Merge tag 'jdk-11.0.5+10' into openj9-0.17.0_ga

src/java.base/share/classes/java/io/FilePermission.java

@@ -366,12 +366,22 @@ private void init(int mask) {
             this.mask = mask;
 
             if (cpath.equals("<<ALL FILES>>")) {
+                allFiles = true;
                 directory = true;
                 recursive = true;
                 cpath = "";
                 return;
             }
 
+            // Validate path by platform's default file system
+            try {
+                String name = cpath.endsWith("*") ? cpath.substring(0, cpath.length() - 1) + "-" : cpath;
+                builtInFS.getPath(new File(name).getPath());
+            } catch (InvalidPathException ipe) {
+                invalid = true;
+                return;
+            }
+
             // store only the canonical cpath if possible
             cpath = AccessController.doPrivileged(new PrivilegedAction<>() {
                 public String run() {
@@ -462,6 +472,9 @@ public String run() {
      * <P>
      * The default value of the {@code jdk.io.permissionsUseCanonicalPath}
      * system property is {@code false} in this implementation.
+     * <p>
+     * The value can also be set with a security property using the same name,
+     * but setting a system property will override the security property value.
      *
      * @param path the pathname of the file/directory.
      * @param actions the action string.
@@ -572,19 +585,19 @@ public boolean implies(Permission p) {
      * @return the effective mask
      */
     boolean impliesIgnoreMask(FilePermission that) {
+        if (this == that) {
+            return true;
+        }
+        if (allFiles) {
+            return true;
+        }
+        if (this.invalid || that.invalid) {
+            return false;
+        }
+        if (that.allFiles) {
+            return false;
+        }
         if (FilePermCompat.nb) {
-            if (this == that) {
-                return true;
-            }
-            if (allFiles) {
-                return true;
-            }
-            if (this.invalid || that.invalid) {
-                return false;
-            }
-            if (that.allFiles) {
-                return false;
-            }
             // Left at least same level of wildness as right
             if ((this.recursive && that.recursive) != that.recursive
                     || (this.directory && that.directory) != that.directory) {
@@ -782,10 +795,10 @@ public boolean equals(Object obj) {
 
         FilePermission that = (FilePermission) obj;
 
+        if (this.invalid || that.invalid) {
+            return false;
+        }
         if (FilePermCompat.nb) {
-            if (this.invalid || that.invalid) {
-                return false;
-            }
             return (this.mask == that.mask) &&
                     (this.allFiles == that.allFiles) &&
                     this.npath.equals(that.npath) &&
@@ -794,6 +807,7 @@ public boolean equals(Object obj) {
                     (this.recursive == that.recursive);
         } else {
             return (this.mask == that.mask) &&
+                    (this.allFiles == that.allFiles) &&
                     this.cpath.equals(that.cpath) &&
                     (this.directory == that.directory) &&
                     (this.recursive == that.recursive);

src/java.base/share/classes/java/net/NetPermission.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -145,6 +145,15 @@
  *   </tr>
  *
  * <tr>
+ *   <th scope="row">setSocketImpl</th>
+ *   <td>The ability to create a sub-class of Socket or ServerSocket with a
+ *   user specified SocketImpl.</td>
+ *   <td>Malicious user-defined SocketImpls can change the behavior of
+ *   Socket and ServerSocket in surprising ways, by virtue of their
+ *   ability to access the protected fields of SocketImpl.</td>
+ *   </tr>
+ *
+ * <tr>
  *   <th scope="row">specifyStreamHandler</th>
  *   <td>The ability
  *   to specify a stream handler when constructing a URL</td>

src/java.base/share/classes/java/net/ServerSocket.java

@@ -27,6 +27,7 @@
 
 import jdk.internal.misc.JavaNetSocketAccess;
 import jdk.internal.misc.SharedSecrets;
+import sun.security.util.SecurityConstants;
 
 import java.io.FileDescriptor;
 import java.io.IOException;
@@ -78,12 +79,25 @@ class ServerSocket implements java.io.Closeable {
     /**
      * Package-private constructor to create a ServerSocket associated with
      * the given SocketImpl.
+     *
+     * @throws     SecurityException if a security manager is set and
+     *             its {@code checkPermission} method doesn't allow
+     *             {@code NetPermission("setSocketImpl")}.
      */
     ServerSocket(SocketImpl impl) {
+        checkPermission();
         this.impl = impl;
         impl.setServerSocket(this);
     }
 
