RFR for 6443578 and 6202130: UTF-8 in Manifests (original) (raw)

Philipp Kunz philipp.kunz at paratix.ch
Wed May 2 05:21:37 UTC 2018

Hi,

Recently, I tried to fix only bug 6202130 with the intention to fix bug 6443578 later with the intention to get some opportunity for feedback, but haven't got any, and propose now a fix for both together which in my opinion makes more sense.

See attached patch.

Some considerations, assumptions, and explanations

suggested changes or additions to the bug database: (i have no permissions to edit it myself)

Now, I would be glad if someone sponsored a review. This is only my third attempt to submit a patch which is why I chose a lesser important subject to fix in order to get familiar and now I understand it's not the most attractive patch to review. Please don't hesitate to suggest what I could do better or differently.

As a bonus, with these changes, manifest files will always be displayed correctly with just any utf capable viewer even if they contain multi-byte utf characters that would have been broken across a line break with the current/previous implementation and all manifests will become also valid strings in Java.

Regards, Philipp

On 20.04.2018 00:58, Philipp Kunz wrote:

Hi,

I tried to fix bug 6202130 about manifest utf support and come up now with a test as suggested in the bug's comments that shows that utf charset actually works before removing the comments from the code. When I wanted to remove the XXX comments about utf it occurred to me that version attributes ("Signature-Version" and "Manifest-Version") would never be broken across lines and should anyway not support the whole utf character set which sounds more like related to bugs 6910466 or 4935610 but it's not a real fit. Therefore, I could not remove one such comment of Attributes#writeMain but I changed it. The first comment in bug 6202130 mentions only two comments but there are three in Attributes. In the attached patch I removed only two of three and changed the remaining third to not mention utf anymore. At the moment, at least until 6443578 is fixed, multi-byte utf characters can be broken across lines. It might be worth a consideration to test that explicitly as well but then I guess there is not much of a point in testing the current behavior that will change with 6443578, hopefully soon. There are in my opinion enough characters broken across lines in the attached test that demonstrate that this still works like it did before. I would have preferred also to remove the calls to deprecated String(byte[], int, int, int) but then figured it relates more to bug 6443578 than 6202130 and now prefer to do that in another separate patch. Bug 6202130 also states that lines are broken by String.length not by byte length. While it looks so at first glance, I could not confirm. The combination of getBytes("UTF8"), String(byte[], int, int, int), and then DataOutputStream.writeBytes(String) in that combination does not drop high-bytes because every byte (whether a whole character or only a part of a multi-byte character) becomes a character in String(...) containing that byte in its low-byte which will be read again from writeBytes(...). Or put in a different way, every utf encoded byte becomes a character and multi-byte utf characters are converted into multiple string characters containing one byte each in their lower bytes. The current solution is not nice, but at least works. With that respect I'd like to suggest to deprecate DataOutputStream.writeBytes(String) because it does something not exactly expected when guessing from its name and that would suit a byte[] parameter better very much like it has been done with String(byte[], int, int, int). Any advice about the procedure to deprecate something? I was surprised that it was not trivial to list all valid utf characters. If someone has a better idea than isValidUtfCharacter in the attached test, let me know. Altogether, I would not consider 6202130 resolved completely, unless maybe all remaining points are copied to 6443578 and maybe another bug about valid values for "Signature-Version" and "Manifest-Version" if at all desired. But still I consider the attached patch an improvement and most of the remainder can then be solved in 6443578 and so far I am looking forward to any kind of feedback. Regards, Philipp

diff -r 2ace90aec488 src/java.base/share/classes/java/util/jar/Attributes.java --- a/src/java.base/share/classes/java/util/jar/Attributes.java Mon Apr 30 21:56:54 2018 -0400 +++ b/src/java.base/share/classes/java/util/jar/Attributes.java Wed May 02 07:20:46 2018 +0200 @@ -296,27 +296,13 @@

  /*
   * Writes the current attributes to the specified data output stream.

