diff --git a/make/conf/version-numbers.conf b/make/conf/version-numbers.conf index 2b871e10237..007d129eb8a 100644 --- a/make/conf/version-numbers.conf +++ b/make/conf/version-numbers.conf @@ -39,4 +39,4 @@ DEFAULT_VERSION_CLASSFILE_MINOR=0 DEFAULT_VERSION_DOCS_API_SINCE=11 DEFAULT_ACCEPTABLE_BOOT_VERSIONS="16 17" DEFAULT_JDK_SOURCE_TARGET_VERSION=17 -DEFAULT_PROMOTED_VERSION_PRE=ea +DEFAULT_PROMOTED_VERSION_PRE= diff --git a/src/hotspot/os/posix/signals_posix.cpp b/src/hotspot/os/posix/signals_posix.cpp index 120871e7958..9a27ddc9ae7 100644 --- a/src/hotspot/os/posix/signals_posix.cpp +++ b/src/hotspot/os/posix/signals_posix.cpp @@ -597,7 +597,7 @@ int JVM_HANDLE_XXX_SIGNAL(int sig, siginfo_t* info, if (!signal_was_handled) { // Handle SafeFetch access. #ifndef ZERO - if (uc != NULL) { + if ((sig == SIGSEGV || sig == SIGBUS) && uc != NULL) { address pc = os::Posix::ucontext_get_pc(uc); if (StubRoutines::is_safefetch_fault(pc)) { os::Posix::ucontext_set_pc(uc, StubRoutines::continuation_for_safefetch_fault(pc)); diff --git a/src/hotspot/os/posix/vmError_posix.cpp b/src/hotspot/os/posix/vmError_posix.cpp index 845dda67f75..d3c78e43cb7 100644 --- a/src/hotspot/os/posix/vmError_posix.cpp +++ b/src/hotspot/os/posix/vmError_posix.cpp @@ -77,19 +77,21 @@ static void crash_handler(int sig, siginfo_t* info, void* ucVoid) { } // Needed to make it possible to call SafeFetch.. APIs in error handling. - if (uc && pc && StubRoutines::is_safefetch_fault(pc)) { - os::Posix::ucontext_set_pc(uc, StubRoutines::continuation_for_safefetch_fault(pc)); - return; - } + if (sig == SIGSEGV || sig == SIGBUS) { + if (uc && pc && StubRoutines::is_safefetch_fault(pc)) { + os::Posix::ucontext_set_pc(uc, StubRoutines::continuation_for_safefetch_fault(pc)); + return; + } - // Needed because asserts may happen in error handling too. + // Needed because asserts may happen in error handling too. #ifdef CAN_SHOW_REGISTERS_ON_ASSERT - if ((sig == SIGSEGV || sig == SIGBUS) && info != NULL && info->si_addr == g_assert_poison) { - if (handle_assert_poison_fault(ucVoid, info->si_addr)) { - return; + if (info != NULL && info->si_addr == g_assert_poison) { + if (handle_assert_poison_fault(ucVoid, info->si_addr)) { + return; + } } - } #endif // CAN_SHOW_REGISTERS_ON_ASSERT + } VMError::report_and_die(NULL, sig, pc, info, ucVoid); } diff --git a/src/hotspot/share/jfr/recorder/checkpoint/jfrCheckpointManager.cpp b/src/hotspot/share/jfr/recorder/checkpoint/jfrCheckpointManager.cpp index 3fb3df0d7d7..4f78a60dfff 100644 --- a/src/hotspot/share/jfr/recorder/checkpoint/jfrCheckpointManager.cpp +++ b/src/hotspot/share/jfr/recorder/checkpoint/jfrCheckpointManager.cpp @@ -119,7 +119,9 @@ bool JfrCheckpointManager::initialize() { #ifdef ASSERT static void assert_lease(const BufferPtr buffer) { - assert(buffer != NULL, "invariant"); + if (buffer == nullptr) { + return; + } assert(buffer->acquired_by_self(), "invariant"); assert(buffer->lease(), "invariant"); } @@ -220,8 +222,9 @@ BufferPtr JfrCheckpointManager::flush(BufferPtr old, size_t used, size_t request return NULL; } BufferPtr new_buffer = lease(old, thread, used + requested); - assert(new_buffer != NULL, "invariant"); - migrate_outstanding_writes(old, new_buffer, used, requested); + if (new_buffer != nullptr) { + migrate_outstanding_writes(old, new_buffer, used, requested); + } retire(old); return new_buffer; } diff --git a/src/hotspot/share/jfr/recorder/storage/jfrBuffer.cpp b/src/hotspot/share/jfr/recorder/storage/jfrBuffer.cpp index 838d126c00a..87498b12aec 100644 --- a/src/hotspot/share/jfr/recorder/storage/jfrBuffer.cpp +++ b/src/hotspot/share/jfr/recorder/storage/jfrBuffer.cpp @@ -35,13 +35,15 @@ JfrBuffer::JfrBuffer() : _next(NULL), _size(0), _header_size(0), _flags(0), - _context(0) {} + _context(0) + LP64_ONLY(COMMA _pad(0)) {} bool JfrBuffer::initialize(size_t header_size, size_t size) { assert(_next == NULL, "invariant"); assert(_identity == NULL, "invariant"); - _header_size = (u2)header_size; - _size = (u4)(size / BytesPerWord); + assert(header_size <= max_jushort, "invariant"); + _header_size = static_cast(header_size); + _size = size; set_pos(start()); set_top(start()); assert(free_size() == size, "invariant"); diff --git a/src/hotspot/share/jfr/recorder/storage/jfrBuffer.hpp b/src/hotspot/share/jfr/recorder/storage/jfrBuffer.hpp index 120c7311321..d8356e3e78f 100644 --- a/src/hotspot/share/jfr/recorder/storage/jfrBuffer.hpp +++ b/src/hotspot/share/jfr/recorder/storage/jfrBuffer.hpp @@ -70,10 +70,11 @@ class JfrBuffer { const void* _identity; u1* _pos; mutable const u1* _top; - u4 _size; + size_t _size; u2 _header_size; u1 _flags; u1 _context; + LP64_ONLY(const u4 _pad;) const u1* stable_top() const; @@ -125,7 +126,7 @@ class JfrBuffer { void release_critical_section_top(const u1* new_top); size_t size() const { - return _size * BytesPerWord; + return _size; } size_t total_size() const { diff --git a/src/hotspot/share/jfr/recorder/storage/jfrMemorySpace.inline.hpp b/src/hotspot/share/jfr/recorder/storage/jfrMemorySpace.inline.hpp index dde81d9c188..81562a4b672 100644 --- a/src/hotspot/share/jfr/recorder/storage/jfrMemorySpace.inline.hpp +++ b/src/hotspot/share/jfr/recorder/storage/jfrMemorySpace.inline.hpp @@ -202,16 +202,24 @@ inline bool JfrMemorySpace< Client, RetrievalPolicy, FreeListType, FullListType, // allocations are even multiples of the mspace min size static inline size_t align_allocation_size(size_t requested_size, size_t min_element_size) { + if (requested_size > static_cast(min_intx)) { + assert(false, "requested size: " SIZE_FORMAT " is too large", requested_size); + return 0; + } u8 alloc_size_bytes = min_element_size; while (requested_size > alloc_size_bytes) { alloc_size_bytes <<= 1; } - return (size_t)alloc_size_bytes; + assert(alloc_size_bytes <= static_cast(min_intx), "invariant"); + return static_cast(alloc_size_bytes); } template class RetrievalPolicy, typename FreeListType, typename FullListType, bool epoch_aware> inline typename FreeListType::NodePtr JfrMemorySpace::allocate(size_t size) { const size_t aligned_size_bytes = align_allocation_size(size, _min_element_size); + if (aligned_size_bytes == 0) { + return NULL; + } void* const allocation = JfrCHeapObj::new_array(aligned_size_bytes + sizeof(Node)); if (allocation == NULL) { return NULL; diff --git a/src/hotspot/share/jfr/writers/jfrWriterHost.inline.hpp b/src/hotspot/share/jfr/writers/jfrWriterHost.inline.hpp index e09a574e63a..6afa7e446c4 100644 --- a/src/hotspot/share/jfr/writers/jfrWriterHost.inline.hpp +++ b/src/hotspot/share/jfr/writers/jfrWriterHost.inline.hpp @@ -73,6 +73,7 @@ template inline void WriterHost::write(const T* value, size_t len) { assert(value != NULL, "invariant"); assert(len > 0, "invariant"); + assert(len <= max_jint, "invariant"); // Might need T + 1 size u1* const pos = ensure_size(sizeof(T) * len + len); if (pos) { @@ -125,8 +126,9 @@ template inline void WriterHost::be_write(const T* value, size_t len) { assert(value != NULL, "invariant"); assert(len > 0, "invariant"); - // Might need T + 1 size - u1* const pos = ensure_size(sizeof(T) * len + len); + assert(len <= max_jint, "invariant"); + // Big endian writes map one-to-one for length, so no extra space is needed. + u1* const pos = ensure_size(sizeof(T) * len); if (pos) { this->set_current_pos(BE::be_write(value, len, pos)); } diff --git a/src/java.base/share/classes/com/sun/crypto/provider/DHKeyPairGenerator.java b/src/java.base/share/classes/com/sun/crypto/provider/DHKeyPairGenerator.java index 3399cc5a3a8..cd11b3ab496 100644 --- a/src/java.base/share/classes/com/sun/crypto/provider/DHKeyPairGenerator.java +++ b/src/java.base/share/classes/com/sun/crypto/provider/DHKeyPairGenerator.java @@ -34,6 +34,7 @@ import sun.security.provider.ParameterCache; import static sun.security.util.SecurityProviderConstants.DEF_DH_KEY_SIZE; +import static sun.security.util.SecurityProviderConstants.getDefDHPrivateExpSize; /** * This class represents the key pair generator for Diffie-Hellman key pairs. @@ -60,9 +61,6 @@ public final class DHKeyPairGenerator extends KeyPairGeneratorSpi { // The size in bits of the prime modulus private int pSize; - // The size in bits of the random exponent (private value) - private int lSize; - // The source of randomness private SecureRandom random; @@ -71,7 +69,8 @@ public DHKeyPairGenerator() { initialize(DEF_DH_KEY_SIZE, null); } - private static void checkKeySize(int keysize) + // pkg private; used by DHParameterGenerator class as well + static void checkKeySize(int keysize, int expSize) throws InvalidParameterException { if ((keysize < 512) || (keysize > 8192) || ((keysize & 0x3F) != 0)) { @@ -80,6 +79,13 @@ private static void checkKeySize(int keysize) "from 512 to 8192 (inclusive). " + "The specific key size " + keysize + " is not supported"); } + + // optional, could be 0 if not specified + if ((expSize < 0) || (expSize > keysize)) { + throw new InvalidParameterException + ("Exponent size must be positive and no larger than" + + " modulus size"); + } } /** @@ -91,21 +97,17 @@ private static void checkKeySize(int keysize) * @param random the source of randomness */ public void initialize(int keysize, SecureRandom random) { - checkKeySize(keysize); + checkKeySize(keysize, 0); - // Use the built-in parameters (ranging from 512 to 8192) - // when available. - this.params = ParameterCache.getCachedDHParameterSpec(keysize); - - // Due to performance issue, only support DH parameters generation - // up to 1024 bits. - if ((this.params == null) && (keysize > 1024)) { - throw new InvalidParameterException( - "Unsupported " + keysize + "-bit DH parameter generation"); + try { + // Use the built-in parameters (ranging from 512 to 8192) + // when available. + this.params = ParameterCache.getDHParameterSpec(keysize, random); + } catch (GeneralSecurityException e) { + throw new InvalidParameterException(e.getMessage()); } this.pSize = keysize; - this.lSize = 0; this.random = random; } @@ -130,22 +132,13 @@ public void initialize(AlgorithmParameterSpec algParams, ("Inappropriate parameter type"); } - params = (DHParameterSpec)algParams; + params = (DHParameterSpec) algParams; pSize = params.getP().bitLength(); try { - checkKeySize(pSize); + checkKeySize(pSize, params.getL()); } catch (InvalidParameterException ipe) { throw new InvalidAlgorithmParameterException(ipe.getMessage()); } - - // exponent size is optional, could be 0 - lSize = params.getL(); - - // Require exponentSize < primeSize - if ((lSize != 0) && (lSize > pSize)) { - throw new InvalidAlgorithmParameterException - ("Exponent size must not be larger than modulus size"); - } this.random = random; } @@ -159,24 +152,12 @@ public KeyPair generateKeyPair() { random = SunJCE.getRandom(); } - if (params == null) { - try { - params = ParameterCache.getDHParameterSpec(pSize, random); - } catch (GeneralSecurityException e) { - // should never happen - throw new ProviderException(e); - } - } - BigInteger p = params.getP(); BigInteger g = params.getG(); - if (lSize <= 0) { - lSize = pSize >> 1; - // use an exponent size of (pSize / 2) but at least 384 bits - if (lSize < 384) { - lSize = 384; - } + int lSize = params.getL(); + if (lSize == 0) { // not specified; use our own default + lSize = getDefDHPrivateExpSize(params); } BigInteger x; diff --git a/src/java.base/share/classes/com/sun/crypto/provider/DHParameterGenerator.java b/src/java.base/share/classes/com/sun/crypto/provider/DHParameterGenerator.java index 293dfd895a3..5dd30ced4ff 100644 --- a/src/java.base/share/classes/com/sun/crypto/provider/DHParameterGenerator.java +++ b/src/java.base/share/classes/com/sun/crypto/provider/DHParameterGenerator.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -59,7 +59,7 @@ public final class DHParameterGenerator extends AlgorithmParameterGeneratorSpi { // The source of randomness private SecureRandom random = null; - private static void checkKeySize(int keysize) + private static void checkSupport(int keysize, int exponentSize) throws InvalidParameterException { boolean supported = ((keysize == 2048) || (keysize == 3072) || @@ -67,9 +67,13 @@ private static void checkKeySize(int keysize) if (!supported) { throw new InvalidParameterException( - "DH key size must be multiple of 64 and range " + + "Supported DH key size must be multiple of 64 and range " + "from 512 to 1024 (inclusive), or 2048, 3072. " + - "The specific key size " + keysize + " is not supported"); + "The specified key size " + keysize + " is not supported"); + } + + if (exponentSize != 0) { + DHKeyPairGenerator.checkKeySize(keysize, exponentSize); } } @@ -83,7 +87,8 @@ private static void checkKeySize(int keysize) */ @Override protected void engineInit(int keysize, SecureRandom random) { - checkKeySize(keysize); + checkSupport(keysize, 0); + this.primeSize = keysize; this.random = random; } @@ -108,21 +113,17 @@ protected void engineInit(AlgorithmParameterSpec genParamSpec, ("Inappropriate parameter type"); } - DHGenParameterSpec dhParamSpec = (DHGenParameterSpec)genParamSpec; - primeSize = dhParamSpec.getPrimeSize(); - exponentSize = dhParamSpec.getExponentSize(); - if ((exponentSize <= 0) || (exponentSize >= primeSize)) { - throw new InvalidAlgorithmParameterException( - "Exponent size (" + exponentSize + - ") must be positive and less than modulus size (" + - primeSize + ")"); - } + DHGenParameterSpec dhParamSpec = (DHGenParameterSpec) genParamSpec; + int primeSize = dhParamSpec.getPrimeSize(); + int exponentSize = dhParamSpec.getExponentSize(); try { - checkKeySize(primeSize); + checkSupport(primeSize, exponentSize); } catch (InvalidParameterException ipe) { throw new InvalidAlgorithmParameterException(ipe.getMessage()); } + this.primeSize = primeSize; + this.exponentSize = exponentSize; this.random = random; } diff --git a/src/java.base/share/classes/java/net/InetAddress.java b/src/java.base/share/classes/java/net/InetAddress.java index 6a1a7ea2d9c..a7b57a15f2f 100644 --- a/src/java.base/share/classes/java/net/InetAddress.java +++ b/src/java.base/share/classes/java/net/InetAddress.java @@ -1360,6 +1360,10 @@ private static InetAddress[] getAllByName(String host, InetAddress reqAddr) InetAddress[] ret = new InetAddress[1]; if(addr != null) { if (addr.length == Inet4Address.INADDRSZ) { + if (numericZone != -1 || ifname != null) { + // IPv4-mapped address must not contain zone-id + throw new UnknownHostException(host + ": invalid IPv4-mapped address"); + } ret[0] = new Inet4Address(null, addr); } else { if (ifname != null) { @@ -1404,22 +1408,23 @@ private static int checkNumericZone (String s) throws UnknownHostException { int percent = s.indexOf ('%'); int slen = s.length(); int digit, zone=0; + int multmax = Integer.MAX_VALUE / 10; // for int overflow detection if (percent == -1) { return -1; } for (int i=percent+1; i multmax) { return -1; } zone = (zone * 10) + digit; + if (zone < 0) { + return -1; + } + } return zone; } diff --git a/src/java.base/share/classes/sun/net/util/IPAddressUtil.java b/src/java.base/share/classes/sun/net/util/IPAddressUtil.java index efa68069f13..7edb843699f 100644 --- a/src/java.base/share/classes/sun/net/util/IPAddressUtil.java +++ b/src/java.base/share/classes/sun/net/util/IPAddressUtil.java @@ -785,7 +785,7 @@ private static boolean isHexFieldStart(CharBuffer cb) { } // Parse ASCII digit in given radix - private static int parseAsciiDigit(char c, int radix) { + public static int parseAsciiDigit(char c, int radix) { assert radix == OCTAL || radix == DECIMAL || radix == HEXADECIMAL; if (radix == HEXADECIMAL) { return parseAsciiHexDigit(c); diff --git a/src/java.base/share/classes/sun/security/provider/ParameterCache.java b/src/java.base/share/classes/sun/security/provider/ParameterCache.java index 93859701646..3743066edc0 100644 --- a/src/java.base/share/classes/sun/security/provider/ParameterCache.java +++ b/src/java.base/share/classes/sun/security/provider/ParameterCache.java @@ -34,6 +34,7 @@ import java.security.spec.