Binary files /tmp/tmpoKoDqv/0HJg71FdAZ/openjdk-8-8u252-b07/corba.tar.xz and /tmp/tmpoKoDqv/1JQVkl8180/openjdk-8-8u252-b09/corba.tar.xz differ diff -Nru openjdk-8-8u252-b07/debian/changelog openjdk-8-8u252-b09/debian/changelog --- openjdk-8-8u252-b07/debian/changelog 2020-03-26 11:57:56.000000000 +0000 +++ openjdk-8-8u252-b09/debian/changelog 2020-04-16 08:47:49.000000000 +0000 @@ -1,3 +1,92 @@ +openjdk-8 (8u252-b09-1ubuntu1) focal; urgency=medium + + * Build without atk-wrapper on i386 in focal. + + -- Matthias Klose Thu, 16 Apr 2020 10:47:49 +0200 + +openjdk-8 (8u252-b09-1) unstable; urgency=medium + + * Update to OpenJDK 8u252-b09 (GA). Updated aarch32 to 8u252-b08 (no + hotspot changes between b08 and b09). + * Security fixes + - JDK-8223898, CVE-2020-2754: Forward references to Nashorn + - JDK-8223904, CVE-2020-2755: Improve Nashorn matching + - JDK-8224541, CVE-2020-2756: Better mapping of serial ENUMs + - JDK-8224549, CVE-2020-2757: Less Blocking Array Queues + - JDK-8225603: Enhancement for big integers + - JDK-8227542: Manifest improved jar headers + - JDK-8231415, CVE-2020-2773: Better signatures in XML + - JDK-8233250: Better X11 rendering + - JDK-8233410: Better Build Scripting + - JDK-8234027: Better JCEKS key support + - JDK-8234408, CVE-2020-2781: Improve TLS session handling + - JDK-8234825, CVE-2020-2800: Better Headings for HTTP Servers + - JDK-8234841, CVE-2020-2803: Enhance buffering of byte buffers + - JDK-8235274, CVE-2020-2805: Enhance typing of methods + - JDK-8236201, CVE-2020-2830: Better Scanner conversions + - JDK-8238960: linux-i586 builds are inconsistent as the newly build + jdk is not able to reserve enough space for object heap + * Other changes + - JDK-8005819: Support cross-realm MSSFU + - JDK-8022263: use same Clang warnings on BSD as on Linux + - JDK-8038631: Create wrapper for awt.Robot with additional functionality + - JDK-8047212: runtime/ParallelClassLoading/bootstrap/random/inner-complex + assert(ObjectSynchronizer::verify_objmon_isinpool(inf)) failed: monitor + is invalid + - JDK-8055283: Expand ResourceHashtable with C_HEAP allocation, removal and + some unit tests + - JDK-8068184: Fix for JDK-8032832 caused a deadlock + - JDK-8079693: Add support for ECDSA P-384 and P-521 curves to XML Signature + - JDK-8132130: some docs cleanup + - JDK-8135318: CMS wrong max_eden_size for check_gc_overhead_limit + - JDK-8144445: Maximum size checking in Marlin ArrayCache utility methods + is not optimal + - JDK-8144446: Automate the Marlin crash test + - JDK-8144526: Remove Marlin logging use of deleted internal API + - JDK-8144630: Use PrivilegedAction to create Thread in Marlin RendererStats + - JDK-8144654: Improve Marlin logging + - JDK-8144718: Pisces / Marlin Strokers may generate invalid curves with + huge coordinates and round joins + - JDK-8166976: TestCipherPBECons has wrong @run line + - JDK-8167409: Invalid value passed to critical JNI function + - JDK-8181872: C1: possible overflow when strength reducing integer multiply + by constant + - JDK-8187078: -XX:+VerifyOops finds numerous problems when running JPRT + - JDK-8191227: issues with unsafe handle resolution + - JDK-8197441: Signature#initSign/initVerify for an invalid + private/public key fails with ClassCastException for SunPKCS11 provider + - JDK-8204152: SignedObject throws NullPointerException for null keys with + an initialized Signature object + - JDK-8215756: Memory leaks in the AWT on macOS + - JDK-8216472: (se) Stack overflow during selection operation leads to crash + - JDK-8219244: NMT: Change ThreadSafepointState's allocation type from + mtInternal to mtThread + - JDK-8219597: (bf) Heap buffer state changes could provoke unexpected + exceptions + - JDK-8225128: Add exception for expiring DocuSign root to VerifyCACerts + test + - JDK-8225130: Add exception for expiring Comodo roots to VerifyCACerts test + - JDK-8229022: BufferedReader performance can be improved by using + StringBuilder + - JDK-8229345: Memory leak due to vtable stubs not being shared on SPARC + - JDK-8229872: (fs) Increase buffer size used with getmntent + - JDK-8230235: Rendering HTML with empty img attribute and documentBaseKey + cause Exception + - JDK-8231430: C2: Memory stomp in max_array_length() for T_ILLEGAL type + - JDK-8235744: PIT: + test/jdk/javax/swing/text/html/TestJLabelWithHTMLText.java times out in + linux-x64 + - JDK-8235904: Infinite loop when rendering huge lines + - JDK-8236179: C1 register allocation error with T_ADDRESS + - JDK-8237368: Problem with NullPointerException in RMI TCPEndpoint.read + - JDK-8240521: Revert backport of 8231584: Deadlock with + ClassLoader.findLibrary and System.loadLibrary call + - JDK-8241296: Segfault in JNIHandleBlock::oops_do() + - JDK-8241307: Marlin renderer should not be the default in 8u252 + * Build using GCC 9 in unstable. Closes: #944184. + + -- Matthias Klose Wed, 15 Apr 2020 15:38:21 +0200 + openjdk-8 (8u252-b07-1) unstable; urgency=medium * Update to 8u252-b07 (early access build). diff -Nru openjdk-8-8u252-b07/debian/rules openjdk-8-8u252-b09/debian/rules --- openjdk-8-8u252-b07/debian/rules 2020-03-26 11:57:56.000000000 +0000 +++ openjdk-8-8u252-b09/debian/rules 2020-04-16 08:47:49.000000000 +0000 @@ -71,7 +71,6 @@ endif is_upstream_release = yes -is_upstream_release = srcdir = src builddir = build @@ -300,6 +299,13 @@ with_bridge = else with_bridge = atk + ifeq ($(derivative),Ubuntu) + ifeq ($(DEB_HOST_ARCH),i386) + ifeq (,$(filter $(distrel), precise trusty xenial bionic disco eoan)) + with_bridge = + endif + endif + endif endif with_nss = yes @@ -1989,17 +1995,17 @@ is_release = is_release = yes hg_project = jdk8u -hg_tag = jdk8u252-b07 +hg_tag = jdk8u252-b09 package_version = $(subst jdk,,$(hg_tag)) ifneq ($(is_release),yes) package_version := $(subst -,~,$(package_version)) endif hg_url = http://hg.openjdk.java.net/jdk8u/$(hg_project) hg_project_aarch64 = jdk8u-shenandoah -hg_tag_aarch64 = aarch64-shenandoah-jdk8u252-b06 +hg_tag_aarch64 = aarch64-shenandoah-jdk8u252-b09 hg_url_aarch64 = http://hg.openjdk.java.net/aarch64-port/$(hg_project_aarch64) hg_project_aarch32 = jdk8u -hg_tag_aarch32 = jdk8u252-b06-aarch32-20200317 +hg_tag_aarch32 = jdk8u252-b08-aarch32-20200327 hg_url_aarch32 = http://hg.openjdk.java.net/aarch32-port/$(hg_project_aarch32) origdir = ../openjdk-8-$(package_version).orig orig_tarball = ../openjdk-8_$(package_version).orig.tar.xz Binary files /tmp/tmpoKoDqv/0HJg71FdAZ/openjdk-8-8u252-b07/hotspot-aarch32.tar.xz and /tmp/tmpoKoDqv/1JQVkl8180/openjdk-8-8u252-b09/hotspot-aarch32.tar.xz differ Binary files /tmp/tmpoKoDqv/0HJg71FdAZ/openjdk-8-8u252-b07/hotspot-aarch64.tar.xz and /tmp/tmpoKoDqv/1JQVkl8180/openjdk-8-8u252-b09/hotspot-aarch64.tar.xz differ Binary files /tmp/tmpoKoDqv/0HJg71FdAZ/openjdk-8-8u252-b07/hotspot.tar.xz and /tmp/tmpoKoDqv/1JQVkl8180/openjdk-8-8u252-b09/hotspot.tar.xz differ Binary files /tmp/tmpoKoDqv/0HJg71FdAZ/openjdk-8-8u252-b07/jaxp.tar.xz and /tmp/tmpoKoDqv/1JQVkl8180/openjdk-8-8u252-b09/jaxp.tar.xz differ Binary files /tmp/tmpoKoDqv/0HJg71FdAZ/openjdk-8-8u252-b07/jaxws.tar.xz and /tmp/tmpoKoDqv/1JQVkl8180/openjdk-8-8u252-b09/jaxws.tar.xz differ Binary files /tmp/tmpoKoDqv/0HJg71FdAZ/openjdk-8-8u252-b07/jdk.tar.xz and /tmp/tmpoKoDqv/1JQVkl8180/openjdk-8-8u252-b09/jdk.tar.xz differ Binary files /tmp/tmpoKoDqv/0HJg71FdAZ/openjdk-8-8u252-b07/langtools.tar.xz and /tmp/tmpoKoDqv/1JQVkl8180/openjdk-8-8u252-b09/langtools.tar.xz differ Binary files /tmp/tmpoKoDqv/0HJg71FdAZ/openjdk-8-8u252-b07/nashorn.tar.xz and /tmp/tmpoKoDqv/1JQVkl8180/openjdk-8-8u252-b09/nashorn.tar.xz differ Binary files /tmp/tmpoKoDqv/0HJg71FdAZ/openjdk-8-8u252-b07/root.tar.xz and /tmp/tmpoKoDqv/1JQVkl8180/openjdk-8-8u252-b09/root.tar.xz differ diff -Nru openjdk-8-8u252-b07/=unpacked-tar1=/common/autoconf/flags.m4 openjdk-8-8u252-b09/=unpacked-tar1=/common/autoconf/flags.m4 --- openjdk-8-8u252-b07/=unpacked-tar1=/common/autoconf/flags.m4 2020-02-06 18:12:24.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar1=/common/autoconf/flags.m4 2020-02-20 22:05:38.000000000 +0000 @@ -156,6 +156,7 @@ if test "x$TOOLCHAIN_TYPE" = xgcc; then PICFLAG="-fPIC" + PIEFLAG="-fPIE" C_FLAG_REORDER='' CXX_FLAG_REORDER='' @@ -176,6 +177,7 @@ fi elif test "x$TOOLCHAIN_TYPE" = xsolstudio; then PICFLAG="-KPIC" + PIEFLAG="" C_FLAG_REORDER='-xF' CXX_FLAG_REORDER='-xF' SHARED_LIBRARY_FLAGS="-G" @@ -185,6 +187,7 @@ SET_SHARED_LIBRARY_MAPFILE='-M[$]1' elif test "x$TOOLCHAIN_TYPE" = xxlc; then PICFLAG="-qpic=large" + PIEFLAG="" C_FLAG_REORDER='' CXX_FLAG_REORDER='' SHARED_LIBRARY_FLAGS="-qmkshrobj" @@ -194,6 +197,7 @@ SET_SHARED_LIBRARY_MAPFILE='' elif test "x$TOOLCHAIN_TYPE" = xmicrosoft; then PICFLAG="" + PIEFLAG="" C_FLAG_REORDER='' CXX_FLAG_REORDER='' SHARED_LIBRARY_FLAGS="-LD" @@ -658,8 +662,8 @@ CXXFLAGS_JDKLIB="$CCXXFLAGS_JDK $CXXFLAGS_JDK $PICFLAG $CXXFLAGS_JDKLIB_EXTRA " # Executable flags - CFLAGS_JDKEXE="$CCXXFLAGS_JDK $CFLAGS_JDK" - CXXFLAGS_JDKEXE="$CCXXFLAGS_JDK $CXXFLAGS_JDK" + CFLAGS_JDKEXE="$CCXXFLAGS_JDK $CFLAGS_JDK $PIEFLAG" + CXXFLAGS_JDKEXE="$CCXXFLAGS_JDK $CXXFLAGS_JDK $PIEFLAG" AC_SUBST(CFLAGS_JDKLIB) AC_SUBST(CFLAGS_JDKEXE) @@ -742,6 +746,13 @@ if test "x$OPENJDK_TARGET_OS" = xlinux; then LDFLAGS_JDKEXE="$LDFLAGS_JDKEXE -Xlinker --allow-shlib-undefined" fi + if test "x$TOOLCHAIN_TYPE" = xgcc; then + # Enabling pie on 32 bit builds prevents the JVM from allocating a continuous + # java heap. + if test "x$OPENJDK_TARGET_CPU_BITS" != "x32"; then + LDFLAGS_JDKEXE="$LDFLAGS_JDKEXE -pie" + fi + fi fi AC_SUBST(LDFLAGS_JDKLIB) AC_SUBST(LDFLAGS_JDKEXE) diff -Nru openjdk-8-8u252-b07/=unpacked-tar1=/common/autoconf/generated-configure.sh openjdk-8-8u252-b09/=unpacked-tar1=/common/autoconf/generated-configure.sh --- openjdk-8-8u252-b07/=unpacked-tar1=/common/autoconf/generated-configure.sh 2020-02-06 18:12:24.