Added webrev for jdk18/1

duke · duke · commit 9dc3a4cac7bc · 2021-12-09T19:42:24.000Z
diff --git a/jdk18/1/00/commits.json b/jdk18/1/00/commits.json
@@ -0,0 +1 @@
+[{"commit":{"message":"8278186: throw StringIndexOutOfBoundsException when calling substring method\n\n8278186: throw StringIndexOutOfBoundsException when calling substring method"},"files":[{"filename":"src\/java.xml.crypto\/share\/classes\/org\/jcp\/xml\/dsig\/internal\/dom\/DOMURIDereferencer.java"},{"filename":"src\/java.xml.crypto\/share\/classes\/org\/jcp\/xml\/dsig\/internal\/dom\/Utils.java"},{"filename":"test\/jdk\/javax\/xml\/crypto\/dsig\/BadXPointer.java"},{"filename":"test\/lib\/jdk\/test\/lib\/security\/XMLUtils.java"}],"sha":"dd388b9bec206705160190242b779547c1318882"}]
diff --git a/jdk18/1/00/comparison.json b/jdk18/1/00/comparison.json
@@ -0,0 +1 @@
+{"files":[{"patch":"@@ -24,1 +24,1 @@\n- * Copyright (c) 2005, 2016, Oracle and\/or its affiliates. All rights reserved.\n+ * Copyright (c) 2005, 2021, Oracle and\/or its affiliates. All rights reserved.\n@@ -104,1 +104,3 @@\n-                id = id.substring(i1+1, i2);\n+                if (i1 >= 0 && i2 >= 0) {\n+                    id = id.substring(i1 + 1, i2);\n+                }\n","filename":"src\/java.xml.crypto\/share\/classes\/org\/jcp\/xml\/dsig\/internal\/dom\/DOMURIDereferencer.java","additions":4,"deletions":2,"binary":false,"changes":6,"status":"modified"},{"patch":"@@ -24,1 +24,1 @@\n- * Copyright (c) 2005, Oracle and\/or its affiliates. All rights reserved.\n+ * Copyright (c) 2005, 2021, Oracle and\/or its affiliates. All rights reserved.\n@@ -97,1 +97,3 @@\n-            id = id.substring(i1+1, i2);\n+            if (i1 >= 0 && i2 >= 0) {\n+                id = id.substring(i1 + 1, i2);\n+            }\n","filename":"src\/java.xml.crypto\/share\/classes\/org\/jcp\/xml\/dsig\/internal\/dom\/Utils.java","additions":4,"deletions":2,"binary":false,"changes":6,"status":"modified"},{"patch":"@@ -0,0 +1,60 @@\n+\/*\n+ * Copyright (c) 2021, Oracle and\/or its affiliates. All rights reserved.\n+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.\n+ *\n+ * This code is free software; you can redistribute it and\/or modify it\n+ * under the terms of the GNU General Public License version 2 only, as\n+ * published by the Free Software Foundation.\n+ *\n+ * This code is distributed in the hope that it will be useful, but WITHOUT\n+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or\n+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License\n+ * version 2 for more details (a copy is included in the LICENSE file that\n+ * accompanied this code).\n+ *\n+ * You should have received a copy of the GNU General Public License version\n+ * 2 along with this work; if not, write to the Free Software Foundation,\n+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n+ *\n+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA\n+ * or visit www.oracle.com if you need additional information or have any\n+ * questions.\n+ *\/\n+\n+import jdk.test.lib.Asserts;\n+import jdk.test.lib.Utils;\n+import jdk.test.lib.security.XMLUtils;\n+\n+import javax.xml.crypto.URIReferenceException;\n+import javax.xml.crypto.dsig.XMLSignatureException;\n+import java.security.KeyPair;\n+import java.security.KeyPairGenerator;\n+import java.security.spec.ECGenParameterSpec;\n+\n+\/**\n+ * @test\n+ * @bug 8278186\n+ * @summary reject malformed xpointer(id('a')) gracefully\n+ * @library \/test\/lib\n+ * @modules java.xml.crypto\n+ *\/\n+public class BadXPointer {\n+\n+    public static void main(String[] args) throws Exception {\n+\n+        KeyPairGenerator kpg = KeyPairGenerator.getInstance(\"EC\");\n+        kpg.initialize(new ECGenParameterSpec(\"secp256r1\"));\n+        KeyPair kp = kpg.generateKeyPair();\n+\n+        var signer = XMLUtils.signer(kp.getPrivate(), kp.getPublic());\n+        var doc = XMLUtils.string2doc(\"<root\/>\");\n+\n+        \/\/ No