# HG changeset patch # User mbaesken # Date 1536653376 -7200 # Tue Sep 11 10:09:36 2018 +0200 # Node ID 721cce9dd5d5729e8f615464c847cd05b2e08bff # Parent 7c3891b9f1e00e9d80ebedd0b5a410fbbb6f9551 8205525: Improve exception messages during manifest parsing of jar archives diff --git a/src/java.base/share/classes/java/util/jar/Attributes.java b/src/java.base/share/classes/java/util/jar/Attributes.java --- a/src/java.base/share/classes/java/util/jar/Attributes.java +++ b/src/java.base/share/classes/java/util/jar/Attributes.java @@ -369,8 +369,12 @@ * Reads attributes from the specified input stream. * XXX Need to handle UTF8 values. */ + void read(Manifest.FastInputStream is, byte[] lbuf) throws IOException { + read(is, lbuf, null, 0); + } + @SuppressWarnings("deprecation") - void read(Manifest.FastInputStream is, byte[] lbuf) throws IOException { + int read(Manifest.FastInputStream is, byte[] lbuf, String filename, int lineNumber) throws IOException { String name = null, value; byte[] lastline = null; @@ -378,8 +382,11 @@ while ((len = is.readLine(lbuf)) != -1) { boolean lineContinued = false; byte c = lbuf[--len]; + lineNumber++; + if (c != '\n' && c != '\r') { - throw new IOException("line too long"); + throw new IOException("line too long (" + + Manifest.getErrorPosition(filename, lineNumber) + ")"); } if (len > 0 && lbuf[len-1] == '\r') { --len; @@ -391,7 +398,8 @@ if (lbuf[0] == ' ') { // continuation of previous line if (name == null) { - throw new IOException("misplaced continuation line"); + throw new IOException("misplaced continuation line (" + + Manifest.getErrorPosition(filename, lineNumber) + ")"); } lineContinued = true; byte[] buf = new byte[lastline.length + len - 1]; @@ -406,11 +414,13 @@ } else { while (lbuf[i++] != ':') { if (i >= len) { - throw new IOException("invalid header field"); + throw new IOException("invalid header field (" + + Manifest.getErrorPosition(filename, lineNumber) + ")"); } } if (lbuf[i++] != ' ') { - throw new IOException("invalid header field"); + throw new IOException("invalid header field (" + + Manifest.getErrorPosition(filename, lineNumber) + ")"); } name = new String(lbuf, 0, 0, i - 2); if (is.peek() == ' ') { @@ -433,9 +443,11 @@ + "entry in the jar file."); } } catch (IllegalArgumentException e) { - throw new IOException("invalid header field name: " + name); + throw new IOException("invalid header field name: " + name + + " (" + Manifest.getErrorPosition(filename, lineNumber) + ")"); } } + return lineNumber; } /** diff --git a/src/java.base/share/classes/java/util/jar/JarFile.java b/src/java.base/share/classes/java/util/jar/JarFile.java --- a/src/java.base/share/classes/java/util/jar/JarFile.java +++ b/src/java.base/share/classes/java/util/jar/JarFile.java @@ -417,12 +417,12 @@ if (manEntry != null) { if (verify) { byte[] b = getBytes(manEntry); - man = new Manifest(new ByteArrayInputStream(b)); + man = new Manifest(new ByteArrayInputStream(b), getName()); if (!jvInitialized) { jv = new JarVerifier(b); } } else { - man = new Manifest(super.getInputStream(manEntry)); + man = new Manifest(super.getInputStream(manEntry), getName()); } manRef = new SoftReference<>(man); } diff --git a/src/java.base/share/classes/java/util/jar/Manifest.java b/src/java.base/share/classes/java/util/jar/Manifest.java --- a/src/java.base/share/classes/java/util/jar/Manifest.java +++ b/src/java.base/share/classes/java/util/jar/Manifest.java @@ -32,7 +32,7 @@ import java.io.IOException; import java.util.Map; import java.util.HashMap; -import java.util.Iterator; +import sun.security.util.SecurityProperties; /** * The Manifest class is used to maintain Manifest entry names and their @@ -47,12 +47,19 @@ * @since 1.2 */ public class Manifest implements Cloneable { + + private static final boolean jarPathInExceptionText = + SecurityProperties.includedInExceptions("jarPath"); + // manifest main attributes private Attributes attr = new Attributes(); // manifest entries private Map entries = new HashMap<>(); + // name of the corresponding jar archive if available. + private String jarFilename; + /** * Constructs a new, empty Manifest. */ @@ -70,6 +77,18 @@ } /** + * Constructs a new Manifest from the specified input stream. + * + * @param is the input stream containing manifest data + * @param jarFilename the name of the corresponding jar archive if available + * @throws IOException if an I/O error has occured + */ + Manifest(InputStream is, String jarFilename) throws IOException { + read(is); + this.jarFilename = jarFilename; + } + + /** * Constructs a new Manifest that is a copy of the specified Manifest. * * @param man the Manifest to copy @@ -179,6 +198,14 @@ return; } + static String getErrorPosition(String filename, final int lineNumber) { + if (filename == null || !jarPathInExceptionText) { + return "line " + lineNumber; + } + + return "manifest of " + filename + ":" + lineNumber; + } + /** * Reads the Manifest from the specified InputStream. The entry * names and attributes read will be merged in with the current @@ -193,7 +220,7 @@ // Line buffer byte[] lbuf = new byte[512]; // Read the main attributes for the manifest - attr.read(fis, lbuf); + int lineNumber = attr.read(fis, lbuf, jarFilename, 0); // Total number of entries, attributes read int ecount = 0, acount = 0; // Average size of entry attributes @@ -206,8 +233,11 @@ while ((len = fis.readLine(lbuf)) != -1) { byte c = lbuf[--len]; + lineNumber++; + if (c != '\n' && c != '\r') { - throw new IOException("manifest line too long"); + throw