Merge

Reviewed-by: mikael

.jcheck/conf

@@ -1,6 +1,7 @@
 [general]
 project=jdk
 jbs=JDK
+version=18.0.1
 
 [checks]
 error=author,committer,reviewers,merge,issues,executable,symlink,message,hg-tag,whitespace,problemlists

make/conf/version-numbers.conf

@@ -28,15 +28,15 @@
 
 DEFAULT_VERSION_FEATURE=18
 DEFAULT_VERSION_INTERIM=0
-DEFAULT_VERSION_UPDATE=0
+DEFAULT_VERSION_UPDATE=1
 DEFAULT_VERSION_PATCH=0
 DEFAULT_VERSION_EXTRA1=0
 DEFAULT_VERSION_EXTRA2=0
 DEFAULT_VERSION_EXTRA3=0
-DEFAULT_VERSION_DATE=2022-03-22
+DEFAULT_VERSION_DATE=2022-04-19
 DEFAULT_VERSION_CLASSFILE_MAJOR=62  # "`$EXPR $DEFAULT_VERSION_FEATURE + 44`"
 DEFAULT_VERSION_CLASSFILE_MINOR=0
 DEFAULT_VERSION_DOCS_API_SINCE=11
 DEFAULT_ACCEPTABLE_BOOT_VERSIONS="17 18"
 DEFAULT_JDK_SOURCE_TARGET_VERSION=18
-DEFAULT_PROMOTED_VERSION_PRE=ea
+DEFAULT_PROMOTED_VERSION_PRE=

make/devkit/createJMHBundle.sh

@@ -26,7 +26,7 @@
 # Create a bundle in the build directory, containing what's needed to
 # build and run JMH microbenchmarks from the OpenJDK build.
 
-JMH_VERSION=1.33
+JMH_VERSION=1.34
 COMMONS_MATH3_VERSION=3.2
 JOPT_SIMPLE_VERSION=4.6
 

src/hotspot/cpu/x86/x86.ad

@@ -1607,9 +1607,14 @@ const bool Matcher::match_rule_supported(int opcode) {
       }
       break;
     case Op_SqrtD:
+#ifdef _LP64
       if (UseSSE < 2) {
         return false;
       }
+#else
+      // x86_32.ad has a special match rule for SqrtD.
+      // Together with common x86 rules, this handles all UseSSE cases.
+#endif
       break;
   }
   return true;  // Match rules are supported by default.

src/hotspot/share/interpreter/bytecodeUtils.cpp

@@ -1029,7 +1029,6 @@ int ExceptionMessageBuilder::do_instruction(int bci) {
       break;
 
     case Bytecodes::_arraylength:
-      // The return type of arraylength is wrong in the bytecodes table (T_VOID).
       stack->pop(1);
       stack->push(bci, T_INT);
       break;

src/hotspot/share/interpreter/bytecodes.cpp

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2020, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2021, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -471,7 +471,7 @@ void Bytecodes::initialize() {
   def(_new                 , "new"                 , "bkk"  , NULL    , T_OBJECT ,  1, true );
   def(_newarray            , "newarray"            , "bc"   , NULL    , T_OBJECT ,  0, true );
   def(_anewarray           , "anewarray"           , "bkk"  , NULL    , T_OBJECT ,  0, true );
-  def(_arraylength         , "arraylength"         , "b"    , NULL    , T_VOID   ,  0, true );
+  def(_arraylength         , "arraylength"         , "b"    , NULL    , T_INT    ,  0, true );
   def(_athrow              , "athrow"              , "b"    , NULL    , T_VOID   , -1, true );
   def(_checkcast           , "checkcast"           , "bkk"  , NULL    , T_OBJECT ,  0, true );
   def(_instanceof          , "instanceof"          , "bkk"  , NULL    , T_INT    ,  0, true );

src/hotspot/share/opto/library_call.cpp

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2021, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -1580,7 +1580,7 @@ bool LibraryCallKit::inline_string_char_access(bool is_store) {
   if (is_store) {
     access_store_at(value, adr, TypeAryPtr::BYTES, ch, TypeInt::CHAR, T_CHAR, IN_HEAP | MO_UNORDERED | C2_MISMATCHED);
   } else {
-    ch = access_load_at(value, adr, TypeAryPtr::BYTES, TypeInt::CHAR, T_CHAR, IN_HEAP | MO_UNORDERED | C2_MISMATCHED | C2_CONTROL_DEPENDENT_LOAD);
+    ch = access_load_at(value, adr, TypeAryPtr::BYTES, TypeInt::CHAR, T_CHAR, IN_HEAP | MO_UNORDERED | C2_MISMATCHED | C2_CONTROL_DEPENDENT_LOAD | C2_UNKNOWN_CONTROL_LOAD);
     set_result(ch);
   }
   return true;

src/java.base/macosx/classes/apple/security/KeychainStore.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2011, 2021, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -68,6 +68,25 @@ public final class KeychainStore extends KeyStoreSpi {
 
