8207768: Improve exception messages during manifest parsing of jar archives
Reviewed-by: clanger, mullan, weijun
This commit is contained in:
Matthias Baesken
parent
19ca9280a6
commit
be56cc5bf3
@ -369,8 +369,12 @@ public class Attributes implements Map<Object,Object>, Cloneable {
|
|||||||
* Reads attributes from the specified input stream.
|
* Reads attributes from the specified input stream.
|
||||||
* XXX Need to handle UTF8 values.
|
* XXX Need to handle UTF8 values.
|
||||||
*/
|
*/
|
||||||
@SuppressWarnings("deprecation")
|
|
||||||
void read(Manifest.FastInputStream is, byte[] lbuf) throws IOException {
|
void read(Manifest.FastInputStream is, byte[] lbuf) throws IOException {
|
||||||
|
read(is, lbuf, null, 0);
|
||||||
|
}
|
||||||
|
|
||||||
|
@SuppressWarnings("deprecation")
|
||||||
|
int read(Manifest.FastInputStream is, byte[] lbuf, String filename, int lineNumber) throws IOException {
|
||||||
String name = null, value;
|
String name = null, value;
|
||||||
byte[] lastline = null;
|
byte[] lastline = null;
|
||||||
|
|
||||||
@ -378,8 +382,11 @@ public class Attributes implements Map<Object,Object>, Cloneable {
|
|||||||
while ((len = is.readLine(lbuf)) != -1) {
|
while ((len = is.readLine(lbuf)) != -1) {
|
||||||
boolean lineContinued = false;
|
boolean lineContinued = false;
|
||||||
byte c = lbuf[--len];
|
byte c = lbuf[--len];
|
||||||
|
lineNumber++;
|
||||||
|
|
||||||
if (c != '\n' && c != '\r') {
|
if (c != '\n' && c != '\r') {
|
||||||
throw new IOException("line too long");
|
throw new IOException("line too long ("
|
||||||
|
+ Manifest.getErrorPosition(filename, lineNumber) + ")");
|
||||||
}
|
}
|
||||||
if (len > 0 && lbuf[len-1] == '\r') {
|
if (len > 0 && lbuf[len-1] == '\r') {
|
||||||
--len;
|
--len;
|
||||||
@ -391,7 +398,8 @@ public class Attributes implements Map<Object,Object>, Cloneable {
|
|||||||
if (lbuf[0] == ' ') {
|
if (lbuf[0] == ' ') {
|
||||||
// continuation of previous line
|
// continuation of previous line
|
||||||
if (name == null) {
|
if (name == null) {
|
||||||
throw new IOException("misplaced continuation line");
|
throw new IOException("misplaced continuation line ("
|
||||||
|
+ Manifest.getErrorPosition(filename, lineNumber) + ")");
|
||||||
}
|
}
|
||||||
lineContinued = true;
|
lineContinued = true;
|
||||||
byte[] buf = new byte[lastline.length + len - 1];
|
byte[] buf = new byte[lastline.length + len - 1];
|
||||||
@ -406,11 +414,13 @@ public class Attributes implements Map<Object,Object>, Cloneable {
|
|||||||
} else {
|
} else {
|
||||||
while (lbuf[i++] != ':') {
|
while (lbuf[i++] != ':') {
|
||||||
if (i >= len) {
|
if (i >= len) {
|
||||||
throw new IOException("invalid header field");
|
throw new IOException("invalid header field ("
|
||||||
|
+ Manifest.getErrorPosition(filename, lineNumber) + ")");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (lbuf[i++] != ' ') {
|
if (lbuf[i++] != ' ') {
|
||||||
throw new IOException("invalid header field");
|
throw new IOException("invalid header field ("
|
||||||
|
+ Manifest.getErrorPosition(filename, lineNumber) + ")");
|
||||||
}
|
}
|
||||||
name = new String(lbuf, 0, 0, i - 2);
|
name = new String(lbuf, 0, 0, i - 2);
|
||||||
if (is.peek() == ' ') {
|