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar1=/common/autoconf/generated-configure.sh 2020-02-20 22:05:38.000000000 +0000 @@ -4379,7 +4379,7 @@ #CUSTOM_AUTOCONF_INCLUDE # Do not change or remove the following line, it is needed for consistency checks: -DATE_WHEN_GENERATED=1580709484 +DATE_WHEN_GENERATED=1585090987 ############################################################################### # @@ -41236,6 +41236,7 @@ if test "x$TOOLCHAIN_TYPE" = xgcc; then PICFLAG="-fPIC" + PIEFLAG="-fPIE" C_FLAG_REORDER='' CXX_FLAG_REORDER='' @@ -41256,6 +41257,7 @@ fi elif test "x$TOOLCHAIN_TYPE" = xsolstudio; then PICFLAG="-KPIC" + PIEFLAG="" C_FLAG_REORDER='-xF' CXX_FLAG_REORDER='-xF' SHARED_LIBRARY_FLAGS="-G" @@ -41265,6 +41267,7 @@ SET_SHARED_LIBRARY_MAPFILE='-M$1' elif test "x$TOOLCHAIN_TYPE" = xxlc; then PICFLAG="-qpic=large" + PIEFLAG="" C_FLAG_REORDER='' CXX_FLAG_REORDER='' SHARED_LIBRARY_FLAGS="-qmkshrobj" @@ -41274,6 +41277,7 @@ SET_SHARED_LIBRARY_MAPFILE='' elif test "x$TOOLCHAIN_TYPE" = xmicrosoft; then PICFLAG="" + PIEFLAG="" C_FLAG_REORDER='' CXX_FLAG_REORDER='' SHARED_LIBRARY_FLAGS="-LD" @@ -42088,8 +42092,8 @@ CXXFLAGS_JDKLIB="$CCXXFLAGS_JDK $CXXFLAGS_JDK $PICFLAG $CXXFLAGS_JDKLIB_EXTRA " # Executable flags - CFLAGS_JDKEXE="$CCXXFLAGS_JDK $CFLAGS_JDK" - CXXFLAGS_JDKEXE="$CCXXFLAGS_JDK $CXXFLAGS_JDK" + CFLAGS_JDKEXE="$CCXXFLAGS_JDK $CFLAGS_JDK $PIEFLAG" + CXXFLAGS_JDKEXE="$CCXXFLAGS_JDK $CXXFLAGS_JDK $PIEFLAG" @@ -42172,6 +42176,13 @@ if test "x$OPENJDK_TARGET_OS" = xlinux; then LDFLAGS_JDKEXE="$LDFLAGS_JDKEXE -Xlinker --allow-shlib-undefined" fi + if test "x$TOOLCHAIN_TYPE" = xgcc; then + # Enabling pie on 32 bit builds prevents the JVM from allocating a continuous + # java heap. + if test "x$OPENJDK_TARGET_CPU_BITS" != "x32"; then + LDFLAGS_JDKEXE="$LDFLAGS_JDKEXE -pie" + fi + fi fi diff -Nru openjdk-8-8u252-b07/=unpacked-tar1=/.hg_archival.txt openjdk-8-8u252-b09/=unpacked-tar1=/.hg_archival.txt --- openjdk-8-8u252-b07/=unpacked-tar1=/.hg_archival.txt 2020-02-06 18:12:24.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar1=/.hg_archival.txt 2020-02-20 22:05:38.000000000 +0000 @@ -1,4 +1,5 @@ repo: cfeea66a3fa8ca3686a7cfa2d0ce8ab0169f168d -node: 746815de8b5b0c661aa6a1fa9476be758cc51e17 +node: 343c4ea489d5d3b058c5e00339868e4f66c4995a branch: default -tag: jdk8u252-b07 +tag: jdk8u252-b09 +tag: jdk8u252-ga diff -Nru openjdk-8-8u252-b07/=unpacked-tar1=/.hgtags openjdk-8-8u252-b09/=unpacked-tar1=/.hgtags --- openjdk-8-8u252-b07/=unpacked-tar1=/.hgtags 2020-02-06 18:12:24.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar1=/.hgtags 2020-02-20 22:05:38.000000000 +0000 @@ -995,3 +995,5 @@ 6383ac7b39e4d10c1fa6bf174855bc259dd9cb22 jdk8u252-b04 62c9a2725c6cbfcbd4c2d47c3751dbdecc2610ad jdk8u252-b05 bb464170d34478503661419d2f2864af7553d696 jdk8u252-b06 +746815de8b5b0c661aa6a1fa9476be758cc51e17 jdk8u252-b07 +72a6d93679e5bee5d5192234b8421024233cf616 jdk8u252-b08 diff -Nru openjdk-8-8u252-b07/=unpacked-tar10=/.hg_archival.txt openjdk-8-8u252-b09/=unpacked-tar10=/.hg_archival.txt --- openjdk-8-8u252-b07/=unpacked-tar10=/.hg_archival.txt 2020-02-06 18:12:24.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar10=/.hg_archival.txt 2019-11-15 18:10:43.000000000 +0000 @@ -1,4 +1,5 @@ repo: b8a1b238c77c7c00024daaa2cb7d10838e017b5f -node: 0666ec7fe2b45353dc0e09c1f6f386bdf763eeb4 +node: 2f5ad880fd3372eb5c2e5ac5ee82c705a1b6ac07 branch: default -tag: jdk8u252-b07 +tag: jdk8u252-b09 +tag: jdk8u252-ga diff -Nru openjdk-8-8u252-b07/=unpacked-tar10=/.hgtags openjdk-8-8u252-b09/=unpacked-tar10=/.hgtags --- openjdk-8-8u252-b07/=unpacked-tar10=/.hgtags 2020-02-06 18:12:24.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar10=/.hgtags 2019-11-15 18:10:43.000000000 +0000 @@ -1067,3 +1067,5 @@ e767af0b6500d829977e23cfb3fe19f28a4e9f88 jdk8u252-b04 7fd34fff5c4418b869b96c6f3c1f9fd632590a5b jdk8u252-b05 b988f627520c45015f0b91d2ee35e69531300770 jdk8u252-b06 +0666ec7fe2b45353dc0e09c1f6f386bdf763eeb4 jdk8u252-b07 +95d61d0f326bbfaddc2cbd29e67b12c00041caaa jdk8u252-b08 diff -Nru openjdk-8-8u252-b07/=unpacked-tar10=/src/jdk/nashorn/internal/runtime/regexp/joni/ast/StringNode.java openjdk-8-8u252-b09/=unpacked-tar10=/src/jdk/nashorn/internal/runtime/regexp/joni/ast/StringNode.java --- openjdk-8-8u252-b07/=unpacked-tar10=/src/jdk/nashorn/internal/runtime/regexp/joni/ast/StringNode.java 2020-02-06 18:12:24.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar10=/src/jdk/nashorn/internal/runtime/regexp/joni/ast/StringNode.java 2019-11-15 18:10:43.000000000 +0000 @@ -27,7 +27,6 @@ private static final int NODE_STR_MARGIN = 16; private static final int NODE_STR_BUF_SIZE = 24; - public static final StringNode EMPTY = new StringNode(null, Integer.MAX_VALUE, Integer.MAX_VALUE); public char[] chars; public int p; @@ -36,7 +35,13 @@ public int flag; public StringNode() { - this.chars = new char[NODE_STR_BUF_SIZE]; + this(NODE_STR_BUF_SIZE); + } + + private StringNode(int size) { + this.chars = new char[size]; + this.p = 0; + this.end = 0; } public StringNode(final char[] chars, final int p, final int end) { @@ -51,6 +56,13 @@ chars[end++] = c; } + /** + * Create a new empty StringNode. + */ + public static StringNode createEmpty() { + return new StringNode(0); + } + /* Ensure there is ahead bytes available in node's buffer * (assumes that the node is not shared) */ diff -Nru openjdk-8-8u252-b07/=unpacked-tar10=/src/jdk/nashorn/internal/runtime/regexp/joni/Parser.java openjdk-8-8u252-b09/=unpacked-tar10=/src/jdk/nashorn/internal/runtime/regexp/joni/Parser.java --- openjdk-8-8u252-b07/=unpacked-tar10=/src/jdk/nashorn/internal/runtime/regexp/joni/Parser.java 2020-02-06 18:12:24.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar10=/src/jdk/nashorn/internal/runtime/regexp/joni/Parser.java 2019-11-15 18:10:43.000000000 +0000 @@ -452,7 +452,7 @@ private Node parseExp(final TokenType term) { if (token.type == term) { - return StringNode.EMPTY; // goto end_of_token + return StringNode.createEmpty(); // goto end_of_token } Node node = null; @@ -461,7 +461,7 @@ switch(token.type) { case ALT: case EOT: - return StringNode.EMPTY; // end_of_token:, node_new_empty + return StringNode.createEmpty(); // end_of_token:, node_new_empty case SUBEXP_OPEN: node = parseEnclose(TokenType.SUBEXP_CLOSE); @@ -569,7 +569,7 @@ if (syntax.contextInvalidRepeatOps()) { throw new SyntaxException(ERR_TARGET_OF_REPEAT_OPERATOR_NOT_SPECIFIED); } - node = StringNode.EMPTY; // node_new_empty + node = StringNode.createEmpty(); // node_new_empty } else { return parseExpTkByte(group); // goto tk_byte } diff -Nru openjdk-8-8u252-b07/=unpacked-tar10=/src/jdk/nashorn/internal/runtime/regexp/RegExpScanner.java openjdk-8-8u252-b09/=unpacked-tar10=/src/jdk/nashorn/internal/runtime/regexp/RegExpScanner.java --- openjdk-8-8u252-b07/=unpacked-tar10=/src/jdk/nashorn/internal/runtime/regexp/RegExpScanner.java 2020-02-06 18:12:24.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar10=/src/jdk/nashorn/internal/runtime/regexp/RegExpScanner.java 2019-11-15 18:10:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2010, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -141,14 +141,14 @@ throw new PatternSyntaxException(e.getMessage(), string, scanner.position); } - scanner.processForwardReferences(); - // Throw syntax error unless we parsed the entire JavaScript regexp without syntax errors if (scanner.position != string.length()) { final String p = scanner.getStringBuilder().toString(); throw new PatternSyntaxException(string, p, p.length() + 1); } + scanner.processForwardReferences(); + return scanner; } diff -Nru openjdk-8-8u252-b07/=unpacked-tar11=/.hg_archival.txt openjdk-8-8u252-b09/=unpacked-tar11=/.hg_archival.txt --- openjdk-8-8u252-b07/=unpacked-tar11=/.hg_archival.txt 2020-02-06 18:12:24.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar11=/.hg_archival.txt 2020-03-26 11:57:56.000000000 +0000 @@ -1,4 +1,4 @@ repo: a61af66fc99eb5ec9d50c05b0c599757b1289ceb -node: 28076b7ca4818c8c31d9482ec3bedba7a0b0e875 +node: e4e81ae2164343f2f17cb8f5ab9db4b160591410 branch: default -tag: aarch64-shenandoah-jdk8u252-b06 +tag: aarch64-shenandoah-jdk8u252-b09 diff -Nru openjdk-8-8u252-b07/=unpacked-tar11=/.hgtags openjdk-8-8u252-b09/=unpacked-tar11=/.hgtags --- openjdk-8-8u252-b07/=unpacked-tar11=/.hgtags 2020-02-06 18:12:24.