8138978: Examine usages of sun.misc.IOUtils

Reviewed-by: alanb, mullan, psandoz, rriggs, weijun

jdk/src/java.base/share/classes/java/util/jar/JarFile.java

@@ -37,7 +37,6 @@ import java.security.cert.Certificate;
 import java.security.AccessController;
 import java.security.CodeSource;
 import jdk.internal.misc.SharedSecrets;
-import sun.misc.IOUtils;
 import sun.security.action.GetPropertyAction;
 import sun.security.util.ManifestEntryVerifier;
 import sun.security.util.SignatureFileVerifier;
@@ -438,7 +437,12 @@ class JarFile extends ZipFile {
      */
     private byte[] getBytes(ZipEntry ze) throws IOException {
         try (InputStream is = super.getInputStream(ze)) {
-            return IOUtils.readFully(is, (int)ze.getSize(), true);
+            int len = (int)ze.getSize();
+            byte[] b = is.readAllBytes();
+            if (len != -1 && b.length != len)
+                throw new EOFException("Expected:" + len + ", read:" + b.length);
+
+            return b;
         }
     }
 

jdk/src/java.base/share/classes/sun/invoke/anon/AnonymousClassLoader.java

@@ -25,10 +25,10 @@
 
 package sun.invoke.anon;
 
+import java.io.EOFException;
 import java.io.IOException;
 import java.lang.reflect.InvocationTargetException;
 import java.lang.reflect.Method;
-import sun.misc.IOUtils;
 
 /**
  * Anonymous class loader.  Will load any valid classfile, producing
@@ -225,6 +225,10 @@ public class AnonymousClassLoader {
         if (contentLength < 0)
             throw new IOException("invalid content length "+contentLength);
 
-        return IOUtils.readFully(connection.getInputStream(), contentLength, true);
+        byte[] b = connection.getInputStream().readAllBytes();
+        if (b.length != contentLength)
+            throw new EOFException("Expected:" + contentLength + ", read:" + b.length);
+
+        return b;
     }
 }

jdk/src/java.base/share/classes/sun/reflect/misc/MethodUtil.java

@@ -25,6 +25,7 @@
 
 package sun.reflect.misc;
 
+import java.io.EOFException;
 import java.security.AllPermission;
 import java.security.AccessController;
 import java.security.PermissionCollection;
@@ -43,7 +44,6 @@ import java.lang.reflect.Modifier;
 import java.util.Arrays;
 import java.util.HashMap;
 import java.util.Map;
-import sun.misc.IOUtils;
 
 
 class Trampoline {
@@ -368,16 +368,13 @@ public final class MethodUtil extends SecureClassLoader {
             }
         }
         int len = uc.getContentLength();
-        InputStream in = new BufferedInputStream(uc.getInputStream());
+        try (InputStream in = new BufferedInputStream(uc.getInputStream())) {
-
+            byte[] b = in.readAllBytes();
-        byte[] b;
+            if (len != -1 && b.length != len)
-        try {
+                throw new EOFException("Expected:" + len + ", read:" + b.length);
-            b = IOUtils.readFully(in, len, true);
-        } finally {
-            in.close();
-        }
             return b;
         }
+    }
 
 
     protected PermissionCollection getPermissions(CodeSource codesource)

jdk/src/java.base/share/classes/sun/security/provider/DomainKeyStore.java

@@ -33,7 +33,6 @@ import java.security.cert.CertificateFactory;
 import java.security.cert.CertificateException;
 import java.util.*;
 
-import sun.misc.IOUtils;
 import sun.security.pkcs.EncryptedPrivateKeyInfo;
 import sun.security.util.PolicyUtil;
 

jdk/src/java.base/share/classes/sun/security/provider/JavaKeyStore.java

@@ -32,9 +32,9 @@ import java.security.cert.CertificateFactory;
 import java.security.cert.CertificateException;
 import java.util.*;
 
-import sun.misc.IOUtils;
 import sun.security.pkcs.EncryptedPrivateKeyInfo;
 import sun.security.pkcs12.PKCS12KeyStore;
+import sun.security.util.IOUtils;
 import sun.security.util.KeyStoreDelegator;
 
 /**

jdk/src/java.base/share/classes/sun/security/timestamp/HttpTimestamper.java

@@ -27,13 +27,13 @@ package sun.security.timestamp;
 
 import java.io.BufferedInputStream;
 import java.io.DataOutputStream;
+import java.io.EOFException;
 import java.io.IOException;
 import java.net.URI;
 import java.net.URL;
 import java.net.HttpURLConnection;
 import java.util.*;
 
-import sun.misc.IOUtils;
 import sun.security.util.Debug;
 
 /**
@@ -147,8 +147,11 @@ public class HttpTimestamper implements Timestamper {
             }
             verifyMimeType(connection.getContentType());
 
-            int contentLength = connection.getContentLength();
+            int clen = connection.getContentLength();
-            replyBuffer = IOUtils.readFully(input, contentLength, false);
+            replyBuffer = input.readAllBytes();
+            if (clen != -1 && replyBuffer.length != clen)
+                throw new EOFException("Expected:" + clen +
+                                       ", read:" + replyBuffer.length);
 
             if (debug != null) {
                 debug.println("received timestamp response (length=" +

jdk/src/java.base/share/classes/sun/security/util/DerValue.java

@@ -28,7 +28,6 @@ package sun.security.util;
 import java.io.*;
 import java.math.BigInteger;
 import java.util.Date;
-import sun.misc.IOUtils;
 
