diff --git a/jdk/src/share/classes/sun/java2d/SunGraphics2D.java b/jdk/src/share/classes/sun/java2d/SunGraphics2D.java index 2cec864966b..590b53de389 100644 --- a/jdk/src/share/classes/sun/java2d/SunGraphics2D.java +++ b/jdk/src/share/classes/sun/java2d/SunGraphics2D.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -2152,27 +2152,33 @@ private void doCopyArea(int x, int y, int w, int h, int dx, int dy) { } Blit ob = lastCAblit; - if (dy == 0 && dx > 0 && dx < w) { - while (w > 0) { - int partW = Math.min(w, dx); - w -= partW; - int sx = x + w; - ob.Blit(theData, theData, comp, clip, - sx, y, sx+dx, y+dy, partW, h); + try { + if (dy == 0 && dx > 0 && dx < w) { + while (w > 0) { + int partW = Math.min(w, dx); + w -= partW; + int sx = Math.addExact(x, w); + ob.Blit(theData, theData, comp, clip, + sx, y, sx+dx, y+dy, partW, h); + } + return; } - return; - } - if (dy > 0 && dy < h && dx > -w && dx < w) { - while (h > 0) { - int partH = Math.min(h, dy); - h -= partH; - int sy = y + h; - ob.Blit(theData, theData, comp, clip, - x, sy, x+dx, sy+dy, w, partH); + if (dy > 0 && dy < h && dx > -w && dx < w) { + while (h > 0) { + int partH = Math.min(h, dy); + h -= partH; + int sy = Math.addExact(y, h); + ob.Blit(theData, theData, comp, clip, + x, sy, Math.addExact(x, dx), sy+dy, w, partH); + } + return; } + ob.Blit(theData, theData, comp, clip, x, y, + Math.addExact(x, dx), Math.addExact(y, dy), w, h); + } catch (ArithmeticException ex) { + // We are hitting integer overflow in Math.addExact() return; } - ob.Blit(theData, theData, comp, clip, x, y, x+dx, y+dy, w, h); } /* diff --git a/jdk/src/share/classes/sun/java2d/pipe/DrawImage.java b/jdk/src/share/classes/sun/java2d/pipe/DrawImage.java index cfa130b8199..3f439772929 100644 --- a/jdk/src/share/classes/sun/java2d/pipe/DrawImage.java +++ b/jdk/src/share/classes/sun/java2d/pipe/DrawImage.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2001, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2001, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -367,6 +367,13 @@ protected void renderImageXform(SunGraphics2D sg, Image img, final AffineTransform itx; try { itx = tx.createInverse(); + double[] mat = new double[6]; + itx.getMatrix(mat); + for (double d : mat) { + if (!Double.isFinite(d)) { + return; + } + } } catch (final NoninvertibleTransformException ignored) { // Non-invertible transform means no output return; diff --git a/jdk/src/share/native/com/sun/java/util/jar/pack/defines.h b/jdk/src/share/native/com/sun/java/util/jar/pack/defines.h index 3d98dd11466..d0ca7fce83d 100644 --- a/jdk/src/share/native/com/sun/java/util/jar/pack/defines.h +++ b/jdk/src/share/native/com/sun/java/util/jar/pack/defines.h @@ -86,9 +86,9 @@ extern int assert_failed(const char*); #define lengthof(array) (sizeof(array)/sizeof(array[0])) -#define NEW(T, n) (T*) must_malloc((int)(scale_size(n, sizeof(T)))) -#define U_NEW(T, n) (T*) u->alloc(scale_size(n, sizeof(T))) -#define T_NEW(T, n) (T*) u->temp_alloc(scale_size(n, sizeof(T))) +#define NEW(T, n) (T*) must_calloc(n, sizeof(T)) +#define U_NEW(T, n) (T*) u->calloc(n, sizeof(T)) +#define