Skip to content

Commit

Permalink
8242330: Arrays should be cloned in several JAAS Callback classes
Browse files Browse the repository at this point in the history
Reviewed-by: clanger
Backport-of: 8cd9241
  • Loading branch information
Yuri Nesterenko committed Oct 5, 2023
1 parent 96e3db7 commit 059f73c
Show file tree
Hide file tree
Showing 3 changed files with 121 additions and 18 deletions.
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 1999, 2015, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1999, 2020, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
Expand Down Expand Up @@ -42,23 +42,23 @@ public class ChoiceCallback implements Callback, java.io.Serializable {
* @serial
* @since 1.4
*/
private String prompt;
private final String prompt;
/**
* @serial the list of choices
* @since 1.4
*/
private String[] choices;
private final String[] choices;
/**
* @serial the choice to be used as the default choice
* @since 1.4
*/
private int defaultChoice;
private final int defaultChoice;
/**
* @serial whether multiple selections are allowed from the list of
* choices
* @since 1.4
*/
private boolean multipleSelectionsAllowed;
private final boolean multipleSelectionsAllowed;
/**
* @serial the selected choices, represented as indexes into the
* {@code choices} list.
Expand Down Expand Up @@ -109,7 +109,7 @@ public ChoiceCallback(String prompt, String[] choices,
}

this.prompt = prompt;
this.choices = choices;
this.choices = choices.clone();
this.defaultChoice = defaultChoice;
this.multipleSelectionsAllowed = multipleSelectionsAllowed;
}
Expand All @@ -129,7 +129,7 @@ public String getPrompt() {
* @return the list of choices.
*/
public String[] getChoices() {
return choices;
return choices.clone();
}

/**
Expand Down Expand Up @@ -180,7 +180,7 @@ public void setSelectedIndex(int selection) {
public void setSelectedIndexes(int[] selections) {
if (!multipleSelectionsAllowed)
throw new UnsupportedOperationException();
this.selections = selections;
this.selections = selections == null ? null : selections.clone();
}

/**
Expand All @@ -192,6 +192,6 @@ public void setSelectedIndexes(int[] selections) {
* @see #setSelectedIndexes
*/
public int[] getSelectedIndexes() {
return selections;
return selections == null ? null : selections.clone();
}
}
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 1999, 2015, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1999, 2020, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
Expand Down Expand Up @@ -121,31 +121,32 @@ public class ConfirmationCallback implements Callback, java.io.Serializable {

/** ERROR message type. */
public static final int ERROR = 2;

/**
* @serial
* @since 1.4
*/
private String prompt;
private final String prompt;
/**
* @serial
* @since 1.4
*/
private int messageType;
private final int messageType;
/**
* @serial
* @since 1.4
*/
private int optionType = UNSPECIFIED_OPTION;
private final int optionType;
/**
* @serial
* @since 1.4
*/
private int defaultOption;
private final int defaultOption;
/**
* @serial
* @since 1.4
*/
private String[] options;
private final String[] options;
/**
* @serial
* @since 1.4
Expand Down Expand Up @@ -205,8 +206,10 @@ public ConfirmationCallback(int messageType,
break;
}

this.prompt = null;
this.messageType = messageType;
this.optionType = optionType;
this.options = null;
this.defaultOption = defaultOption;
}

Expand Down Expand Up @@ -252,8 +255,10 @@ public ConfirmationCallback(int messageType,
throw new IllegalArgumentException();
}

this.prompt = null;
this.messageType = messageType;
this.options = options;
this.optionType = UNSPECIFIED_OPTION;
this.options = options.clone();
this.defaultOption = defaultOption;
}

Expand Down Expand Up @@ -318,6 +323,7 @@ public ConfirmationCallback(String prompt, int messageType,
this.prompt = prompt;
this.messageType = messageType;
this.optionType = optionType;
this.options = null;
this.defaultOption = defaultOption;
}

Expand Down Expand Up @@ -370,7 +376,8 @@ public ConfirmationCallback(String prompt, int messageType,

this.prompt = prompt;
this.messageType = messageType;
this.options = options;
this.optionType = UNSPECIFIED_OPTION;
this.options = options.clone();
this.defaultOption = defaultOption;
}

Expand Down Expand Up @@ -422,7 +429,7 @@ public int getOptionType() {
* an {@code optionType} instead of {@code options}.
*/
public String[] getOptions() {
return options;
return options == null ? null : options.clone();
}

/**
Expand Down
96 changes: 96 additions & 0 deletions test/jdk/javax/security/auth/callback/Mutability.java
Original file line number Diff line number Diff line change
@@ -0,0 +1,96 @@
/*
* Copyright (c) 2020, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/

/*
* @test
* @bug 8242330
* @library /test/lib
* @summary Arrays should be cloned in several JAAS Callback classes
*/

import javax.security.auth.callback.ChoiceCallback;
import javax.security.auth.callback.ConfirmationCallback;

import static jdk.test.lib.Asserts.assertEQ;

public class Mutability {
public static void main(String[] args) {

// #1. ConfirmationCallback.new(3)
String[] i11 = {"1", "2"};
ConfirmationCallback c1 = new ConfirmationCallback(
ConfirmationCallback.INFORMATION,
i11,
0);

// Modify argument of constructor
i11[0] = "x";
String[] o11 = c1.getOptions();
assertEQ(o11[0], "1");
// Modify output
o11[0] = "y";
String[] o12 = c1.getOptions();
assertEQ(o12[0], "1");

// #2. ConfirmationCallback.new(4)
String[] i21 = {"1", "2"};
ConfirmationCallback c2 = new ConfirmationCallback(
"Hi",
ConfirmationCallback.INFORMATION,
i21,
0);

// Modify argument of constructor
i21[0] = "x";
assertEQ(c2.getOptions()[0], "1");

// #3. ChoiceCallback.new
String[] i31 = {"1", "2"};
ChoiceCallback c3 = new ChoiceCallback(
"Hi",
i31,
0,
true);

// Modify argument of constructor
i31[0] = "x";
String[] o31 = c3.getChoices();
assertEQ(o31[0], "1");
// Modify output of getChoices
o31[0] = "y";
String[] o32 = c3.getChoices();
assertEQ(o32[0], "1");

int[] s31 = {0, 1};
c3.setSelectedIndexes(s31);

// Modify argument of setSelectedIndexes
s31[0] = 1;
int[] s32 = c3.getSelectedIndexes();
assertEQ(s32[0], 0);
// Modify output of getSelectedIndexes
s32[1] = 0;
int[] s33 = c3.getSelectedIndexes();
assertEQ(s33[1], 1);
}
}

1 comment on commit 059f73c

@openjdk-notifier
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please sign in to comment.