harmony-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Regis Xu (JIRA)" <j...@apache.org>
Subject [jira] Commented: (HARMONY-6093) [classlib][luni] Remove double security check in java.io.File
Date Fri, 17 Apr 2009 02:49:15 GMT

    [ https://issues.apache.org/jira/browse/HARMONY-6093?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12699989#action_12699989
] 

Regis Xu commented on HARMONY-6093:
-----------------------------------

sounds reasonable, I think we can do more than the patch:
<code>
Index: modules/luni/src/main/java/java/io/File.java
=====================================================================
--- modules/luni/src/main/java/java/io/File.java
+++ modules/luni/src/main/java/java/io/File.java
@@ -311,11 +311,15 @@ public class File implements Serializable, Comparable<File> {
      * @see java.lang.SecurityManager#checkRead(FileDescriptor)
      */
     public boolean canRead() {
+        if (path.length() == 0) {
+            return false;
+        }
         SecurityManager security = System.getSecurityManager();
         if (security != null) {
             security.checkRead(path);
         }
-        return exists() && !isWriteOnlyImpl(properPath(true));
+        byte[] pp = properPath(true);
+        return existsImpl(pp) && !isWriteOnlyImpl(pp);
     }
 
     /**
</code>

In this way we could avoid to duplicate invoking properPath(true). I will apply the above
patch.

> [classlib][luni] Remove double security check in java.io.File
> -------------------------------------------------------------
>
>                 Key: HARMONY-6093
>                 URL: https://issues.apache.org/jira/browse/HARMONY-6093
>             Project: Harmony
>          Issue Type: Bug
>    Affects Versions: 5.0M8
>            Reporter: deven you
>            Assignee: Regis Xu
>         Attachments: File.diff
>
>
> there is a double security check in java.io.File.canRead():
>    public boolean canRead() {
>         SecurityManager security = System.getSecurityManager();
>         if (security != null) {
>             security.checkRead(path);
>         }
>         return exists() && !isWriteOnlyImpl(properPath(true));
>     }
> in exists(), it already do the security check:
>    public boolean exists() {
>         if (path.length() == 0) {
>             return false;
>         }
>         SecurityManager security = System.getSecurityManager();
>         if (security != null) {
>             security.checkRead(path);
>         }
>         return existsImpl(properPath(true));
>     }

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message