[cp-patches] FYI: Final PR classpath/42390 Fixes

Dr Andrew John Hughes ahughes at redhat.com
Wed Feb 15 23:16:26 UTC 2012


The following two patches I committed fix the remaining issues reported
in PR42390:

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=42390

1.  https://lists.gnu.org/archive/html/commit-classpath/2012-02/msg00002.html
Add missing security calls in DatagramSocket.connect.
2.  https://lists.gnu.org/archive/html/commit-classpath/2012-02/msg00003.html
Access properties in a privileged block to avoid inappropriate SecurityExceptions being thrown.

ChangeLog:

2012-02-08  Andrew John Hughes  <ahughes at redhat.com>

	PR classpath/42390
	* java/nio/channels/spi/SelectorProvider.java:
	(provider()): Retrieve property value using
	PrivilegedAction.
	* java/security/KeyStore.java:
	(getDefaultType()): Likewise.

2012-02-06  Andrew John Hughes  <ahughes at redhat.com>

	PR classpath/42390
	* java/net/DatagramSocket.java:
	(connect(InetAddress,int)): Add missing security
	checks which OpenJDK performs and we don't.  It's
	possible to initialise a DatagramSocket with null
	so we should also ensure we are bound.

Patches attached.
-- 
Andrew :)

Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)

PGP Key: 248BDC07 (https://keys.indymedia.org/)
Fingerprint = EC5A 1F5E C0AD 1D15 8F1F  8F91 3B96 A578 248B DC07
-------------- next part --------------
Index: java/net/DatagramSocket.java
===================================================================
RCS file: /sources/classpath/classpath/java/net/DatagramSocket.java,v
retrieving revision 1.52
diff -u -u -r1.52 DatagramSocket.java
--- java/net/DatagramSocket.java	3 Jun 2010 19:13:02 -0000	1.52
+++ java/net/DatagramSocket.java	8 Feb 2012 14:34:20 -0000
@@ -525,7 +525,27 @@
 
     SecurityManager sm = System.getSecurityManager();
     if (sm != null)
-      sm.checkConnect(address.getHostAddress(), port);
+      {
+        if (address.isMulticastAddress())
+          sm.checkMulticast(address);
+        else
+          {
+            sm.checkConnect(address.getHostAddress(), port);
+            sm.checkAccept(address.getHostAddress(), port);
+          }
+      }
+
+    if (!isBound())
+      {
+        try
+          {
+            bind(new InetSocketAddress(0));
+          }
+        catch (SocketException e)
+          {
+            throw new Error("Binding socket failed.", e);
+          }
+      }
 
     try
       {
-------------- next part --------------
Index: java/nio/channels/spi/SelectorProvider.java
===================================================================
RCS file: /sources/classpath/classpath/java/nio/channels/spi/SelectorProvider.java,v
retrieving revision 1.14
diff -u -u -r1.14 SelectorProvider.java
--- java/nio/channels/spi/SelectorProvider.java	3 Jun 2010 19:13:03 -0000	1.14
+++ java/nio/channels/spi/SelectorProvider.java	8 Feb 2012 18:29:26 -0000
@@ -46,6 +46,8 @@
 import java.nio.channels.ServerSocketChannel;
 import java.nio.channels.SocketChannel;
 
+import java.security.AccessController;
+import java.security.PrivilegedAction;
 
 /**
  * @author Michael Koch
@@ -145,14 +147,18 @@
    * Returns the system-wide default selector provider for this invocation
    * of the Java virtual machine.
    *
-   * @return the default seletor provider
+   * @return the default selector provider
    */
   public static synchronized SelectorProvider provider()
   {
     if (systemDefaultProvider == null)
       {
-        String propertyValue =
-          System.getProperty("java.nio.channels.spi.SelectorProvider");
+        String propertyValue = AccessController.doPrivileged(new PrivilegedAction<String> () {
+            public String run()
+            {
+              return System.getProperty("java.nio.channels.spi.SelectorProvider");
+            }
+          });
 
         if (propertyValue == null || propertyValue.equals(""))
           systemDefaultProvider = new SelectorProviderImpl();
Index: java/security/KeyStore.java
===================================================================
RCS file: /sources/classpath/classpath/java/security/KeyStore.java,v
retrieving revision 1.16
diff -u -u -r1.16 KeyStore.java
--- java/security/KeyStore.java	3 Jun 2010 19:13:07 -0000	1.16
+++ java/security/KeyStore.java	8 Feb 2012 18:29:27 -0000
@@ -214,7 +214,12 @@
   {
     // Security reads every property in java.security so it
     // will return this property if it exists.
-    String tmp = Security.getProperty("keystore.type");
+    String tmp = AccessController.doPrivileged(new PrivilegedAction<String> () {
+        public String run()
+        {
+          return Security.getProperty("keystore.type");
+        }
+      });
 
     if (tmp == null)
       tmp = "gkr";
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
Url : http://developer.classpath.org/pipermail/classpath-patches/attachments/20120215/3518aa6e/attachment.pgp 


More information about the Classpath-patches mailing list