new IOException("manifest line too long (" + + getErrorPosition(jarFilename, lineNumber) + ")"); } if (len > 0 && lbuf[len-1] == '\r') { --len; @@ -220,7 +250,8 @@ if (name == null) { name = parseName(lbuf, len); if (name == null) { - throw new IOException("invalid manifest format"); + throw new IOException("invalid manifest format" + + getErrorPosition(jarFilename, lineNumber) + ")"); } if (fis.peek() == ' ') { // name is wrapped @@ -246,7 +277,7 @@ attr = new Attributes(asize); entries.put(name, attr); } - attr.read(fis, lbuf); + lineNumber = attr.read(fis, lbuf, jarFilename, lineNumber); ecount++; acount += attr.size(); //XXX: Fix for when the average is 0. When it is 0, diff --git a/src/java.base/share/classes/sun/net/util/SocketExceptions.java b/src/java.base/share/classes/sun/net/util/SocketExceptions.java --- a/src/java.base/share/classes/sun/net/util/SocketExceptions.java +++ b/src/java.base/share/classes/sun/net/util/SocketExceptions.java @@ -30,43 +30,13 @@ import java.net.InetSocketAddress; import java.security.AccessController; import java.security.PrivilegedAction; -import java.security.Security; +import sun.security.util.SecurityProperties; public final class SocketExceptions { private SocketExceptions() {} - /** - * Security or system property which specifies categories of - * (potentially sensitive) information that may be included - * in exception text. This class only defines one category: - * "hostInfo" which represents the hostname and port number - * of the remote peer relating to a socket exception. - * The property value is a comma separated list of - * case insignificant category names. - */ - private static final String enhancedTextPropname = "jdk.includeInExceptions"; - - private static final boolean enhancedExceptionText = initTextProp(); - - private static boolean initTextProp() { - return AccessController.doPrivileged(new PrivilegedAction() { - public Boolean run() { - String val = System.getProperty(enhancedTextPropname); - if (val == null) { - val = Security.getProperty(enhancedTextPropname); - if (val == null) - return false; - } - String[] tokens = val.split(","); - for (String token : tokens) { - if (token.equalsIgnoreCase("hostinfo")) - return true; - } - return false; - } - }); - } - + private static final boolean enhancedExceptionText = + SecurityProperties.includedInExceptions("hostInfo"); /** * Utility which takes an exception and returns either the same exception @@ -74,8 +44,9 @@ * and detail message enhanced with addressing information from the * given InetSocketAddress. * - * If the system/security property "jdk.net.enhanceExceptionText" is not - * set or is false, then the original exception is returned. + * If the system/security property "jdk.includeInExceptions" is not + * set or does not contain the category hostInfo, + * then the original exception is returned. * * Only specific IOException subtypes are supported. */ diff --git a/src/java.base/share/classes/sun/security/util/SecurityProperties.java b/src/java.base/share/classes/sun/security/util/SecurityProperties.java new file mode 100644 --- /dev/null +++ b/src/java.base/share/classes/sun/security/util/SecurityProperties.java @@ -0,0 +1,78 @@ +/* + * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2018 SAP SE. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Oracle designates this + * particular file as subject to the "Classpath" exception as provided + * by Oracle in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +package sun.security.util; + +import java.security.AccessController; +import java.security.PrivilegedAction; +import java.security.Security; + +public class SecurityProperties { + + /* + * Returns the value of the security property propName, which can be overridden + * by the system property propName + * + * @param propName the name of the system or security property + * @return the value of the system or security property + */ + public static String privilegedGetOverridable(String propName) { + return AccessController.doPrivileged((PrivilegedAction) + () -> { + String val = System.getProperty(propName); + if (val == null) { + return Security.getProperty(propName); + } else { + return val; + } + }); + } + + /** + * Returns true in case the system or security property "jdk.includeInExceptions" + * contains the category refName + * + * @param refName the category to check + * @return true in case the system or security property "jdk.includeInExceptions" + * contains refName, false otherwise + */ + public static boolean includedInExceptions(String refName) { + String val = privilegedGetOverridable("jdk.includeInExceptions"); + if (val == null) { + return false; + } + + String[] tokens = val.split(","); + for (String token : tokens) { + token = token.trim(); + if (token.equalsIgnoreCase(refName)) { + return true; + } + } + return false; + } +} + diff --git a/src/java.base/share/conf/security/java.security b/src/java.base/share/conf/security/java.security --- a/src/java.base/share/conf/security/java.security +++ b/src/java.base/share/conf/security/java.security @@ -1081,7 +1081,10 @@ # java.nio.channels package will contain enhanced exception # message information # +# jarPath - enables more detailed information in the IOExceptions thrown +# by classes in the java.util.jar package +# # The property setting in this file can be overridden by a system property of # the same name, with the same syntax and possible values. # -#jdk.includeInExceptions=hostInfo +#jdk.includeInExceptions=hostInfo,jarPath