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar11=/.hgtags 2020-03-26 11:57:56.000000000 +0000 @@ -1444,3 +1444,10 @@ 9003f35baaa0d57d225bf72cf82fb0a8ee049c98 jdk8u252-b05 9606ff9039afb82873cecc91aab0c077d14e00bd aarch64-shenandoah-jdk8u252-b05 b4fd7e078c54a23ed44f09aec3f6938bed3e3630 jdk8u252-b06 +28076b7ca4818c8c31d9482ec3bedba7a0b0e875 aarch64-shenandoah-jdk8u252-b06 +5a667d30f1c201ff61ea7cc88f3a6f7189f9ebb1 aarch64-shenandoah-jdk8u252-b05-shenandoah-merge-2020-03-06 +d17814ea88e3aa0a2f2fdb125e35a878ee27fe3e jdk8u252-b07 +9f9d7938db160ddfddf1f3441f1af154fa6d4352 aarch64-shenandoah-jdk8u252-b07 +8f2780b3e4faf4792ac885f470bb1602d4ca5526 jdk8u252-b08 +2668bab1293c65ee7d85d310f923b49e135cfc6d aarch64-shenandoah-jdk8u252-b08 +095e60e7fc8c7813c2e0e68637bd53c01f8cba64 jdk8u252-b09 diff -Nru openjdk-8-8u252-b07/=unpacked-tar11=/src/share/vm/runtime/thread.cpp openjdk-8-8u252-b09/=unpacked-tar11=/src/share/vm/runtime/thread.cpp --- openjdk-8-8u252-b07/=unpacked-tar11=/src/share/vm/runtime/thread.cpp 2020-02-06 18:12:24.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar11=/src/share/vm/runtime/thread.cpp 2020-03-26 11:57:56.000000000 +0000 @@ -870,7 +870,9 @@ } void Thread::oops_do(OopClosure* f, CLDClosure* cld_f, CodeBlobClosure* cf) { - active_handles()->oops_do(f); + if (active_handles() != NULL) { + active_handles()->oops_do(f); + } // Do oop for ThreadShadow f->do_oop((oop*)&_pending_exception); handle_area()->oops_do(f); diff -Nru openjdk-8-8u252-b07/=unpacked-tar2=/.hg_archival.txt openjdk-8-8u252-b09/=unpacked-tar2=/.hg_archival.txt --- openjdk-8-8u252-b07/=unpacked-tar2=/.hg_archival.txt 2020-02-06 18:12:24.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar2=/.hg_archival.txt 2020-03-26 11:57:56.000000000 +0000 @@ -1,4 +1,4 @@ repo: a61af66fc99eb5ec9d50c05b0c599757b1289ceb -node: f6ecbe705f82c5f890d112a76579eb2fa4a7abdf +node: 300ee0dee84d3c739d8ee0556c85ae51647b0eaf branch: default -tag: jdk8u252-b06-aarch32-20200317 +tag: jdk8u252-b08-aarch32-20200327 diff -Nru openjdk-8-8u252-b07/=unpacked-tar2=/.hgtags openjdk-8-8u252-b09/=unpacked-tar2=/.hgtags --- openjdk-8-8u252-b07/=unpacked-tar2=/.hgtags 2020-02-06 18:12:24.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar2=/.hgtags 2020-03-26 11:57:56.000000000 +0000 @@ -1348,3 +1348,6 @@ 9003f35baaa0d57d225bf72cf82fb0a8ee049c98 jdk8u252-b05 8558fdd621b3e4d35380b66df08903fa4402e89e jdk8u252-b05-aarch32-20200304 b4fd7e078c54a23ed44f09aec3f6938bed3e3630 jdk8u252-b06 +f6ecbe705f82c5f890d112a76579eb2fa4a7abdf jdk8u252-b06-aarch32-20200317 +d17814ea88e3aa0a2f2fdb125e35a878ee27fe3e jdk8u252-b07 +8f2780b3e4faf4792ac885f470bb1602d4ca5526 jdk8u252-b08 diff -Nru openjdk-8-8u252-b07/=unpacked-tar2=/src/share/vm/runtime/thread.cpp openjdk-8-8u252-b09/=unpacked-tar2=/src/share/vm/runtime/thread.cpp --- openjdk-8-8u252-b07/=unpacked-tar2=/src/share/vm/runtime/thread.cpp 2020-02-06 18:12:24.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar2=/src/share/vm/runtime/thread.cpp 2020-03-26 11:57:56.000000000 +0000 @@ -836,7 +836,9 @@ } void Thread::oops_do(OopClosure* f, CLDClosure* cld_f, CodeBlobClosure* cf) { - active_handles()->oops_do(f); + if (active_handles() != NULL) { + active_handles()->oops_do(f); + } // Do oop for ThreadShadow f->do_oop((oop*)&_pending_exception); handle_area()->oops_do(f); diff -Nru openjdk-8-8u252-b07/=unpacked-tar3=/.hg_archival.txt openjdk-8-8u252-b09/=unpacked-tar3=/.hg_archival.txt --- openjdk-8-8u252-b07/=unpacked-tar3=/.hg_archival.txt 2020-02-06 18:12:24.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar3=/.hg_archival.txt 2020-03-26 11:57:56.000000000 +0000 @@ -1,4 +1,5 @@ repo: 0961a4a211765fea071b8dac419003ee0c3d5973 -node: e86a511a486e55c8492cffab649b70be870147fc +node: b012193ff452cb51182f5f5c60ccbed0da6e3ef8 branch: default -tag: jdk8u252-b07 +tag: jdk8u252-b09 +tag: jdk8u252-ga diff -Nru openjdk-8-8u252-b07/=unpacked-tar3=/.hgtags openjdk-8-8u252-b09/=unpacked-tar3=/.hgtags --- openjdk-8-8u252-b07/=unpacked-tar3=/.hgtags 2020-02-06 18:12:24.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar3=/.hgtags 2020-03-26 11:57:56.000000000 +0000 @@ -1026,3 +1026,5 @@ 966e128812aff4c0a4aa4aed7e0ec61dbb8c7953 jdk8u252-b04 fac54385ffea4540bc79826ffed5b6d20d821ae5 jdk8u252-b05 121cf3b001d9906c3ad92e690122a30dc39f2405 jdk8u252-b06 +e86a511a486e55c8492cffab649b70be870147fc jdk8u252-b07 +7e334946a044980685486099ac74a366752e73d1 jdk8u252-b08 diff -Nru openjdk-8-8u252-b07/=unpacked-tar4=/.hg_archival.txt openjdk-8-8u252-b09/=unpacked-tar4=/.hg_archival.txt --- openjdk-8-8u252-b07/=unpacked-tar4=/.hg_archival.txt 2020-02-06 18:12:24.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar4=/.hg_archival.txt 2020-03-26 11:57:56.000000000 +0000 @@ -1,4 +1,5 @@ repo: 6ce5f4757bde08f7470cbb9f0b46da8f2f3d4f56 -node: ca05e6121665397a1a6a814fdf9fc206a5ecb370 +node: 8476d78dc6957469844a3f451abb654105f2e5d9 branch: default -tag: jdk8u252-b07 +tag: jdk8u252-b09 +tag: jdk8u252-ga diff -Nru openjdk-8-8u252-b07/=unpacked-tar4=/.hgtags openjdk-8-8u252-b09/=unpacked-tar4=/.hgtags --- openjdk-8-8u252-b07/=unpacked-tar4=/.hgtags 2020-02-06 18:12:24.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar4=/.hgtags 2020-03-26 11:57:56.000000000 +0000 @@ -1032,3 +1032,5 @@ d71d04eabe6424cb001f59c7448535ce9a8a5d86 jdk8u252-b04 49013f07f606b0226e8dffe6f3ad865cd100e52e jdk8u252-b05 4f24bfe038c3727f560c5eca38a766158037a44b jdk8u252-b06 +ca05e6121665397a1a6a814fdf9fc206a5ecb370 jdk8u252-b07 +d1a8fb9aafdd8a6bfad7ee853e160101dae10787 jdk8u252-b08 diff -Nru openjdk-8-8u252-b07/=unpacked-tar5=/.hg_archival.txt openjdk-8-8u252-b09/=unpacked-tar5=/.hg_archival.txt --- openjdk-8-8u252-b07/=unpacked-tar5=/.hg_archival.txt 2020-02-06 18:12:24.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar5=/.hg_archival.txt 2020-03-26 11:57:56.000000000 +0000 @@ -1,4 +1,5 @@ repo: 55540e827aef970ecc010b7e06b912d991c8e3ce -node: ee99eeee44ad1b13088f8c70711668f0cdee7821 +node: 9340b3be1b4792e1bca8b83f35c83baec2b358ec branch: default -tag: jdk8u252-b07 +tag: jdk8u252-b09 +tag: jdk8u252-ga diff -Nru openjdk-8-8u252-b07/=unpacked-tar5=/.hgtags openjdk-8-8u252-b09/=unpacked-tar5=/.hgtags --- openjdk-8-8u252-b07/=unpacked-tar5=/.hgtags 2020-02-06 18:12:24.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar5=/.hgtags 2020-03-26 11:57:56.000000000 +0000 @@ -1068,3 +1068,5 @@ 4eb5558f0f4fc6602ed0d01df95aeae1e77364c6 jdk8u252-b04 b2c092b72c7c6a6fdcf99acb9feb31b807b24772 jdk8u252-b05 ff8c2e73d641368a30508a038c4cf57391ef076a jdk8u252-b06 +ee99eeee44ad1b13088f8c70711668f0cdee7821 jdk8u252-b07 +63738d15bb7f5e30917754acd19c52a77265bcdb jdk8u252-b08 diff -Nru openjdk-8-8u252-b07/=unpacked-tar7=/.hg_archival.txt openjdk-8-8u252-b09/=unpacked-tar7=/.hg_archival.txt --- openjdk-8-8u252-b07/=unpacked-tar7=/.hg_archival.txt 2018-04-13 18:07:58.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar7=/.hg_archival.txt 2018-06-19 23:33:31.000000000 +0000 @@ -1,4 +1,5 @@ repo: 37a05a11f281b4d238e2f9e7ebb67c63f64d0e77 -node: 2a93ed39a4e92e02bd59a02aac6cd9ed6defd386 +node: 3ad9fa6a5a13fab2188de93bdaa38c1a7f8f5521 branch: default -tag: jdk8u252-b07 +tag: jdk8u252-b09 +tag: jdk8u252-ga diff -Nru openjdk-8-8u252-b07/=unpacked-tar7=/.hgtags openjdk-8-8u252-b09/=unpacked-tar7=/.hgtags --- openjdk-8-8u252-b07/=unpacked-tar7=/.hgtags 2018-04-13 18:07:58.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar7=/.hgtags 2018-06-19 23:33:31.000000000 +0000 @@ -1027,3 +1027,5 @@ b67f77679d02d6634666578983103ce5d16a3a9b jdk8u252-b04 b959971e0a5a609453c3a122755fc987c36f0566 jdk8u252-b05 6f7370a85071d54772615abab532264dba461c51 jdk8u252-b06 +2a93ed39a4e92e02bd59a02aac6cd9ed6defd386 jdk8u252-b07 +e17fe591a374d25725b077f5e99a87de6eb2ab5b jdk8u252-b08 diff -Nru openjdk-8-8u252-b07/=unpacked-tar7=/make/CompileLaunchers.gmk openjdk-8-8u252-b09/=unpacked-tar7=/make/CompileLaunchers.gmk --- openjdk-8-8u252-b07/=unpacked-tar7=/make/CompileLaunchers.gmk 2018-04-13 18:07:58.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar7=/make/CompileLaunchers.gmk 2018-06-19 23:33:31.000000000 +0000 @@ -163,7 +163,6 @@ -DLAUNCHER_NAME='"$(LAUNCHER_NAME)"' \ -DPROGNAME='"$1"' $(DPACKAGEPATH) \ $2, \ - CFLAGS_linux := -fPIC, \ CFLAGS_solaris := -KPIC -DHAVE_GETHRTIME, \ LDFLAGS := $(LDFLAGS_JDKEXE) \ $(ORIGIN_ARG) \ diff -Nru openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/com/sun/crypto/provider/JceKeyStore.java openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/com/sun/crypto/provider/JceKeyStore.java --- openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/com/sun/crypto/provider/JceKeyStore.java 2018-04-13 18:07:58.