11/*
2- * Copyright (c) 1997, 2021 , Oracle and/or its affiliates. All rights reserved.
2+ * Copyright (c) 1997, 2022 , Oracle and/or its affiliates. All rights reserved.
33 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
44 *
55 * This code is free software; you can redistribute it and/or modify it
@@ -153,7 +153,7 @@ public final class UnresolvedPermission extends Permission
153153 * Each chain is ordered bottom-to-top (i.e., with the signer certificate
154154 * first and the (root) certificate authority last). The signer
155155 * certificates are copied from the array. Subsequent changes to
156- * the array will not affect this UnsolvedPermission .
156+ * the array will not affect this UnresolvedPermission .
157157 */
158158 public UnresolvedPermission (String type ,
159159 String name ,
@@ -165,59 +165,63 @@ public UnresolvedPermission(String type,
165165 if (type == null )
166166 throw new NullPointerException ("type can't be null" );
167167
168+ // Perform a defensive copy and reassign certs if we have a non-null
169+ // reference
170+ if (certs != null ) {
171+ certs = certs .clone ();
172+ }
173+
168174 this .type = type ;
169175 this .name = name ;
170176 this .actions = actions ;
177+
171178 if (certs != null ) {
172179 // Extract the signer certs from the list of certificates.
173- for (int i = 0 ; i < certs .length ; i ++) {
180+ for (int i = 0 ; i < certs .length ; i ++) {
174181 if (!(certs [i ] instanceof X509Certificate )) {
175182 // there is no concept of signer certs, so we store the
176- // entire cert array
177- this .certs = certs . clone () ;
178- break ;
183+ // entire cert array. No further processing is necessary.
184+ this .certs = certs ;
185+ return ;
179186 }
180187 }
181188
182- if (this .certs == null ) {
183- // Go through the list of certs and see if all the certs are
184- // signer certs.
185- int i = 0 ;
186- int count = 0 ;
187- while (i < certs .length ) {
188- count ++;
189- while (((i +1 ) < certs .length ) &&
190- ((X509Certificate )certs [i ]).getIssuerX500Principal ().equals (
191- ((X509Certificate )certs [i +1 ]).getSubjectX500Principal ())) {
192- i ++;
193- }
189+ // Go through the list of certs and see if all the certs are
190+ // signer certs.
191+ int i = 0 ;
192+ int count = 0 ;
193+ while (i < certs .length ) {
194+ count ++;
195+ while (((i + 1 ) < certs .length ) &&
196+ ((X509Certificate )certs [i ]).getIssuerX500Principal ().equals (
197+ ((X509Certificate )certs [i + 1 ]).getSubjectX500Principal ())) {
194198 i ++;
195199 }
196- if (count == certs .length ) {
197- // All the certs are signer certs, so we store the entire
198- // array
199- this .certs = certs .clone ();
200- }
200+ i ++;
201+ }
202+ if (count == certs .length ) {
203+ // All the certs are signer certs, so we store the entire
204+ // array. No further processing is needed.
205+ this .certs = certs ;
206+ return ;
207+ }
201208
202- if (this .certs == null ) {
203- // extract the signer certs
204- ArrayList <java .security .cert .Certificate > signerCerts =
205- new ArrayList <>();
206- i = 0 ;
207- while (i < certs .length ) {
208- signerCerts .add (certs [i ]);
209- while (((i +1 ) < certs .length ) &&
210- ((X509Certificate )certs [i ]).getIssuerX500Principal ().equals (
211- ((X509Certificate )certs [i +1 ]).getSubjectX500Principal ())) {
212- i ++;
213- }
214- i ++;
215- }
216- this .certs =
217- new java .security .cert .Certificate [signerCerts .size ()];
218- signerCerts .toArray (this .certs );
209+ // extract the signer certs
210+ ArrayList <java .security .cert .Certificate > signerCerts =
211+ new ArrayList <>();
212+ i = 0 ;
213+ while (i < certs .length ) {
214+ signerCerts .add (certs [i ]);
215+ while (((i + 1 ) < certs .length ) &&
216+ ((X509Certificate )certs [i ]).getIssuerX500Principal ().equals (
217+ ((X509Certificate )certs [i + 1 ]).getSubjectX500Principal ())) {
218+ i ++;
219219 }
220+ i ++;
220221 }
222+ this .certs =
223+ new java .security .cert .Certificate [signerCerts .size ()];
224+ signerCerts .toArray (this .certs );
221225 }
222226 }
223227
@@ -310,6 +314,7 @@ Permission resolve(Permission p, java.security.cert.Certificate[] certs) {
310314 *
311315 * @return false.
312316 */
317+ @ Override
313318 public boolean implies (Permission p ) {
314319 return false ;
315320 }
@@ -330,6 +335,7 @@ public boolean implies(Permission p) {
330335 * type (class) name, permission name, actions, and
331336 * certificates as this object.
332337 */
338+ @ Override
333339 public boolean equals (Object obj ) {
334340 if (obj == this )
335341 return true ;
@@ -402,7 +408,7 @@ public boolean equals(Object obj) {
402408 *
403409 * @return a hash code value for this object.
404410 */
405-
411+ @ Override
406412 public int hashCode () {
407413 int hash = type .hashCode ();
408414 if (name != null )
@@ -422,6 +428,7 @@ public int hashCode() {
422428 *
423429 * @return the empty string "".
424430 */
431+ @ Override
425432 public String getActions ()
426433 {
427434 return "" ;
@@ -489,6 +496,7 @@ public java.security.cert.Certificate[] getUnresolvedCerts() {
489496 *
490497 * @return information about this UnresolvedPermission.
491498 */
499+ @ Override
492500 public String toString () {
493501 return "(unresolved " + type + " " + name + " " + actions + ")" ;
494502 }
@@ -500,7 +508,7 @@ public String toString() {
500508 * @return a new PermissionCollection object suitable for
501509 * storing UnresolvedPermissions.
502510 */
503-
511+ @ Override
504512 public PermissionCollection newPermissionCollection () {
505513 return new UnresolvedPermissionCollection ();
506514 }
0 commit comments