         Certificate cert;
         long certRef;  // SecCertificateRef for this key
+
+        // Each KeyStore.TrustedCertificateEntry have 2 attributes:
+        // 1. "trustSettings" -> trustSettings.toString()
+        // 2. "2.16.840.1.113894.746875.1.1" -> trustedKeyUsageValue
+        // The 1st one is mainly for debugging use. The 2nd one is similar
+        // to the attribute with the same key in a PKCS12KeyStore.
+
+        // The SecTrustSettingsCopyTrustSettings() output for this certificate
+        // inside the KeyChain in its original array of CFDictionaryRef objects
+        // structure with values dumped as strings. For each trust, an extra
+        // entry "SecPolicyOid" is added whose value is the OID for this trust.
+        // The extra entries are used to construct trustedKeyUsageValue.
+        List<Map<String, String>> trustSettings;
+
+        // One or more OIDs defined in http://oidref.com/1.2.840.113635.100.1.
+        // It can also be "2.5.29.37.0" for a self-signed certificate with
+        // an empty trust settings. This value is never empty. When there are
+        // multiple OID values, it takes the form of "[1.1.1, 1.1.2]".
+        String trustedKeyUsageValue;
     };
 
     /**
@@ -300,6 +319,35 @@ public final class KeychainStore extends KeyStoreSpi {
         }
     }
 
+    private record LocalAttr(String name, String value)
+            implements KeyStore.Entry.Attribute {
+
+        @Override
+        public String getName() {
+            return name;
+        }
+
+        @Override
+        public String getValue() {
+            return value;
+        }
+    }
+
+    @Override
+    public KeyStore.Entry engineGetEntry(String alias, KeyStore.ProtectionParameter protParam)
+            throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableEntryException {
+        if (engineIsCertificateEntry(alias)) {
+            Object entry = entries.get(alias.toLowerCase());
+            if (entry instanceof TrustedCertEntry tEntry) {
+                return new KeyStore.TrustedCertificateEntry(
+                        tEntry.cert, Set.of(
+                                new LocalAttr(KnownOIDs.ORACLE_TrustedKeyUsage.value(), tEntry.trustedKeyUsageValue),
+                                new LocalAttr("trustSettings", tEntry.trustSettings.toString())));
+            }
+        }
+        return super.engineGetEntry(alias, protParam);
+    }
+
     /**
      * Returns the creation date of the entry identified by the given alias.
      *
@@ -453,55 +501,12 @@ public final class KeychainStore extends KeyStoreSpi {
     }
 
     /**
-     * Assigns the given certificate to the given alias.
-     *
-     * <p>If the given alias already exists in this keystore and identifies a
-     * <i>trusted certificate entry</i>, the certificate associated with it is
-     * overridden by the given certificate.
-     *
-     * @param alias the alias name
-     * @param cert the certificate
-     *
-     * @exception KeyStoreException if the given alias already exists and does
-     * not identify a <i>trusted certificate entry</i>, or this operation
-     * fails for some other reason.
+     * Adding trusted certificate entry is not supported.
      */
     public void engineSetCertificateEntry(String alias, Certificate cert)
-        throws KeyStoreException
-    {
-        permissionCheck();
-
-        synchronized(entries) {
-
-            Object entry = entries.get(alias.toLowerCase());
-            if ((entry != null) && (entry instanceof KeyEntry)) {
-                throw new KeyStoreException
-                ("Cannot overwrite key entry with certificate");
-            }
-
-            // This will be slow, but necessary.  Enumerate the values and then see if the cert matches the one in the trusted cert entry.
-            // Security framework doesn't support the same certificate twice in a keychain.
-            Collection<Object> allValues = entries.values();
-
-            for (Object value : allValues) {
-                if (value instanceof TrustedCertEntry) {
-                    TrustedCertEntry tce = (TrustedCertEntry)value;
-                    if (tce.cert.equals(cert)) {
-                        throw new KeyStoreException("Keychain does not support mulitple copies of same certificate.");
-                    }
-                }
-            }
-
-            TrustedCertEntry trustedCertEntry = new TrustedCertEntry();
-            trustedCertEntry.cert = cert;
-            trustedCertEntry.date = new Date();
-            String lowerAlias = alias.toLowerCase();
-            if (entries.get(lowerAlias) != null) {
-                deletedEntries.put(lowerAlias, entries.get(lowerAlias));
-            }
-            entries.put(lowerAlias, trustedCertEntry);
-            addedEntries.put(lowerAlias, trustedCertEntry);
-        }
+            throws KeyStoreException {
+        throw new KeyStoreException("Cannot set trusted certificate entry." +
+                " Use the macOS \"security add-trusted-cert\" command instead.");
     }
 
     /**
@@ -680,10 +685,7 @@ public final class KeychainStore extends KeyStoreSpi {
             String alias = e.nextElement();
             Object entry = addedEntries.get(alias);
             if (entry instanceof TrustedCertEntry) {
-                TrustedCertEntry tce = (TrustedCertEntry)entry;
-                Certificate certElem;
-                certElem = tce.cert;
-                tce.certRef = addCertificateToKeychain(alias, certElem);
+                // Cannot set trusted certificate entry
             } else {
                 KeyEntry keyEntry = (KeyEntry)entry;
 
