8208754: The fix for JDK-8194534 needs updates

Reviewed-by: alanb, igerasim, rhalade, mullan
2025-08-28 07:14:30 +02:00 · 2018-08-08 08:05:43 +08:00 · 2018-08-08 08:05:43 +08:00 · 61d19ee892
commit 61d19ee892
parent 1c4396ebae
5 changed files with 13 additions and 3 deletions
--- a/src/java.base/share/classes/java/util/jar/JarFile.java
+++ b/src/java.base/share/classes/java/util/jar/JarFile.java
@ -1025,7 +1025,7 @@ class JarFile extends ZipFile {
        }
    }

-    private synchronized void ensureInitialization() {
+    synchronized void ensureInitialization() {
        try {
            maybeInstantiateVerifier();
        } catch (IOException e) {
--- a/src/java.base/share/classes/java/util/jar/JavaUtilJarAccessImpl.java
+++ b/src/java.base/share/classes/java/util/jar/JavaUtilJarAccessImpl.java
@ -65,4 +65,7 @@ class JavaUtilJarAccessImpl implements JavaUtilJarAccess {
        return man.getTrustedAttributes(name);
    }

+    public void ensureInitialization(JarFile jar) {
+        jar.ensureInitialization();
+    }
 }
--- a/src/java.base/share/classes/java/util/jar/Manifest.java
+++ b/src/java.base/share/classes/java/util/jar/Manifest.java
@ -169,6 +169,10 @@ public class Manifest implements Cloneable {
     *      does not exist in SF files of all signers).
     */
    Attributes getTrustedAttributes(String name) {
+        // Note: Before the verification of MANIFEST.MF/.SF/.RSA files is done,
+        // jv.isTrustedManifestEntry() isn't able to detect MANIFEST.MF change.
+        // Users of this method should call SharedSecrets.javaUtilJarAccess()
+        // .ensureInitialization() first.
        Attributes result = getAttributes(name);
        if (result != null && jv != null && ! jv.isTrustedManifestEntry(name)) {
            throw new SecurityException("Untrusted manifest entry: " + name);
--- a/src/java.base/share/classes/jdk/internal/loader/URLClassPath.java
+++ b/src/java.base/share/classes/jdk/internal/loader/URLClassPath.java
@ -866,8 +866,10 @@ public class URLClassPath {
                    { return jar.getInputStream(entry); }
                public int getContentLength()
                    { return (int)entry.getSize(); }
-                public Manifest getManifest() throws IOException
-                    { return jar.getManifest(); };
+                public Manifest getManifest() throws IOException {
+                    SharedSecrets.javaUtilJarAccess().ensureInitialization(jar);
+                    return jar.getManifest();
+                }
                public Certificate[] getCertificates()
                    { return entry.getCertificates(); };
                public CodeSigner[] getCodeSigners()
--- a/src/java.base/share/classes/jdk/internal/misc/JavaUtilJarAccess.java
+++ b/src/java.base/share/classes/jdk/internal/misc/JavaUtilJarAccess.java
@ -44,4 +44,5 @@ public interface JavaUtilJarAccess {
    public void setEagerValidation(JarFile jar, boolean eager);
    public List<Object> getManifestDigests(JarFile jar);
    public Attributes getTrustedAttributes(Manifest man, String name);
+    public void ensureInitialization(JarFile jar);
 }