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/com/sun/crypto/provider/JceKeyStore.java 2018-06-19 23:33:31.000000000 +0000 @@ -81,6 +81,12 @@ private static final class SecretKeyEntry { Date date; // the creation date of this entry SealedObject sealedKey; + + // Maximum possible length of sealedKey. Used to detect malicious + // input data. This field is set to the file length of the keystore + // at loading. It is useless when creating a new SecretKeyEntry + // to be store in a keystore. + int maxLength; } // Trusted certificate @@ -136,8 +142,8 @@ } key = keyProtector.recover(encrInfo); } else { - key = - keyProtector.unseal(((SecretKeyEntry)entry).sealedKey); + SecretKeyEntry ske = ((SecretKeyEntry)entry); + key = keyProtector.unseal(ske.sealedKey, ske.maxLength); } return key; @@ -282,6 +288,7 @@ // seal and store the key entry.sealedKey = keyProtector.seal(key); + entry.maxLength = Integer.MAX_VALUE; entries.put(alias.toLowerCase(Locale.ENGLISH), entry); } @@ -691,6 +698,10 @@ if (stream == null) return; + byte[] allData = IOUtils.readAllBytes(stream); + int fullLength = allData.length; + + stream = new ByteArrayInputStream(allData); if (password != null) { md = getPreKeyedHash(password); dis = new DataInputStream(new DigestInputStream(stream, md)); @@ -829,10 +840,11 @@ AccessController.doPrivileged( (PrivilegedAction)() -> { ObjectInputFilter.Config.setObjectInputFilter( - ois2, new DeserializationChecker()); + ois2, new DeserializationChecker(fullLength)); return null; }); entry.sealedKey = (SealedObject)ois.readObject(); + entry.maxLength = fullLength; // NOTE: don't close ois here since we are still // using dis!!! } catch (ClassNotFoundException cnfe) { @@ -909,8 +921,17 @@ * deserialized. */ private static class DeserializationChecker implements ObjectInputFilter { + private static final int MAX_NESTED_DEPTH = 2; + // Full length of keystore, anything inside a SecretKeyEntry should not + // be bigger. Otherwise, must be illegal. + private final int fullLength; + + public DeserializationChecker(int fullLength) { + this.fullLength = fullLength; + } + @Override public ObjectInputFilter.Status checkInput(ObjectInputFilter.FilterInfo info) { @@ -919,6 +940,7 @@ long nestedDepth = info.depth(); if ((nestedDepth == 1 && info.serialClass() != SealedObjectForKeyProtector.class) || + info.arrayLength() > fullLength || (nestedDepth > MAX_NESTED_DEPTH && info.serialClass() != null && info.serialClass() != Object.class)) { diff -Nru openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/com/sun/crypto/provider/KeyProtector.java openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/com/sun/crypto/provider/KeyProtector.java --- openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/com/sun/crypto/provider/KeyProtector.java 2018-04-13 18:07:58.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/com/sun/crypto/provider/KeyProtector.java 2018-06-19 23:33:31.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -352,8 +352,11 @@ /** * Unseals the sealed key. + * + * @param maxLength Maximum possible length of so. + * If bigger, must be illegal. */ - Key unseal(SealedObject so) + Key unseal(SealedObject so, int maxLength) throws NoSuchAlgorithmException, UnrecoverableKeyException { SecretKey sKey = null; try { @@ -388,7 +391,7 @@ SunJCE.getInstance(), "PBEWithMD5AndTripleDES"); cipher.init(Cipher.DECRYPT_MODE, sKey, params); - return soForKeyProtector.getKey(cipher); + return soForKeyProtector.getKey(cipher, maxLength); } catch (NoSuchAlgorithmException ex) { // Note: this catch needed to be here because of the // later catch of GeneralSecurityException diff -Nru openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/com/sun/crypto/provider/SealedObjectForKeyProtector.java openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/com/sun/crypto/provider/SealedObjectForKeyProtector.java --- openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/com/sun/crypto/provider/SealedObjectForKeyProtector.java 2018-04-13 18:07:58.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/com/sun/crypto/provider/SealedObjectForKeyProtector.java 2018-06-19 23:33:31.000000000 +0000 @@ -73,7 +73,7 @@ return params; } - final Key getKey(Cipher c) + final Key getKey(Cipher c, int maxLength) throws IOException, ClassNotFoundException, IllegalBlockSizeException, BadPaddingException { @@ -82,7 +82,7 @@ AccessController.doPrivileged( (PrivilegedAction) () -> { ObjectInputFilter.Config.setObjectInputFilter(ois, - DeserializationChecker.ONE_FILTER); + new DeserializationChecker(maxLength)); return null; }); try { @@ -110,7 +110,7 @@ */ private static class DeserializationChecker implements ObjectInputFilter { - private static final ObjectInputFilter ONE_FILTER; + private static final ObjectInputFilter OWN_FILTER; static { String prop = AccessController.doPrivileged( @@ -122,26 +122,32 @@ return Security.getProperty(KEY_SERIAL_FILTER); } }); - ONE_FILTER = new DeserializationChecker(prop == null ? null - : ObjectInputFilter.Config.createFilter(prop)); + OWN_FILTER = prop == null + ? null + : ObjectInputFilter.Config.createFilter(prop); } - private final ObjectInputFilter base; + // Maximum possible length of anything inside + private final int maxLength; - private DeserializationChecker(ObjectInputFilter base) { - this.base = base; + private DeserializationChecker(int maxLength) { + this.maxLength = maxLength; } @Override public ObjectInputFilter.Status checkInput( ObjectInputFilter.FilterInfo info) { + if (info.arrayLength() > maxLength) { + return Status.REJECTED; + } + if (info.serialClass() == Object.class) { return Status.UNDECIDED; } - if (base != null) { - Status result = base.checkInput(info); + if (OWN_FILTER != null) { + Status result = OWN_FILTER.checkInput(info); if (result != Status.UNDECIDED) { return result; } diff -Nru openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/com/sun/net/httpserver/Headers.java openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/com/sun/net/httpserver/Headers.java --- openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/com/sun/net/httpserver/Headers.java 2018-04-13 18:07:58.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/com/sun/net/httpserver/Headers.java 2018-06-19 23:33:31.000000000 +0000 @@ -80,11 +80,14 @@ char[] b = key.toCharArray(); if (b[0] >= 'a' && b[0] <= 'z') { b[0] = (char)(b[0] - ('a' - 'A')); - } + } else if (b[0] == '\r' || b[0] == '\n') + throw new IllegalArgumentException("illegal character in key"); + for (int i=1; i= 'A' && b[i] <= 'Z') { b[i] = (char) (b[i] + ('a' - 'A')); - } + } else if (b[i] == '\r' || b[i] == '\n') + throw new IllegalArgumentException("illegal character in key"); } return new String(b); } @@ -126,6 +129,8 @@ } public List put(String key, List value) { + for (String v : value) + checkValue(v); return map.put (normalize(key), value); } @@ -137,6 +142,7 @@ * @param value the header value to add to the header */ public void add (String key, String value) { + checkValue(value); String k = normalize(key); List l = map.get(k); if (l == null) { @@ -146,6 +152,30 @@ l.add (value); } + private static void checkValue(String value) { + int len = value.length(); + for (int i=0; i= len - 2) { + throw new IllegalArgumentException("Illegal CR found in header"); + } + char c1 = value.charAt(i+1); + char c2 = value.charAt(i+2); + if (c1 != '\n') { + throw new IllegalArgumentException("Illegal char found after CR in header"); + } + if (c2 != ' ' && c2 != '\t') { + throw new IllegalArgumentException("No whitespace found after CRLF in header"); + } + i+=2; + } else if (c == '\n') { + throw new IllegalArgumentException("Illegal LF found in header"); + } + } + } + /** * sets the given value as the sole header value * for the given key. If the mapping does not diff -Nru openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/java/io/ObjectInputStream.java openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/java/io/ObjectInputStream.java --- openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/java/io/ObjectInputStream.java 2018-04-13 18:07:58.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/java/io/ObjectInputStream.java 2018-06-19 23:33:31.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2020, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -1798,6 +1798,8 @@ break; case TC_REFERENCE: descriptor = (ObjectStreamClass) readHandle(unshared); + // Should only reference initialized class descriptors + descriptor.checkInitialized(); break; case TC_PROXYCLASSDESC: descriptor = readProxyDesc(unshared); diff -Nru openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/java/io/ObjectStreamClass.java openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/java/io/ObjectStreamClass.java --- openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/java/io/ObjectStreamClass.java 2018-04-13 18:07:58.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/java/io/ObjectStreamClass.java 2018-06-19 23:33:31.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2019, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2020, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -864,6 +864,17 @@ } /** + * Throws InvalidClassException if not initialized. + * To be called in cases where an uninitialized class descriptor indicates + * a problem in the serialization stream. + */ + final void checkInitialized() throws InvalidClassException { + if (!initialized) { + throw new InvalidClassException("Class descriptor should be initialized"); + } + } + + /** * Throws an InvalidClassException if object instances referencing this * class descriptor should not be allowed to deserialize. This method does * not apply to deserialization of enum constants. @@ -1119,6 +1130,9 @@ } catch (IllegalAccessException ex) { // should not occur, as access checks have been suppressed throw new InternalError(ex); + } catch (InstantiationError err) { + throw (InstantiationException) + new InstantiationException().initCause(err); } } else { throw new UnsupportedOperationException(); diff -Nru openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/java/lang/instrument/package.html openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/java/lang/instrument/package.html --- openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/java/lang/instrument/package.html 2018-04-13 18:07:58.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/java/lang/instrument/package.html 2018-06-19 23:33:31.000000000 +0000 @@ -38,6 +38,13 @@ Provides services that allow Java programming language agents to instrument programs running on the JVM. The mechanism for instrumentation is modification of the byte-codes of methods. +

