OpenJDK / jdk / jdk10
changeset 21642:5efc900f8ecd
8027991: InputStream should be closed in sun.security.tools.jarsigner.Main
Reviewed-by: xuelei
| author | weijun |
|---|---|
| date | Mon, 11 Nov 2013 16:54:41 +0800 |
| parents | c8114b367cf4 |
| children | dd4f80b0590d |
| files | jdk/src/share/classes/sun/security/tools/jarsigner/Main.java jdk/test/sun/security/tools/jarsigner/CertChainUnclosed.java |
| diffstat | 2 files changed, 67 insertions(+), 4 deletions(-) [+] |
line wrap: on
line diff
--- a/jdk/src/share/classes/sun/security/tools/jarsigner/Main.java Mon Nov 11 08:36:53 2013 +0000 +++ b/jdk/src/share/classes/sun/security/tools/jarsigner/Main.java Mon Nov 11 16:54:41 2013 +0800 @@ -1781,14 +1781,14 @@ try { java.security.cert.Certificate[] cs = null; if (altCertChain != null) { - try { + try (FileInputStream fis = new FileInputStream(altCertChain)) { cs = CertificateFactory.getInstance("X.509"). - generateCertificates(new FileInputStream(altCertChain)). + generateCertificates(fis). toArray(new Certificate[0]); - } catch (CertificateException ex) { - error(rb.getString("Cannot.restore.certchain.from.file.specified")); } catch (FileNotFoundException ex) { error(rb.getString("File.specified.by.certchain.does.not.exist")); + } catch (CertificateException | IOException ex) { + error(rb.getString("Cannot.restore.certchain.from.file.specified")); } } else { try {
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/sun/security/tools/jarsigner/CertChainUnclosed.java Mon Nov 11 16:54:41 2013 +0800 @@ -0,0 +1,63 @@ +/* + * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/** + * @test + * @bug 8027991 + * @summary InputStream should be closed in sun.security.tools.jarsigner.Main + * @run main/othervm CertChainUnclosed + */ + +import java.nio.file.Files; +import java.nio.file.Paths; +import java.util.Locale; + +public class CertChainUnclosed { + + public static void main(String[] args) throws Exception { + String os = java.security.AccessController.doPrivileged( + new sun.security.action.GetPropertyAction("os.name")); + if (!os.toUpperCase(Locale.US).contains("WINDOWS")) { + System.out.println("Not Windows. Skip test."); + return; + } + + kt("-genkeypair -alias a -dname CN=A"); + kt("-exportcert -file a.crt -alias a"); + Files.copy(Paths.get(System.getProperty("test.src"), "AlgOptions.jar"), + Paths.get("test.jar")); + sun.security.tools.jarsigner.Main.main( + "-storepass changeit -keystore jks -certchain a.crt test.jar a" + .split(" ")); + + // On Windows, if the file is still opened (or not if GC was + // performed) and the next line would fail + Files.delete(Paths.get("a.crt")); + } + + static void kt(String args) throws Exception { + sun.security.tools.keytool.Main.main( + ("-keystore jks -storepass changeit -keypass changeit -keyalg rsa " + + args).split(" ")); + } +}