T_NEW(T, n) (T*) u->temp_calloc(n, sizeof(T)) // bytes and byte arrays diff --git a/jdk/src/share/native/com/sun/java/util/jar/pack/unpack.cpp b/jdk/src/share/native/com/sun/java/util/jar/pack/unpack.cpp index 56f391b1e87..a585535c513 100644 --- a/jdk/src/share/native/com/sun/java/util/jar/pack/unpack.cpp +++ b/jdk/src/share/native/com/sun/java/util/jar/pack/unpack.cpp @@ -507,19 +507,20 @@ static int hash_probes[] = {0, 0}; enum { CHUNK = (1 << 14), SMALL = (1 << 9) }; -// Call malloc. Try to combine small blocks and free much later. -void* unpacker::alloc_heap(size_t size, bool smallOK, bool temp) { - if (!smallOK || size > SMALL) { - void* res = must_malloc((int)size); +// Call calloc. Try to combine small blocks and free much later. +void* unpacker::calloc_heap(size_t count, size_t size, bool smallOK, bool temp) { + size_t ssize = scale_size(count, size); + if (!smallOK || ssize > SMALL) { + void* res = must_calloc(count, size); (temp ? &tmallocs : &mallocs)->add(res); return res; } fillbytes& xsmallbuf = *(temp ? &tsmallbuf : &smallbuf); - if (!xsmallbuf.canAppend(size+1)) { + if (!xsmallbuf.canAppend(ssize+1)) { xsmallbuf.init(CHUNK); (temp ? &tmallocs : &mallocs)->add(xsmallbuf.base()); } - int growBy = (int)size; + int growBy = (int)ssize; growBy += -growBy & 7; // round up mod 8 return xsmallbuf.grow(growBy); } @@ -984,10 +985,6 @@ void cpool::init(unpacker* u_, int counts[CONSTANT_Limit]) { tag_index[tag].init(tag_count[tag], cpMap, tag); } - // Initialize *all* our entries once - for (int i = 0 ; i < maxentries ; i++) - entries[i].outputIndex = REQUESTED_NONE; - initGroupIndexes(); // Initialize hashTab to a generous power-of-two size. uint pow2 = 1; @@ -1057,7 +1054,7 @@ static int compare_Utf8_chars(bytes& b1, bytes& b2) { // Cf. PackageReader.readUtf8Bands local_inline -void unpacker::read_Utf8_values(entry* cpMap, int len) { +void unpacker::read_Utf8_values(entry* cpMap, int len, byte tag) { // Implicit first Utf8 string is the empty string. enum { // certain bands begin with implicit zeroes @@ -1083,10 +1080,11 @@ void unpacker::read_Utf8_values(entry* cpMap, int len) { int nbigsuf = 0; fillbytes charbuf; // buffer to allocate small strings charbuf.init(); - // Third band: Read the char values in the unshared suffixes: cp_Utf8_chars.readData(cp_Utf8_suffix.getIntTotal()); for (i = 0; i < len; i++) { + cp.initValues(cpMap[i], tag, i); + int suffix = (i < SUFFIX_SKIP_1)? 0: cp_Utf8_suffix.getInt(); if (suffix < 0) { abort("bad utf8 suffix"); @@ -1235,28 +1233,32 @@ void unpacker::read_Utf8_values(entry* cpMap, int len) { } local_inline -void unpacker::read_single_words(band& cp_band, entry* cpMap, int len) { +void unpacker::read_single_words(band& cp_band, entry* cpMap, int len, byte tag, int loadable_base) { cp_band.readData(len); for (int i = 0; i < len; i++) { - cpMap[i].value.i = cp_band.getInt(); // coding handles signs OK + entry& e = cpMap[i]; + cp.initValues(e, tag, i, loadable_base); + e.value.i = cp_band.getInt(); // coding handles signs OK } } maybe_inline -void unpacker::read_double_words(band& cp_bands, entry* cpMap, int len) { +void unpacker::read_double_words(band& cp_bands, entry* cpMap, int