bytes + * + * @deprecated moved to + * {@link ManifestWriter#writeSection(java.io.OutputStream)} */ - @SuppressWarnings("deprecation") - void write(DataOutputStream os) throws IOException { - for (Entry<Object, Object> e : entrySet()) { - StringBuffer buffer = new StringBuffer( - ((Name) e.getKey()).toString()); - buffer.append(": ");

@@ -324,50 +310,16 @@ * make sure to write out the MANIFEST_VERSION or SIGNATURE_VERSION * attributes first. * - * XXX Need to handle UTF8 values and break up lines longer than 72 bytes + * @deprecated moved to + * {@link ManifestWriter#writeMain(java.io.OutputStream)} */ - @SuppressWarnings("deprecation") - void writeMain(DataOutputStream out) throws IOException - { - // write out the *-Version header first, if it exists - String vername = Name.MANIFEST_VERSION.toString(); - String version = getValue(vername); - if (version == null) { - vername = Name.SIGNATURE_VERSION.toString(); - version = getValue(vername); - }

IOException { diff -r 2ace90aec488 src/java.base/share/classes/java/util/jar/Manifest.java --- a/src/java.base/share/classes/java/util/jar/Manifest.java Mon Apr 30 21:56:54 2018 -0400 +++ b/src/java.base/share/classes/java/util/jar/Manifest.java Wed May 02 07:20:46 2018 +0200 @@ -26,7 +26,6 @@ package java.util.jar;

import java.io.FilterInputStream; -import java.io.DataOutputStream; import java.io.InputStream; import java.io.OutputStream; import java.io.IOException; @@ -143,31 +142,19 @@ * @exception IOException if an I/O error has occurred * @see #getMainAttributes */

diff -r 2ace90aec488 src/java.base/share/classes/java/util/jar/ManifestWriter.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/java.base/share/classes/java/util/jar/ManifestWriter.java Wed May 02 07:20:46 2018 +0200 @@ -0,0 +1,224 @@ +/*

href="{@docRoot}/../specs/jar/jar.html#Notes_on_Manifest_and_Signature_Files">

form.

of 72

writes

current line

break

IOException {

line width

characters max

earlier

occurs

non-characters

order marks

order marks

length");

line break

followed by

break)

to place

to the

have to be

space

relative to

pairs)

to the

int p,

value)

before

of the

the same

required to

@@ -37,8 +41,10 @@

@@ -49,6 +55,11 @@ final static int MAX_HEADER_NAME_LENGTH = 70;

  /**

header

header * name length or that an exception occurs already on the attempt to write * an invalid one otherwise and that no invalid manifest can be written. *

could

width, such

could

width, such * a situation should never happen, which is the subject of this test.

one-byte utf

multi-byte

subject of

this test. */

@@ -111,18 +129,18 @@ }

  /**

provided * the manifest is valid otherwise. *

href="{@docRoot}/../specs/jar/jar.html#Notes_on_Manifest_and_Signature_Files">

earlier or

href="{@docRoot}/../specs/jar/jar.html#Notes_on_Manifest_and_Signature_Files">

(not

sure

sure * that manifest files broken at 70 bytes line width written with the * previous version of {@link Manifest} before this fix still work well. */ @@ -186,7 +204,8 @@ * form. */ String lineBrokenSectionName = breakLines(lineWidth, "Name: "

" + value);

