JDK14/Java14源码在线阅读

JDK14/Java14源码在线阅读 / jdk.jfr / share / classes / jdk / jfr / internal / WriteableUserPath.java
/*
 * Copyright (c) 2016, 2018, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.  Oracle designates this
 * particular file as subject to the "Classpath" exception as provided
 * by Oracle in the LICENSE file that accompanied this code.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 * or visit www.oracle.com if you need additional information or have any
 * questions.
 */

package jdk.jfr.internal;

import java.io.BufferedWriter;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Path;
import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.PrivilegedExceptionAction;
import java.util.concurrent.Callable;

/**
 * Purpose of this class is to simplify analysis of security risks.
 * <p>
 * Paths in the public API should be wrapped in this class so we
 * at all time know what kind of paths we are dealing with.
 * <p>
 * A user supplied path must never be used in an unsafe context, such as a
 * shutdown hook or any other thread created by JFR.
 * <p>
 * All operation using this path must happen in {@link #doPriviligedIO(Callable)}
 */
public final class WriteableUserPath {
    private final AccessControlContext controlContext;
    private final Path original;
    private final Path real;
    private final String realPathText;
    private final String originalText;

    // Not to ensure security, but to help
    // against programming errors
    private volatile boolean inPrivileged;

    public WriteableUserPath(Path path) throws IOException {
        controlContext = AccessController.getContext();
        // verify that the path is writeable
        if (Files.exists(path) && !Files.isWritable(path)) {
            // throw same type of exception as FileOutputStream
            // constructor, if file can't be opened.
            throw new FileNotFoundException("Could not write to file: " + path.toAbsolutePath());
        }
        // will throw if non-writeable
        BufferedWriter fw = Files.newBufferedWriter(path);
        fw.close();
        this.original = path;
        this.originalText = path.toString();
        this.real = path.toRealPath();
        this.realPathText = real.toString();
    }

    /**
     * Returns a potentially malicious path where the user may have implemented
     * their own version of Path. This method should never be called in an
     * unsafe context and the Path value should never be passed along to other
     * methods.
     *
     * @return path from a potentially malicious user
     */
    public Path getPotentiallyMaliciousOriginal() {
        return original;
    }

    /**
     * Returns a string representation of the real path.
     *
     * @return path as text
     */
    public String getRealPathText() {
        return realPathText;
    }

    /**
     * Returns a string representation of the original path.
     *
     * @return path as text
     */
    public String getOriginalText() {
        return originalText;
    }


    /**
     * Returns a potentially malicious path where the user may have implemented
     * their own version of Path. This method should never be called in an
     * unsafe context and the Path value should never be passed along to other
     * methods.
     *
     * @return path from a potentially malicious user
     */
    public Path getReal() {
        if (!inPrivileged) {
            throw new InternalError("A user path was accessed outside the context it was supplied in");
        }
        return real;
    }

    public void doPriviligedIO(Callable<?> function) throws IOException {
        try {
            inPrivileged = true;

/**代码未完, 请加载全部代码(NowJava.com).**/
展开阅读全文

关注时代Java

关注时代Java