Merge

Author: gnu-andrew

make/autoconf/version-numbers

@@ -37,7 +37,7 @@ DEFAULT_VERSION_DATE=2025-07-15
 DEFAULT_VERSION_CLASSFILE_MAJOR=55  # "`$EXPR $DEFAULT_VERSION_FEATURE + 44`"
 DEFAULT_VERSION_CLASSFILE_MINOR=0
 DEFAULT_ACCEPTABLE_BOOT_VERSIONS="10 11"
-DEFAULT_PROMOTED_VERSION_PRE=ea
+DEFAULT_PROMOTED_VERSION_PRE=
 
 LAUNCHER_NAME=openjdk
 PRODUCT_NAME=OpenJDK

src/hotspot/share/opto/addnode.cpp

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2025, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -941,6 +941,14 @@ static bool can_overflow(const TypeInt* t, jint c) {
           (c > 0 && (java_add(t_hi, c) < t_hi)));
 }
 
+// Check if addition of a long with type 't' and a constant 'c' can overflow.
+static bool can_overflow(const TypeLong* t, jlong c) {
+  jlong t_lo = t->_lo;
+  jlong t_hi = t->_hi;
+  return ((c < 0 && (java_add(t_lo, c) > t_lo)) ||
+          (c > 0 && (java_add(t_hi, c) < t_hi)));
+}
+
 //=============================================================================
 //------------------------------Idealize---------------------------------------
 // MINs show up in range-check loop limit calculations.  Look for
@@ -1062,6 +1070,31 @@ const Type *MinINode::add_ring( const Type *t0, const Type *t1 ) const {
 //
 // Note: we assume that SubL was already replaced by an AddL, and that the stride
 // has its sign flipped: SubL(limit, stride) -> AddL(limit, -stride).
+//
+// Proof MaxL collapsed version equivalent to original (MinL version similar):
+// is_sub_con ensures that con1, con2 ∈ [min_int, 0[
+//
+// Original:
+// - AddL2 underflow => x + con2 ∈ ]max_long - min_int, max_long], ALWAYS BAILOUT as x + con1 + con2 surely fails can_overflow (*)
+// - AddL2 no underflow => x + con2 ∈ [min_long, max_long]
+//   - MaxL2 clamp => min_int
+//     - AddL1 underflow: NOT POSSIBLE: cannot underflow since min_int + con1 ∈ [2 * min_int, min_int] always > min_long
+//     - AddL1 no underflow => min_int + con1 ∈ [2 * min_int, min_int]
+//       - MaxL1 clamp => min_int (RESULT 1)
+//       - MaxL1 no clamp: NOT POSSIBLE: min_int + con1 ∈ [2 * min_int, min_int] always <= min_int, so clamp always taken
+//   - MaxL2 no clamp => x + con2 ∈ [min_int, max_long]
+//     - AddL1 underflow: NOT POSSIBLE: cannot underflow since x + con2 + con1 ∈ [2 * min_int, max_long] always > min_long
+//     - AddL1 no underflow => x + con2 + con1 ∈ [2 * min_int, max_long]
+//       - MaxL1 clamp => min_int (RESULT 2)
+//       - MaxL1 no clamp => x + con2 + con1 ∈ ]min_int, max_long] (RESULT 3)
+//
+// Collapsed:
+// - AddL2 (cannot underflow) => con2 + con1 ∈ [2 * min_int, 0]
+//   - AddL1 underflow: NOT POSSIBLE: would have bailed out at can_overflow (*)
+//   - AddL1 no underflow => x + con2 + con1 ∈ [min_long, max_long]
+//     - MaxL clamp => min_int (RESULT 1 and RESULT 2)
+//     - MaxL no clamp => x + con2 + con1 ∈ ]min_int, max_long] (RESULT 3)
+//
 static bool is_clamp(PhaseGVN* phase, Node* n, Node* c) {
   // Check that the two clamps have the correct values.
   jlong clamp = (n->Opcode() == Op_MaxL) ? min_jint : max_jint;
@@ -1093,6 +1126,10 @@ Node* fold_subI_no_underflow_pattern(Node* n, PhaseGVN* phase) {
         Node* x    = add2->in(1);
         Node* con2 = add2->in(2);
         if (is_sub_con(phase, n, con2)) {
+          // Collapsed graph not equivalent if potential over/underflow -> bailing out (*)
+          if (can_overflow(phase->type(x)->is_long(), con1->get_long() + con2->get_long())) {
+            return NULL;
+          }
           Node* new_con = phase->transform(new AddLNode(con1, con2));
           Node* new_sub = phase->transform(new AddLNode(x, new_con));
           n->set_req_X(1, new_sub, phase);

