archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-27 14:54:52 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8208754: The fix for JDK-8194534 needs updates

Browse source 
Reviewed-by: alanb, igerasim, rhalade, mullan
This commit is contained in:
Weijun Wang 2018-08-08 08:05:43 +08:00
parent 1c4396ebae
commit 61d19ee892
5 changed files with 13 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

2
src/java.base/share/classes/java/util/jar/JarFile.java
View file

@ -1025,7 +1025,7 @@ class JarFile extends ZipFile {
}
}
private synchronized void ensureInitialization() {
synchronized void ensureInitialization() {
try {
maybeInstantiateVerifier();
} catch (IOException e) {

3
src/java.base/share/classes/java/util/jar/JavaUtilJarAccessImpl.java
View file

@ -65,4 +65,7 @@ class JavaUtilJarAccessImpl implements JavaUtilJarAccess {
return man.getTrustedAttributes(name);
}
public void ensureInitialization(JarFile jar) {
jar.ensureInitialization();
}
}

4
src/java.base/share/classes/java/util/jar/Manifest.java
View file

@ -169,6 +169,10 @@ public class Manifest implements Cloneable {
* does not exist in SF files of all signers).
*/
Attributes getTrustedAttributes(String name) {
// Note: Before the verification of MANIFEST.MF/.SF/.RSA files is done,
// jv.isTrustedManifestEntry() isn't able to detect MANIFEST.MF change.
// Users of this method should call SharedSecrets.javaUtilJarAccess()
// .ensureInitialization() first.
Attributes result = getAttributes(name);
if (result != null && jv != null && ! jv.isTrustedManifestEntry(name)) {
throw new SecurityException("Untrusted manifest entry: " + name);