len, byte tag, int loadable_base) { band& cp_band_hi = cp_bands; band& cp_band_lo = cp_bands.nextBand(); cp_band_hi.readData(len); cp_band_lo.readData(len); for (int i = 0; i < len; i++) { - cpMap[i].value.l = cp_band_hi.getLong(cp_band_lo, true); + entry& e = cpMap[i]; + cp.initValues(e, tag, i, loadable_base); + e.value.l = cp_band_hi.getLong(cp_band_lo, true); } //cp_band_hi.done(); //cp_band_lo.done(); } maybe_inline -void unpacker::read_single_refs(band& cp_band, byte refTag, entry* cpMap, int len) { +void unpacker::read_single_refs(band& cp_band, byte refTag, entry* cpMap, int len, byte tag, int loadable_base) { assert(refTag == CONSTANT_Utf8); cp_band.setIndexByTag(refTag); cp_band.readData(len); @@ -1264,6 +1266,7 @@ void unpacker::read_single_refs(band& cp_band, byte refTag, entry* cpMap, int le int indexTag = (cp_band.bn == e_cp_Class) ? CONSTANT_Class : 0; for (int i = 0; i < len; i++) { entry& e = cpMap[i]; + cp.initValues(e, tag, i, loadable_base); e.refs = U_NEW(entry*, e.nrefs = 1); entry* utf = cp_band.getRef(); CHECK; @@ -1284,7 +1287,7 @@ void unpacker::read_single_refs(band& cp_band, byte refTag, entry* cpMap, int le maybe_inline void unpacker::read_double_refs(band& cp_band, byte ref1Tag, byte ref2Tag, - entry* cpMap, int len) { + entry* cpMap, int len, byte tag) { band& cp_band1 = cp_band; band& cp_band2 = cp_band.nextBand(); cp_band1.setIndexByTag(ref1Tag); @@ -1294,6 +1297,7 @@ void unpacker::read_double_refs(band& cp_band, byte ref1Tag, byte ref2Tag, CHECK; for (int i = 0; i < len; i++) { entry& e = cpMap[i]; + cp.initValues(e, tag, i); e.refs = U_NEW(entry*, e.nrefs = 2); e.refs[0] = cp_band1.getRef(); CHECK; @@ -1306,7 +1310,7 @@ void unpacker::read_double_refs(band& cp_band, byte ref1Tag, byte ref2Tag, // Cf. PackageReader.readSignatureBands maybe_inline -void unpacker::read_signature_values(entry* cpMap, int len) { +void unpacker::read_signature_values(entry* cpMap, int len, byte tag) { cp_Signature_form.setIndexByTag(CONSTANT_Utf8); cp_Signature_form.readData(len); CHECK; @@ -1314,6 +1318,7 @@ void unpacker::read_signature_values(entry* cpMap, int len) { int i; for (i = 0; i < len; i++) { entry& e = cpMap[i]; + cp.initValues(e, tag, i); entry& form = *cp_Signature_form.getRef(); CHECK; int nc = 0; @@ -1350,7 +1355,7 @@ void unpacker::checkLegacy(const char* name) { } maybe_inline -void unpacker::read_method_handle(entry* cpMap, int len) { +void unpacker::read_method_handle(entry* cpMap, int len, byte tag, int loadable_base) { if (len > 0) { checkLegacy(cp_MethodHandle_refkind.name); } @@ -1359,6 +1364,7 @@ void unpacker::read_method_handle(entry* cpMap, int len) { cp_MethodHandle_member.readData(len); for (int i = 0 ; i < len ; i++) { entry& e = cpMap[i]; + cp.initValues(e, tag, i, loadable_base); e.value.i = cp_MethodHandle_refkind.getInt(); e.refs = U_NEW(entry*, e.nrefs = 1); e.refs[0] = cp_MethodHandle_member.getRef(); @@ -1367,7 +1373,7 @@ void unpacker::read_method_handle(entry* cpMap, int len) { } maybe_inline -void unpacker::read_method_type(entry* cpMap, int len) { +void unpacker::read_method_type(entry* cpMap, int len, byte tag, int loadable_base) { if (len > 0) { checkLegacy(cp_MethodType.name); } @@ -1375,6 +1381,7 @@ void unpacker::read_method_type(entry* cpMap, int len) { cp_MethodType.readData(len); for (int i = 0 ; i < len ; i++) { entry& e = cpMap[i]; + cp.initValues(e, tag, i, loadable_base); e.refs = U_NEW(entry*, e.nrefs = 1); e.refs[0] = cp_MethodType.getRef(); CHECK; @@ -1382,7 +1389,7 @@ void unpacker::read_method_type(entry* cpMap, int len) { } maybe_inline -void unpacker::read_bootstrap_methods(entry* cpMap, int len) { +void unpacker::read_bootstrap_methods(entry* cpMap, int len, byte tag) { if (len > 0) { checkLegacy(cp_BootstrapMethod_ref.name); } @@ -1396,6 +1403,7 @@ void unpacker::read_bootstrap_methods(entry* cpMap, int len) { for (int i = 0; i < len; i++) { entry& e = cpMap[i]; int argc = cp_BootstrapMethod_arg_count.getInt(); + cp.initValues(e, tag, i); e.value.i = argc; e.refs = U_NEW(entry*, e.nrefs = argc + 1); e.refs[0] = cp_BootstrapMethod_ref.getRef(); @@ -1405,23 +1413,22 @@ void unpacker::read_bootstrap_methods(entry* cpMap, int len) { } } } + +static bool isLoadableValue(int tag); // Cf. PackageReader.readConstantPool void unpacker::read_cp() { byte* rp0 = rp; - - int i; + uint cpentries = 0; + int loadable_count = 0; for (int k = 0; k < (int)N_TAGS_IN_ORDER; k++) { byte tag = TAGS_IN_ORDER[k]; int len = cp.tag_count[tag]; int base = cp.tag_base[tag]; + int loadable_base = -1; PRINTCR((1,"Reading %d %s entries...", len, NOT_PRODUCT(TAG_NAME[tag])+0)); entry* cpMap = &cp.entries[base]; - for (i = 0; i < len; i++) { - cpMap[i].tag = tag; - cpMap[i].inord = i; - } // Initialize the tag's CP index right away, since it might be needed // in the next pass to initialize the CP for another tag. #ifndef PRODUCT @@ -1431,67 +1438,73 @@ void unpacker::read_cp() { assert(ix->base1 == cpMap); #endif + if (isLoadableValue(tag)) { + loadable_base = loadable_count; + loadable_count += len; + } + + cpentries += len; switch (tag) { case CONSTANT_Utf8: - read_Utf8_values(cpMap, len); + read_Utf8_values(cpMap, len, tag); break; case CONSTANT_Integer: - read_single_words(cp_Int, cpMap, len); + read_single_words(cp_Int, cpMap, len, tag, loadable_base); break; case CONSTANT_Float: - read_single_words(cp_Float, cpMap, len); + read_single_words(cp_Float, cpMap, len, tag, loadable_base); break; case CONSTANT_Long: - read_double_words(cp_Long_hi /*& cp_Long_lo*/, cpMap, len); + read_double_words(cp_Long_hi /*& cp_Long_lo*/, cpMap, len, tag, loadable_base); break; case CONSTANT_Double: - read_double_words(cp_Double_hi /*& cp_Double_lo*/, cpMap, len); + read_double_words(cp_Double_hi /*& cp_Double_lo*/, cpMap, len, tag, loadable_base); break; case CONSTANT_String: - read_single_refs(cp_String, CONSTANT_Utf8, cpMap, len); + read_single_refs(cp_String, CONSTANT_Utf8, cpMap, len, tag, loadable_base); break; case CONSTANT_Class: - read_single_refs(cp_Class, CONSTANT_Utf8, cpMap, len); + read_single_refs(cp_Class, CONSTANT_Utf8, cpMap, len, tag, loadable_base); break; case CONSTANT_Signature: - read_signature_values(cpMap, len); + read_signature_values(cpMap, len, tag); break; case CONSTANT_NameandType: read_double_refs(cp_Descr_name /*& cp_Descr_type*/, CONSTANT_Utf8, CONSTANT_Signature, - cpMap, len); + cpMap, len, tag); break; case CONSTANT_Fieldref: read_double_refs(cp_Field_class /*& cp_Field_desc*/, CONSTANT_Class, CONSTANT_NameandType, - cpMap, len); + cpMap, len, tag); break; case CONSTANT_Methodref: read_double_refs(cp_Method_class /*& cp_Method_desc*/, CONSTANT_Class, CONSTANT_NameandType, - cpMap, len); + cpMap, len, tag); break; case CONSTANT_InterfaceMethodref: read_double_refs(cp_Imethod_class /*& cp_Imethod_desc*/, CONSTANT_Class, CONSTANT_NameandType, - cpMap, len); + cpMap, len, tag); break; case CONSTANT_MethodHandle: // consumes cp_MethodHandle_refkind and cp_MethodHandle_member - read_method_handle(cpMap, len); + read_method_handle(cpMap, len, tag, loadable_base); break; case CONSTANT_MethodType: // consumes cp_MethodType - read_method_type(cpMap, len); + read_method_type(cpMap, len, tag, loadable_base); break; case CONSTANT_InvokeDynamic: read_double_refs(cp_InvokeDynamic_spec, CONSTANT_BootstrapMethod, CONSTANT_NameandType, - cpMap, len); + cpMap, len, tag); break; case CONSTANT_BootstrapMethod: // consumes cp_BootstrapMethod_ref, cp_BootstrapMethod_arg_count and cp_BootstrapMethod_arg - read_bootstrap_methods(cpMap, len); + read_bootstrap_methods(cpMap, len, tag); break; default: assert(false); @@ -1500,6 +1513,11 @@ void unpacker::read_cp() { CHECK; } + // Initialize extra entries + for (; cpentries < cp.maxentries; cpentries++) { + cp.entries[cpentries].outputIndex = REQUESTED_NONE; + } + cp.expandSignatures(); CHECK; cp.initMemberIndexes(); @@ -3372,25 +3390,15 @@ bool isLoadableValue(int tag) { return false; } } -/* - * this method can be used to size an array using null as the parameter, - * thereafter can be reused to initialize the array using a valid pointer - * as a parameter. - */ -int cpool::initLoadableValues(entry** loadable_entries) { - int loadable_count = 0; - for (int i = 0; i < (int)N_TAGS_IN_ORDER; i++) { - int tag = TAGS_IN_ORDER[i]; - if (!isLoadableValue(tag)) - continue; - if (loadable_entries != NULL) { - for (int n = 0 ; n < tag_count[tag] ; n++) { - loadable_entries[loadable_count + n] = &entries[tag_base[tag] + n]; - } - } - loadable_count += tag_count[tag]; + +void cpool::initValues(entry& e, byte tag, int n, int loadable_base) { + e.tag = tag; + e.inord = n; + e.outputIndex = REQUESTED_NONE; + if (loadable_base >= 0) { + entry** loadable_entries = tag_group_index[CONSTANT_LoadableValue - CONSTANT_All].base2; + loadable_entries[loadable_base + n] = &e; } - return loadable_count; } // Initialize various views into the constant pool. @@ -3405,9 +3413,14 @@ void cpool::initGroupIndexes() { tag_group_index[CONSTANT_All - CONSTANT_All].init(all_count, all_entries, CONSTANT_All); // Initialize LoadableValues - int loadable_count = initLoadableValues(NULL); + int loadable_count = 0; + for (int i = 0; i < (int)N_TAGS_IN_ORDER; i++) { + int tag = TAGS_IN_ORDER[i]; + if (isLoadableValue(tag)) { + loadable_count += tag_count[tag]; + } + } entry** loadable_entries = U_NEW(entry*, loadable_count); - initLoadableValues(loadable_entries); tag_group_count[CONSTANT_LoadableValue - CONSTANT_All] = loadable_count; tag_group_index[CONSTANT_LoadableValue - CONSTANT_All].init(loadable_count, loadable_entries, CONSTANT_LoadableValue); diff --git a/jdk/src/share/native/com/sun/java/util/jar/pack/unpack.h b/jdk/src/share/native/com/sun/java/util/jar/pack/unpack.h index cec7a88b24e..4ec595333c4 100644 --- a/jdk/src/share/native/com/sun/java/util/jar/pack/unpack.h +++ b/jdk/src/share/native/com/sun/java/util/jar/pack/unpack.h @@ -130,7 +130,7 @@ struct cpool { void expandSignatures(); void initGroupIndexes(); void initMemberIndexes(); - int initLoadableValues(entry** loadable_entries); + void initValues(entry& e, byte tag, int n, int loadable_base=-1); void computeOutputOrder(); void computeOutputIndexes(); @@ -411,9 +411,9 @@ struct unpacker { file* get_next_file(); // returns null on last file // General purpose methods - void* alloc(size_t size) { return alloc_heap(size, true); } - void* temp_alloc(size_t size) { return alloc_heap(size, true, true); } - void* alloc_heap(size_t size, bool smallOK = false, bool temp = false); + void* calloc(size_t count, size_t size) { return calloc_heap(count, size, true); } + void* temp_calloc(size_t count, size_t size) { return calloc_heap(count, size, true, true); } + void* calloc_heap(size_t count, size_t size, bool smallOK = false, bool temp = false); void saveTo(bytes& b, const char* str) { saveTo(b, (byte*)str, strlen(str)); } void saveTo(bytes& b, bytes& data) { saveTo(b, data.ptr, data.len); } void saveTo(bytes& b, byte* ptr, size_t len); //{ b.ptr = U_NEW...} @@ -494,15 +494,15 @@ struct unpacker { void read_bcs(); void read_bc_ops(); void read_files(); - void read_Utf8_values(entry* cpMap, int len); - void read_single_words(band& cp_band, entry* cpMap, int len); - void read_double_words(band& cp_bands, entry* cpMap, int len); - void read_single_refs(band& cp_band, byte refTag, entry* cpMap, int len); - void read_double_refs(band& cp_band, byte ref1Tag, byte ref2Tag, entry* cpMap, int len); - void read_signature_values(entry* cpMap, int len); - void read_method_handle(entry* cpMap, int len); - void read_method_type(entry* cpMap, int len); - void read_bootstrap_methods(entry* cpMap, int len); + void read_Utf8_values(entry* cpMap, int len, byte tag); + void read_single_words(band& cp_band, entry* cpMap, int len, byte tag, int loadable_base); + void read_double_words(band& cp_bands, entry* cpMap, int len, byte tag, int loadable_base); + void read_single_refs(band& cp_band, byte refTag, entry* cpMap, int len, byte tag, int loadable_base); + void read_double_refs(band& cp_band, byte ref1Tag, byte ref2Tag, entry* cpMap, int len, byte tag); + void read_signature_values(entry* cpMap, int len, byte tag); + void read_method_handle(entry* cpMap, int len, byte tag, int loadable_base); + void read_method_type(entry* cpMap, int len, byte tag, int loadable_base); + void read_bootstrap_methods(entry* cpMap, int len, byte tag); }; inline void cpool::abort(const char* msg) { u->abort(msg); } diff --git a/jdk/src/share/native/com/sun/java/util/jar/pack/utils.cpp b/jdk/src/share/native/com/sun/java/util/jar/pack/utils.cpp index e5197e1a3f1..da39a589545 