*; import javax.crypto.spec.DHParameterSpec; +import sun.security.util.SafeDHParameterSpec; /** * Cache for DSA and DH parameter specs. Used by the KeyPairGenerators @@ -55,6 +56,26 @@ private ParameterCache() { // cache of DH parameters private static final Map dhCache; + // convert DHParameterSpec to SafeDHParameterSpec if its parameters are + // safe primes; validation takes time but should be worthwhile for the + // parameter cache since the parameters may be reused many times. + private static DHParameterSpec makeSafe(DHParameterSpec spec) { + if (spec instanceof SafeDHParameterSpec) { + return spec; + } + + BigInteger p = spec.getP(); + BigInteger g = spec.getG(); + + boolean isSafe = (g.equals(BigInteger.TWO) && p.testBit(0) && + p.shiftRight(1).isProbablePrime(100)); + if (isSafe) { + return new SafeDHParameterSpec(p, g, spec.getL()); + } else { + return spec; + } + } + /** * Return cached DSA parameters for the given length combination of * prime and subprime, or null if none are available in the cache. @@ -74,7 +95,7 @@ public static DSAParameterSpec getCachedDSAParameterSpec(int primeLen, * are available in the cache. */ public static DHParameterSpec getCachedDHParameterSpec(int keyLength) { - return dhCache.get(Integer.valueOf(keyLength)); + return dhCache.get(keyLength); } /** @@ -132,7 +153,7 @@ public static DHParameterSpec getDHParameterSpec(int keyLength, gen.init(keyLength, random); AlgorithmParameters params = gen.generateParameters(); spec = params.getParameterSpec(DHParameterSpec.class); - dhCache.put(Integer.valueOf(keyLength), spec); + dhCache.put(keyLength, makeSafe(spec)); return spec; } @@ -394,6 +415,12 @@ public static DSAParameterSpec getNewDSAParameterSpec(int primeLen, // the common generator BigInteger dhG = BigInteger.TWO; + // Self generated following the approach from RFC 2412 Appendix E but + // using random source instead of binary expansion of pi + BigInteger dhP512 = new BigInteger( + "FFFFFFFFFFFFFFFF8B479B3A6E8DE86C294188F0BF2CD86C" + + "DB950ADB36D0F61FD51E46F69C99ED95ABE5A7BBB230A6ED" + + "1D0B4506B5317284FFFFFFFFFFFFFFFF", 16); // // From RFC 7296 @@ -562,16 +589,18 @@ public static DSAParameterSpec getNewDSAParameterSpec(int primeLen, "9558E4475677E9AA9E3050E2765694DFC81F56E880B96E71" + "60C980DD98EDD3DFFFFFFFFFFFFFFFFF", 16); - // use DSA parameters for DH for sizes not defined in RFC 7296, 3526 - dhCache.put(Integer.valueOf(512), new DHParameterSpec(p512, g512)); - - dhCache.put(Integer.valueOf(768), new DHParameterSpec(dhP768, dhG)); - dhCache.put(Integer.valueOf(1024), new DHParameterSpec(dhP1024, dhG)); - dhCache.put(Integer.valueOf(1536), new DHParameterSpec(dhP1536, dhG)); - dhCache.put(Integer.valueOf(2048), new DHParameterSpec(dhP2048, dhG)); - dhCache.put(Integer.valueOf(3072), new DHParameterSpec(dhP3072, dhG)); - dhCache.put(Integer.valueOf(4096), new DHParameterSpec(dhP4096, dhG)); - dhCache.put(Integer.valueOf(6144), new DHParameterSpec(dhP6144, dhG)); - dhCache.put(Integer.valueOf(8192), new DHParameterSpec(dhP8192, dhG)); + // self-generated safe prime + dhCache.put(512, new SafeDHParameterSpec(dhP512, dhG)); + + // from RFC 7296 + dhCache.put(768, new SafeDHParameterSpec(dhP768, dhG)); + dhCache.put(1024, new SafeDHParameterSpec(dhP1024, dhG)); + // from RFC 3526 + dhCache.put(1536, new SafeDHParameterSpec(dhP1536, dhG)); + dhCache.put(2048, new SafeDHParameterSpec(dhP2048, dhG)); + dhCache.put(3072, new SafeDHParameterSpec(dhP3072, dhG)); + dhCache.put(4096, new SafeDHParameterSpec(dhP4096, dhG)); + dhCache.put(6144, new SafeDHParameterSpec(dhP6144, dhG)); + dhCache.put(8192, new SafeDHParameterSpec(dhP8192, dhG)); } } diff --git a/src/java.base/share/classes/sun/security/ssl/ClientHello.java b/src/java.base/share/classes/sun/security/ssl/ClientHello.java index b75491def4c..be06d5b9024 100644 --- a/src/java.base/share/classes/sun/security/ssl/ClientHello.java +++ b/src/java.base/share/classes/sun/security/ssl/ClientHello.java @@ -1379,25 +1379,30 @@ public void consume(ConnectionContext context, shc.resumingSession = resumingSession ? previous : null; } - HelloCookieManager hcm = - shc.sslContext.getHelloCookieManager(ProtocolVersion.DTLS10); - if (!shc.isResumption && - !hcm.isCookieValid(shc, clientHello, clientHello.cookie)) { - // - // Perform cookie exchange for DTLS handshaking if no cookie - // or the cookie is invalid in the ClientHello message. - // - // update the responders - shc.handshakeProducers.put( - SSLHandshake.HELLO_VERIFY_REQUEST.id, - SSLHandshake.HELLO_VERIFY_REQUEST); - // - // produce response