src/java.base/share/classes/com/sun/crypto/provider/RSACipher.java

@@ -384,7 +384,7 @@ private byte[] doFinal() throws BadPaddingException,
                 byte[] decryptBuffer = RSACore.convert(buffer, 0, bufOfs);
                 paddingCopy = RSACore.rsa(decryptBuffer, privateKey, false);
                 result = padding.unpad(paddingCopy);
-                if (result == null && !forTlsPremasterSecret) {
+                if (!forTlsPremasterSecret && result == null) {
                     throw new BadPaddingException
                             ("Padding error in decryption");
                 }
@@ -404,6 +404,34 @@ private byte[] doFinal() throws BadPaddingException,
         }
     }
 
+    // TLS master secret decode version of the doFinal() method.
+    private byte[] doFinalForTls(int clientVersion, int serverVersion)
+            throws BadPaddingException, IllegalBlockSizeException {
+        if (bufOfs > buffer.length) {
+            throw new IllegalBlockSizeException("Data must not be longer "
+                    + "than " + buffer.length + " bytes");
+        }
+        byte[] paddingCopy = null;
+        byte[] result = null;
+        try {
+            byte[] decryptBuffer = RSACore.convert(buffer, 0, bufOfs);
+
+            paddingCopy = RSACore.rsa(decryptBuffer, privateKey, false);
+            result = padding.unpadForTls(paddingCopy, clientVersion,
+                    serverVersion);
+
+            return result;
+        } finally {
+            Arrays.fill(buffer, 0, bufOfs, (byte)0);
+            bufOfs = 0;
+            if (paddingCopy != null
+                    && paddingCopy != buffer    // already cleaned
+                    && paddingCopy != result) { // DO NOT CLEAN, THIS IS RESULT
+                Arrays.fill(paddingCopy, (byte)0);
+            }
+        }
+    }
+
     // see JCE spec
     protected byte[] engineUpdate(byte[] in, int inOfs, int inLen) {
         update(in, inOfs, inLen);
@@ -476,38 +504,34 @@ protected Key engineUnwrap(byte[] wrappedKey, String algorithm,
         byte[] encoded = null;
 
         update(wrappedKey, 0, wrappedKey.length);
-        try {
-            encoded = doFinal();
-        } catch (BadPaddingException | IllegalBlockSizeException e) {
-            // BadPaddingException cannot happen for TLS RSA unwrap.
-            // In that case, padding error is indicated by returning null.
-            // IllegalBlockSizeException cannot happen in any case,
-            // because of the length check above.
-            throw new InvalidKeyException("Unwrapping failed", e);
-        }
-
         try {
             if (isTlsRsaPremasterSecret) {
                 if (!forTlsPremasterSecret) {
                     throw new IllegalStateException(
                             "No TlsRsaPremasterSecretParameterSpec specified");
                 }
-
-                // polish the TLS premaster secret
-                encoded = KeyUtil.checkTlsPreMasterSecretKey(
-                        ((TlsRsaPremasterSecretParameterSpec) spec).getClientVersion(),
-                        ((TlsRsaPremasterSecretParameterSpec) spec).getServerVersion(),
-                        random, encoded, encoded == null);
+                TlsRsaPremasterSecretParameterSpec parameterSpec =
+                        (TlsRsaPremasterSecretParameterSpec) spec;
+                encoded = doFinalForTls(parameterSpec.getClientVersion(),
+                        parameterSpec.getServerVersion());
+            } else {
+                encoded = doFinal();
             }
-
             return ConstructKeys.constructKey(encoded, algorithm, type);
+
+        } catch (BadPaddingException | IllegalBlockSizeException e) {
+            // BadPaddingException cannot happen for TLS RSA unwrap.
+            // Neither padding error nor server version error is indicated
+            // for TLS, but a fake unwrapped value is returned.
+            // IllegalBlockSizeException cannot happen in any case,
+            // because of the length check above.
+            throw new InvalidKeyException("Unwrapping failed", e);
         } finally {
             if (encoded != null) {
                 Arrays.fill(encoded, (byte) 0);
             }
         }
     }
-
     // see JCE spec
     protected int engineGetKeySize(Key key) throws InvalidKeyException {
         RSAKey rsaKey = RSAKeyFactory.toRSAKey(key);