+Note: developers/admininstrators are responsible for verifying the trustworthiness of +content and structure of the Java Agents they deploy, since those are able to arbitrarily +transform the bytecode from other JAR files. Since that happens after the Jars containing +the bytecode have been verified as trusted, the trustworthiness of a Java Agent can determine +the trust towards the entire program. +

Package Specification

diff -Nru openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/java/lang/invoke/MethodType.java openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/java/lang/invoke/MethodType.java --- openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/java/lang/invoke/MethodType.java 2018-04-13 18:07:58.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/java/lang/invoke/MethodType.java 2018-06-19 23:33:31.000000000 +0000 @@ -97,7 +97,8 @@ // The remaining fields are caches of various sorts: private @Stable MethodTypeForm form; // erased form, plus cached data about primitives - private @Stable MethodType wrapAlt; // alternative wrapped/unwrapped version + private @Stable Object wrapAlt; // alternative wrapped/unwrapped version and + // private communication for readObject and readResolve private @Stable Invokers invokers; // cache of handy higher-order adapters private @Stable String methodDescriptor; // cache for toMethodDescriptorString @@ -673,7 +674,7 @@ private static MethodType wrapWithPrims(MethodType pt) { assert(pt.hasPrimitives()); - MethodType wt = pt.wrapAlt; + MethodType wt = (MethodType)pt.wrapAlt; if (wt == null) { // fill in lazily wt = MethodTypeForm.canonicalize(pt, MethodTypeForm.WRAP, MethodTypeForm.WRAP); @@ -685,7 +686,7 @@ private static MethodType unwrapWithNoPrims(MethodType wt) { assert(!wt.hasPrimitives()); - MethodType uwt = wt.wrapAlt; + MethodType uwt = (MethodType)wt.wrapAlt; if (uwt == null) { // fill in lazily uwt = MethodTypeForm.canonicalize(wt, MethodTypeForm.UNWRAP, MethodTypeForm.UNWRAP); @@ -1144,27 +1145,18 @@ * @see #writeObject */ private void readObject(java.io.ObjectInputStream s) throws java.io.IOException, ClassNotFoundException { - // Assign temporary defaults in case this object escapes - MethodType_init(void.class, NO_PTYPES); + // Assign defaults in case this object escapes + UNSAFE.putObject(this, rtypeOffset, void.class); + UNSAFE.putObject(this, ptypesOffset, NO_PTYPES); s.defaultReadObject(); // requires serialPersistentFields to be an empty array Class returnType = (Class) s.readObject(); Class[] parameterArray = (Class[]) s.readObject(); - parameterArray = parameterArray.clone(); // make sure it is unshared - // Assign deserialized values - MethodType_init(returnType, parameterArray); - } - - // Initialization of state for deserialization only - private void MethodType_init(Class rtype, Class[] ptypes) { - // In order to communicate these values to readResolve, we must - // store them into the implementation-specific final fields. - checkRtype(rtype); - checkPtypes(ptypes); - UNSAFE.putObject(this, rtypeOffset, rtype); - UNSAFE.putObject(this, ptypesOffset, ptypes); + // Verify all operands, and make sure ptypes is unshared + // Cache the new MethodType for readResolve + wrapAlt = new MethodType[]{MethodType.methodType(returnType, parameterArray)}; } // Support for resetting final fields while deserializing @@ -1189,12 +1181,10 @@ // Do not use a trusted path for deserialization: // return makeImpl(rtype, ptypes, true); // Verify all operands, and make sure ptypes is unshared: - try { - return methodType(rtype, ptypes); - } finally { - // Re-assign defaults in case this object escapes - MethodType_init(void.class, NO_PTYPES); - } + // Return a new validated MethodType for the rtype and ptypes passed from readObject. + MethodType mt = ((MethodType[])wrapAlt)[0]; + wrapAlt = null; + return mt; } /** diff -Nru openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/java/math/MutableBigInteger.java openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/java/math/MutableBigInteger.java --- openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/java/math/MutableBigInteger.java 2018-04-13 18:07:58.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/java/math/MutableBigInteger.java 2018-06-19 23:33:31.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2020, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -2088,8 +2088,8 @@ } /** - * Calculate the multiplicative inverse of this mod mod, where mod is odd. - * This and mod are not changed by the calculation. + * Calculate the multiplicative inverse of this modulo mod, where the mod + * argument is odd. This and mod are not changed by the calculation. * * This method implements an algorithm due to Richard Schroeppel, that uses * the same intermediate representation as Montgomery Reduction @@ -2143,8 +2143,18 @@ k += trailingZeros; } - while (c.sign < 0) - c.signedAdd(p); + if (c.compare(p) >= 0) { // c has a larger magnitude than p + MutableBigInteger remainder = c.divide(p, + new MutableBigInteger()); + // The previous line ignores the sign so we copy the data back + // into c which will restore the sign as needed (and converts + // it back to a SignedMutableBigInteger) + c.copyValue(remainder); + } + + if (c.sign < 0) { + c.signedAdd(p); + } return fixup(c, p, k); } @@ -2182,8 +2192,8 @@ } // In theory, c may be greater than p at this point (Very rare!) - while (c.compare(p) >= 0) - c.subtract(p); + if (c.compare(p) >= 0) + c = c.divide(p, new MutableBigInteger()); return c; } diff -Nru openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/java/nio/ByteBufferAs-X-Buffer.java.template openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/java/nio/ByteBufferAs-X-Buffer.java.template --- openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/java/nio/ByteBufferAs-X-Buffer.java.template 2018-04-13 18:07:58.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/java/nio/ByteBufferAs-X-Buffer.java.template 2018-06-19 23:33:31.000000000 +0000 @@ -72,7 +72,6 @@ public $Type$Buffer slice() { int pos = this.position(); int lim = this.limit(); - assert (pos <= lim); int rem = (pos <= lim ? lim - pos : 0); int off = (pos << $LG_BYTES_PER_VALUE$) + offset; assert (off >= 0); diff -Nru openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/java/nio/Direct-X-Buffer.java.template openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/java/nio/Direct-X-Buffer.java.template --- openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/java/nio/Direct-X-Buffer.java.template 2018-04-13 18:07:58.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/java/nio/Direct-X-Buffer.java.template 2018-06-19 23:33:31.000000000 +0000 @@ -206,7 +206,6 @@ public $Type$Buffer slice() { int pos = this.position(); int lim = this.limit(); - assert (pos <= lim); int rem = (pos <= lim ? lim - pos : 0); int off = (pos << $LG_BYTES_PER_VALUE$); assert (off >= 0); diff -Nru openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/java/nio/Heap-X-Buffer.java.template openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/java/nio/Heap-X-Buffer.java.template --- openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/java/nio/Heap-X-Buffer.java.template 2018-04-13 18:07:58.