100644 --- a/jdk/src/share/native/com/sun/java/util/jar/pack/utils.cpp +++ b/jdk/src/share/native/com/sun/java/util/jar/pack/utils.cpp @@ -46,19 +46,19 @@ #include "unpack.h" -void* must_malloc(size_t size) { - size_t msize = size; +void* must_calloc(size_t count, size_t size) { + size_t msize = scale_size(count, size); #ifdef USE_MTRACE - if (msize >= 0 && msize < sizeof(int)) - msize = sizeof(int); // see 0xbaadf00d below + if (msize >= 0 && msize < sizeof(int)) { + size = msize = sizeof(int); // see 0xbaadf00d below + count = 1; + } #endif - void* ptr = (msize > PSIZE_MAX || msize <= 0) ? null : malloc(msize); - if (ptr != null) { - memset(ptr, 0, size); - } else { + void* ptr = (msize > PSIZE_MAX || msize <= 0) ? null : calloc(count, size); + if (ptr == null) { unpack_abort(ERROR_ENOMEM); } - mtrace('m', ptr, size); + mtrace('m', ptr, msize); return ptr; } diff --git a/jdk/src/share/native/com/sun/java/util/jar/pack/utils.h b/jdk/src/share/native/com/sun/java/util/jar/pack/utils.h index 89619316a0e..ffe0acded4e 100644 --- a/jdk/src/share/native/com/sun/java/util/jar/pack/utils.h +++ b/jdk/src/share/native/com/sun/java/util/jar/pack/utils.h @@ -25,7 +25,7 @@ //Definitions of our util functions -void* must_malloc(size_t size); +void* must_calloc(size_t count, size_t size); #ifndef USE_MTRACE #define mtrace(c, ptr, size) #else diff --git a/jdk/src/share/native/sun/java2d/SurfaceData.h b/jdk/src/share/native/sun/java2d/SurfaceData.h index 349aad1b2e2..5083ae5de1e 100644 --- a/jdk/src/share/native/sun/java2d/SurfaceData.h +++ b/jdk/src/share/native/sun/java2d/SurfaceData.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -32,6 +32,7 @@ #define _Included_SurfaceData #include +#include #ifdef __cplusplus extern "C" { @@ -53,6 +54,14 @@ typedef struct { #define SD_RASINFO_PRIVATE_SIZE 64 +#define UNSAFE_TO_ADD(a, b) \ + (((a >= 0) && (b >= 0) && (a > (INT_MAX - b))) || \ + ((a < 0) && (b < 0) && (a < (INT_MIN - b)))) \ + +#define UNSAFE_TO_SUB(a, b) \ + (((b >= 0) && (a < 0) && (a < (INT_MIN + b))) || \ + ((b < 0) && (a >= 0) && (-b > (INT_MAX - a)))) \ + /* * The SurfaceDataRasInfo structure is used to pass in and return various * pieces of information about the destination drawable. In particular: diff --git a/jdk/src/share/native/sun/java2d/loops/MaskBlit.c b/jdk/src/share/native/sun/java2d/loops/MaskBlit.c index 21b716e3bcd..e8c8765dd2c 100644 --- a/jdk/src/share/native/sun/java2d/loops/MaskBlit.c +++ b/jdk/src/share/native/sun/java2d/loops/MaskBlit.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -68,14 +68,28 @@ Java_sun_java2d_loops_MaskBlit_MaskBlit return; } + if (width <= 0 || height <= 0) { + return; + } + srcInfo.bounds.x1 = srcx; srcInfo.bounds.y1 = srcy; + if (UNSAFE_TO_ADD(srcx, width) || + UNSAFE_TO_ADD(srcy, height) || + UNSAFE_TO_ADD(dstx, width) || + UNSAFE_TO_ADD(dsty, height)) { + return; + } srcInfo.bounds.x2 = srcx + width; srcInfo.bounds.y2 = srcy + height; dstInfo.bounds.x1 = dstx; dstInfo.bounds.y1 = dsty; dstInfo.bounds.x2 = dstx + width; dstInfo.bounds.y2 = dsty + height; + if (UNSAFE_TO_SUB(srcx, dstx) || + UNSAFE_TO_SUB(srcy, dsty)) { + return; + } srcx -= dstx; srcy -= dsty; SurfaceData_IntersectBounds(&dstInfo.bounds, &clipInfo.bounds); diff --git a/jdk/src/share/native/sun/java2d/loops/MaskFill.c b/jdk/src/share/native/sun/java2d/loops/MaskFill.c index 354934069c0..fe0bc406860 100644 --- a/jdk/src/share/native/sun/java2d/loops/MaskFill.c +++ b/jdk/src/share/native/sun/java2d/loops/MaskFill.