if (is.peek() == ' ') {
|
||||||
@ -433,9 +443,11 @@ public class Attributes implements Map<Object,Object>, Cloneable {
|
|||||||
+ "entry in the jar file.");
|
+ "entry in the jar file.");
|
||||||
}
|
}
|
||||||
} catch (IllegalArgumentException e) {
|
} catch (IllegalArgumentException e) {
|
||||||
throw new IOException("invalid header field name: " + name);
|
throw new IOException("invalid header field name: " + name
|
||||||
|
+ " (" + Manifest.getErrorPosition(filename, lineNumber) + ")");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
return lineNumber;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@ -417,12 +417,12 @@ class JarFile extends ZipFile {
|
|||||||
if (manEntry != null) {
|
if (manEntry != null) {
|
||||||
if (verify) {
|
if (verify) {
|
||||||
byte[] b = getBytes(manEntry);
|
byte[] b = getBytes(manEntry);
|
||||||
man = new Manifest(new ByteArrayInputStream(b));
|
man = new Manifest(new ByteArrayInputStream(b), getName());
|
||||||
if (!jvInitialized) {
|
if (!jvInitialized) {
|
||||||
jv = new JarVerifier(b);
|
jv = new JarVerifier(b);
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
man = new Manifest(super.getInputStream(manEntry));
|
man = new Manifest(super.getInputStream(manEntry), getName());
|
||||||
}
|
}
|
||||||
manRef = new SoftReference<>(man);
|
manRef = new SoftReference<>(man);
|
||||||
}
|
}
|
||||||
|
|||||||
@ -25,14 +25,15 @@
|
|||||||
|
|
||||||
package java.util.jar;
|
package java.util.jar;
|
||||||
|
|
||||||
import java.io.FilterInputStream;
|
|
||||||
import java.io.DataOutputStream;
|
import java.io.DataOutputStream;
|
||||||
|
import java.io.FilterInputStream;
|
||||||
|
import java.io.IOException;
|
||||||
import java.io.InputStream;
|
import java.io.InputStream;
|
||||||
import java.io.OutputStream;
|
import java.io.OutputStream;
|
||||||
import java.io.IOException;
|
|
||||||
import java.util.Map;
|
|
||||||
import java.util.HashMap;
|
import java.util.HashMap;
|
||||||
import java.util.Iterator;
|
import java.util.Map;
|
||||||
|
|
||||||
|
import sun.security.util.SecurityProperties;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The Manifest class is used to maintain Manifest entry names and their
|
* The Manifest class is used to maintain Manifest entry names and their
|
||||||
@ -47,16 +48,24 @@ import java.util.Iterator;
|
|||||||
* @since 1.2
|
* @since 1.2
|
||||||
*/
|
*/
|
||||||
public class Manifest implements Cloneable {
|
public class Manifest implements Cloneable {
|
||||||
|
|
||||||
|
private static final boolean jarInfoInExceptionText =
|
||||||
|
SecurityProperties.includedInExceptions("jar");
|
||||||
|
|
||||||
// manifest main attributes
|
// manifest main attributes
|
||||||
private Attributes attr = new Attributes();
|
private Attributes attr = new Attributes();
|
||||||
|
|
||||||
// manifest entries
|
// manifest entries
|
||||||
private Map<String, Attributes> entries = new HashMap<>();
|
private Map<String, Attributes> entries = new HashMap<>();
|
||||||
|
|
||||||
|
// name of the corresponding jar archive if available.
|
||||||
|
private final String jarFilename;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Constructs a new, empty Manifest.
|
* Constructs a new, empty Manifest.