@@ -264,7 +283,7 @@ return mfBytes; }

"----------------------------------------------" + "---------------------|-|-|"; // |-positions: ---68-70-72 System.out.println(sepLine); @@ -272,13 +291,179 @@ System.out.println(sepLine); }

name, + static void assertMainAndSectionValues(Manifest mf, String name, String value) { String mainValue = mf.getMainAttributes().getValue(name); - String sectionValue = mf.getAttributes(name).getValue(name);

      assertEquals(value, mainValue, "value different in main section");

section"); }

"Signature-Version" + * are not continued on a next line. + / + void testWriteVersionInfoLineWidth(Name version) throws IOException { + // e: number of characters of version header exceeding line width + for (int e = 0; e <= 1; e++) { + Manifest mf = new Manifest(); + mf.getMainAttributes().put(version, + "01234567890123456789012345678901234567890123456789012345" + .substring(0, MAX_HEADER_NAME_LENGTH + - version.toString().length() + e)); + ByteArrayOutputStream out = new ByteArrayOutputStream(); + mf.write(out); + byte[] mfBytes = out.toByteArray(); + printManifest(mfBytes); + // maximum line width can only be exceeded if header not broken + assertEquals(MAX_LINE_CONTENT_LENGTH + e, + findMaximumLineWidth(mfBytes)); + } + } + + static int findMaximumLineWidth(byte[] mfBytes) { + int max = 0; + int b = 0; // start position of current line + for (int i = 0; i < mfBytes.length; i++) { + switch (mfBytes[i]) { + case 10: + case 13: + max = Math.max(max, i - b); + b = i + 1; + } + } + return max; + } + + /** + * @see LineBreakCharacter#numByteUtfCharacter(int, int) + */ + static String numByteUtfCharacter(int numBytes, int seed) { + seed = seed < 0 ? -seed : seed; + if (numBytes == 1) { + seed %= 0x5F; + seed += 0x20; // exclude control characters (0..0x19) here + } else if (numBytes == 2) { + seed %= 0x800 - 0x80; + seed += 0x80; + } else if (numBytes == 3) { + seed %= 0x10000 - 0x800 + 0xFDD0 - 0xFDEF + 0xFFFE - 0xFFFF; + seed += 0x800 + + (seed >= 0xFDD0 ? 0xFDEF - 0xFDD0 : 0) // non-characters + + (seed % 0x10000) * (0xFFFF - 0xFFFE); // byte order marks + } else { + seed %= 0x110000 - (0x10000 - 0xFFFE); + seed += 0x10000 + + (seed % 0x10000) * (0xFFFF - 0xFFFE); // byte order marks + } + + String string = new String(Character.toChars(seed)); + assertEquals(string.getBytes(UTF_8).length, numBytes, + "self-test failed: unexpected utf encoded character length"); + return string; + } + + /* + * Tests that the manifest line content width is between 69 (1 + + * maximum line width (without line break) 72 - maximum utf encoded + * character length 4) and 72 before continued on the next + * line, aka continuation line, depending only on the last character + * before the line break and not on those before or after in order to + * ensure the minimum number of line breaks and continuation lines + * possible. + *

+ * The + * "Notes on Manifest and Signature Files" in the "JAR File + * Specification" state that no line may be longer than 72 bytes (not + * characters), in its utf8-encoded form. and allows for earlier or + * additional line breaks. + *

+ * The number of characters a line may be less than the number of bytes + * but this is not explicitly verified because it can be assumed if some + * characters use more than one byte each and the number of bytes is as + * expected up to 72 that fewer than 72 characters were placed on the same + * line. + *