src/java.base/share/classes/java/util/jar/JarFile.java

@@ -424,7 +424,8 @@ private Manifest getManifestFromReference() throws IOException {
                             jv = new JarVerifier(manEntry.getName(), b);
                         } else {
                             if (JarVerifier.debug != null) {
-                                JarVerifier.debug.println("Multiple MANIFEST.MF found. Treat JAR file as unsigned");
+                                JarVerifier.debug.println(
+                                        JarVerifier.MULTIPLE_MANIFEST_WARNING);
                             }
                         }
                     }

src/java.base/share/classes/java/util/jar/JarInputStream.java

@@ -98,7 +98,17 @@ private JarEntry checkManifest(JarEntry e)
                 jv = new JarVerifier(e.getName(), bytes);
                 mev = new ManifestEntryVerifier(man, jv.manifestName);
             }
-            return (JarEntry)super.getNextEntry();
+            JarEntry nextEntry = (JarEntry)super.getNextEntry();
+            if (nextEntry != null &&
+                    JarFile.MANIFEST_NAME.equalsIgnoreCase(nextEntry.getName())) {
+                if (JarVerifier.debug != null) {
+                    JarVerifier.debug.println(JarVerifier.MULTIPLE_MANIFEST_WARNING);
+                }
+
+                jv = null;
+                mev = null;
+            }
+            return nextEntry;
         }
         return e;
     }

src/java.base/share/classes/java/util/jar/JarVerifier.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2024, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -44,6 +44,9 @@
  */
 class JarVerifier {
 
+    public static final String MULTIPLE_MANIFEST_WARNING =
+            "WARNING: Multiple MANIFEST.MF found. Treat JAR file as unsigned.";
+
     /* Are we debugging ? */
     static final Debug debug = Debug.getInstance("jar");
 

src/java.base/share/classes/java/util/zip/DeflaterOutputStream.java

@@ -41,6 +41,26 @@
  */
 public
 class DeflaterOutputStream extends FilterOutputStream {
+
+    /*
+     * The default size of the output buffer
+     */
+    static final int DEFAULT_BUF_SIZE = 512;
+
+    /*
+     * When calling Deflater.deflate() with Deflater.SYNC_FLUSH or Deflater.FULL_FLUSH,
+     * the callers are expected to ensure that the size of the buffer is greater than 6.
+     * This expectation comes from the underlying zlib library which in its zlib.h
+     * states:
+     * "If deflate returns with avail_out == 0, this function must be called again
+     * with the same value of the flush parameter and more output space (updated
+     * avail_out), until the flush is complete (deflate returns with non-zero
+     * avail_out). In the case of a Z_FULL_FLUSH or Z_SYNC_FLUSH, make sure that
+     * avail_out is greater than six when the flush marker begins, in order to avoid
+     * repeated flush markers upon calling deflate() again when avail_out == 0."
+     */
+    private static final int SYNC_FLUSH_MIN_BUF_SIZE = 7;
+
     /**
      * Compressor for this stream.
      */
@@ -124,7 +144,7 @@ public DeflaterOutputStream(OutputStream out, Deflater def, int size) {
     public DeflaterOutputStream(OutputStream out,
                                 Deflater def,
                                 boolean syncFlush) {
-        this(out, def, 512, syncFlush);
+        this(out, def, DEFAULT_BUF_SIZE, syncFlush);
     }
 