@@ -778,9 +780,28 @@ public final class KeychainStore extends KeyStoreSpi {
     private native void _scanKeychain();
 
     /**
-     * Callback method from _scanKeychain.  If a trusted certificate is found, this method will be called.
+     * Callback method from _scanKeychain.  If a trusted certificate is found,
+     * this method will be called.
+     *
+     * inputTrust is a list of strings in groups. Each group contains key/value
+     * pairs for one trust setting and ends with a null. Thus the size of the
+     * whole list is (2 * s_1 + 1) + (2 * s_2 + 1) + ... + (2 * s_n + 1),
+     * where s_i is the size of mapping for the i'th trust setting,
+     * and n is the number of trust settings. Ex:
+     *
+     * key1 for trust1
+     * value1 for trust1
+     * ..
+     * null (end of trust1)
+     * key1 for trust2
+     * value1 for trust2
+     * ...
+     * null (end of trust2)
+     * ...
+     * null (end if trust_n)
      */
-    private void createTrustedCertEntry(String alias, long keychainItemRef, long creationDate, byte[] derStream) {
+    private void createTrustedCertEntry(String alias, List<String> inputTrust,
+            long keychainItemRef, long creationDate, byte[] derStream) {
         TrustedCertEntry tce = new TrustedCertEntry();
 
         try {
@@ -791,6 +812,69 @@ public final class KeychainStore extends KeyStoreSpi {
             tce.cert = cert;
             tce.certRef = keychainItemRef;
 
+            tce.trustSettings = new ArrayList<>();
+            Map<String,String> tmpMap = new LinkedHashMap<>();
+            for (int i = 0; i < inputTrust.size(); i++) {
+                if (inputTrust.get(i) == null) {
+                    tce.trustSettings.add(tmpMap);
+                    if (i < inputTrust.size() - 1) {
+                        // Prepare an empty map for the next trust setting.
+                        // Do not just clear(), must be a new object.
+                        // Only create if not at end of list.
+                        tmpMap = new LinkedHashMap<>();
+                    }
+                } else {
+                    tmpMap.put(inputTrust.get(i), inputTrust.get(i+1));
+                    i++;
+                }
+            }
+
+            boolean isSelfSigned;
+            try {
+                cert.verify(cert.getPublicKey());
+                isSelfSigned = true;
+            } catch (Exception e) {
+                isSelfSigned = false;
+            }
+            if (tce.trustSettings.isEmpty()) {
+                if (isSelfSigned) {
+                    // If a self-signed certificate has an empty trust settings,
+                    // trust it for all purposes
+                    tce.trustedKeyUsageValue = KnownOIDs.anyExtendedKeyUsage.value();
+                } else {
+                    // Otherwise, return immediately. The certificate is not
+                    // added into entries.
+                    return;
+                }
+            } else {
+                List<String> values = new ArrayList<>();
+                for (var oneTrust : tce.trustSettings) {
+                    var result = oneTrust.get("kSecTrustSettingsResult");
+                    // https://developer.apple.com/documentation/security/sectrustsettingsresult?language=objc
+                    // 1 = kSecTrustSettingsResultTrustRoot, 2 = kSecTrustSettingsResultTrustAsRoot
+                    // If missing, a default value of kSecTrustSettingsResultTrustRoot is assumed
+                    // for self-signed certificates (see doc for SecTrustSettingsCopyTrustSettings).
+                    // Note that the same SecPolicyOid can appear in multiple trust settings
+                    // for different kSecTrustSettingsAllowedError and/or kSecTrustSettingsPolicyString.
+                    if ((result == null && isSelfSigned)
+                            || "1".equals(result) || "2".equals(result)) {
+                        // When no kSecTrustSettingsPolicy, it means everything
+                        String oid = oneTrust.getOrDefault("SecPolicyOid",
+                                KnownOIDs.anyExtendedKeyUsage.value());
+                        if (!values.contains(oid)) {
+                            values.add(oid);
+                        }
+                    }
+                }
+                if (values.isEmpty()) {
+                    return;
+                }
+                if (values.size() == 1) {
+                    tce.trustedKeyUsageValue = values.get(0);
+                } else {
+                    tce.trustedKeyUsageValue = values.toString();
+                }
+            }
             // Make a creation date.
             if (creationDate != 0)
                 tce.date = new Date(creationDate);

src/java.base/macosx/native/libosxsecurity/KeystoreImpl.m

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2011, 2021, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -368,6 +368,14 @@ errOut:
     }
 }
 