enclosing ' for id\n+        Utils.runAndCheckException(\n+                () -> signer.signEnveloping(doc, \"a\", \"#xpointer(id('a))\"),\n+                ex -> Asserts.assertTrue(ex instanceof XMLSignatureException\n+                        && ex.getCause() instanceof URIReferenceException\n+                        && ex.getMessage().contains(\"Could not find a resolver\"),\n+                    ex.toString()));\n+    }\n+}\n","filename":"test\/jdk\/javax\/xml\/crypto\/dsig\/BadXPointer.java","additions":60,"deletions":0,"binary":false,"changes":60,"status":"added"},{"patch":"@@ -95,1 +95,1 @@\n-                s3.sign(p.getParent().toUri(), p.getFileName().toUri()))); \/\/ can read KeyInfo\n+                s3.sign(p.toAbsolutePath().getParent().toUri(), p.getFileName().toUri()))); \/\/ can read KeyInfo\n@@ -98,0 +98,2 @@\n+        Asserts.assertTrue(v1.validate(s1.signEnveloping(d, \"x\", \"#x\")));\n+        Asserts.assertTrue(v1.validate(s1.signEnveloping(d, \"x\", \"#xpointer(id('x'))\")));\n@@ -350,1 +352,1 @@\n-        public Document signEnveloping(Document document) throws Exception {\n+        public Document signEnveloping(Document document, String id, String ref) throws Exception {\n@@ -354,1 +356,1 @@\n-                    buildSignedInfo(FAC.newReference(\"#object\", dm)),\n+                    buildSignedInfo(FAC.newReference(ref, dm)),\n@@ -357,1 +359,1 @@\n-                            \"object\", null, null)),\n+                            id, null, null)),\n@@ -477,1 +479,1 @@\n-            NodeList nodeList = document.getElementsByTagName(\"Signature\");\n+            NodeList nodeList = document.getElementsByTagNameNS(XMLSignature.XMLNS, \"Signature\");\n","filename":"test\/lib\/jdk\/test\/lib\/security\/XMLUtils.java","additions":7,"deletions":5,"binary":false,"changes":12,"status":"modified"}]}
diff --git a/jdk18/1/00/metadata.json b/jdk18/1/00/metadata.json
@@ -0,0 +1 @@
+{"head":{"repo":{"full_name":"wangweij\/jdk18","html_url":"https:\/\/github.com\/wangweij\/jdk18"},"sha":"dd388b9bec206705160190242b779547c1318882"},"created_at":"2021-12-09T19:42:21.616786476Z","base":{"repo":{"full_name":"openjdk\/jdk18","html_url":"https:\/\/git.openjdk.java.net\/jdk18"},"sha":"6dae52f8e3993d529033147de8e34ad1e7d48c53"}}

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	+[{"commit":{"message":"8278186: throw StringIndexOutOfBoundsException when calling substring method\n\n8278186: throw StringIndexOutOfBoundsException when calling substring method"},"files":[{"filename":"src\/java.xml.crypto\/share\/classes\/org\/jcp\/xml\/dsig\/internal\/dom\/DOMURIDereferencer.java"},{"filename":"src\/java.xml.crypto\/share\/classes\/org\/jcp\/xml\/dsig\/internal\/dom\/Utils.java"},{"filename":"test\/jdk\/javax\/xml\/crypto\/dsig\/BadXPointer.java"},{"filename":"test\/lib\/jdk\/test\/lib\/security\/XMLUtils.java"}],"sha":"dd388b9bec206705160190242b779547c1318882"}]
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	+{"files":[{"patch":"@@ -24,1 +24,1 @@\n- * Copyright (c) 2005, 2016, Oracle and\/or its affiliates. All rights reserved.\n+ * Copyright (c) 2005, 2021, Oracle and\/or its affiliates. All rights reserved.\n@@ -104,1 +104,3 @@\n- id = id.substring(i1+1, i2);\n+ if (i1 >= 0 && i2 >= 0) {\n+ id = id.substring(i1 + 1, i2);\n+ }\n","filename":"src\/java.xml.crypto\/share\/classes\/org\/jcp\/xml\/dsig\/internal\/dom\/DOMURIDereferencer.java","additions":4,"deletions":2,"binary":false,"changes":6,"status":"modified"},{"patch":"@@ -24,1 +24,1 @@\n- * Copyright (c) 2005, Oracle and\/or its affiliates. All rights reserved.\n+ * Copyright (c) 2005, 2021, Oracle and\/or its affiliates. All rights reserved.\n@@ -97,1 +97,3 @@\n- id = id.substring(i1+1, i2);\n+ if (i1 >= 0 && i2 >= 0) {\n+ id = id.substring(i1 + 1, i2);\n+ }\n","filename":"src\/java.xml.crypto\/share\/classes\/org\/jcp\/xml\/dsig\/internal\/dom\/Utils.java","additions":4,"deletions":2,"binary":false,"changes":6,"status":"modified"},{"patch":"@@ -0,0 +1,60 @@\n+\/\n+ Copyright (c) 2021, Oracle and\/or its affiliates. All rights reserved.