 
@@ -139,7 +159,7 @@ public DeflaterOutputStream(OutputStream out,
      * @param def the compressor ("deflater")
      */
     public DeflaterOutputStream(OutputStream out, Deflater def) {
-        this(out, def, 512, false);
+        this(out, def, DEFAULT_BUF_SIZE, false);
     }
 
     boolean usesDefaultDeflater = false;
@@ -159,7 +179,7 @@ public DeflaterOutputStream(OutputStream out, Deflater def) {
      * @since 1.7
      */
     public DeflaterOutputStream(OutputStream out, boolean syncFlush) {
-        this(out, new Deflater(), 512, syncFlush);
+        this(out, new Deflater(), DEFAULT_BUF_SIZE, syncFlush);
         usesDefaultDeflater = true;
     }
 
@@ -182,6 +202,7 @@ public DeflaterOutputStream(OutputStream out) {
      * @param b the byte to be written
      * @exception IOException if an I/O error has occurred
      */
+    @Override
     public void write(int b) throws IOException {
         byte[] buf = new byte[1];
         buf[0] = (byte)(b & 0xff);
@@ -196,6 +217,7 @@ public void write(int b) throws IOException {
      * @param len the length of the data
      * @exception IOException if an I/O error has occurred
      */
+    @Override
     public void write(byte[] b, int off, int len) throws IOException {
         if (def.finished()) {
             throw new IOException("write beyond end of stream");
@@ -239,6 +261,7 @@ public void finish() throws IOException {
      * underlying stream.
      * @exception IOException if an I/O error has occurred
      */
+    @Override
     public void close() throws IOException {
         if (!closed) {
             try {
@@ -278,13 +301,20 @@ protected void deflate() throws IOException {
      *
      * @since 1.7
      */
+    @Override
     public void flush() throws IOException {
         if (syncFlush && !def.finished()) {
             int len = 0;
-            while ((len = def.deflate(buf, 0, buf.length, Deflater.SYNC_FLUSH)) > 0)
-            {
-                out.write(buf, 0, len);
-                if (len < buf.length)
+            // For SYNC_FLUSH, the Deflater.deflate() expects the callers
+            // to use a buffer whose length is greater than 6 to avoid
+            // flush marker (5 bytes) being repeatedly output to the output buffer
+            // every time it is invoked.
+            final byte[] flushBuf = buf.length < SYNC_FLUSH_MIN_BUF_SIZE
+                    ? new byte[DEFAULT_BUF_SIZE]
+                    : buf;
+            while ((len = def.deflate(flushBuf, 0, flushBuf.length, Deflater.SYNC_FLUSH)) > 0) {
+                out.write(flushBuf, 0, len);
+                if (len < flushBuf.length)
                     break;
             }
         }

src/java.base/share/classes/java/util/zip/GZIPOutputStream.java

@@ -107,7 +107,7 @@ public GZIPOutputStream(OutputStream out, int size, boolean syncFlush)
      * @exception IOException If an I/O error has occurred.
      */
     public GZIPOutputStream(OutputStream out) throws IOException {
-        this(out, 512, false);
+        this(out, DeflaterOutputStream.DEFAULT_BUF_SIZE, false);
     }
 
     /**
@@ -129,7 +129,7 @@ public GZIPOutputStream(OutputStream out) throws IOException {
     public GZIPOutputStream(OutputStream out, boolean syncFlush)
         throws IOException
     {
-        this(out, 512, syncFlush);
+        this(out, DeflaterOutputStream.DEFAULT_BUF_SIZE, syncFlush);
     }
 
     /**