+#define ADD(list, str) { \
+    jobject localeObj = (*env)->NewStringUTF(env, [str UTF8String]); \
+    (*env)->CallBooleanMethod(env, list, jm_listAdd, localeObj); \
+    (*env)->DeleteLocalRef(env, localeObj); \
+}
+
+#define ADDNULL(list) (*env)->CallBooleanMethod(env, list, jm_listAdd, NULL)
+
 static void addCertificatesToKeystore(JNIEnv *env, jobject keyStore)
 {
     // Search the user keychain list for all X509 certificates.
@@ -379,8 +387,15 @@ static void addCertificatesToKeystore(JNIEnv *env, jobject keyStore)
     jclass jc_KeychainStore = (*env)->FindClass(env, "apple/security/KeychainStore");
     CHECK_NULL(jc_KeychainStore);
     jmethodID jm_createTrustedCertEntry = (*env)->GetMethodID(
-            env, jc_KeychainStore, "createTrustedCertEntry", "(Ljava/lang/String;JJ[B)V");
+            env, jc_KeychainStore, "createTrustedCertEntry", "(Ljava/lang/String;Ljava/util/List;JJ[B)V");
     CHECK_NULL(jm_createTrustedCertEntry);
+    jclass jc_arrayListClass = (*env)->FindClass(env, "java/util/ArrayList");
+    CHECK_NULL(jc_arrayListClass);
+    jmethodID jm_arrayListCons = (*env)->GetMethodID(env, jc_arrayListClass, "<init>", "()V");
+    CHECK_NULL(jm_arrayListCons);
+    jmethodID jm_listAdd = (*env)->GetMethodID(env, jc_arrayListClass, "add", "(Ljava/lang/Object;)Z");
+    CHECK_NULL(jm_listAdd);
+
     do {
         searchResult = SecKeychainSearchCopyNext(keychainItemSearch, &theItem);
 
@@ -401,12 +416,50 @@ static void addCertificatesToKeystore(JNIEnv *env, jobject keyStore)
                 goto errOut;
             }
 
+            // Only add certificates with trusted settings
+            CFArrayRef trustSettings;
+            if (SecTrustSettingsCopyTrustSettings(certRef, kSecTrustSettingsDomainUser, &trustSettings)
+                    == errSecItemNotFound) {
+                continue;
+            }
+
+            // See KeychainStore::createTrustedCertEntry for content of inputTrust
+            jobject inputTrust = (*env)->NewObject(env, jc_arrayListClass, jm_arrayListCons);
+            CHECK_NULL(inputTrust);
+
+            // Dump everything inside trustSettings into inputTrust
+            CFIndex count = CFArrayGetCount(trustSettings);
+            for (int i = 0; i < count; i++) {
+                CFDictionaryRef oneTrust = (CFDictionaryRef) CFArrayGetValueAtIndex(trustSettings, i);
+                CFIndex size = CFDictionaryGetCount(oneTrust);
+                const void * keys [size];
+                const void * values [size];
+                CFDictionaryGetKeysAndValues(oneTrust, keys, values);
+                for (int j = 0; j < size; j++) {
+                    NSString* s = [NSString stringWithFormat:@"%@", keys[j]];
+                    ADD(inputTrust, s);
+                    s = [NSString stringWithFormat:@"%@", values[j]];
+                    ADD(inputTrust, s);
+                }
+                SecPolicyRef certPolicy;
+                certPolicy = (SecPolicyRef)CFDictionaryGetValue(oneTrust, kSecTrustSettingsPolicy);
+                if (certPolicy != NULL) {
+                    CFDictionaryRef policyDict = SecPolicyCopyProperties(certPolicy);
+                    ADD(inputTrust, @"SecPolicyOid");
+                    NSString* s = [NSString stringWithFormat:@"%@", CFDictionaryGetValue(policyDict, @"SecPolicyOid")];
+                    ADD(inputTrust, s);
+                    CFRelease(policyDict);
+                }
+                ADDNULL(inputTrust);
+            }
+            CFRelease(trustSettings);
+
             // Find the creation date.
             jlong creationDate = getModDateFromItem(env, theItem);
 
             // Call back to the Java object to create Java objects corresponding to this security object.
             jlong nativeRef = ptr_to_jlong(certRef);
-            (*env)->CallVoidMethod(env, keyStore, jm_createTrustedCertEntry, alias, nativeRef, creationDate, certData);
+            (*env)->CallVoidMethod(env, keyStore, jm_createTrustedCertEntry, alias, inputTrust, nativeRef, creationDate, certData);
             JNU_CHECK_EXCEPTION(env);
         }
     } while (searchResult == noErr);
@@ -522,8 +575,8 @@ NSString* JavaStringToNSString(JNIEnv *env, jstring jstr) {
 /*
  * Class:     apple_security_KeychainStore
  * Method:    _addItemToKeychain
- * Signature: (Ljava/lang/String;[B)I
-*/
+ * Signature: (Ljava/lang/String;Z[B[C)J
+ */
 JNIEXPORT jlong JNICALL Java_apple_security_KeychainStore__1addItemToKeychain
 (JNIEnv *env, jobject this, jstring alias, jboolean isCertificate, jbyteArray rawDataObj, jcharArray passwordObj)
 {

src/java.base/share/classes/sun/security/provider/DSA.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2020, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2021, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -362,7 +362,8 @@ abstract class DSA extends SignatureSpi {
             s = new BigInteger(1, s.toByteArray());
         }
 