|
||||||
*/
|
*/
|
||||||
public Manifest() {
|
public Manifest() {
|
||||||
|
jarFilename = null;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -66,15 +75,29 @@ public class Manifest implements Cloneable {
|
|||||||
* @throws IOException if an I/O error has occurred
|
* @throws IOException if an I/O error has occurred
|
||||||
*/
|
*/
|
||||||
public Manifest(InputStream is) throws IOException {
|
public Manifest(InputStream is) throws IOException {
|
||||||
|
this();
|
||||||
read(is);
|
read(is);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Constructs a new Manifest from the specified input stream.
|
||||||
|
*
|
||||||
|
* @param is the input stream containing manifest data
|
||||||
|
* @param jarFilename the name of the corresponding jar archive if available
|
||||||
|
* @throws IOException if an I/O error has occured
|
||||||
|
*/
|
||||||
|
Manifest(InputStream is, String jarFilename) throws IOException {
|
||||||
|
read(is);
|
||||||
|
this.jarFilename = jarFilename;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Constructs a new Manifest that is a copy of the specified Manifest.
|
* Constructs a new Manifest that is a copy of the specified Manifest.
|
||||||
*
|
*
|
||||||
* @param man the Manifest to copy
|
* @param man the Manifest to copy
|
||||||
*/
|
*/
|
||||||
public Manifest(Manifest man) {
|
public Manifest(Manifest man) {
|
||||||
|
this();
|
||||||
attr.putAll(man.getMainAttributes());
|
attr.putAll(man.getMainAttributes());
|
||||||
entries.putAll(man.getEntries());
|
entries.putAll(man.getEntries());
|
||||||
}
|
}
|
||||||
@ -179,6 +202,14 @@ public class Manifest implements Cloneable {
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static String getErrorPosition(String filename, final int lineNumber) {
|
||||||
|
if (filename == null || !jarInfoInExceptionText) {
|
||||||
|
return "line " + lineNumber;
|
||||||
|
}
|
||||||
|
|
||||||
|
return "manifest of " + filename + ":" + lineNumber;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Reads the Manifest from the specified InputStream. The entry
|
* Reads the Manifest from the specified InputStream. The entry
|
||||||
* names and attributes read will be merged in with the current
|
* names and attributes read will be merged in with the current
|
||||||
@ -193,7 +224,7 @@ public class Manifest implements Cloneable {
|
|||||||
// Line buffer
|
// Line buffer
|
||||||
byte[] lbuf = new byte[512];
|
byte[] lbuf = new byte[512];
|
||||||
// Read the main attributes for the manifest
|
// Read the main attributes for the manifest
|
||||||
attr.read(fis, lbuf);
|
int lineNumber = attr.read(fis, lbuf, jarFilename, 0);
|
||||||
// Total number of entries, attributes read
|
// Total number of entries, attributes read
|
||||||
int ecount = 0, acount = 0;
|
int ecount = 0, acount = 0;
|
||||||
// Average size of entry attributes
|
// Average size of entry attributes
|
||||||
@ -206,8 +237,11 @@ public class Manifest implements Cloneable {
|
|||||||
|
|
||||||
while ((len = fis.readLine(lbuf)) != -1) {
|
while ((len = fis.readLine(lbuf)) != -1) {
|
||||||
byte c = lbuf[--len];
|
byte c = lbuf[--len];
|
||||||
|
lineNumber++;
|
||||||
|
|
||||||
if (c != '\n' && c != '\r') {
|
if (c != '\n' && c != '\r') {
|
||||||
throw new IOException("manifest line too long");
|
throw new IOException("manifest line too long ("
|
||||||
|
+ getErrorPosition(jarFilename, lineNumber) + ")");
|
||||||
}
|
}
|
||||||
if (len > 0 && lbuf[len-1] == '\r') {
|
if (len > 0 && lbuf[len-1] == '\r') {
|
||||||
--len;
|
--len;
|
||||||
@ -220,7 +254,8 @@ public class Manifest implements Cloneable {
|
|||||||
if (name == null) {
|
if (name == null) {