 /**
  * Represents a single DER-encoded value.  DER encoding rules are a subset

jdk/src/java.base/share/classes/sun/security/util/IOUtils.java

@@ -27,7 +27,7 @@
  * IOUtils: A collection of IO-related public static methods.
  */
 
-package sun.misc;
+package sun.security.util;
 
 import java.io.EOFException;
 import java.io.IOException;

jdk/src/java.desktop/share/classes/sun/applet/AppletClassLoader.java

@@ -33,6 +33,7 @@ import java.net.URLConnection;
 import java.net.MalformedURLException;
 import java.net.InetAddress;
 import java.net.UnknownHostException;
+import java.io.EOFException;
 import java.io.File;
 import java.io.FilePermission;
 import java.io.IOException;
@@ -51,7 +52,6 @@ import java.security.Permission;
 import java.security.PermissionCollection;
 import sun.awt.AppContext;
 import sun.awt.SunToolkit;
-import sun.misc.IOUtils;
 import sun.misc.ManagedLocalsThread;
 import sun.net.www.ParseUtil;
 import sun.security.util.SecurityConstants;
@@ -334,7 +334,9 @@ public class AppletClassLoader extends URLClassLoader {
 
         byte[] b;
         try {
-            b = IOUtils.readFully(in, len, true);
+            b = in.readAllBytes();
+            if (len != -1 && b.length != len)
+                throw new EOFException("Expected:" + len + ", read:" + b.length);
         } finally {
             in.close();
         }

jdk/src/java.naming/share/classes/com/sun/jndi/ldap/Connection.java

@@ -45,7 +45,6 @@ import javax.naming.ldap.Control;
 import java.lang.reflect.Method;
 import java.lang.reflect.InvocationTargetException;
 import java.util.Arrays;
-import sun.misc.IOUtils;
 import javax.net.SocketFactory;
 
 /**
@@ -862,7 +861,7 @@ public final class Connection implements Runnable {
                     }
 
                     // read in seqlen bytes
-                    byte[] left = IOUtils.readFully(in, seqlen, false);
+                    byte[] left = readFully(in, seqlen);
                     inbuf = Arrays.copyOf(inbuf, offset + left.length);
                     System.arraycopy(left, 0, inbuf, offset, left.length);
                     offset += left.length;
@@ -957,6 +956,31 @@ System.err.println("bytesread: " + bytesread);
         }
     }
 
+    private static byte[] readFully(InputStream is, int length)
+        throws IOException
+    {
+        byte[] buf = new byte[Math.min(length, 8192)];
+        int nread = 0;
+        while (nread < length) {
+            int bytesToRead;
+            if (nread >= buf.length) {  // need to allocate a larger buffer
+                bytesToRead = Math.min(length - nread, buf.length + 8192);
+                if (buf.length < nread + bytesToRead) {
+                    buf = Arrays.copyOf(buf, nread + bytesToRead);
+                }
+            } else {
+                bytesToRead = buf.length - nread;
+            }
+            int count = is.read(buf, nread, bytesToRead);
+            if (count < 0) {
+                if (buf.length != nread)
+                    buf = Arrays.copyOf(buf, nread);
+                break;
+            }
+            nread += count;
+        }
+        return buf;
+    }
 
     // This code must be uncommented to run the LdapAbandonTest.
     /*public void sendSearchReqs(String dn, int numReqs) {

jdk/src/java.security.jgss/share/classes/sun/security/krb5/internal/NetClient.java

@@ -31,10 +31,9 @@
 
 package sun.security.krb5.internal;
 
-import sun.misc.IOUtils;
-
 import java.io.*;
 import java.net.*;
+import sun.security.util.IOUtils;
 
 public abstract class NetClient implements AutoCloseable {
     public static NetClient getInstance(String protocol, String hostname, int port,

jdk/src/java.security.jgss/share/classes/sun/security/krb5/internal/ccache/CCacheInputStream.java

@@ -36,10 +36,10 @@ import java.util.ArrayList;
 import java.util.List;
 import java.util.StringTokenizer;
 
-import sun.misc.IOUtils;
 import sun.security.krb5.*;
 import sun.security.krb5.internal.*;
 import sun.security.krb5.internal.util.KrbDataInputStream;
+import sun.security.util.IOUtils;
 
 /**
  * This class extends KrbDataInputStream. It is used for parsing FCC-format

jdk/test/sun/security/tools/jarsigner/TimestampCheck.java

@@ -40,7 +40,6 @@ import java.util.Calendar;
 import java.util.jar.JarEntry;
 import java.util.jar.JarFile;
 
-import sun.misc.IOUtils;
 import sun.security.pkcs.ContentInfo;
 import sun.security.pkcs.PKCS7;
 import sun.security.pkcs.PKCS9Attribute;
@@ -343,7 +342,7 @@ public class TimestampCheck {
         try (JarFile jf = new JarFile(file)) {
             JarEntry je = jf.getJarEntry("META-INF/OLD.RSA");
             try (InputStream is = jf.getInputStream(je)) {
-                byte[] content = IOUtils.readFully(is, -1, true);
+                byte[] content = is.readAllBytes();
                 PKCS7 p7 = new PKCS7(content);
                 SignerInfo[] si = p7.getSignerInfos();
                 if (si == null || si.length == 0) {

jdk/test/sun/security/util/DerValue/BadValue.java

@@ -25,13 +25,11 @@
  * @test
  * @bug 6864911
  * @summary ASN.1/DER input stream parser needs more work
- * @modules java.base/sun.misc
+ * @modules java.base/sun.security.util
- *          java.base/sun.security.util
  */
 
 import java.io.*;
 import sun.security.util.*;
-import sun.misc.IOUtils;
 
 public class BadValue {