-        if ((r.compareTo(presetQ) == -1) && (s.compareTo(presetQ) == -1)) {
+        if ((r.compareTo(presetQ) == -1) && (s.compareTo(presetQ) == -1)
+                && r.signum() > 0 && s.signum() > 0) {
             BigInteger w = generateW(presetP, presetQ, presetG, s);
             BigInteger v = generateV(presetY, presetP, presetQ, presetG, w, r);
             return v.equals(r);

src/java.base/share/classes/sun/security/tools/keytool/Main.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2021, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -2209,6 +2209,9 @@ public final class Main {
                 out.println(mf);
                 dumpCert(cert, out);
             } else if (debug) {
+                for (var attr : keyStore.getEntry(alias, null).getAttributes()) {
+                    System.out.println("Attribute " + attr.getName() + ": " + attr.getValue());
+                }
                 out.println(cert.toString());
             } else {
                 out.println("trustedCertEntry, ");

src/java.base/share/classes/sun/security/util/DerIndefLenConverter.java

@@ -144,15 +144,14 @@ class DerIndefLenConverter {
      * then skip the tag and its 1 byte length of zero.
      */
     private void writeTag() {
-        if (dataPos == dataSize) {
-            return;
-        }
-        assert dataPos + 1 < dataSize;
-        if (isEOC(data, dataPos)) {
-            dataPos += 2;  // skip tag and length
-            writeTag();
-        } else {
-            newData[newDataPos++] = data[dataPos++];
+        while (dataPos < dataSize) {
+            assert dataPos + 1 < dataSize;
+            if (isEOC(data, dataPos)) {
+                dataPos += 2;  // skip tag and length
+            } else {
+                newData[newDataPos++] = data[dataPos++];
+                break;
+            }
         }
     }
 

src/java.base/share/classes/sun/security/util/ObjectIdentifier.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2020, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2021, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -365,7 +365,7 @@ public final class ObjectIdentifier implements Serializable {
             if ((encoding[i] & 0x80) == 0) {
                 // one section [fromPos..i]
                 if (i - fromPos + 1 > 4) {
-                    BigInteger big = new BigInteger(pack(encoding,
+                    BigInteger big = new BigInteger(1, pack(encoding,
                             fromPos, i-fromPos+1, 7, 8));
                     if (fromPos == 0) {
                         result[which++] = 2;
@@ -434,7 +434,7 @@ public final class ObjectIdentifier implements Serializable {
                         sb.append('.');
                     }
                     if (i - fromPos + 1 > 4) { // maybe big integer
-                        BigInteger big = new BigInteger(
+                        BigInteger big = new BigInteger(1,
                                 pack(encoding, fromPos, i-fromPos+1, 7, 8));
                         if (fromPos == 0) {
                             // first section encoded with more than 4 bytes,
@@ -684,6 +684,10 @@ public final class ObjectIdentifier implements Serializable {
     }
 
     private static void checkOidSize(int oidLength) throws IOException {
+        if (oidLength < 0) {
+            throw new IOException("ObjectIdentifier encoded length was " +
+                    "negative: " + oidLength);
+        }
         if (oidLength > MAXIMUM_OID_SIZE) {
             throw new IOException(
                     "ObjectIdentifier encoded length exceeds " +

src/java.desktop/share/classes/com/sun/imageio/plugins/bmp/BMPImageReader.java

@@ -67,6 +67,7 @@ import javax.imageio.stream.ImageInputStream;
 
 import com.sun.imageio.plugins.common.I18N;
 import com.sun.imageio.plugins.common.ImageUtil;
+import com.sun.imageio.plugins.common.ReaderUtil;
 
 /** This class is the Java Image IO plugin reader for BMP images.
  *  It may subsample the image, clip the image, select sub-bands,
@@ -1542,9 +1543,8 @@ public class BMPImageReader extends ImageReader implements BMPConstants {
         }
 
         // Read till we have the whole image
-        byte[] values = new byte[imSize];
-        int bytesRead = 0;
-        iis.readFully(values, 0, imSize);
+        byte[] values = ReaderUtil.
+            staggeredReadByteStream(iis, imSize);
 
         // Since data is compressed, decompress it
         decodeRLE8(imSize, padding, values, bdata);
@@ -1726,8 +1726,8 @@ public class BMPImageReader extends ImageReader implements BMPConstants {
         }
 
         // Read till we have the whole image
-        byte[] values = new byte[imSize];
-        iis.readFully(values, 0, imSize);
+        byte[] values = ReaderUtil.
+            staggeredReadByteStream(iis, imSize);
 
