11/*
2- * Copyright (c) 1997, 2017 , Oracle and/or its affiliates. All rights reserved.
2+ * Copyright (c) 1997, 2022 , Oracle and/or its affiliates. All rights reserved.
33 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
44 *
55 * This code is free software; you can redistribute it and/or modify it
@@ -151,7 +151,7 @@ public final class UnresolvedPermission extends Permission
151151 * Each chain is ordered bottom-to-top (i.e., with the signer certificate
152152 * first and the (root) certificate authority last). The signer
153153 * certificates are copied from the array. Subsequent changes to
154- * the array will not affect this UnsolvedPermission .
154+ * the array will not affect this UnresolvedPermission .
155155 */
156156 public UnresolvedPermission (String type ,
157157 String name ,
@@ -163,59 +163,63 @@ public UnresolvedPermission(String type,
163163 if (type == null )
164164 throw new NullPointerException ("type can't be null" );
165165
166+ // Perform a defensive copy and reassign certs if we have a non-null
167+ // reference
168+ if (certs != null ) {
169+ certs = certs .clone ();
170+ }
171+
166172 this .type = type ;
167173 this .name = name ;
168174 this .actions = actions ;
175+
169176 if (certs != null ) {
170177 // Extract the signer certs from the list of certificates.
171- for (int i = 0 ; i < certs .length ; i ++) {
178+ for (int i = 0 ; i < certs .length ; i ++) {
172179 if (!(certs [i ] instanceof X509Certificate )) {
173180 // there is no concept of signer certs, so we store the
174- // entire cert array
175- this .certs = certs . clone () ;
176- break ;
181+ // entire cert array. No further processing is necessary.
182+ this .certs = certs ;
183+ return ;
177184 }
178185 }
179186
180- if (this .certs == null ) {
181- // Go through the list of certs and see if all the certs are
182- // signer certs.
183- int i = 0 ;
184- int count = 0 ;
185- while (i < certs .length ) {
186- count ++;
187- while (((i +1 ) < certs .length ) &&
188- ((X509Certificate )certs [i ]).getIssuerDN ().equals (
189- ((X509Certificate )certs [i +1 ]).getSubjectDN ())) {
190- i ++;
191- }
187+ // Go through the list of certs and see if all the certs are
188+ // signer certs.
189+ int i = 0 ;
190+ int count = 0 ;
191+ while (i < certs .length ) {
192+ count ++;
193+ while (((i + 1 ) < certs .length ) &&
194+ ((X509Certificate )certs [i ]).getIssuerDN ().equals (
195+ ((X509Certificate )certs [i + 1 ]).getSubjectDN ())) {
192196 i ++;
193197 }
194- if (count == certs .length ) {
195- // All the certs are signer certs, so we store the entire
196- // array
197- this .certs = certs .clone ();
198- }
198+ i ++;
199+ }
200+ if (count == certs .length ) {
201+ // All the certs are signer certs, so we store the entire
202+ // array. No further processing is needed.
203+ this .certs = certs ;
204+ return ;
205+ }
199206
200- if (this .certs == null ) {
201- // extract the signer certs
202- ArrayList <java .security .cert .Certificate > signerCerts =
203- new ArrayList <>();
204- i = 0 ;
205- while (i < certs .length ) {
206- signerCerts .add (certs [i ]);
207- while (((i +1 ) < certs .length ) &&
208- ((X509Certificate )certs [i ]).getIssuerDN ().equals (
209- ((X509Certificate )certs [i +1 ]).getSubjectDN ())) {
210- i ++;
211- }
212- i ++;
213- }
214- this .certs =
215- new java .security .cert .Certificate [signerCerts .size ()];
216- signerCerts .toArray (this .certs );
207+ // extract the signer certs
208+ ArrayList <java .security .cert .Certificate > signerCerts =
209+ new ArrayList <>();
210+ i = 0 ;
211+ while (i < certs .length ) {
212+ signerCerts .add (certs [i ]);
213+ while (((i + 1 ) < certs .length ) &&
214+ ((X509Certificate )certs [i ]).getIssuerDN ().equals (
215+ ((X509Certificate )certs [i + 1 ]).getSubjectDN ())) {
216+ i ++;
217217 }
218+ i ++;
218219 }
220+ this .certs =
221+ new java .security .cert .Certificate [signerCerts .size ()];
222+ signerCerts .toArray (this .certs );
219223 }
220224 }
221225
@@ -308,6 +312,7 @@ Permission resolve(Permission p, java.security.cert.Certificate certs[]) {
308312 *
309313 * @return false.
310314 */
315+ @ Override
311316 public boolean implies (Permission p ) {
312317 return false ;
313318 }
@@ -328,6 +333,7 @@ public boolean implies(Permission p) {
328333 * type (class) name, permission name, actions, and
329334 * certificates as this object.
330335 */
336+ @ Override
331337 public boolean equals (Object obj ) {
332338 if (obj == this )
333339 return true ;
@@ -401,7 +407,7 @@ public boolean equals(Object obj) {
401407 *
402408 * @return a hash code value for this object.
403409 */
404-
410+ @ Override
405411 public int hashCode () {
406412 int hash = type .hashCode ();
407413 if (name != null )
@@ -421,6 +427,7 @@ public int hashCode() {
421427 *
422428 * @return the empty string "".
423429 */
430+ @ Override
424431 public String getActions ()
425432 {
426433 return "" ;
@@ -488,6 +495,7 @@ public java.security.cert.Certificate[] getUnresolvedCerts() {
488495 *
489496 * @return information about this UnresolvedPermission.
490497 */
498+ @ Override
491499 public String toString () {
492500 return "(unresolved " + type + " " + name + " " + actions + ")" ;
493501 }
@@ -499,7 +507,7 @@ public String toString() {
499507 * @return a new PermissionCollection object suitable for
500508 * storing UnresolvedPermissions.
501509 */
502-
510+ @ Override
503511 public PermissionCollection newPermissionCollection () {
504512 return new UnresolvedPermissionCollection ();
505513 }
0 commit comments