handshake message - // - SSLHandshake.HELLO_VERIFY_REQUEST.produce(context, clientHello); + // We will by default exchange DTLS cookies for all handshakes + // (new and resumed) unless jdk.tls.enableDtlsResumeCookie=false. + // The property only affects the cookie exchange for resumption. + if (!shc.isResumption || SSLConfiguration.enableDtlsResumeCookie) { + HelloCookieManager hcm = + shc.sslContext.getHelloCookieManager(ProtocolVersion.DTLS10); + if (!hcm.isCookieValid(shc, clientHello, clientHello.cookie)) { + // + // Perform cookie exchange for DTLS handshaking if no cookie + // or the cookie is invalid in the ClientHello message. + // + // update the responders + shc.handshakeProducers.put( + SSLHandshake.HELLO_VERIFY_REQUEST.id, + SSLHandshake.HELLO_VERIFY_REQUEST); + + // + // produce response handshake message + // + SSLHandshake.HELLO_VERIFY_REQUEST.produce(context, clientHello); - return; + return; + } } // cache the client random number for further using diff --git a/src/java.base/share/classes/sun/security/ssl/PredefinedDHParameterSpecs.java b/src/java.base/share/classes/sun/security/ssl/PredefinedDHParameterSpecs.java index 54d8cf055c6..7774edc9908 100644 --- a/src/java.base/share/classes/sun/security/ssl/PredefinedDHParameterSpecs.java +++ b/src/java.base/share/classes/sun/security/ssl/PredefinedDHParameterSpecs.java @@ -33,6 +33,7 @@ import java.util.regex.Matcher; import java.util.regex.Pattern; import javax.crypto.spec.DHParameterSpec; +import sun.security.util.SafeDHParameterSpec; /** * Predefined default DH ephemeral parameters. @@ -280,8 +281,8 @@ public String run() { String baseGenerator = paramsFinder.group(2); BigInteger g = new BigInteger(baseGenerator, 16); - DHParameterSpec spec = new DHParameterSpec(p, g); int primeLen = p.bitLength(); + DHParameterSpec spec = new DHParameterSpec(p, g); defaultParams.put(primeLen, spec); } } else if (SSLLogger.isOn && SSLLogger.isOn("sslctx")) { @@ -293,7 +294,7 @@ public String run() { Map tempFFDHEs = new HashMap<>(); for (BigInteger p : ffdhePrimes) { int primeLen = p.bitLength(); - DHParameterSpec dhps = new DHParameterSpec(p, BigInteger.TWO); + DHParameterSpec dhps = new SafeDHParameterSpec(p, BigInteger.TWO); tempFFDHEs.put(primeLen, dhps); defaultParams.putIfAbsent(primeLen, dhps); } @@ -301,8 +302,8 @@ public String run() { for (BigInteger p : supportedPrimes) { int primeLen = p.bitLength(); if (defaultParams.get(primeLen) == null) { - defaultParams.put(primeLen, - new DHParameterSpec(p, BigInteger.TWO)); + defaultParams.put(primeLen, new SafeDHParameterSpec(p, + BigInteger.TWO)); } } diff --git a/src/java.base/share/classes/sun/security/ssl/SSLConfiguration.java b/src/java.base/share/classes/sun/security/ssl/SSLConfiguration.java index d267c2e6b46..e44f4a25e27 100644 --- a/src/java.base/share/classes/sun/security/ssl/SSLConfiguration.java +++ b/src/java.base/share/classes/sun/security/ssl/SSLConfiguration.java @@ -113,6 +113,9 @@ final class SSLConfiguration implements Cloneable { static final int maxCertificateChainLength = GetIntegerAction.privilegedGetProperty( "jdk.tls.maxCertificateChainLength", 10); + static final boolean enableDtlsResumeCookie = Utilities.getBooleanProperty( + "jdk.tls.enableDtlsResumeCookie", true); + // Is the extended_master_secret extension supported? static { boolean supportExtendedMasterSecret = Utilities.getBooleanProperty( diff --git a/src/java.base/share/classes/sun/security/util/SafeDHParameterSpec.java b/src/java.base/share/classes/sun/security/util/SafeDHParameterSpec.java new file mode 100644 index 00000000000..6d95b9f498d --- /dev/null +++ b/src/java.base/share/classes/sun/security/util/SafeDHParameterSpec.java @@ -0,0 +1,45 @@ +/* + * Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Oracle designates this + * particular file as subject to the "Classpath" exception as provided + * by Oracle in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +package sun.security.util; + +import java.math.BigInteger; +import javax.crypto.spec.DHParameterSpec; + +/** + * Internal marker class for well-known safe DH parameters. It should + * only be used with trusted callers since it does not have all the needed + * values for validation. + */ + +public final class SafeDHParameterSpec extends DHParameterSpec { + public SafeDHParameterSpec(BigInteger p, BigInteger g) { + super(p, g); + } + + public SafeDHParameterSpec(BigInteger p, BigInteger g, int l) { + super(p, g, l); + } +} diff --git a/src/java.base/share/classes/sun/security/util/SecurityProviderConstants.java b/src/java.base/share/classes/sun/security/util/SecurityProviderConstants.java index ed826dff24a..60620009d01 100644 --- a/src/java.base/share/classes/sun/security/util/SecurityProviderConstants.java +++ b/src/java.base/share/classes/sun/security/util/SecurityProviderConstants.java @@ -30,6 +30,7 @@ import java.util.regex.PatternSyntaxException; import java.security.InvalidParameterException; import java.security.ProviderException; +import javax.crypto.spec.DHParameterSpec; import sun.security.action.GetPropertyAction; /** @@ -105,6 +106,42 @@ public static final int getDefDSASubprimeSize(int