         // Decompress the RLE4 compressed data.
         decodeRLE4(imSize, padding, values, bdata);

src/java.desktop/share/classes/com/sun/imageio/plugins/common/ReaderUtil.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2021, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it

src/java.desktop/share/classes/com/sun/media/sound/AudioFileSoundbankReader.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2007, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2007, 2021, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -78,12 +78,26 @@ public final class AudioFileSoundbankReader extends SoundbankReader {
 
     public Soundbank getSoundbank(AudioInputStream ais)
             throws InvalidMidiDataException, IOException {
+        int MEGABYTE = 1048576;
+        int DEFAULT_BUFFER_SIZE = 65536;
+        int MAX_FRAME_SIZE = 1024;
         try {
             byte[] buffer;
-            if (ais.getFrameLength() == -1) {
+            int frameSize = ais.getFormat().getFrameSize();
+            if (frameSize <= 0 || frameSize > MAX_FRAME_SIZE) {
+                throw new InvalidMidiDataException("Formats with frame size "
+                        + frameSize + " are not supported");
+            }
+
+            long totalSize = ais.getFrameLength() * frameSize;
+            if (totalSize >= Integer.MAX_VALUE - 2) {
+                throw new InvalidMidiDataException(
+                        "Can not allocate enough memory to read audio data.");
+            }
+
+            if (ais.getFrameLength() == -1 || totalSize > MEGABYTE) {
                 ByteArrayOutputStream baos = new ByteArrayOutputStream();
-                byte[] buff = new byte[1024
-                        - (1024 % ais.getFormat().getFrameSize())];
+                byte[] buff = new byte[DEFAULT_BUFFER_SIZE - (DEFAULT_BUFFER_SIZE % frameSize)];
                 int ret;
                 while ((ret = ais.read(buff)) != -1) {
                     baos.write(buff, 0, ret);
@@ -91,8 +105,7 @@ public final class AudioFileSoundbankReader extends SoundbankReader {
                 ais.close();
                 buffer = baos.toByteArray();
             } else {
-                buffer = new byte[(int) (ais.getFrameLength()
-                                    * ais.getFormat().getFrameSize())];
+                buffer = new byte[(int) totalSize];
                 new DataInputStream(ais).readFully(buffer);
             }
             ModelByteBufferWavetable osc = new ModelByteBufferWavetable(

src/java.desktop/windows/native/libawt/windows/awt_Component.cpp

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2021, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -3917,11 +3917,11 @@ void AwtComponent::SetCandidateWindow(int iCandType, int x, int y)
     HIMC hIMC = ImmGetContext(hwnd);
     if (hIMC) {
         CANDIDATEFORM cf;
-        cf.dwStyle = CFS_POINT;
+        cf.dwStyle = CFS_CANDIDATEPOS;
         ImmGetCandidateWindow(hIMC, 0, &cf);
         if (x != cf.ptCurrentPos.x || y != cf.ptCurrentPos.y) {
             cf.dwIndex = iCandType;
-            cf.dwStyle = CFS_POINT;
+            cf.dwStyle = CFS_CANDIDATEPOS;
             cf.ptCurrentPos = {x, y};
             cf.rcArea = {0, 0, 0, 0};
             ImmSetCandidateWindow(hIMC, &cf);

src/java.desktop/windows/native/libawt/windows/awt_DnDDS.cpp

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2020, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -267,13 +267,13 @@ void AwtDragSource::_DoDragDrop(void* param) {
     dragSource->Signal();
 
     AwtToolkit &toolkit = AwtToolkit::GetInstance();
-    toolkit.isInDoDragDropLoop = TRUE;
+    toolkit.isDnDSourceActive = TRUE;
     res = ::DoDragDrop(dragSource,
                        dragSource,
                        convertActionsToDROPEFFECT(dragSource->m_actions),
                        &effects
           );
-    toolkit.isInDoDragDropLoop = FALSE;
+    toolkit.isDnDSourceActive = FALSE;
 
     if (effects == DROPEFFECT_NONE && dragSource->m_dwPerformedDropEffect != DROPEFFECT_NONE) {
         effects = dragSource->m_dwPerformedDropEffect;

src/java.desktop/windows/native/libawt/windows/awt_DnDDT.cpp

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2021, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -141,7 +141,7 @@ static void ScaleDown(POINT &cp, HWND m_window) {
 
 HRESULT __stdcall AwtDropTarget::DragEnter(IDataObject __RPC_FAR *pDataObj, DWORD grfKeyState, POINTL pt, DWORD __RPC_FAR *pdwEffect) {
     TRY;
-    AwtToolkit::GetInstance().isInDoDragDropLoop = TRUE;
+    AwtToolkit::GetInstance().isDnDTargetActive = TRUE;
     if (NULL != m_pIDropTargetHelper) {
         m_pIDropTargetHelper->DragEnter(
             m_window,
@@ -161,7 +161,7 @@ HRESULT __stdcall AwtDropTarget::DragEnter(IDataObject __RPC_FAR *pDataObj, DWOR
         (IsLocalDnD()  && !IsLocalDataObject(pDataObj)))
     {
         *pdwEffect = retEffect;
-        AwtToolkit::GetInstance().isInDoDragDropLoop = FALSE;
+        AwtToolkit::GetInstance().isDnDTargetActive = FALSE;
         return ret;
     }
 
