Skip to content

Commit

Permalink
Merge pull request #646 from ibmruntimes/openj9-staging
Browse files Browse the repository at this point in the history 
Merge jdk-11.0.19+7 and OpenJ9 changes to 0.38
  • Loading branch information
@keithc-ca
keithc-ca authored Apr 18, 2023
2 parents 9dfbc06 + cedb036 commit 28d562c
Show file tree
Hide file tree
Showing 34 changed files with 350 additions and 180 deletions.
2 changes: 1 addition & 1 deletion closed/openjdk-tag.gmk
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
OPENJDK_TAG := jdk-11.0.19+6
OPENJDK_TAG := jdk-11.0.19+7
2 changes: 1 addition & 1 deletion make/autoconf/version-numbers
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
#
# Copyright (c) 2011, 2020, Oracle and/or its affiliates. All rights reserved.
# Copyright (c) 2011, 2023, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
Expand Down
4 changes: 2 additions & 2 deletions src/java.base/share/classes/java/lang/ProcessBuilder.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1097,8 +1097,8 @@ private Process start(Redirect[] redirects) throws IOException {

String dir = directory == null ? null : directory.toString();

for (int i = 1; i < cmdarray.length; i++) {
if (cmdarray[i].indexOf('\u0000') >= 0) {
for (String s : cmdarray) {
if (s.indexOf('\u0000') >= 0) {
throw new IOException("invalid null character in command");
}
}
Expand Down
65 changes: 40 additions & 25 deletions src/java.base/share/classes/java/net/InetAddress.java
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 1995, 2018, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1995, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
Expand Down Expand Up @@ -926,6 +926,7 @@ private static final class PlatformNameService implements NameService {
public InetAddress[] lookupAllHostAddr(String host)
throws UnknownHostException
{
validate(host);
return impl.lookupAllHostAddr(host);
}

Expand Down Expand Up @@ -1315,51 +1316,53 @@ private static InetAddress[] getAllByName(String host, InetAddress reqAddr)
return ret;
}

validate(host);
boolean ipv6Expected = false;
if (host.charAt(0) == '[') {
// This is supposed to be an IPv6 literal
if (host.length() > 2 && host.charAt(host.length()-1) == ']') {
host = host.substring(1, host.length() -1);
ipv6Expected = true;
} else {
// This was supposed to be a IPv6 address, but it's not!
throw new UnknownHostException(host + ": invalid IPv6 address");
// This was supposed to be a IPv6 literal, but it's not
throw invalidIPv6LiteralException(host, false);
}
}

// if host is an IP address, we won't do further lookup
// Check and try to parse host string as an IP address literal
if (IPAddressUtil.digit(host.charAt(0), 16) != -1
|| (host.charAt(0) == ':')) {
byte[] addr;
byte[] addr = null;
int numericZone = -1;
String ifname = null;
// see if it is IPv4 address
try {
addr = IPAddressUtil.validateNumericFormatV4(host);
} catch (IllegalArgumentException iae) {
var uhe = new UnknownHostException(host);
uhe.initCause(iae);
throw uhe;

if (!ipv6Expected) {
// check if it is IPv4 address only if host is not wrapped in '[]'
try {
addr = IPAddressUtil.validateNumericFormatV4(host);
} catch (IllegalArgumentException iae) {
var uhe = new UnknownHostException(host);
uhe.initCause(iae);
throw uhe;
}
}
if (addr == null) {
// This is supposed to be an IPv6 literal
// Check if a numeric or string zone id is present
// Try to parse host string as an IPv6 literal
// Check if a numeric or string zone id is present first
int pos;
if ((pos=host.indexOf ('%')) != -1) {
numericZone = checkNumericZone (host);
if ((pos = host.indexOf('%')) != -1) {
numericZone = checkNumericZone(host);
if (numericZone == -1) { /* remainder of string must be an ifname */
ifname = host.substring (pos+1);
ifname = host.substring(pos + 1);
}
}
if ((addr = IPAddressUtil.textToNumericFormatV6(host)) == null && host.contains(":")) {
throw new UnknownHostException(host + ": invalid IPv6 address");
if ((addr = IPAddressUtil.textToNumericFormatV6(host)) == null &&
(host.contains(":") || ipv6Expected)) {
throw invalidIPv6LiteralException(host, ipv6Expected);
}
} else if (ipv6Expected) {
// Means an IPv4 litteral between brackets!
throw new UnknownHostException("["+host+"]");
}
InetAddress[] ret = new InetAddress[1];
if(addr != null) {
InetAddress[] ret = new InetAddress[1];
if (addr.length == Inet4Address.INADDRSZ) {
if (numericZone != -1 || ifname != null) {
// IPv4-mapped address must not contain zone-id
Expand All @@ -1376,12 +1379,18 @@ private static InetAddress[] getAllByName(String host, InetAddress reqAddr)
return ret;
}
} else if (ipv6Expected) {
// We were expecting an IPv6 Litteral, but got something else
throw new UnknownHostException("["+host+"]");
// We were expecting an IPv6 Literal since host string starts
// and ends with square brackets, but we got something else.
throw invalidIPv6LiteralException(host, true);
}
return getAllByName0(host, reqAddr, true, true);
}

private static UnknownHostException invalidIPv6LiteralException(String host, boolean wrapInBrackets) {
String hostString = wrapInBrackets ? "[" + host + "]" : host;
return new UnknownHostException(hostString + ": invalid IPv6 address literal");
}