\n+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.\n+ \n+ This code is free software; you can redistribute it and\/or modify it\n+ * under the terms of the GNU General Public License version 2 only, as\n+ * published by the Free Software Foundation.\n+ \n+ This code is distributed in the hope that it will be useful, but WITHOUT\n+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or\n+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License\n+ * version 2 for more details (a copy is included in the LICENSE file that\n+ * accompanied this code).\n+ \n+ You should have received a copy of the GNU General Public License version\n+ * 2 along with this work; if not, write to the Free Software Foundation,\n+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n+ \n+ Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA\n+ * or visit www.oracle.com if you need additional information or have any\n+ * questions.\n+ \/\n+\n+import jdk.test.lib.Asserts;\n+import jdk.test.lib.Utils;\n+import jdk.test.lib.security.XMLUtils;\n+\n+import javax.xml.crypto.URIReferenceException;\n+import javax.xml.crypto.dsig.XMLSignatureException;\n+import java.security.KeyPair;\n+import java.security.KeyPairGenerator;\n+import java.security.spec.ECGenParameterSpec;\n+\n+\/\n+ @test\n+ * @bug 8278186\n+ * @summary reject malformed xpointer(id('a')) gracefully\n+ * @library \/test\/lib\n+ * @modules java.xml.crypto\n+ *\/\n+public class BadXPointer {\n+\n+ public static void main(String[] args) throws Exception {\n+\n+ KeyPairGenerator kpg = KeyPairGenerator.getInstance(\"EC\");\n+ kpg.initialize(new ECGenParameterSpec(\"secp256r1\"));\n+ KeyPair kp = kpg.generateKeyPair();\n+\n+ var signer = XMLUtils.signer(kp.getPrivate(), kp.getPublic());\n+ var doc = XMLUtils.string2doc(\"<root\/>\");\n+\n+ \/\/ No enclosing ' for id\n+ Utils.runAndCheckException(\n+ () -> signer.signEnveloping(doc, \"a\", \"#xpointer(id('a))\"),\n+ ex -> Asserts.assertTrue(ex instanceof XMLSignatureException\n+ && ex.getCause() instanceof URIReferenceException\n+ && ex.getMessage().contains(\"Could not find a resolver\"),\n+ ex.toString()));\n+ }\n+}\n","filename":"test\/jdk\/javax\/xml\/crypto\/dsig\/BadXPointer.java","additions":60,"deletions":0,"binary":false,"changes":60,"status":"added"},{"patch":"@@ -95,1 +95,1 @@\n- s3.sign(p.getParent().toUri(), p.getFileName().toUri()))); \/\/ can read KeyInfo\n+ s3.sign(p.toAbsolutePath().getParent().toUri(), p.getFileName().toUri()))); \/\/ can read KeyInfo\n@@ -98,0 +98,2 @@\n+ Asserts.assertTrue(v1.validate(s1.signEnveloping(d, \"x\", \"#x\")));\n+ Asserts.assertTrue(v1.validate(s1.signEnveloping(d, \"x\", \"#xpointer(id('x'))\")));\n@@ -350,1 +352,1 @@\n- public Document signEnveloping(Document document) throws Exception {\n+ public Document signEnveloping(Document document, String id, String ref) throws Exception {\n@@ -354,1 +356,1 @@\n- buildSignedInfo(FAC.newReference(\"#object\", dm)),\n+ buildSignedInfo(FAC.newReference(ref, dm)),\n@@ -357,1 +359,1 @@\n- \"object\", null, null)),\n+ id, null, null)),\n@@ -477,1 +479,1 @@\n- NodeList nodeList = document.getElementsByTagName(\"Signature\");\n+ NodeList nodeList = document.getElementsByTagNameNS(XMLSignature.XMLNS, \"Signature\");\n","filename":"test\/lib\/jdk\/test\/lib\/security\/XMLUtils.java","additions":7,"deletions":5,"binary":false,"changes":12,"status":"modified"}]}
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+{"head":{"repo":{"full_name":"wangweij\/jdk18","html_url":"https:\/\/github.com\/wangweij\/jdk18"},"sha":"dd388b9bec206705160190242b779547c1318882"},"created_at":"2021-12-09T19:42:21.616786476Z","base":{"repo":{"full_name":"openjdk\/jdk18","html_url":"https:\/\/git.openjdk.java.net\/jdk18"},"sha":"6dae52f8e3993d529033147de8e34ad1e7d48c53"}}`