< prev index next >
src/share/classes/java/security/UnresolvedPermission.java
Print this page
rev 12546 : 8181432: Better processing of unresolved permissions
Reviewed-by: mullan
*** 1,7 ****
/*
! * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
--- 1,7 ----
/*
! * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
*** 23,38 ****
--- 23,42 ----
* questions.
*/
package java.security;
+ import sun.misc.IOUtils;
+
import java.io.IOException;
import java.io.ByteArrayInputStream;
+ import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.Hashtable;
import java.lang.reflect.*;
import java.security.cert.*;
+ import java.util.List;
/**
* The UnresolvedPermission class is used to hold Permissions that
* were "unresolved" when the Policy was initialized.
* An unresolved permission is one whose actual Permission class
*** 547,556 ****
--- 551,561 ----
private void readObject(java.io.ObjectInputStream ois)
throws IOException, ClassNotFoundException
{
CertificateFactory cf;
Hashtable<String, CertificateFactory> cfs = null;
+ List<Certificate> certList = null;
ois.defaultReadObject();
if (type == null)
throw new NullPointerException("type can't be null");
*** 558,569 ****
// process any new-style certs in the stream (if present)
int size = ois.readInt();
if (size > 0) {
// we know of 3 different cert types: X.509, PGP, SDSI, which
// could all be present in the stream at the same time
! cfs = new Hashtable<String, CertificateFactory>(3);
! this.certs = new java.security.cert.Certificate[size];
}
for (int i=0; i<size; i++) {
// read the certificate type, and instantiate a certificate
// factory of that type (reuse existing factory if possible)
--- 563,576 ----
// process any new-style certs in the stream (if present)
int size = ois.readInt();
if (size > 0) {
// we know of 3 different cert types: X.509, PGP, SDSI, which
// could all be present in the stream at the same time
! cfs = new Hashtable<>(3);
! certList = new ArrayList<>(size > 20 ? 20 : size);
! } else if (size < 0) {
! throw new IOException("size cannot be negative");
}
for (int i=0; i<size; i++) {
// read the certificate type, and instantiate a certificate
// factory of that type (reuse existing factory if possible)
*** 581,602 ****
}
// store the certificate factory so we can reuse it later
cfs.put(certType, cf);
}
// parse the certificate
! byte[] encoded=null;
! try {
! encoded = new byte[ois.readInt()];
! } catch (OutOfMemoryError oome) {
! throw new IOException("Certificate too big");
! }
! ois.readFully(encoded);
ByteArrayInputStream bais = new ByteArrayInputStream(encoded);
try {
! this.certs[i] = cf.generateCertificate(bais);
} catch (CertificateException ce) {
throw new IOException(ce.getMessage());
}
bais.close();
}
}
}
--- 588,607 ----
}
// store the certificate factory so we can reuse it later
cfs.put(certType, cf);
}
// parse the certificate
! byte[] encoded = IOUtils.readNBytes(ois, ois.readInt());
ByteArrayInputStream bais = new ByteArrayInputStream(encoded);
try {
! certList.add(cf.generateCertificate(bais));
} catch (CertificateException ce) {
throw new IOException(ce.getMessage());
}
bais.close();
}
+ if (certList != null) {
+ this.certs = certList.toArray(
+ new java.security.cert.Certificate[size]);
+ }
}
}
< prev index next >