/**
* Returns the loopback address.
* <p>
Expand Down Expand Up @@ -1781,6 +1790,12 @@ private void writeObject (ObjectOutputStream s) throws
pf.put("family", holder().getFamily());
s.writeFields();
}

private static void validate(String host) throws UnknownHostException {
if (host.indexOf(0) != -1) {
throw new UnknownHostException("NUL character not allowed in hostname");
}
}
}

/*
Expand Down
29 changes: 27 additions & 2 deletions src/java.base/share/classes/sun/net/www/protocol/http/HttpURLConnection.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2280,7 +2280,8 @@ private void setPreemptiveProxyAuthentication(MessageHeader requests) throws IOE
* the connection.
*/
@SuppressWarnings("fallthrough")
private AuthenticationInfo getHttpProxyAuthentication (AuthenticationHeader authhdr) {
private AuthenticationInfo getHttpProxyAuthentication (AuthenticationHeader authhdr)
throws IOException {
/* get authorization from authenticator */
AuthenticationInfo ret = null;
String raw = authhdr.raw();
Expand Down Expand Up @@ -2376,6 +2377,7 @@ public InetAddress run()
authenticator,
host, null, port, url.getProtocol(),
"", scheme, url, RequestorType.PROXY);
validateNTLMCredentials(a);
}
/* If we are not trying transparent authentication then
* we need to have a PasswordAuthentication instance. For
Expand Down Expand Up @@ -2443,7 +2445,8 @@ public InetAddress run()
* preferred.
*/
@SuppressWarnings("fallthrough")
private AuthenticationInfo getServerAuthentication (AuthenticationHeader authhdr) {
private AuthenticationInfo getServerAuthentication (AuthenticationHeader authhdr)
throws IOException {
/* get authorization from authenticator */
AuthenticationInfo ret = null;
String raw = authhdr.raw();
Expand Down Expand Up @@ -2549,6 +2552,7 @@ private AuthenticationInfo getServerAuthentication (AuthenticationHeader authhdr
authenticator,
url.getHost(), addr, port, url.getProtocol(),
"", scheme, url, RequestorType.SERVER);
validateNTLMCredentials(a);
}

/* If we are not trying transparent authentication then
Expand Down Expand Up @@ -3841,6 +3845,27 @@ public void close() throws IOException {
}
}
}

// ensure there are no null characters in username or password
private static void validateNTLMCredentials(PasswordAuthentication pw)
throws IOException {

if (pw == null) {
return;
}
char[] password = pw.getPassword();
if (password != null) {
for (int i=0; i<password.length; i++) {
if (password[i] == 0) {
throw new IOException("NUL character not allowed in NTLM password");
}
}
}
String username = pw.getUserName();
if (username != null && username.indexOf(0) != -1) {
throw new IOException("NUL character not allowed in NTLM username or domain");
}
}
}

/** An input stream that just returns EOF. This is for
Expand Down
11 changes: 9 additions & 2 deletions src/java.base/share/classes/sun/security/provider/certpath/AdjacencyList.java
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
Expand Down Expand Up @@ -87,7 +87,7 @@ public class AdjacencyList {
// the actual set of steps the AdjacencyList represents
private ArrayList<BuildStep> mStepList;

// the original list, just for the toString method
// the original list
private List<List<Vertex>> mOrigList;

/**
Expand All @@ -114,6 +114,13 @@ public Iterator<BuildStep> iterator() {
return Collections.unmodifiableList(mStepList).iterator();
}

/**
* Returns the number of attempted paths (useful for debugging).
*/
public int numAttemptedPaths() {
return mOrigList.size();
}

/**
* Recursive, private method which actually builds the step list from
* the given adjacency list. <code>Follow</code> is the parent BuildStep
Expand Down
15 changes: 5 additions & 10 deletions src/java.base/share/classes/sun/security/provider/certpath/Builder.java
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
Expand Down Expand Up @@ -412,8 +412,7 @@ Set<String> getMatchingPolicies() {

/**
* Search the specified CertStores and add all certificates matching
* selector to resultCerts. Self-signed certs are not useful here
* and therefore ignored.
* selector to resultCerts.
*
* If the targetCert criterion of the selector is set, only that cert
* is examined and the CertStores are not searched.
Expand All @@ -432,8 +431,7 @@ boolean addMatchingCerts(X509CertSelector selector,
X509Certificate targetCert = selector.getCertificate();
if (targetCert != null) {
// no need to search CertStores
if (selector.match(targetCert) && !X509CertImpl.isSelfSigned
(targetCert, buildParams.sigProvider())) {
if (selector.match(targetCert)) {
if (debug != null) {
debug.println("Builder.addMatchingCerts: " +
"adding target cert" +
Expand All @@ -452,11 +450,8 @@ boolean addMatchingCerts(X509CertSelector selector,
Collection<? extends Certificate> certs =
store.getCertificates(selector);
for (Certificate cert : certs) {
if (!X509CertImpl.isSelfSigned
((X509Certificate)cert, buildParams.sigProvider())) {
if (resultCerts.add((X509Certificate)cert)) {
add = true;
}
if (resultCerts.add((X509Certificate)cert)) {
add = true;
}
}
if (!checkAll && add) {
Expand Down
Loading

0 comments on commit 28d562c

Please sign in to comment.