|
||||||
name = parseName(lbuf, len);
|
name = parseName(lbuf, len);
|
||||||
if (name == null) {
|
if (name == null) {
|
||||||
throw new IOException("invalid manifest format");
|
throw new IOException("invalid manifest format"
|
||||||
|
+ getErrorPosition(jarFilename, lineNumber) + ")");
|
||||||
}
|
}
|
||||||
if (fis.peek() == ' ') {
|
if (fis.peek() == ' ') {
|
||||||
// name is wrapped
|
// name is wrapped
|
||||||
@ -246,7 +281,7 @@ public class Manifest implements Cloneable {
|
|||||||
attr = new Attributes(asize);
|
attr = new Attributes(asize);
|
||||||
entries.put(name, attr);
|
entries.put(name, attr);
|
||||||
}
|
}
|
||||||
attr.read(fis, lbuf);
|
lineNumber = attr.read(fis, lbuf, jarFilename, lineNumber);
|
||||||
ecount++;
|
ecount++;
|
||||||
acount += attr.size();
|
acount += attr.size();
|
||||||
//XXX: Fix for when the average is 0. When it is 0,
|
//XXX: Fix for when the average is 0. When it is 0,
|
||||||
|
|||||||
@ -30,43 +30,14 @@ import java.lang.reflect.Constructor;
|
|||||||
import java.net.InetSocketAddress;
|
import java.net.InetSocketAddress;
|
||||||
import java.security.AccessController;
|
import java.security.AccessController;
|
||||||
import java.security.PrivilegedAction;
|
import java.security.PrivilegedAction;
|
||||||
import java.security.Security;
|
|
||||||
|
import sun.security.util.SecurityProperties;
|
||||||
|
|
||||||
public final class SocketExceptions {
|
public final class SocketExceptions {
|
||||||
private SocketExceptions() {}
|
private SocketExceptions() {}
|
||||||
|
|
||||||
/**
|
private static final boolean enhancedExceptionText =
|
||||||
* Security or system property which specifies categories of
|
SecurityProperties.includedInExceptions("hostInfo");
|
||||||
* (potentially sensitive) information that may be included
|
|
||||||
* in exception text. This class only defines one category:
|
|
||||||
* "hostInfo" which represents the hostname and port number
|
|
||||||
* of the remote peer relating to a socket exception.
|
|
||||||
* The property value is a comma separated list of
|
|
||||||
* case insignificant category names.
|
|
||||||
*/
|
|
||||||
private static final String enhancedTextPropname = "jdk.includeInExceptions";
|
|
||||||
|
|
||||||
private static final boolean enhancedExceptionText = initTextProp();
|
|
||||||
|
|
||||||
private static boolean initTextProp() {
|
|
||||||
return AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
|
|
||||||
public Boolean run() {
|
|
||||||
String val = System.getProperty(enhancedTextPropname);
|
|
||||||
if (val == null) {
|
|
||||||
val = Security.getProperty(enhancedTextPropname);
|
|
||||||
if (val == null)
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
String[] tokens = val.split(",");
|
|
||||||
for (String token : tokens) {
|
|
||||||
if (token.equalsIgnoreCase("hostinfo"))
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Utility which takes an exception and returns either the same exception
|
* Utility which takes an exception and returns either the same exception
|
||||||
@ -74,8 +45,9 @@ public final class SocketExceptions {
|
|||||||
* and detail message enhanced with addressing information from the
|
* and detail message enhanced with addressing information from the
|
||||||
* given InetSocketAddress.
|
* given InetSocketAddress.
|
||||||
*
|
*
|
||||||
* If the system/security property "jdk.net.enhanceExceptionText" is not
|
* If the system/security property "jdk.includeInExceptions" is not
|
||||||
* set or is false, then the original exception is returned.
|
* set or does not contain the category hostInfo,
|
||||||
|
* then the original exception is returned.