+ * While {@link #testWriteValidManifestOrException()} tests header names + * lengths, this test covers the values. + / + @Test + public void testManifestLineWidthRange() throws Exception { + final int MAX_UTF_CHARACTER_ENCODED_LENGTH = 4; + final String TEST_NAME = "test"; + + // value will be filled with many possible sequences of utf + // characters of different encoded numbers of bytes in the form of + // "k times i-bytes size character" + "k times i-bytes size character" + // and by prepending up to 72 "x" characters at every possible position + // relative to a possible line break. + String value = ""; + int seed = 0; + for (int i = 1; i <= MAX_UTF_CHARACTER_ENCODED_LENGTH; i++) { + for (int j = 1; j <= MAX_UTF_CHARACTER_ENCODED_LENGTH; j++) { + String valueI = "", valueJ = ""; + for (int k = 1; k < MAX_LINE_CONTENT_LENGTH; k++) { + valueI += numByteUtfCharacter(i, seed++); + valueJ += numByteUtfCharacter(j, seed++); + value += valueI + valueJ; + } + } + } + + String offset = ""; + for (int i = 0; i <= MAX_LINE_CONTENT_LENGTH; i++) { + offset += "x"; + byte[] mfBytes = writeManifest(TEST_NAME, offset + value); + Manifest mf = new Manifest(new ByteArrayInputStream(mfBytes)); + assertMainAndSectionValues(mf, TEST_NAME, offset + value); + + Set allowedWidths = IntStream.rangeClosed( + MAX_LINE_CONTENT_LENGTH - MAX_UTF_CHARACTER_ENCODED_LENGTH + 1, + MAX_LINE_CONTENT_LENGTH).boxed().collect(Collectors.toSet()); + assertEquals(allowedWidths, findContinuedLineWidths(mfBytes)); + } + } + + /* + * Counts the length of lines (without the line breaks) which are + * continued, not the continuation lines but those before that did not fit + * on one line, whereby continuation lines may be continued again on + * another line, and returns their length in bytes, not characters. + / + static Set findContinuedLineWidths(byte[] mfBytes) { + Set widths = new TreeSet<>(); + int previousLineWidth = -1; + int b = 0; // start position of current line + for (int i = 0; i < mfBytes.length; i++) { + switch (mfBytes[i]) { + case '\r': + case '\n': + previousLineWidth = i - b; + if (mfBytes[i] == '\r' && + i + 1 < mfBytes.length && mfBytes[i + 1] == '\n') { + i++; + } + b = i + 1; + break; + case ' ': + if (i == b) { + widths.add(previousLineWidth); + } + } + } + return widths; + } + } diff -r 2ace90aec488 test/jdk/java/util/jar/Manifest/NullKeysAndValues.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/jdk/java/util/jar/Manifest/NullKeysAndValues.java Wed May 02 07:20:46 2018 +0200 @@ -0,0 +1,149 @@ +/* + * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import static java.nio.charset.StandardCharsets.UTF_8; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.util.jar.Attributes; +import java.util.jar.Manifest; +import java.util.jar.Attributes.Name; +import java.lang.reflect.Field; + +import org.testng.annotations.Test; +import static org.testng.Assert.*; + +/** + * @test + * @run testng/othervm --illegal-access=warn NullKeysAndValues + * @summary Tests manifests with {@code null} values as section name, header + * name, or value in both main and named attributes sections. + */ +/* + * Note to future maintainer: + * In order to actually being able to test all the cases where key and values + * are null normal manifest and attributes manipulation through their public + * api is not sufficient but then there were these null checks there before + * which may or may not have had their reason and this way it's ensured that + * the behavior does not change with that respect. + * Once module isolation is enforced some test cases will not any longer be + * possible and those now tested situations will be guaranteed not to occur + * any longer at all at which point the corresponding tests can be removed + * safely without replacement unless of course another way is found