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/java/nio/Heap-X-Buffer.java.template 2018-06-19 23:33:31.000000000 +0000 @@ -95,12 +95,15 @@ } public $Type$Buffer slice() { + int pos = this.position(); + int lim = this.limit(); + int rem = (pos <= lim ? lim - pos : 0); return new Heap$Type$Buffer$RW$(hb, -1, 0, - this.remaining(), - this.remaining(), - this.position() + offset); + rem, + rem, + pos + offset); } public $Type$Buffer duplicate() { @@ -147,10 +150,11 @@ public $Type$Buffer get($type$[] dst, int offset, int length) { checkBounds(offset, length, dst.length); - if (length > remaining()) + int pos = position(); + if (length > limit() - pos) throw new BufferUnderflowException(); - System.arraycopy(hb, ix(position()), dst, offset, length); - position(position() + length); + System.arraycopy(hb, ix(pos), dst, offset, length); + position(pos + length); return this; } @@ -185,10 +189,11 @@ public $Type$Buffer put($type$[] src, int offset, int length) { #if[rw] checkBounds(offset, length, src.length); - if (length > remaining()) + int pos = position(); + if (length > limit() - pos) throw new BufferOverflowException(); - System.arraycopy(src, offset, hb, ix(position()), length); - position(position() + length); + System.arraycopy(src, offset, hb, ix(pos), length); + position(pos + length); return this; #else[rw] throw new ReadOnlyBufferException(); @@ -201,19 +206,22 @@ if (src == this) throw new IllegalArgumentException(); Heap$Type$Buffer sb = (Heap$Type$Buffer)src; - int n = sb.remaining(); - if (n > remaining()) + int pos = position(); + int sbpos = sb.position(); + int n = sb.limit() - sbpos; + if (n > limit() - pos) throw new BufferOverflowException(); - System.arraycopy(sb.hb, sb.ix(sb.position()), - hb, ix(position()), n); - sb.position(sb.position() + n); - position(position() + n); + System.arraycopy(sb.hb, sb.ix(sbpos), + hb, ix(pos), n); + sb.position(sbpos + n); + position(pos + n); } else if (src.isDirect()) { int n = src.remaining(); - if (n > remaining()) + int pos = position(); + if (n > limit() - pos) throw new BufferOverflowException(); - src.get(hb, ix(position()), n); - position(position() + n); + src.get(hb, ix(pos), n); + position(pos + n); } else { super.put(src); } @@ -225,8 +233,10 @@ public $Type$Buffer compact() { #if[rw] - System.arraycopy(hb, ix(position()), hb, ix(0), remaining()); - position(remaining()); + int pos = position(); + int rem = limit() - pos; + System.arraycopy(hb, ix(pos), hb, ix(0), rem); + position(rem); limit(capacity()); discardMark(); return this; @@ -284,8 +294,9 @@ } public CharBuffer asCharBuffer() { - int size = this.remaining() >> 1; - int off = offset + position(); + int pos = position(); + int size = (limit() - pos) >> 1; + int off = offset + pos; return (bigEndian ? (CharBuffer)(new ByteBufferAsCharBuffer$RW$B(this, -1, @@ -335,8 +346,9 @@ } public ShortBuffer asShortBuffer() { - int size = this.remaining() >> 1; - int off = offset + position(); + int pos = position(); + int size = (limit() - pos) >> 1; + int off = offset + pos; return (bigEndian ? (ShortBuffer)(new ByteBufferAsShortBuffer$RW$B(this, -1, @@ -386,8 +398,9 @@ } public IntBuffer asIntBuffer() { - int size = this.remaining() >> 2; - int off = offset + position(); + int pos = position(); + int size = (limit() - pos) >> 2; + int off = offset + pos; return (bigEndian ? (IntBuffer)(new ByteBufferAsIntBuffer$RW$B(this, -1, @@ -437,8 +450,9 @@ } public LongBuffer asLongBuffer() { - int size = this.remaining() >> 3; - int off = offset + position(); + int pos = position(); + int size = (limit() - pos) >> 3; + int off = offset + pos; return (bigEndian ? (LongBuffer)(new ByteBufferAsLongBuffer$RW$B(this, -1, @@ -488,8 +502,9 @@ } public FloatBuffer asFloatBuffer() { - int size = this.remaining() >> 2; - int off = offset + position(); + int pos = position(); + int size = (limit() - pos) >> 2; + int off = offset + pos; return (bigEndian ? (FloatBuffer)(new ByteBufferAsFloatBuffer$RW$B(this, -1, @@ -539,8 +554,9 @@ } public DoubleBuffer asDoubleBuffer() { - int size = this.remaining() >> 3; - int off = offset + position(); + int pos = position(); + int size = (limit() - pos) >> 3; + int off = offset + pos; return (bigEndian ? (DoubleBuffer)(new ByteBufferAsDoubleBuffer$RW$B(this, -1, diff -Nru openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/java/nio/StringCharBuffer.java openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/java/nio/StringCharBuffer.java --- openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/java/nio/StringCharBuffer.java 2018-04-13 18:07:58.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/java/nio/StringCharBuffer.java 2018-06-19 23:33:31.000000000 +0000 @@ -42,12 +42,15 @@ } public CharBuffer slice() { + int pos = this.position(); + int lim = this.limit(); + int rem = (pos <= lim ? lim - pos : 0); return new StringCharBuffer(str, -1, 0, - this.remaining(), - this.remaining(), - offset + this.position()); + rem, + rem, + offset + pos); } private StringCharBuffer(CharSequence s, diff -Nru openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/java/util/Scanner.java openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/java/util/Scanner.java --- openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/java/util/Scanner.java 2018-04-13 18:07:58.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/java/util/Scanner.java 2018-06-19 23:33:31.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2020, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -425,7 +425,7 @@ // here but what can we do? The final authority will be // whatever parse method is invoked, so ultimately the // Scanner will do the right thing - String digit = "((?i)["+radixDigits+"]|\\p{javaDigit})"; + String digit = "((?i)["+radixDigits+"\\p{javaDigit}])"; String groupedNumeral = "("+non0Digit+digit+"?"+digit+"?("+ groupSeparator+digit+digit+digit+")+)"; // digit++ is the possessive form which is necessary for reducing @@ -475,7 +475,7 @@ private Pattern decimalPattern; private void buildFloatAndDecimalPattern() { // \\p{javaDigit} may not be perfect, see above - String digit = "([0-9]|(\\p{javaDigit}))"; + String digit = "(([0-9\\p{javaDigit}]))"; String exponent = "([eE][+-]?"+digit+"+)?"; String groupedNumeral = "("+non0Digit+digit+"?"+digit+"?("+ groupSeparator+digit+digit+digit+")+)"; @@ -1188,25 +1188,25 @@ // These must be literalized to avoid collision with regex // metacharacters such as dot or parenthesis - groupSeparator = "\\" + dfs.getGroupingSeparator(); - decimalSeparator = "\\" + dfs.getDecimalSeparator(); + groupSeparator = "\\x{" + Integer.toHexString(dfs.getGroupingSeparator()) + "}"; + decimalSeparator = "\\x{" + Integer.toHexString(dfs.getDecimalSeparator()) + "}"; // Quoting the nonzero length locale-specific things // to avoid potential conflict with metacharacters - nanString = "\\Q" + dfs.getNaN() + "\\E"; - infinityString = "\\Q" + dfs.getInfinity() + "\\E"; + nanString = Pattern.quote(dfs.getNaN()); + infinityString = Pattern.quote(dfs.getInfinity()); positivePrefix = df.getPositivePrefix(); if (positivePrefix.length() > 0) - positivePrefix = "\\Q" + positivePrefix + "\\E"; + positivePrefix = Pattern.quote(positivePrefix); negativePrefix = df.getNegativePrefix(); if (negativePrefix.length() > 0) - negativePrefix = "\\Q" + negativePrefix + "\\E"; + negativePrefix = Pattern.quote(negativePrefix); positiveSuffix = df.getPositiveSuffix(); if (positiveSuffix.length() > 0) - positiveSuffix = "\\Q" + positiveSuffix + "\\E"; + positiveSuffix = Pattern.quote(positiveSuffix); negativeSuffix = df.getNegativeSuffix(); if (negativeSuffix.length() > 0) - negativeSuffix = "\\Q" + negativeSuffix + "\\E"; + negativeSuffix = Pattern.quote(negativeSuffix); // Force rebuilding and recompilation of locale dependent // primitive patterns diff -Nru openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyInfoFactory.java openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyInfoFactory.java --- openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyInfoFactory.java 2018-04-13 18:07:58.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyInfoFactory.java 2018-06-19 23:33:31.000000000 +0000 @@ -153,9 +153,15 @@ "support DOM Level 2 and be namespace aware"); } if (tag.equals("KeyInfo")) { - return new DOMKeyInfo(element, new UnmarshalContext(), getProvider()); + try { + return new DOMKeyInfo(element, new UnmarshalContext(), getProvider()); + } catch (MarshalException me) { + throw me; + } catch (Exception e) { + throw new MarshalException(e); + } } else { - throw new MarshalException("invalid KeyInfo tag: " + tag); + throw new MarshalException("Invalid KeyInfo tag: " + tag); } } diff -Nru openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLSignatureFactory.java openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLSignatureFactory.java --- openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLSignatureFactory.java 2018-04-13 18:07:58.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLSignatureFactory.java 2018-06-19 23:33:31.000000000 +0000 @@ -190,9 +190,15 @@ "support DOM Level 2 and be namespace aware"); } if (tag.equals("Signature")) { - return new DOMXMLSignature(element, context, getProvider()); + try { + return new DOMXMLSignature(element, context, getProvider()); + } catch (MarshalException me) { + throw me; + } catch (Exception e) { + throw new MarshalException(e); + } } else { - throw new MarshalException("invalid Signature tag: " + tag); + throw new MarshalException("Invalid Signature tag: " + tag); } } diff -Nru openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/sun/java2d/pisces/META-INF/services/sun.java2d.pipe.RenderingEngine openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/sun/java2d/pisces/META-INF/services/sun.java2d.pipe.RenderingEngine --- openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/sun/java2d/pisces/META-INF/services/sun.java2d.pipe.RenderingEngine 2018-04-13 18:07:58.