# HG changeset patch # User weijun # Date 1350962115 -28800 # Node ID 9c2a2aae44a46e0b63b913987672d1488fa4e7a5 # Parent 6088f35106866940de257456c8eee21b130d5ff5 8000210: Improve JarFile code quality Reviewed-by: ahgross, xuelei, mschoene diff --git a/src/share/classes/java/util/jar/JarFile.java b/src/share/classes/java/util/jar/JarFile.java --- jdk/src/share/classes/java/util/jar/JarFile.java +++ jdk/src/share/classes/java/util/jar/JarFile.java @@ -32,6 +32,7 @@ import java.security.CodeSigner; import java.security.CodeSigner; import java.security.cert.Certificate; import java.security.AccessController; +import sun.misc.IOUtils; import sun.security.action.GetPropertyAction; import sun.security.util.ManifestEntryVerifier; import sun.misc.SharedSecrets; @@ -326,6 +327,9 @@ class JarFile extends ZipFile { if (names != null) { for (int i = 0; i < names.length; i++) { JarEntry e = getJarEntry(names[i]); + if (e == null) { + throw new JarException("corrupted jar file"); + } if (!e.isDirectory()) { if (mev == null) { mev = new ManifestEntryVerifier @@ -345,6 +349,10 @@ class JarFile extends ZipFile { // treat the jar file as being unsigned jv = null; verify = false; + if (JarVerifier.debug != null) { + JarVerifier.debug.println("jarfile parsing error!"); + ex.printStackTrace(); + } } // if after initializing the verifier we have nothing @@ -372,9 +380,8 @@ class JarFile extends ZipFile { * META-INF files. */ private byte[] getBytes(ZipEntry ze) throws IOException { - byte[] b = new byte[(int)ze.getSize()]; - DataInputStream is = new DataInputStream(super.getInputStream(ze)); - is.readFully(b, 0, b.length); + InputStream is = super.getInputStream(ze); + byte[] b = IOUtils.readFully(is, (int)ze.getSize(), true); is.close(); return b; } @@ -476,12 +483,7 @@ class JarFile extends ZipFile { if (!isKnownToNotHaveClassPathAttribute()) { JarEntry manEntry = getManEntry(); if (manEntry != null) { - byte[] b = new byte[(int)manEntry.getSize()]; - DataInputStream dis = new DataInputStream( - super.getInputStream(manEntry)); - dis.readFully(b, 0, b.length); - dis.close(); - + byte[] b = getBytes(manEntry); int last = b.length - src.length; int i = 0; next: diff --git a/src/share/classes/sun/security/util/DerIndefLenConverter.java b/src/share/classes/sun/security/util/DerIndefLenConverter.java --- jdk/src/share/classes/sun/security/util/DerIndefLenConverter.java +++ jdk/src/share/classes/sun/security/util/DerIndefLenConverter.java @@ -50,6 +50,7 @@ class DerIndefLenConverter { private byte[] data, newData; private int newDataPos, dataPos, dataSize, index; + private int unresolved = 0; private ArrayList ndefsList = new ArrayList(); @@ -113,6 +114,7 @@ class DerIndefLenConverter { numOfEncapsulatedLenBytes; byte[] sectionLenBytes = getLengthBytes(sectionLen); ndefsList.set(index, sectionLenBytes); + unresolved--; // Add the number of bytes required to represent this section // to the total number of length bytes, @@ -149,6 +151,7 @@ class DerIndefLenConverter { int lenByte = data[dataPos++] & 0xff; if (isIndefinite(lenByte)) { ndefsList.add(new Integer(dataPos)); + unresolved++; return curLen; } if (isLongForm(lenByte)) { @@ -316,6 +319,10 @@ class DerIndefLenConverter { parseValue(len); } + if (unresolved != 0) { + throw new IOException("not all indef len BER resolved"); + } + newData = new byte[dataSize + numOfTotalLenBytes]; dataPos=0; newDataPos=0; index=0;