inject the + * tested null values. + * Another trick to access package private class members could be to use + * deserialization or adding a new class to the same package on the classpath. + * Here is not important how the values are set to null because it shows that + * the behavior remains unchanged. + */ +public class NullKeysAndValues { + + static final String SOME_KEY = "some-key"; + static final String SOME_VALUE = "some value"; + static final String STRNULL = "null"; + + @Test + public void testMainAttributesHeaderNameNull() throws Exception { + Manifest mf = new Manifest(); + Field attr = mf.getClass().getDeclaredField("attr"); + attr.setAccessible(true); + Attributes mainAtts = new Attributes() {{ + super.put( /* in: */ null, SOME_VALUE); + }}; + attr.set(mf, mainAtts); + mf.getMainAttributes().put(Name.MANIFEST_VERSION, "1.0"); + try { + mf = writeAndRead(mf); + fail(); + } catch ( /* out: */ NullPointerException e) { + return; // ok + } + } + + @Test + public void testMainAttributesHeaderValueNull() throws Exception { + Manifest mf = new Manifest(); + Field attr = mf.getClass().getDeclaredField("attr"); + attr.setAccessible(true); + Attributes mainAtts = new Attributes() {{ + map.put(new Name(SOME_KEY), /* in: */ null); + }}; + attr.set(mf, mainAtts); + mf.getMainAttributes().put(Name.MANIFEST_VERSION, "1.0"); + mf = writeAndRead(mf); + assertEquals(mf.getMainAttributes().getValue(SOME_KEY), + /* out: */ STRNULL); + } + + @Test + public void testSectionNameNull() throws IOException { + Manifest mf = new Manifest(); + mf.getMainAttributes().put(Name.MANIFEST_VERSION, "1.0"); + mf.getEntries().put( /* in: */ null, new Attributes()); + mf = writeAndRead(mf); + assertNotNull(mf.getEntries().get( /* out: */ STRNULL)); + } + + @Test + public void testNamedSectionHeaderNameNull() throws IOException { + Manifest mf = new Manifest(); + mf.getMainAttributes().put(Name.MANIFEST_VERSION, "1.0"); + mf.getEntries().put(SOME_KEY, new Attributes() {{ + map.put( /* in: */ null, SOME_VALUE); + }}); + try { + mf = writeAndRead(mf); + fail(); + } catch ( /* out: */ NullPointerException e) { + return; // ok + } + } + + @Test + public void testNamedSectionHeaderValueNull() throws IOException { + Manifest mf = new Manifest(); + mf.getMainAttributes().put(Name.MANIFEST_VERSION, "1.0"); + mf.getEntries().put(SOME_KEY, new Attributes() {{ + map.put(new Name(SOME_KEY), /* in: */ null); + }}); + mf = writeAndRead(mf); + assertEquals(mf.getEntries().get(SOME_KEY).getValue(SOME_KEY), + /* out: */ STRNULL); + } + + static Manifest writeAndRead(Manifest mf) throws IOException { + ByteArrayOutputStream out = new ByteArrayOutputStream(); + mf.write(out); + byte[] mfBytes = out.toByteArray(); + System.out.println("-------------------------------------------" + + "-----------------------------"); + System.out.print(new String(mfBytes, UTF_8)); + System.out.println("-------------------------------------------" + + "-----------------------------"); + + ByteArrayInputStream in = new ByteArrayInputStream(mfBytes); + return new Manifest(in); + } + +} diff -r 2ace90aec488 test/jdk/java/util/jar/Manifest/ValueUtfEncoding.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/jdk/java/util/jar/Manifest/ValueUtfEncoding.java Wed May 02 07:20:46 2018 +0200 @@ -0,0 +1,226 @@ +/* + * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import static java.nio.charset.StandardCharsets.UTF_8; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.util.jar.Attributes; +import java.util.jar.Attributes.Name; +import java.util.jar.Manifest; +import java.util.List; +import java.util.ArrayList; + +import org.testng.annotations.Test; +import static org.testng.Assert.*; + +/** + * @test + * @bug 6202130 + * @run testng ValueUtfEncoding + * @summary Tests complete manifest values utf encoding + *