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/sun/java2d/pisces/META-INF/services/sun.java2d.pipe.RenderingEngine 2018-06-19 23:33:31.000000000 +0000 @@ -1,5 +1,8 @@ -# Pisces Rendering Engine module -sun.java2d.pisces.PiscesRenderingEngine +# note: the last class is the default Rendering Engine +# Pisces in JDK8u, Marlin in JDK9+ # Marlin Rendering Engine module sun.java2d.marlin.MarlinRenderingEngine + +# Pisces Rendering Engine module +sun.java2d.pisces.PiscesRenderingEngine diff -Nru openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/sun/security/rsa/RSAKeyFactory.java openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/sun/security/rsa/RSAKeyFactory.java --- openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/sun/security/rsa/RSAKeyFactory.java 2018-04-13 18:07:58.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/sun/security/rsa/RSAKeyFactory.java 2018-06-19 23:33:31.000000000 +0000 @@ -115,6 +115,9 @@ * Used by RSASignature and RSACipher. */ public static RSAKey toRSAKey(Key key) throws InvalidKeyException { + if (key == null) { + throw new InvalidKeyException("Key must not be null"); + } if ((key instanceof RSAPrivateKeyImpl) || (key instanceof RSAPrivateCrtKeyImpl) || (key instanceof RSAPublicKeyImpl)) { diff -Nru openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/sun/security/ssl/ClientHandshaker.java openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/sun/security/ssl/ClientHandshaker.java --- openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/sun/security/ssl/ClientHandshaker.java 2018-04-13 18:07:58.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/sun/security/ssl/ClientHandshaker.java 2018-06-19 23:33:31.000000000 +0000 @@ -1337,7 +1337,7 @@ @Override HandshakeMessage getKickstartMessage() throws SSLException { // session ID of the ClientHello message - SessionId sessionId = SSLSessionImpl.nullSession.getSessionId(); + SessionId sessionId = new SessionId(new byte[0]); // a list of cipher suites sent by the client CipherSuiteList cipherSuites = getActiveCipherSuites(); diff -Nru openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/sun/security/ssl/SSLEngineImpl.java openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/sun/security/ssl/SSLEngineImpl.java --- openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/sun/security/ssl/SSLEngineImpl.java 2018-04-13 18:07:58.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/sun/security/ssl/SSLEngineImpl.java 2018-06-19 23:33:31.000000000 +0000 @@ -375,7 +375,7 @@ } sslContext = ctx; - sess = SSLSessionImpl.nullSession; + sess = new SSLSessionImpl(); handshakeSession = null; /* diff -Nru openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/sun/security/ssl/SSLSessionImpl.java openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/sun/security/ssl/SSLSessionImpl.java --- openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/sun/security/ssl/SSLSessionImpl.java 2018-04-13 18:07:58.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/sun/security/ssl/SSLSessionImpl.java 2018-06-19 23:33:31.000000000 +0000 @@ -73,11 +73,6 @@ */ final class SSLSessionImpl extends ExtendedSSLSession { - /* - * we only really need a single null session - */ - static final SSLSessionImpl nullSession = new SSLSessionImpl(); - // compression methods private static final byte compression_null = 0; @@ -148,7 +143,7 @@ * be used either by a client or by a server, as a connection is * first opened and before handshaking begins. */ - private SSLSessionImpl() { + SSLSessionImpl() { this(ProtocolVersion.NONE, CipherSuite.C_NULL, null, new SessionId(false, null), null, -1, false, null); } @@ -657,14 +652,6 @@ */ @Override synchronized public void invalidate() { - // - // Can't invalidate the NULL session -- this would be - // attempted when we get a handshaking error on a brand - // new connection, with no "real" session yet. - // - if (this == nullSession) { - return; - } invalidated = true; if (debug != null && Debug.isOn("session")) { System.out.println("%% Invalidated: " + this); diff -Nru openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/sun/security/ssl/SSLSocketImpl.java openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/sun/security/ssl/SSLSocketImpl.java --- openjdk-8-8u252-b07/=unpacked-tar7=/src/share/classes/sun/security/ssl/SSLSocketImpl.java 2018-04-13 18:07:58.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar7=/src/share/classes/sun/security/ssl/SSLSocketImpl.java 2018-06-19 23:33:31.000000000 +0000 @@ -610,7 +610,7 @@ */ private void init(SSLContextImpl context, boolean isServer) { sslContext = context; - sess = SSLSessionImpl.nullSession; + sess = new SSLSessionImpl(); handshakeSession = null; /* diff -Nru openjdk-8-8u252-b07/=unpacked-tar7=/src/share/instrument/InvocationAdapter.c openjdk-8-8u252-b09/=unpacked-tar7=/src/share/instrument/InvocationAdapter.c --- openjdk-8-8u252-b07/=unpacked-tar7=/src/share/instrument/InvocationAdapter.c 2018-04-13 18:07:58.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar7=/src/share/instrument/InvocationAdapter.c 2018-06-19 23:33:31.000000000 +0000 @@ -203,6 +203,17 @@ */ oldLen = (int)strlen(premainClass); newLen = modifiedUtf8LengthOfUtf8(premainClass, oldLen); + /* + * According to JVMS class name is represented as CONSTANT_Utf8_info, + * so its length is u2 (i.e. must be <= 0xFFFF). + */ + if (newLen > 0xFFFF) { + fprintf(stderr, "-javaagent: Premain-Class value is too big\n"); + free(jarfile); + if (options != NULL) free(options); + freeAttributes(attributes); + return JNI_ERR; + } if (newLen == oldLen) { premainClass = strdup(premainClass); } else { @@ -362,6 +373,17 @@ */ oldLen = strlen(agentClass); newLen = modifiedUtf8LengthOfUtf8(agentClass, oldLen); + /* + * According to JVMS class name is represented as CONSTANT_Utf8_info, + * so its length is u2 (i.e. must be <= 0xFFFF). + */ + if (newLen > 0xFFFF) { + fprintf(stderr, "Agent-Class value is too big\n"); + free(jarfile); + if (options != NULL) free(options); + freeAttributes(attributes); + return AGENT_ERROR_BADJAR; + } if (newLen == oldLen) { agentClass = strdup(agentClass); } else { diff -Nru openjdk-8-8u252-b07/=unpacked-tar7=/src/share/native/sun/awt/splashscreen/splashscreen_gfx_impl.c openjdk-8-8u252-b09/=unpacked-tar7=/src/share/native/sun/awt/splashscreen/splashscreen_gfx_impl.c --- openjdk-8-8u252-b07/=unpacked-tar7=/src/share/native/sun/awt/splashscreen/splashscreen_gfx_impl.c 2018-04-13 18:07:58.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar7=/src/share/native/sun/awt/splashscreen/splashscreen_gfx_impl.c 2018-06-19 23:33:31.000000000 +0000 @@ -206,7 +206,7 @@ int depthBytes = format->depthBytes; pRect->pBits = pBits; - INCPN(byte_t, pRect->pBits, y * stride + x * depthBytes); + INCPN(byte_t, pRect->pBits, (intptr_t) y * stride + x * depthBytes); pRect->numLines = height; pRect->numSamples = width; pRect->stride = stride * jump; diff -Nru openjdk-8-8u252-b07/=unpacked-tar7=/src/share/native/sun/security/ec/impl/mpi.c openjdk-8-8u252-b09/=unpacked-tar7=/src/share/native/sun/security/ec/impl/mpi.c --- openjdk-8-8u252-b07/=unpacked-tar7=/src/share/native/sun/security/ec/impl/mpi.c 2018-04-13 18:07:58.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar7=/src/share/native/sun/security/ec/impl/mpi.c 2018-06-19 23:33:31.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2007, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2007, 2020, Oracle and/or its affiliates. All rights reserved. * Use is subject to license terms. * * This library is free software; you can redistribute it and/or @@ -34,7 +34,7 @@ * Netscape Communications Corporation * Douglas Stebila of Sun Laboratories. * - * Last Modified Date from the Original Code: June 2014 + * Last Modified Date from the Original Code: Nov 2019 *********************************************************************** */ /* Arbitrary precision integer arithmetic library */ @@ -2134,7 +2134,10 @@ } } if (res >= 0) { - while (MP_SIGN(c) != MP_ZPOS) { + if (s_mp_cmp(c, p) >= 0) { + MP_CHECKOK( mp_div(c, p, NULL, c)); + } + if (MP_SIGN(c) != MP_ZPOS) { MP_CHECKOK( mp_add(c, p, c) ); } res = k; diff -Nru openjdk-8-8u252-b07/=unpacked-tar7=/src/solaris/classes/sun/java2d/pisces/META-INF/services/sun.java2d.pipe.RenderingEngine openjdk-8-8u252-b09/=unpacked-tar7=/src/solaris/classes/sun/java2d/pisces/META-INF/services/sun.java2d.pipe.RenderingEngine --- openjdk-8-8u252-b07/=unpacked-tar7=/src/solaris/classes/sun/java2d/pisces/META-INF/services/sun.java2d.pipe.RenderingEngine 2018-04-13 18:07:58.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar7=/src/solaris/classes/sun/java2d/pisces/META-INF/services/sun.java2d.pipe.RenderingEngine 2018-06-19 23:33:31.000000000 +0000 @@ -1,8 +1,11 @@ +# note: the last class is the default Rendering Engine +# Pisces in JDK8u, Marlin in JDK9+ + +# Marlin Rendering Engine module +sun.java2d.marlin.MarlinRenderingEngine + # Jules Rendering Engine module sun.java2d.jules.JulesRenderingEngine # Pisces Rendering Engine module sun.java2d.pisces.PiscesRenderingEngine - -# Marlin Rendering Engine module -sun.java2d.marlin.MarlinRenderingEngine diff -Nru openjdk-8-8u252-b07/=unpacked-tar7=/src/solaris/native/sun/awt/multiVis.c openjdk-8-8u252-b09/=unpacked-tar7=/src/solaris/native/sun/awt/multiVis.c --- openjdk-8-8u252-b07/=unpacked-tar7=/src/solaris/native/sun/awt/multiVis.c 2018-04-13 18:07:58.