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -467,7 +467,7 @@ storePgram(EdgeInfo *pLeftEdge, EdgeInfo *pRightEdge, #define INSERT_ACCUM(pACCUM, IMIN, IMAX, X0, Y0, X1, Y1, CX1, CX2, MULT) \ do { \ jdouble xmid = ((X0) + (X1)) * 0.5; \ - if (xmid <= (CX2)) { \ + if (xmid < (CX2)) { \ jdouble sliceh = ((Y1) - (Y0)); \ jdouble slicearea; \ jint i; \ @@ -556,7 +556,7 @@ fillAAPgram(NativePrimitive *pPrim, SurfaceDataRasInfo *pRasInfo, jint cy2 = pRasInfo->bounds.y2; jint width = cx2 - cx1; EdgeInfo edges[4]; - jfloat localaccum[MASK_BUF_LEN + 1]; + jfloat localaccum[MASK_BUF_LEN + 2]; jfloat *pAccum; if (!storePgram(edges + 0, edges + 2, @@ -568,12 +568,12 @@ fillAAPgram(NativePrimitive *pPrim, SurfaceDataRasInfo *pRasInfo, } pAccum = ((width > MASK_BUF_LEN) - ? malloc((width + 1) * sizeof(jfloat)) + ? malloc((width + 2) * sizeof(jfloat)) : localaccum); if (pAccum == NULL) { return; } - memset(pAccum, 0, (width+1) * sizeof(jfloat)); + memset(pAccum, 0, (width + 2) * sizeof(jfloat)); while (cy1 < cy2) { jint lmin, lmax, rmin, rmax; @@ -794,7 +794,7 @@ drawAAPgram(NativePrimitive *pPrim, SurfaceDataRasInfo *pRasInfo, jint cy2 = pRasInfo->bounds.y2; jint width = cx2 - cx1; EdgeInfo edges[8]; - jfloat localaccum[MASK_BUF_LEN + 1]; + jfloat localaccum[MASK_BUF_LEN + 2]; jfloat *pAccum; if (!storePgram(edges + 0, edges + 6, @@ -815,12 +815,12 @@ drawAAPgram(NativePrimitive *pPrim, SurfaceDataRasInfo *pRasInfo, JNI_TRUE); pAccum = ((width > MASK_BUF_LEN) - ? malloc((width + 1) * sizeof(jfloat)) + ? malloc((width + 2) * sizeof(jfloat)) : localaccum); if (pAccum == NULL) { return; } - memset(pAccum, 0, (width+1) * sizeof(jfloat)); + memset(pAccum, 0, (width + 2) * sizeof(jfloat)); while (cy1 < cy2) { jint lmin, lmax, rmin, rmax; diff --git a/jdk/src/share/native/sun/java2d/loops/TransformHelper.c b/jdk/src/share/native/sun/java2d/loops/TransformHelper.c index dc4ab2fe3e6..4e2b06e6ff2 100644 --- a/jdk/src/share/native/sun/java2d/loops/TransformHelper.c +++ b/jdk/src/share/native/sun/java2d/loops/TransformHelper.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2004, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -120,7 +120,12 @@ TransformInterpFunc *pBicubicFunc = BicubicInterp; /* We reject coordinates not less than 1<<30 so that the distance between */ /* any 2 of them is less than 1<<31 which would overflow into the sign */ /* bit of a signed long value used to represent fixed point coordinates. */ -#define TX_FIXED_UNSAFE(v) (fabs(v) >= (1<<30)) +#if !defined(_MSC_VER) && (defined(__STDC_VERSION__) && __STDC_VERSION__ <= 199409) + #if !defined(isinf) + #define isinf(x) (!finite(x)) + #endif +#endif +#define TX_FIXED_UNSAFE(v) (isinf(v) || isnan(v) || fabs(v) >= (1<<30)) static jboolean checkOverflow(jint dxoff, jint dyoff, SurfaceDataBounds *pBounds,