primeSize) { } } + public static final int getDefDHPrivateExpSize(DHParameterSpec spec) { + + int dhGroupSize = spec.getP().bitLength(); + + if (spec instanceof SafeDHParameterSpec) { + // Known safe primes + // use 2*security strength as default private exponent size + // as in table 2 of NIST SP 800-57 part 1 rev 5, sec 5.6.1.1 + // and table 25 of NIST SP 800-56A rev 3, appendix D. + if (dhGroupSize >= 15360) { + return 512; + } else if (dhGroupSize >= 8192) { + return 400; + } else if (dhGroupSize >= 7680) { + return 384; + } else if (dhGroupSize >= 6144) { + return 352; + } else if (dhGroupSize >= 4096) { + return 304; + } else if (dhGroupSize >= 3072) { + return 256; + } else if (dhGroupSize >= 2048) { + return 224; + } else { + // min value for legacy key sizes + return 160; + } + } else { + // assume the worst and use groupSize/2 as private exp length + // up to 1024-bit and use the same minimum 384 as before + return Math.max((dhGroupSize >= 2048 ? 1024 : dhGroupSize >> 1), + 384); + } + + } + public static final int DEF_DSA_KEY_SIZE; public static final int DEF_RSA_KEY_SIZE; public static final int DEF_RSASSA_PSS_KEY_SIZE; diff --git a/src/java.base/share/native/libjava/jni_util.c b/src/java.base/share/native/libjava/jni_util.c index 6ee8a4228c4..3652e384e16 100644 --- a/src/java.base/share/native/libjava/jni_util.c +++ b/src/java.base/share/native/libjava/jni_util.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2021, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -885,6 +885,13 @@ getStringUTF8(JNIEnv *env, jstring jstr) } } + // Check `jint` overflow + if (rlen < 0) { + (*env)->ReleasePrimitiveArrayCritical(env, value, str, 0); + JNU_ThrowOutOfMemoryError(env, "requested array size exceeds VM limit"); + return NULL; + } + result = MALLOC_MIN4(rlen); if (result == NULL) { (*env)->ReleasePrimitiveArrayCritical(env, value, str, 0); diff --git a/src/java.desktop/share/classes/com/sun/imageio/plugins/bmp/BMPImageReader.java b/src/java.desktop/share/classes/com/sun/imageio/plugins/bmp/BMPImageReader.java index 29c40da43c3..4eeb8b06d9b 100644 --- a/src/java.desktop/share/classes/com/sun/imageio/plugins/bmp/BMPImageReader.java +++ b/src/java.desktop/share/classes/com/sun/imageio/plugins/bmp/BMPImageReader.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2021, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2022, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -630,25 +630,20 @@ else if (size == 124) iis.mark(); iis.skipBytes(profileData - size); - byte[] profile = new byte[profileSize]; - iis.readFully(profile, 0, profileSize); + byte[] profile = ReaderUtil. + staggeredReadByteStream(iis, profileSize); iis.reset(); - try { - if (metadata.colorSpace == PROFILE_LINKED && - isLinkedProfileAllowed() && - !isUncOrDevicePath(profile)) - { - String path = new String(profile, "windows-1252"); + if (metadata.colorSpace == PROFILE_LINKED && + isLinkedProfileAllowed()) + { + String path = new String(profile, "windows-1252"); - colorSpace = - new ICC_ColorSpace(ICC_Profile.getInstance(path)); - } else { - colorSpace = - new ICC_ColorSpace(ICC_Profile.getInstance(profile)); - } - } catch (Exception e) { - colorSpace = ColorSpace.getInstance(ColorSpace.CS_sRGB); + colorSpace = + new ICC_ColorSpace(ICC_Profile.getInstance(path)); + } else if (metadata.colorSpace == PROFILE_EMBEDDED) { + colorSpace = + new ICC_ColorSpace(ICC_Profile.getInstance(profile)); } } @@ -2063,73 +2058,20 @@ public void sequenceStarted(ImageReader src, int minIndex) {} public void readAborted(ImageReader src) {} } - private static Boolean isLinkedProfileDisabled = null; + private static Boolean isLinkedProfileAllowed = null; @SuppressWarnings("removal") private static boolean isLinkedProfileAllowed() { - if (isLinkedProfileDisabled == null) { - PrivilegedAction a = new PrivilegedAction() { - @Override - public Boolean run() { - return Boolean.getBoolean("sun.imageio.plugins.bmp.disableLinkedProfiles"); - } - }; - isLinkedProfileDisabled = AccessController.doPrivileged(a); - } - return !isLinkedProfileDisabled; - } - - private static Boolean isWindowsPlatform = null; - - /** - * Verifies whether the byte array contans a unc path. - * Non-UNC path examples: - * c:\path\to\file - simple notation - * \\?\c:\path\to\file - long notation - * - * UNC path examples: - * \\server\share - a UNC path in simple notation - * \\?\UNC\server\share - a UNC path in long notation - * \\.