+    private static Void checkPermission() {
+        SecurityManager sm = System.getSecurityManager();
+        if (sm != null) {
+            sm.checkPermission(SecurityConstants.SET_SOCKETIMPL_PERMISSION);
+        }
+        return null;
+    }
+
     /**
      * Creates an unbound server socket.
      *

src/java.base/share/classes/java/net/Socket.java

@@ -25,6 +25,8 @@
 
 package java.net;
 
+import sun.security.util.SecurityConstants;
+
 import java.io.InputStream;
 import java.io.OutputStream;
 import java.io.IOException;
@@ -161,16 +163,32 @@ public Socket(Proxy proxy) {
      *
      * @exception SocketException if there is an error in the underlying protocol,
      * such as a TCP error.
+     *
+     * @throws SecurityException if {@code impl} is non-null and a security manager is set
+     * and its {@code checkPermission} method doesn't allow {@code NetPermission("setSocketImpl")}.
+     *
      * @since   1.1
      */
     protected Socket(SocketImpl impl) throws SocketException {
+        checkPermission(impl);
         this.impl = impl;
         if (impl != null) {
             checkOldImpl();
             this.impl.setSocket(this);
         }
     }
 
+    private static Void checkPermission(SocketImpl impl) {
+        if (impl == null) {
+            return null;
+        }
+        SecurityManager sm = System.getSecurityManager();
+        if (sm != null) {
+            sm.checkPermission(SecurityConstants.SET_SOCKETIMPL_PERMISSION);
+        }
+        return null;
+    }
+
     /**
      * Creates a stream socket and connects it to the specified port
      * number on the named host.

src/java.base/share/classes/java/net/URL.java

@@ -457,6 +457,16 @@ public URL(String protocol, String host, int port, String file,
                 throw new MalformedURLException(s);
             }
         }
+        if ("jar".equalsIgnoreCase(protocol)) {
+            if (handler instanceof sun.net.www.protocol.jar.Handler) {
+                // URL.openConnection() would throw a confusing exception
+                // so generate a better exception here instead.
+                String s = ((sun.net.www.protocol.jar.Handler) handler).checkNestedProtocol(file);
+                if (s != null) {
+                    throw new MalformedURLException(s);
+                }
+            }
+        }
     }
 
     /**

src/java.base/share/classes/java/util/regex/Pattern.java

@@ -1424,7 +1424,11 @@ private Pattern(String p, int f) {
         localTCNCount = 0;
 
         if (!pattern.isEmpty()) {
-            compile();
+            try {
+                compile();
+            } catch (StackOverflowError soe) {
+                throw error("Stack overflow during pattern compilation");
+            }
         } else {
             root = new Start(lastAccept);
             matchRoot = lastAccept;
@@ -1963,6 +1967,10 @@ private int parsePastLine() {
         int ch = temp[cursor++];
         while (ch != 0 && !isLineSeparator(ch))
             ch = temp[cursor++];
+        if (ch == 0 && cursor > patternLength) {
+            cursor = patternLength;
+            ch = temp[cursor++];
+        }
         return ch;
     }
 
@@ -1973,6 +1981,10 @@ private int peekPastLine() {
         int ch = temp[++cursor];
         while (ch != 0 && !isLineSeparator(ch))
             ch = temp[++cursor];
+        if (ch == 0 && cursor > patternLength) {
+            cursor = patternLength;
+            ch = temp[cursor];
+        }
         return ch;
     }
 