@@ -173,7 +173,7 @@ HRESULT __stdcall AwtDropTarget::DragEnter(IDataObject __RPC_FAR *pDataObj, DWOR
     }
 
     if (JNU_IsNull(env, m_dtcp) || !JNU_IsNull(env, safe_ExceptionOccurred(env))) {
-        AwtToolkit::GetInstance().isInDoDragDropLoop = FALSE;
+        AwtToolkit::GetInstance().isDnDTargetActive = FALSE;
         return ret;
     }
 
@@ -200,12 +200,12 @@ HRESULT __stdcall AwtDropTarget::DragEnter(IDataObject __RPC_FAR *pDataObj, DWOR
                 env->ExceptionDescribe();
                 env->ExceptionClear();
                 actions = java_awt_dnd_DnDConstants_ACTION_NONE;
-                AwtToolkit::GetInstance().isInDoDragDropLoop = FALSE;
+                AwtToolkit::GetInstance().isDnDTargetActive = FALSE;
             }
         } catch (std::bad_alloc&) {
             retEffect = ::convertActionsToDROPEFFECT(actions);
             *pdwEffect = retEffect;
-            AwtToolkit::GetInstance().isInDoDragDropLoop = FALSE;
+            AwtToolkit::GetInstance().isDnDTargetActive = FALSE;
             throw;
         }
 
@@ -421,7 +421,7 @@ void AwtDropTarget::DropDone(jboolean success, jint action) {
     m_dropSuccess = success;
     m_dropActions = action;
     AwtToolkit::GetInstance().QuitMessageLoop(AwtToolkit::EXIT_ENCLOSING_LOOP);
-    AwtToolkit::GetInstance().isInDoDragDropLoop = FALSE;
+    AwtToolkit::GetInstance().isDnDTargetActive = FALSE;
 }
 
 /**
@@ -1136,7 +1136,7 @@ void AwtDropTarget::UnloadCache() {
 
 void AwtDropTarget::DragCleanup(void) {
     UnloadCache();
-    AwtToolkit::GetInstance().isInDoDragDropLoop = FALSE;
+    AwtToolkit::GetInstance().isDnDTargetActive = FALSE;
 }
 
 BOOL AwtDropTarget::IsLocalDataObject(IDataObject __RPC_FAR *pDataObject) {

src/java.desktop/windows/native/libawt/windows/awt_Toolkit.cpp

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2020, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -344,7 +344,8 @@ AwtToolkit::AwtToolkit() {
 
     m_waitEvent = ::CreateEvent(NULL, FALSE, FALSE, NULL);
     m_inputMethodWaitEvent = ::CreateEvent(NULL, FALSE, FALSE, NULL);
-    isInDoDragDropLoop = FALSE;
+    isDnDSourceActive = FALSE;
+    isDnDTargetActive = FALSE;
     eventNumber = 0;
 }
 
@@ -3012,7 +3013,7 @@ Java_sun_awt_windows_WToolkit_syncNativeQueue(JNIEnv *env, jobject self, jlong t
     tk.PostMessage(WM_SYNC_WAIT, 0, 0);
     for(long t = 2; t < timeout &&
                WAIT_TIMEOUT == ::WaitForSingleObject(tk.m_waitEvent, 2); t+=2) {
-        if (tk.isInDoDragDropLoop) {
+        if (tk.isDnDSourceActive || tk.isDnDTargetActive) {
             break;
         }
     }
@@ -3216,7 +3217,7 @@ LRESULT AwtToolkit::InvokeInputMethodFunction(UINT msg, WPARAM wParam, LPARAM lP
      * the IME completion.
      */
     CriticalSection::Lock lock(m_inputMethodLock);
-    if (isInDoDragDropLoop) {
+    if (isDnDSourceActive || isDnDTargetActive) {
         SendMessage(msg, wParam, lParam);
         ::ResetEvent(m_inputMethodWaitEvent);
         return m_inputMethodData;

src/java.desktop/windows/native/libawt/windows/awt_Toolkit.h

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2020, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -441,7 +441,8 @@ public:
 
     HANDLE m_waitEvent;
     volatile DWORD eventNumber;
-    volatile BOOL isInDoDragDropLoop;
+    volatile BOOL isDnDSourceActive;
+    volatile BOOL isDnDTargetActive;
 private:
     HWND CreateToolkitWnd(LPCTSTR name);
 

src/java.xml/share/classes/com/sun/org/apache/xerces/internal/parsers/AbstractDOMParser.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2017, 2021, Oracle and/or its affiliates. All rights reserved.
  */
 /*
  * Licensed to the Apache Software Foundation (ASF) under one or more
@@ -56,6 +56,7 @@ import com.sun.org.apache.xerces.internal.xs.ElementPSVI;
 import com.sun.org.apache.xerces.internal.xs.XSTypeDefinition;
 import java.util.Locale;
 import java.util.Stack;
+import jdk.xml.internal.JdkXmlUtils;
 import org.w3c.dom.Attr;
 import org.w3c.dom.CDATASection;
 import org.w3c.dom.Comment;
@@ -84,7 +85,7 @@ import org.xml.sax.SAXException;
  * @author Andy Clark, IBM
  * @author Elena Litani, IBM
  *
- * @LastModified: Jan 2019
+ * @LastModified: July 2021
  */
 public class AbstractDOMParser extends AbstractXMLDocumentParser {
 