|
||||||
*
|
*
|
||||||
* Only specific IOException subtypes are supported.
|
* Only specific IOException subtypes are supported.
|
||||||
*/
|
*/
|
||||||
|
|||||||
@ -0,0 +1,77 @@
|
|||||||
|
/*
|
||||||
|
* Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
|
||||||
|
* Copyright (c) 2018 SAP SE. All rights reserved.
|
||||||
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
|
*
|
||||||
|
* This code is free software; you can redistribute it and/or modify it
|
||||||
|
* under the terms of the GNU General Public License version 2 only, as
|
||||||
|
* published by the Free Software Foundation. Oracle designates this
|
||||||
|
* particular file as subject to the "Classpath" exception as provided
|
||||||
|
* by Oracle in the LICENSE file that accompanied this code.
|
||||||
|
*
|
||||||
|
* This code is distributed in the hope that it will be useful, but WITHOUT
|
||||||
|
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
|
||||||
|
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
||||||
|
* version 2 for more details (a copy is included in the LICENSE file that
|
||||||
|
* accompanied this code).
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU General Public License version
|
||||||
|
* 2 along with this work; if not, write to the Free Software Foundation,
|
||||||
|
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||||
|
*
|
||||||
|
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
|
||||||
|
* or visit www.oracle.com if you need additional information or have any
|
||||||
|
* questions.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package sun.security.util;
|
||||||
|
|
||||||
|
import java.security.AccessController;
|
||||||
|
import java.security.PrivilegedAction;
|
||||||
|
import java.security.Security;
|
||||||
|
|
||||||
|
public class SecurityProperties {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns the value of the security property propName, which can be overridden
|
||||||
|
* by a system property of the same name
|
||||||
|
*
|
||||||
|
* @param propName the name of the system or security property
|
||||||
|
* @return the value of the system or security property
|
||||||
|
*/
|
||||||
|
public static String privilegedGetOverridable(String propName) {
|
||||||
|
return AccessController.doPrivileged((PrivilegedAction<String>)
|
||||||
|
() -> {
|
||||||
|
String val = System.getProperty(propName);
|
||||||
|
if (val == null) {
|
||||||
|
return Security.getProperty(propName);
|
||||||
|
} else {
|
||||||
|
return val;
|
||||||
|
}
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns true in case the system or security property "jdk.includeInExceptions"
|
||||||
|
* contains the category refName
|
||||||
|
*
|
||||||
|
* @param refName the category to check
|
||||||
|
* @return true in case the system or security property "jdk.includeInExceptions"
|
||||||
|
* contains refName, false otherwise
|
||||||
|
*/
|
||||||
|
public static boolean includedInExceptions(String refName) {
|
||||||
|
String val = privilegedGetOverridable("jdk.includeInExceptions");
|
||||||
|
if (val == null) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
String[] tokens = val.split(",");
|
||||||
|
for (String token : tokens) {
|
||||||
|
token = token.trim();
|
||||||
|
if (token.equalsIgnoreCase(refName)) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
@ -1081,7 +1081,10 @@ jceks.key.serialFilter = java.base/java.lang.Enum;java.base/java.security.KeyRep
|
|||||||
# java.nio.channels package will contain enhanced exception
|
# java.nio.channels package will contain enhanced exception
|
||||||
# message information
|
# message information
|
||||||
#
|
#
|
||||||
|
# jar - enables more detailed information in the IOExceptions thrown
|
||||||
|
# by classes in the java.util.jar package
|
||||||
|
#
|
||||||
# The property setting in this file can be overridden by a system property of
|
# The property setting in this file can be overridden by a system property of
|
||||||
# the same name, with the same syntax and possible values.
|
# the same name, with the same syntax and possible values.
|
||||||
#
|
#
|
||||||
#jdk.includeInExceptions=hostInfo
|
#jdk.includeInExceptions=hostInfo,jar
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user