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar7=/src/solaris/native/sun/awt/multiVis.c 2018-06-19 23:33:31.000000000 +0000 @@ -401,7 +401,7 @@ ximage = XCreateImage(disp,fakeVis,(uint32_t) depth,format,0,NULL, (uint32_t)width,(uint32_t)height,8,0); - ximage->data = calloc(ximage->bytes_per_line*height*((format==ZPixmap)? 1 : depth), sizeof(char)); + ximage->data = calloc((size_t) ximage->bytes_per_line*height*((format==ZPixmap)? 1 : depth), sizeof(char)); ximage->bits_per_pixel = depth; /** Valid only if format is ZPixmap ***/ for (reg = (image_region_type *) first_in_list( regions); reg; diff -Nru openjdk-8-8u252-b07/=unpacked-tar7=/src/solaris/native/sun/java2d/x11/X11PMBlitLoops.c openjdk-8-8u252-b09/=unpacked-tar7=/src/solaris/native/sun/java2d/x11/X11PMBlitLoops.c --- openjdk-8-8u252-b07/=unpacked-tar7=/src/solaris/native/sun/java2d/x11/X11PMBlitLoops.c 2018-04-13 18:07:58.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar7=/src/solaris/native/sun/java2d/x11/X11PMBlitLoops.c 2018-06-19 23:33:31.000000000 +0000 @@ -263,7 +263,7 @@ return; } dstScan = image->bytes_per_line; - image->data = malloc(dstScan * height); + image->data = malloc((size_t) dstScan * height); if (image->data == NULL) { XFree(image); AWT_UNLOCK(); diff -Nru openjdk-8-8u252-b07/=unpacked-tar7=/src/solaris/native/sun/java2d/x11/X11TextRenderer_md.c openjdk-8-8u252-b09/=unpacked-tar7=/src/solaris/native/sun/java2d/x11/X11TextRenderer_md.c --- openjdk-8-8u252-b07/=unpacked-tar7=/src/solaris/native/sun/java2d/x11/X11TextRenderer_md.c 2018-04-13 18:07:58.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar7=/src/solaris/native/sun/java2d/x11/X11TextRenderer_md.c 2018-06-19 23:33:31.000000000 +0000 @@ -154,7 +154,7 @@ height = bottom - top; top -= clipTop; left -= clipLeft; - pPix = ((jubyte *) theImage->data) + (left >> 3) + top * scan; + pPix = ((jubyte *) theImage->data) + (left >> 3) + (intptr_t) top * scan; left &= 0x07; if (theImage->bitmap_bit_order == MSBFirst) { left = 0x80 >> left; diff -Nru openjdk-8-8u252-b07/=unpacked-tar7=/src/solaris/native/sun/java2d/x11/XRBackendNative.c openjdk-8-8u252-b09/=unpacked-tar7=/src/solaris/native/sun/java2d/x11/XRBackendNative.c --- openjdk-8-8u252-b07/=unpacked-tar7=/src/solaris/native/sun/java2d/x11/XRBackendNative.c 2018-04-13 18:07:58.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar7=/src/solaris/native/sun/java2d/x11/XRBackendNative.c 2018-06-19 23:33:31.000000000 +0000 @@ -756,7 +756,7 @@ if (ea != 1.0f) { for (line=0; line < height; line++) { for (pix=0; pix < width; pix++) { - int index = maskScan*line + pix + maskOff; + size_t index = (size_t) maskScan * line + pix + maskOff; mask[index] = (((unsigned char) mask[index])*ea); } } @@ -781,8 +781,8 @@ if (imageFits) { for (line=0; line < height; line++) { for (pix=0; pix < width; pix++) { - img->data[line*img->bytes_per_line + pix] = - (unsigned char) (mask[maskScan*line + pix + maskOff]); + img->data[(size_t) line * img->bytes_per_line + pix] = + (unsigned char) (mask[(size_t) maskScan * line + pix + maskOff]); } } } else { diff -Nru openjdk-8-8u252-b07/=unpacked-tar7=/test/java/math/BigInteger/ModInvTime.java openjdk-8-8u252-b09/=unpacked-tar7=/test/java/math/BigInteger/ModInvTime.java --- openjdk-8-8u252-b07/=unpacked-tar7=/test/java/math/BigInteger/ModInvTime.java 1970-01-01 00:00:00.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar7=/test/java/math/BigInteger/ModInvTime.java 2018-06-19 23:33:31.000000000 +0000 @@ -0,0 +1,57 @@ +/* + * Copyright (c) 2020, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 8225603 + * @summary Tests whether modInverse() completes in a reasonable time + * @run main/othervm ModInvTime + */ +import java.math.BigInteger; + +public class ModInvTime { + public static void main(String[] args) throws InterruptedException { + BigInteger prime = new BigInteger("39402006196394479212279040100143613805079739270465446667946905279627659399113263569398956308152294913554433653942643"); + BigInteger s = new BigInteger("9552729729729327851382626410162104591956625415831952158766936536163093322096473638446154604799898109762512409920799"); + System.out.format("int length: %d, modulus length: %d%n", + s.bitLength(), prime.bitLength()); + + System.out.println("Computing modular inverse ..."); + BigInteger mi = s.modInverse(prime); + System.out.format("Modular inverse: %s%n", mi); + check(s, prime, mi); + + BigInteger ns = s.negate(); + BigInteger nmi = ns.modInverse(prime); + System.out.format("Modular inverse of negation: %s%n", nmi); + check(ns, prime, nmi); + } + + public static void check(BigInteger val, BigInteger mod, BigInteger inv) { + BigInteger r = inv.multiply(val).remainder(mod); + if (r.signum() == -1) + r = r.add(mod); + if (!r.equals(BigInteger.ONE)) + throw new RuntimeException("Numerically incorrect modular inverse"); + } +} diff -Nru openjdk-8-8u252-b07/=unpacked-tar7=/test/sun/java2d/marlin/DefaultRenderingEngine.java openjdk-8-8u252-b09/=unpacked-tar7=/test/sun/java2d/marlin/DefaultRenderingEngine.java --- openjdk-8-8u252-b07/=unpacked-tar7=/test/sun/java2d/marlin/DefaultRenderingEngine.java 1970-01-01 00:00:00.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar7=/test/sun/java2d/marlin/DefaultRenderingEngine.java 2018-06-19 23:33:31.000000000 +0000 @@ -0,0 +1,42 @@ +/* + * Copyright (c) 2020, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import sun.java2d.pipe.RenderingEngine; + +/** + * @test + * @bug 8241307 + * @summary Verifies that the default RenderingEngine is not the Marlin renderer in jdk8u + * @run main DefaultRenderingEngine + */ +public class DefaultRenderingEngine { + + public static void main(String argv[]) { + + final RenderingEngine engine = RenderingEngine.getInstance(); + + if (engine.getClass().getSimpleName().contains("Marlin")) { + throw new RuntimeException("Marlin must not be the default RenderingEngine in jdk8u !"); + } + } +} diff -Nru openjdk-8-8u252-b07/=unpacked-tar8=/.hg_archival.txt openjdk-8-8u252-b09/=unpacked-tar8=/.hg_archival.txt --- openjdk-8-8u252-b07/=unpacked-tar8=/.hg_archival.txt 2020-02-06 18:12:24.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar8=/.hg_archival.txt 2020-03-26 11:57:56.000000000 +0000 @@ -1,4 +1,5 @@ repo: 9a66ca7c79fab293c1bb0534e0d208c7e4f58b01 -node: 8ce7c29ca85c77147edd0123d3393fabd351685e +node: 01036da3155c1ff6f5a92eab0b8be842148258f3 branch: default -tag: jdk8u252-b07 +tag: jdk8u252-b09 +tag: jdk8u252-ga diff -Nru openjdk-8-8u252-b07/=unpacked-tar8=/.hgtags openjdk-8-8u252-b09/=unpacked-tar8=/.hgtags --- openjdk-8-8u252-b07/=unpacked-tar8=/.hgtags 2020-02-06 18:12:24.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar8=/.hgtags 2020-03-26 11:57:56.000000000 +0000 @@ -1033,3 +1033,5 @@ 549e692228104960d813458d274aa5ec7bf8d125 jdk8u252-b04 4d4304fcc0cc49e1b4257fb9dce8b96e2da9dcbe jdk8u252-b05 4010269cf4965f6e6efc402b6d3f5e1dc8957a9e jdk8u252-b06 +8ce7c29ca85c77147edd0123d3393fabd351685e jdk8u252-b07 +c56eceecec71d0b7f8af742ba33b50a3128de58f jdk8u252-b08 diff -Nru openjdk-8-8u252-b07/=unpacked-tar9=/.hg_archival.txt openjdk-8-8u252-b09/=unpacked-tar9=/.hg_archival.txt --- openjdk-8-8u252-b07/=unpacked-tar9=/.hg_archival.txt 2020-02-06 18:12:24.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar9=/.hg_archival.txt 2020-03-26 11:57:56.000000000 +0000 @@ -1,4 +1,5 @@ repo: a61af66fc99eb5ec9d50c05b0c599757b1289ceb -node: d17814ea88e3aa0a2f2fdb125e35a878ee27fe3e +node: 095e60e7fc8c7813c2e0e68637bd53c01f8cba64 branch: default -tag: jdk8u252-b07 +tag: jdk8u252-b09 +tag: jdk8u252-ga diff -Nru openjdk-8-8u252-b07/=unpacked-tar9=/.hgtags openjdk-8-8u252-b09/=unpacked-tar9=/.hgtags --- openjdk-8-8u252-b07/=unpacked-tar9=/.hgtags 2020-02-06 18:12:24.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar9=/.hgtags 2020-03-26 11:57:56.000000000 +0000 @@ -1301,3 +1301,5 @@ ff1c3c1867b502c289c7c08ebc712663ec657f06 jdk8u252-b04 9003f35baaa0d57d225bf72cf82fb0a8ee049c98 jdk8u252-b05 b4fd7e078c54a23ed44f09aec3f6938bed3e3630 jdk8u252-b06 +d17814ea88e3aa0a2f2fdb125e35a878ee27fe3e jdk8u252-b07 +8f2780b3e4faf4792ac885f470bb1602d4ca5526 jdk8u252-b08 diff -Nru openjdk-8-8u252-b07/=unpacked-tar9=/src/share/vm/runtime/thread.cpp openjdk-8-8u252-b09/=unpacked-tar9=/src/share/vm/runtime/thread.cpp --- openjdk-8-8u252-b07/=unpacked-tar9=/src/share/vm/runtime/thread.cpp 2020-02-06 18:12:24.000000000 +0000 +++ openjdk-8-8u252-b09/=unpacked-tar9=/src/share/vm/runtime/thread.cpp 2020-03-26 11:57:56.000000000 +0000 @@ -836,7 +836,9 @@ } void Thread::oops_do(OopClosure* f, CLDClosure* cld_f, CodeBlobClosure* cf) { - active_handles()->oops_do(f); + if (active_handles() != NULL) { + active_handles()->oops_do(f); + } // Do oop for ThreadShadow f->do_oop((oop*)&_pending_exception); handle_area()->oops_do(f);