Config.setSerialFilter}.
+ * Setting the {@code jdk.serialFilter} with {@link System#setProperty(String, String)
+ * System.setProperty} <em>does not set the filter</em>.
  * The syntax for each property is the same as for the
  * {@link #createFilter(String) createFilter} method.
- * If a filter is not configured, it can be set with
- * {@link #setSerialFilter(ObjectInputFilter) Config.setSerialFilter}.
  *
  * @since 9
  */
@@ -256,7 +259,7 @@ static void filterLog(System.Logger.Level level, String msg, Object... args) {
  static {
  configuredFilter = AccessController
  .doPrivileged((PrivilegedAction<ObjectInputFilter>) () -> {
- String props = System.getProperty(SERIAL_FILTER_PROPNAME);
+ String props = StaticProperty.jdkSerialFilter();
  if (props == null) {
  props = Security.getProperty(SERIAL_FILTER_PROPNAME);
  }

src/java.base/share/classes/java/io/ObjectInputStream.java

@@ -453,16 +453,50 @@ protected ObjectInputStream() throws IOException, SecurityException {
  * @throws IOException Any of the usual Input/Output related exceptions.
  */
  public final Object readObject()
+ throws IOException, ClassNotFoundException {
+ return readObject(Object.class);
+ }
+
+ /**
+ * Reads a String and only a string.
+ *
+ * @return the String read
+ * @throws EOFException If end of file is reached.
+ * @throws IOException If other I/O error has occurred.
+ */
+ private String readString() throws IOException {
+ try {
+ return (String) readObject(String.class);
+ } catch (ClassNotFoundException cnf) {
+ throw new IllegalStateException(cnf);
+ }
+ }
+
+ /**
+ * Internal method to read an object from the ObjectInputStream of the expected type.
+ * Called only from {@code readObject()} and {@code readString()}.
+ * Only {@code Object.class} and {@code String.class} are supported.
+ *
+ * @param type the type expected; either Object.class or String.class
+ * @return an object of the type
+ * @throws IOException Any of the usual Input/Output related exceptions.
+ * @throws ClassNotFoundException Class of a serialized object cannot be
+ * found.
+ */
+ private final Object readObject(Class<?> type)
  throws IOException, ClassNotFoundException
  {
  if (enableOverride) {
  return readObjectOverride();
  }
 
+ if (! (type == Object.class || type == String.class))
+ throw new AssertionError("internal error");
+
  // if nested read, passHandle contains handle of enclosing object
  int outerHandle = passHandle;
  try {
- Object obj = readObject0(false);
+ Object obj = readObject0(type, false);
  handles.markDependency(outerHandle, passHandle);
  ClassNotFoundException ex = handles.lookupException(passHandle);
  if (ex != null) {
@@ -557,7 +591,7 @@ public Object readUnshared() throws IOException, ClassNotFoundException {
  // if nested read, passHandle contains handle of enclosing object
  int outerHandle = passHandle;
  try {
- Object obj = readObject0(true);
+ Object obj = readObject0(Object.class, true);
  handles.markDependency(outerHandle, passHandle);
  ClassNotFoundException ex = handles.lookupException(passHandle);
  if (ex != null) {
@@ -1577,8 +1611,10 @@ private void clear() {
 
  /**
  * Underlying readObject implementation.
+ * @param type a type expected to be deserialized; non-null
+ * @param unshared true if the object can not be a reference to a shared object, otherwise false
  */
- private Object readObject0(boolean unshared) throws IOException {
+ private Object readObject0(Class<?> type, boolean unshared) throws IOException {
  boolean oldMode = bin.getBlockDataMode();
  if (oldMode) {
  int remain = bin.currentBlockRemaining();
@@ -1610,29 +1646,48 @@ private Object readObject0(boolean unshared) throws IOException {
  return readNull();
 
  case TC_REFERENCE:
- return readHandle(unshared);
+ // check the type of the existing object
+ return type.cast(readHandle(unshared));
 
  case TC_CLASS:
+ if (type == String.class) {
+ throw new ClassCastException("Cannot cast a class to java.lang.String");
+ }
  return readClass(unshared);
 