\some\device - a path to device. - */ - @SuppressWarnings("removal") - private static boolean isUncOrDevicePath(byte[] p) { - if (isWindowsPlatform == null) { + if (isLinkedProfileAllowed == null) { PrivilegedAction a = new PrivilegedAction() { @Override public Boolean run() { - String osname = System.getProperty("os.name"); - return (osname != null && - osname.toLowerCase().startsWith("win")); + return Boolean. + getBoolean("sun.imageio.bmp.enableLinkedProfiles"); } }; - isWindowsPlatform = AccessController.doPrivileged(a); - } - - if (!isWindowsPlatform) { - /* no need for the check on platforms except windows */ - return false; - } - - /* normalize prefix of the path */ - if (p[0] == '/') p[0] = '\\'; - if (p[1] == '/') p[1] = '\\'; - if (p[3] == '/') p[3] = '\\'; - - - if ((p[0] == '\\') && (p[1] == '\\')) { - if ((p[2] == '?') && (p[3] == '\\')) { - // long path: whether unc or local - return ((p[4] == 'U' || p[4] == 'u') && - (p[5] == 'N' || p[5] == 'n') && - (p[6] == 'C' || p[6] == 'c')); - } else { - // device path or short unc notation - return true; - } - } else { - return false; + isLinkedProfileAllowed = AccessController.doPrivileged(a); } + return isLinkedProfileAllowed; } } - diff --git a/src/java.desktop/share/classes/com/sun/media/sound/JARSoundbankReader.java b/src/java.desktop/share/classes/com/sun/media/sound/JARSoundbankReader.java index e01bc10cf39..16749e99b89 100644 --- a/src/java.desktop/share/classes/com/sun/media/sound/JARSoundbankReader.java +++ b/src/java.desktop/share/classes/com/sun/media/sound/JARSoundbankReader.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2007, 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2007, 2022, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -48,6 +48,13 @@ */ public final class JARSoundbankReader extends SoundbankReader { + /* + * Name of the system property that enables the Jar soundbank loading + * true if jar sound bank is allowed to be loaded + * default is false + */ + private final static String JAR_SOUNDBANK_ENABLED = "jdk.sound.jarsoundbank"; + private static boolean isZIP(URL url) { boolean ok = false; try { @@ -73,8 +80,10 @@ private static boolean isZIP(URL url) { @SuppressWarnings("deprecation") public Soundbank getSoundbank(URL url) throws InvalidMidiDataException, IOException { - if (!isZIP(url)) + Objects.requireNonNull(url); + if (!Boolean.getBoolean(JAR_SOUNDBANK_ENABLED) || !isZIP(url)) return null; + ArrayList soundbanks = new ArrayList<>(); URLClassLoader ucl = URLClassLoader.newInstance(new URL[]{url}); InputStream stream = ucl.getResourceAsStream( @@ -124,6 +133,7 @@ public Soundbank getSoundbank(InputStream stream) @Override public Soundbank getSoundbank(File file) throws InvalidMidiDataException, IOException { + Objects.requireNonNull(file); return getSoundbank(file.toURI().toURL()); } } diff --git a/src/java.desktop/share/classes/javax/swing/text/html/ObjectView.java b/src/java.desktop/share/classes/javax/swing/text/html/ObjectView.java index 67108a1ef5a..175ca18bfb6 100644 --- a/src/java.desktop/share/classes/javax/swing/text/html/ObjectView.java +++ b/src/java.desktop/share/classes/javax/swing/text/html/ObjectView.java @@ -91,13 +91,15 @@ protected Component createComponent() { String classname = (String) attr.getAttribute(HTML.Attribute.CLASSID); try { ReflectUtil.checkPackageAccess(classname); - Class c = Class.forName(classname, true,Thread.currentThread(). + Class c = Class.forName(classname, false,Thread.currentThread(). getContextClassLoader()); - Object o = c.newInstance(); - if (o instanceof Component) { - Component comp = (Component) o; - setParameters(comp, attr); - return comp; + if (Component.class.isAssignableFrom(c)) { + Object o = c.newInstance(); + if (o instanceof Component) { + Component comp = (Component) o; + setParameters(comp, attr); + return comp; + } } } catch (Throwable e) { // couldn't create a component... fall through to the diff --git a/src/java.desktop/windows/native/libawt/windows/awt_Font.cpp b/src/java.desktop/windows/native/libawt/windows/awt_Font.cpp index cef2e3d1046..3a63408294e 100644 --- a/src/java.desktop/windows/native/libawt/windows/awt_Font.cpp +++ b/src/java.desktop/windows/native/libawt/windows/awt_Font.cpp @@ -25,6 +25,7 @@ #include "awt.h" #include +#include #include "jlong.h" #include "awt_Font.h" #include "awt_Toolkit.h" @@ -287,7 +288,6 @@ AwtFont* AwtFont::Create(JNIEnv *env, jobject font, jint angle, jfloat awScale) return NULL; } LPCWSTR textComponentFontName = JNU_GetStringPlatformChars(env, jTextComponentFontName, NULL); - awtFont->m_textInput = -1; for (int i = 0; i < cfnum; i++) { // nativeName is a pair of platform fontname and its charset @@ -463,7 +463,7 @@ static HFONT CreateHFont_sub(LPCWSTR name, int style, int height, // Set font name WCHAR tmpname[80]; - wcscpy(tmpname, name); + StringCchCopy(tmpname, 80, name); WCHAR* delimit = wcschr(tmpname, L','); if (delimit != NULL) *delimit = L'\0'; // terminate the string after the font name. @@ -471,7 +471,7 @@ static HFONT CreateHFont_sub(LPCWSTR name, int style, int height, strip_tail(tmpname,L""); //strip possible trailing whitespace strip_tail(tmpname,L"Italic"); strip_tail(tmpname,L"Bold"); - wcscpy(&(logFont.lfFaceName[0]), tmpname); + StringCchCopy(&(logFont.lfFaceName[0]), LF_FACESIZE, tmpname); HFONT hFont = ::CreateFontIndirect(&logFont); DASSERT(hFont != NULL); // get a expanded or condensed version if its specified. @@ -502,7 +502,7 @@ HFONT AwtFont::CreateHFont(WCHAR* name, int style, int height, // 80 > (max face name(=30) + strlen("CHINESEBIG5_CHARSET")) // longName doesn't have to be printable. So, it is OK not to convert. - wsprintf(longName, L"%ls-%d-%d", name, style, height); + StringCchPrintf(longName, 80, L"%ls-%d-%d", name, style, height); HFONT hFont = NULL; @@ -1750,12 +1750,12 @@ LPSTR CCombinedSegTable::GetCodePageSubkey() lpszCP++; // cf lpszCP = "932" char szSubKey[KEYLEN]; - strcpy(szSubKey, "EUDC\\"); + StringCchCopyA(szSubKey, KEYLEN, "EUDC\\"); if ((strlen(szSubKey) + strlen(lpszCP)) >= KEYLEN) { return NULL; } - strcpy(&(szSubKey[strlen(szSubKey)]), lpszCP); - strcpy(m_szCodePageSubkey, szSubKey); + StringCchCatA(szSubKey, KEYLEN, lpszCP); + StringCchCopyA(m_szCodePageSubkey, KEYLEN, szSubKey); return m_szCodePageSubkey; } @@ -1780,7 +1780,7 @@ void CCombinedSegTable::GetEUDCFileName(LPWSTR lpszFileName, int cchFileName) // get EUDC font file name WCHAR szFamilyName[80]; - wcscpy(szFamilyName, GetFontName()); + StringCchCopy(szFamilyName, 80, GetFontName()); WCHAR* delimit = wcschr(szFamilyName, L','); if (delimit != NULL) *delimit = L'\0'; @@ -1799,7 +1799,7 @@ void CCombinedSegTable::GetEUDCFileName(LPWSTR lpszFileName, int cchFileName) if (m_fTTEUDCFileExist == FALSE) return; if (wcslen(m_szDefaultEUDCFile) > 0) { - wcscpy(lpszFileName, m_szDefaultEUDCFile); + StringCchCopy(lpszFileName, cchFileName, m_szDefaultEUDCFile); return; } char szDefault[] = "SystemDefaultEUDCFont"; @@ -1825,7 +1825,7 @@ void CCombinedSegTable::GetEUDCFileName(LPWSTR lpszFileName, int cchFileName) VERIFY(::MultiByteToWideChar(CP_ACP, 0, (LPCSTR)szFileName, -1, lpszFileName, cchFileName) != 0); if (fUseDefault) - wcscpy(m_szDefaultEUDCFile, lpszFileName); + StringCchCopy(m_szDefaultEUDCFile, _MAX_PATH, lpszFileName); } void CCombinedSegTable::Create(LPCWSTR name) diff --git a/src/java.desktop/windows/native/libawt/windows/awt_PrintJob.cpp b/src/java.desktop/windows/native/libawt/windows/awt_PrintJob.cpp index 9eec4d89b15..0fbb6b2bd00 100644 --- a/src/java.desktop/windows/native/libawt/windows/awt_PrintJob.cpp +++ b/src/java.desktop/windows/native/libawt/windows/awt_PrintJob.cpp @@ -24,6 +24,7 @@ */ #include "awt.h" +#include #include #include #include @@ -2408,7 +2409,7 @@ static jboolean jFontToWFontW(JNIEnv *env, HDC printDC, jstring fontName, size_t nameLen = wcslen(fontNameW); if (nameLen < (sizeof(lf.lfFaceName) / sizeof(lf.lfFaceName[0]))) { - wcscpy(lf.lfFaceName, fontNameW); + StringCchCopyW(lf.lfFaceName, LF_FACESIZE, fontNameW); lf.lfCharSet = DEFAULT_CHARSET; lf.lfPitchAndFamily = 0; diff --git a/src/java.desktop/windows/native/libfontmanager/fontpath.c b/src/java.desktop/windows/native/libfontmanager/fontpath.c index e4e7f944012..38925d71ca8 100644 --- a/src/java.desktop/windows/native/libfontmanager/fontpath.c +++ b/src/java.desktop/windows/native/libfontmanager/fontpath.c @@ -24,6 +24,7 @@ */ #include +#include #include #include @@ -63,20 +64,20 @@ JNIEXPORT jstring JNICALL Java_sun_awt_Win32FontManager_getFontPath(JNIEnv *env, end = strrchr(sysdir,'\\'); if (end && (stricmp(end,"\\System") || stricmp(end,"\\System32"))) { *end = 0; - strcat(sysdir, "\\Fonts"); + StringCchCatA(sysdir, BSIZE, "\\Fonts"); } GetWindowsDirectory(windir, BSIZE); if (strlen(windir) > BSIZE-7) { *windir = 0; } else { - strcat(windir, "\\Fonts"); + StringCchCatA(windir, BSIZE, "\\Fonts"); } - strcpy(fontpath,sysdir); + StringCchCopyA(fontpath, BSIZE*2, sysdir); if (stricmp(sysdir,windir)) { - strcat(fontpath,";"); - strcat(fontpath,windir); + StringCchCatA(fontpath, BSIZE*2, ";"); + StringCchCatA(fontpath, BSIZE*2, windir); } return JNU_NewStringPlatform(env, fontpath); @@ -152,7 +153,7 @@ static int DifferentFamily(wchar_t *family, wchar_t* fullName) { info.isDifferent = 0; memset(&lfw, 0, sizeof(lfw)); - wcscpy(lfw.lfFaceName, fullName); + StringCchCopyW(lfw.lfFaceName, LF_FACESIZE, fullName); lfw.lfCharSet = DEFAULT_CHARSET; EnumFontFamiliesExW(screenDC, &lfw, (FONTENUMPROCW)CheckFontFamilyProcW, @@ -349,7 +350,7 @@ static int CALLBACK EnumFamilyNamesW( } memset(&lfw, 0, sizeof(lfw)); - wcscpy(lfw.lfFaceName, lpelfe->elfLogFont.lfFaceName); + StringCchCopyW(lfw.lfFaceName, LF_FACESIZE, lpelfe->elfLogFont.lfFaceName); lfw.lfCharSet = lpelfe->elfLogFont.lfCharSet; EnumFontFamiliesExW(screenDC, &lfw, (FONTENUMPROCW)EnumFontFacesInFamilyProcW, @@ -653,7 +654,7 @@ Java_sun_awt_Win32FontManager_populateFontFileNameMap0 /* Enumerate fonts via GDI to build maps of fonts and families */ memset(&lfw, 0, sizeof(lfw)); lfw.lfCharSet = DEFAULT_CHARSET; /* all charsets */ - wcscpy(lfw.lfFaceName, L""); /* one face per family (CHECK) */ + StringCchCopyW(lfw.lfFaceName, LF_FACESIZE, L""); /* one face per family (CHECK) */ EnumFontFamiliesExW(screenDC, &lfw, (FONTENUMPROCW)EnumFamilyNamesW, (LPARAM)(&fmi), 0L); diff --git a/src/java.desktop/windows/native/libfontmanager/lcdglyph.c b/src/java.desktop/windows/native/libfontmanager/lcdglyph.c index ba6cb7fe568..18bf332d9b4 100644 --- a/src/java.desktop/windows/native/libfontmanager/lcdglyph.c +++ b/src/java.desktop/windows/native/libfontmanager/lcdglyph.c @@ -48,6 +48,7 @@ #include #include #include +#include #include #include @@ -236,7 +237,7 @@ Java_sun_font_FileFontStrike__1getGlyphImageFromWindows name[nameLen] = '\0'; if (nameLen < (sizeof(lf.lfFaceName) / sizeof(lf.lfFaceName[0]))) { - wcscpy(lf.lfFaceName, name); + StringCchCopyW(lf.lfFaceName, LF_FACESIZE, name); } else { FREE_AND_RETURN; }