+ * This test writes and reads a manifest that contains every valid utf + * character (three times), grouped into manifest header values with about + * 65535 bytes each or slightly more, resulting in a single huge manifest with + * 3 * 67 + 1 values and 13703968 bytes in the manifest's encoded form in + * total. This way, all possible 1111995 utf characters are covered in one + * manifest. + *

+ * Every character occurs three times, once in a main attribute value, once in + * a section name, and once in a named section attribute value, because + * implementation of writing the main section headers differs from the one + * writing named section headers in + * {@link Attributes#writeMain(java.io.DataOutputStream)} and + * {@link Attributes#write(java.io.DataOutputStream)} due to special order of + * {@link Name#MANIFEST_VERSION} and {@link Name#SIGNATURE_VERSION}. + * and also {@link Manifest#read(java.io.InputStream)} treating reading the + * main section differently from reading named sections names headers. + *

+ * Only header values are tested. Characters for header names are much more + * limited and very simple ones are used just to get valid and different ones. + *

+ * Correct support of all utf characters also has some relation to breaking + * characters across lines, see {@link LineBreakCharacter}. + / +public class ValueUtfEncoding { + + /

+ * From the specifications: + * Implementations should support 65535-byte (not character) header + * values, and 65535 headers per file. They might run out of memory, + * but there should not be hard-coded limits below these values. + * + * @see Notes on Manifest and Signature Files + / + static final int MIN_VALUE_LENGTH_SUPPORTED = 2 << 16 - 1; + + static final int MAX_UTF_CHARACTER_ENCODED_LENGTH = 4; + + static boolean isValidUtfCharacter(int codePoint) { + if (0xFDD0 <= codePoint && codePoint <= 0xFDEF) { + return false; /* non-characters */ + } + if ((codePoint & 0xFFFE) == 0xFFFE) { + return false; /* byte order marks */ + } + return true; + } + + /** + * returns {@code true} if {@code codePoint} is explicitly forbidden in + * manifest values based on a statement from the specs: + * 
otherchar: any UTF-8 character except NUL, CR and LF
+     *
+     * @see Jar File 
Specification
+     /
+    static boolean isInvalidManifestValueCharacter(int codePoint) {
+        return codePoint == 0 / NUL /
+            || codePoint == '\r' / CR /
+            || codePoint == '\n' / LF /;
+    };
+
+    /
 + * Produces a list of strings with all known utf characters except those + * invalid in manifest header values with at least + * {@link #MIN_VALUE_LENGTH_SUPPORTED} utf-8 encoded bytes each + * except the last string which contains just the remaining characters. + / + static List produceValidManifestUtfCharacterValues() { + int maxLengthBytes = MIN_VALUE_LENGTH_SUPPORTED + + // exceed the specified limit by at least one character + MAX_UTF_CHARACTER_ENCODED_LENGTH + 1; + + int numberOfUsedCodePoints = 0; + ArrayList values = new ArrayList<>(); + byte[] valueBuf = new byte[maxLengthBytes]; + int pos = 0; + for (int codePoint = Character.MIN_CODE_POINT; + codePoint <= Character.MAX_CODE_POINT; codePoint++) { + if (!isValidUtfCharacter(codePoint)) { + continue; + } + if (isInvalidManifestValueCharacter(codePoint)) { + continue; + } + numberOfUsedCodePoints++; + + byte[] charBuf = + new String(Character.toChars(codePoint)).getBytes(UTF_8); + if (pos + charBuf.length > valueBuf.length) { + values.add(new String(valueBuf, 0, pos, UTF_8)); + pos = 0; + } + System.arraycopy(charBuf, 0, valueBuf, pos, charBuf.length); + pos += charBuf.length; + } + if (pos > 0) { + values.add(new String(valueBuf, 0, pos, UTF_8)); + } + + if (numberOfUsedCodePoints != + (17 << 16) /* utf space */ + - 66 /* non-characters */ + - 3 /* nul, cr, lf */) { + fail("self-test: utf character set not covered exactly"); + } + + return values; + } + + /** + * returns simple, valid, short, and distinct manifest header names. + * The returned name cannot be "{@code Manifest-Version}" because the + * returned string does not contain "{@code -}". + * + * @param seed seed to produce distinct names + */ + static String azName(int seed) { + StringBuffer name = new StringBuffer(); + do { + name.insert(0, (char) (seed % 26 + (seed < 26 ? 'A' : 'a'))); + seed = seed / 26 - 1; + } while (seed >= 0); + return name.toString(); + } + + /* + * covers writing and reading of manifests with all known utf characters. + * + * Because the implementation used different portions of code depending on + * where the value occurs to read or write in earlier versions, each + * character is tested in each of the three positions:

a/test/jdk/sun/security/tools/jarsigner/LineBrokenMultiByteCharacter.java Mon Apr 30 21:56:54 2018 -0400 +++ b/test/jdk/sun/security/tools/jarsigner/LineBrokenMultiByteCharacter.java Wed May 02 07:20:46 2018 +0200 @@ -21,35 +21,48 @@