@@ -3407,9 +3419,10 @@ private int u() {
     private int N() {
         if (read() == '{') {
             int i = cursor;
-            while (cursor < patternLength && read() != '}') {}
-            if (cursor > patternLength)
-                throw error("Unclosed character name escape sequence");
+            while (read() != '}') {
+                if (cursor >= patternLength)
+                    throw error("Unclosed character name escape sequence");
+            }
             String name = new String(temp, i, cursor - i - 1);
             try {
                 return Character.codePointOf(name);

src/java.base/share/classes/sun/net/www/protocol/http/HttpURLConnection.java

@@ -2165,6 +2165,10 @@ public synchronized void doTunneling() throws IOException {
             } while (retryTunnel < maxRedirects);
 
             if (retryTunnel >= maxRedirects || (respCode != HTTP_OK)) {
+                if (respCode != HTTP_PROXY_AUTH) {
+                    // remove all but authenticate responses
+                    responses.reset();
+                }
                 throw new IOException("Unable to tunnel through proxy."+
                                       " Proxy returns \"" +
                                       statusLine + "\"");

src/java.base/share/classes/sun/net/www/protocol/jar/Handler.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -121,6 +121,13 @@ protected int hashCode(URL u) {
         return h;
     }
 
+    public String checkNestedProtocol(String spec) {
+        if (spec.regionMatches(true, 0, "jar:", 0, 4)) {
+            return "Nested JAR URLs are not supported";
+        } else {
+            return null;
+        }
+    }
 
     @Override
     @SuppressWarnings("deprecation")
@@ -146,6 +153,12 @@ protected void parseURL(URL url, String spec,
                 : false;
         spec = spec.substring(start, limit);
 
+        String exceptionMessage = checkNestedProtocol(spec);
+        if (exceptionMessage != null) {
+            // NPE will be transformed into MalformedURLException by the caller
+            throw new NullPointerException(exceptionMessage);
+        }
+
         if (absoluteSpec) {
             file = parseAbsoluteSpec(spec);
         } else if (!refOnly) {

src/java.base/share/classes/sun/security/ssl/SupportedGroupsExtension.java

@@ -521,12 +521,6 @@ static class SupportedGroups {
                         NamedGroup.SECP256_R1,
                         NamedGroup.SECP384_R1,
                         NamedGroup.SECP521_R1,
-                        NamedGroup.SECT283_K1,
-                        NamedGroup.SECT283_R1,
-                        NamedGroup.SECT409_K1,
-                        NamedGroup.SECT409_R1,
-                        NamedGroup.SECT571_K1,
-                        NamedGroup.SECT571_R1,
 
                         // FFDHE 2048
                         NamedGroup.FFDHE_2048,
@@ -541,15 +535,6 @@ static class SupportedGroups {
                         NamedGroup.SECP256_R1,
                         NamedGroup.SECP384_R1,
                         NamedGroup.SECP521_R1,
-                        NamedGroup.SECT283_K1,
-                        NamedGroup.SECT283_R1,
-                        NamedGroup.SECT409_K1,
-                        NamedGroup.SECT409_R1,
-                        NamedGroup.SECT571_K1,
-                        NamedGroup.SECT571_R1,
-
-                        // non-NIST curves
-                        NamedGroup.SECP256_K1,
 
                         // FFDHE 2048
                         NamedGroup.FFDHE_2048,

src/java.base/share/classes/sun/security/util/FilePermCompat.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2016, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -42,8 +42,11 @@ public class FilePermCompat {
     public static final boolean compat;
 
     static {
-        String flag = GetPropertyAction.privilegedGetProperty(
-                "jdk.io.permissionsUseCanonicalPath", "false");
+        String flag = SecurityProperties.privilegedGetOverridable(
+                "jdk.io.permissionsUseCanonicalPath");
+        if (flag == null) {
+            flag = "false";
+        }
         switch (flag) {
             case "true":
                 nb = false;

src/java.base/share/classes/sun/security/util/SecurityConstants.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2016, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -97,6 +97,10 @@ private SecurityConstants () {
     public static final NetPermission GET_RESPONSECACHE_PERMISSION =
        new NetPermission("getResponseCache");
 
+    // java.net.ServerSocket, java.net.Socket
+    public static final NetPermission SET_SOCKETIMPL_PERMISSION =
+        new NetPermission("setSocketImpl");
+
     // java.lang.SecurityManager, sun.applet.AppletPanel
     public static final RuntimePermission CREATE_CLASSLOADER_PERMISSION =
         new RuntimePermission("createClassLoader");