  case TC_CLASSDESC:
  case TC_PROXYCLASSDESC:
+ if (type == String.class) {
+ throw new ClassCastException("Cannot cast a class to java.lang.String");
+ }
  return readClassDesc(unshared);
 
  case TC_STRING:
  case TC_LONGSTRING:
  return checkResolve(readString(unshared));
 
  case TC_ARRAY:
+ if (type == String.class) {
+ throw new ClassCastException("Cannot cast an array to java.lang.String");
+ }
  return checkResolve(readArray(unshared));
 
  case TC_ENUM:
+ if (type == String.class) {
+ throw new ClassCastException("Cannot cast an enum to java.lang.String");
+ }
  return checkResolve(readEnum(unshared));
 
  case TC_OBJECT:
+ if (type == String.class) {
+ throw new ClassCastException("Cannot cast an object to java.lang.String");
+ }
  return checkResolve(readOrdinaryObject(unshared));
 
  case TC_EXCEPTION:
+ if (type == String.class) {
+ throw new ClassCastException("Cannot cast an exception to java.lang.String");
+ }
  IOException ex = readFatalException();
  throw new WriteAbortedException("writing aborted", ex);
 
@@ -2004,7 +2059,7 @@ private Object readArray(boolean unshared) throws IOException {
 
  if (ccl == null) {
  for (int i = 0; i < len; i++) {
- readObject0(false);
+ readObject0(Object.class, false);
  }
  } else if (ccl.isPrimitive()) {
  if (ccl == Integer.TYPE) {
@@ -2029,7 +2084,7 @@ private Object readArray(boolean unshared) throws IOException {
  } else {
  Object[] oa = (Object[]) array;
  for (int i = 0; i < len; i++) {
- oa[i] = readObject0(false);
+ oa[i] = readObject0(Object.class, false);
  handles.markDependency(arrayHandle, passHandle);
  }
  }
@@ -2393,7 +2448,7 @@ private void skipCustomData() throws IOException {
  return;
 
  default:
- readObject0(false);
+ readObject0(Object.class, false);
  break;
  }
  }
@@ -2438,7 +2493,7 @@ private FieldValues defaultReadFields(Object obj, ObjectStreamClass desc)
  int numPrimFields = fields.length - objVals.length;
  for (int i = 0; i < objVals.length; i++) {
  ObjectStreamField f = fields[numPrimFields + i];
- objVals[i] = readObject0(f.isUnshared());
+ objVals[i] = readObject0(Object.class, f.isUnshared());
  if (f.getField() != null) {
  handles.markDependency(objHandle, passHandle);
  }
@@ -2479,7 +2534,7 @@ private IOException readFatalException() throws IOException {
  throw new InternalError();
  }
  clear();
- return (IOException) readObject0(false);
+ return (IOException) readObject0(Object.class, false);
  }
 
  /**
@@ -2601,7 +2656,7 @@ void readFields() throws IOException {
  int numPrimFields = fields.length - objVals.length;
  for (int i = 0; i < objVals.length; i++) {
  objVals[i] =
- readObject0(fields[numPrimFields + i].isUnshared());
+ readObject0(Object.class, fields[numPrimFields + i].isUnshared());
  objHandles[i] = passHandle;
  }
  passHandle = oldHandle;
@@ -4090,6 +4145,7 @@ private static Object cloneArray(Object array) {
 
  static {
  SharedSecrets.setJavaObjectInputStreamAccess(ObjectInputStream::checkArray);
+ SharedSecrets.setJavaObjectInputStreamReadString(ObjectInputStream::readString);
  }
 
 }

src/java.base/share/classes/java/net/AbstractPlainDatagramSocketImpl.java

@@ -97,7 +97,7 @@ protected synchronized void create() throws SocketException {
  fd = new FileDescriptor();
  try {
  datagramSocketCreate();
- SocketCleanable.register(fd);
+ SocketCleanable.register(fd, false);
  } catch (SocketException ioe) {
  ResourceManager.afterUdpClose();
  fd = null;