< prev index next >
src/share/classes/java/security/UnresolvedPermission.java
Print this page
rev 12546 : 8181432: Better processing of unresolved permissions
Reviewed-by: mullan
@@ -1,7 +1,7 @@
/*
- * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
@@ -23,16 +23,20 @@
* questions.
*/
package java.security;
+import sun.misc.IOUtils;
+
import java.io.IOException;
import java.io.ByteArrayInputStream;
+import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.Hashtable;
import java.lang.reflect.*;
import java.security.cert.*;
+import java.util.List;
/**
* The UnresolvedPermission class is used to hold Permissions that
* were "unresolved" when the Policy was initialized.
* An unresolved permission is one whose actual Permission class
@@ -547,10 +551,11 @@
private void readObject(java.io.ObjectInputStream ois)
throws IOException, ClassNotFoundException
{
CertificateFactory cf;
Hashtable<String, CertificateFactory> cfs = null;
+ List<Certificate> certList = null;
ois.defaultReadObject();
if (type == null)
throw new NullPointerException("type can't be null");
@@ -558,12 +563,14 @@
// process any new-style certs in the stream (if present)
int size = ois.readInt();
if (size > 0) {
// we know of 3 different cert types: X.509, PGP, SDSI, which
// could all be present in the stream at the same time
- cfs = new Hashtable<String, CertificateFactory>(3);
- this.certs = new java.security.cert.Certificate[size];
+ cfs = new Hashtable<>(3);
+ certList = new ArrayList<>(size > 20 ? 20 : size);
+ } else if (size < 0) {
+ throw new IOException("size cannot be negative");
}
for (int i=0; i<size; i++) {
// read the certificate type, and instantiate a certificate
// factory of that type (reuse existing factory if possible)
@@ -581,22 +588,20 @@
}
// store the certificate factory so we can reuse it later
cfs.put(certType, cf);
}
// parse the certificate
- byte[] encoded=null;
- try {
- encoded = new byte[ois.readInt()];
- } catch (OutOfMemoryError oome) {
- throw new IOException("Certificate too big");
- }
- ois.readFully(encoded);
+ byte[] encoded = IOUtils.readNBytes(ois, ois.readInt());
ByteArrayInputStream bais = new ByteArrayInputStream(encoded);
try {
- this.certs[i] = cf.generateCertificate(bais);
+ certList.add(cf.generateCertificate(bais));
} catch (CertificateException ce) {
throw new IOException(ce.getMessage());
}
bais.close();
}
+ if (certList != null) {
+ this.certs = certList.toArray(
+ new java.security.cert.Certificate[size]);
+ }
}
}
< prev index next >