-/* - * @test - * @bug 6695402 - * @summary verify signatures of jars containing classes with names - * with multi-byte unicode characters broken across lines - * @library /test/lib - */

import java.io.IOException; import java.io.InputStream; import java.nio.file.Files; import java.nio.file.Paths; +import java.util.HashMap; +import java.util.jar.Attributes.Name; import java.util.jar.JarFile; -import java.util.jar.Attributes.Name; import java.util.jar.JarEntry; +import java.util.zip.ZipEntry; +import java.util.zip.ZipFile;

import static java.nio.charset.StandardCharsets.UTF_8;

import jdk.test.lib.SecurityTools; import jdk.test.lib.util.JarUtils;

+import org.testng.annotations.; +import static org.testng.Assert.; + +/**

letter * at its exact position. - * - * because no file with such a name exists {@link JarUtils} will add the + *

+ * Because no file with such a name exists {@link JarUtils} will add the * name itself as contents to the jar entry which would have contained a * compiled class in the original bug. For this test, the contents of the * files contained in the jar file is not important as long as they get @@ -58,55 +71,157 @@ * @see #verifyClassNameLineBroken(JarFile, String) */ static final String testClassName =

"LineBrokenMultiByteCharacterA1234567890B1234567890C123456789D1234\u00E9xyz.class";

existing + * signed jar that already contains an entry with this name which of course + * has to be distinct from the one tested. + */ static final String anotherName =

"LineBrokenMultiByteCharacterA1234567890B1234567890C123456789D1234567890.class";

1.0\r\n\r\n".getBytes(UTF_8);

earlier jdk

"-genkeypair", "-storepass", "changeit", "-keypass", "changeit", "-storetype", "JKS", "-alias", alias, "-dname", "CN=X", "-validity", "366") .shouldHaveExitValue(0);

1.0\r\n").getBytes(UTF_8));

"-storetype",

alias)

refJar.getInputStream(mfEntry).readAllBytes();

testClassName);

Exception {

testClassName);

Exception {

anotherName); SecurityTools.jarsigner("-keystore", keystoreFileName, "-storetype", "JKS", "-storepass", "changeit", "-debug", initialFileName, alias).shouldHaveExitValue(0); JarUtils.updateJar(initialFileName, updatedFileName, testClassName);

anotherName);

"-storetype",

testClassName);

"-storetype", "JKS", "-storepass", "changeit", "-debug", jarFileName, alias) .shouldHaveExitValue(0); @@ -114,34 +229,34 @@ try ( JarFile jar = new JarFile(jarFileName); ) {

expectBrokenEAcute); verifyCodeSigners(jar, jar.getJarEntry(testClassName)); } }

  /**

renaming an

renaming an * identifier so that the multi-byte encoded character would not any longer * be broken across a line break. *

based on

based on * the manifest and not based on the signature file because at the moment, * the signature file does not even contain the desired entry at all.

@@ -156,10 +271,12 @@ bytesMatched = 0; } }

@@ -175,11 +292,16 @@ // a check for the presence of code signers is sufficient to check // bug JDK-6695402. no need to also verify the actual code signers // attributes here.

jarEntry.getName());

jarFileName,

-------------- next part -------------- A non-text attachment was scrubbed... Name: 6372077and6443578.patch Type: text/x-patch Size: 79654 bytes Desc: not available URL: <http://mail.openjdk.java.net/pipermail/core-libs-dev/attachments/20180502/3367c096/6372077and6443578-0001.patch>

More information about the core-libs-dev mailing list