@@ -2041,17 +2042,8 @@ public class AbstractDOMParser extends AbstractXMLDocumentParser {
             else {
                 fInternalSubset.append (name);
             }
-            fInternalSubset.append (' ');
-            if (publicId != null) {
-                fInternalSubset.append ("PUBLIC '");
-                fInternalSubset.append (publicId);
-                fInternalSubset.append ("' '");
-            }
-            else {
-                fInternalSubset.append ("SYSTEM '");
-            }
-            fInternalSubset.append (literalSystemId);
-            fInternalSubset.append ("'>\n");
+            fInternalSubset.append (JdkXmlUtils.getDTDExternalDecl(publicId, literalSystemId));
+            fInternalSubset.append (">\n");
         }
 
         // NOTE: We only know how to create these nodes for the Xerces
@@ -2181,20 +2173,8 @@ public class AbstractDOMParser extends AbstractXMLDocumentParser {
         if (fInternalSubset != null && !fInDTDExternalSubset) {
             fInternalSubset.append ("<!ENTITY ");
             fInternalSubset.append (name);
-            fInternalSubset.append (' ');
-            if (publicId != null) {
-                fInternalSubset.append ("PUBLIC '");
-                fInternalSubset.append (publicId);
-                if (literalSystemId != null) {
-                    fInternalSubset.append ("' '");
-                    fInternalSubset.append (literalSystemId);
-                }
-            }
-            else {
-                fInternalSubset.append ("SYSTEM '");
-                fInternalSubset.append (literalSystemId);
-            }
-            fInternalSubset.append ("' NDATA ");
+            fInternalSubset.append (JdkXmlUtils.getDTDExternalDecl(publicId, literalSystemId));
+            fInternalSubset.append (" NDATA ");
             fInternalSubset.append (notation);
             fInternalSubset.append (">\n");
         }
@@ -2261,19 +2241,8 @@ public class AbstractDOMParser extends AbstractXMLDocumentParser {
         if (fInternalSubset != null && !fInDTDExternalSubset) {
             fInternalSubset.append ("<!NOTATION ");
             fInternalSubset.append (name);
-            if (publicId != null) {
-                fInternalSubset.append (" PUBLIC '");
-                fInternalSubset.append (publicId);
-                if (literalSystemId != null) {
-                    fInternalSubset.append ("' '");
-                    fInternalSubset.append (literalSystemId);
-                }
-            }
-            else {
-                fInternalSubset.append (" SYSTEM '");
-                fInternalSubset.append (literalSystemId);
-            }
-            fInternalSubset.append ("'>\n");
+            fInternalSubset.append (JdkXmlUtils.getDTDExternalDecl(publicId, literalSystemId));
+            fInternalSubset.append (">\n");
         }
 
         // NOTE: We only know how to create these nodes for the Xerces

src/java.xml/share/classes/com/sun/org/apache/xml/internal/serializer/ToHTMLStream.java

@@ -31,6 +31,7 @@ import org.xml.sax.SAXException;
 import com.sun.org.apache.xml.internal.serializer.utils.MsgKey;
 import com.sun.org.apache.xml.internal.serializer.utils.Utils;
 import javax.xml.transform.ErrorListener;
+import jdk.xml.internal.JdkXmlUtils;
 
 /**
  * This serializer takes a series of SAX or
@@ -41,7 +42,7 @@ import javax.xml.transform.ErrorListener;
  * because it is used from another package.
  *
  * @xsl.usage internal
- * @LastModified: June 2021
+ * @LastModified: July 2021
  */
 public final class ToHTMLStream extends ToStream
 {
@@ -679,28 +680,10 @@ public final class ToHTMLStream extends ToStream
                 final java.io.Writer writer = m_writer;
                 try
                 {
-                writer.write("<!DOCTYPE html");
-
-                if (null != doctypePublic)
-                {
-                    writer.write(" PUBLIC \"");
-                    writer.write(doctypePublic);
-                    writer.write('"');
-                }
-
-                if (null != doctypeSystem)
-                {
-                    if (null == doctypePublic)
-                        writer.write(" SYSTEM \"");
-                    else
-                        writer.write(" \"");
-
-                    writer.write(doctypeSystem);
-                    writer.write('"');
-                }
-
-                writer.write('>');
-                outputLineSep();
+                    writer.write("<!DOCTYPE html");
+                    writer.write(JdkXmlUtils.getDTDExternalDecl(doctypePublic, doctypeSystem));
+                    writer.write('>');
+                    outputLineSep();
                 }
                 catch(IOException e)
                 {

src/java.xml/share/classes/com/sun/org/apache/xml/internal/serializer/ToStream.java

@@ -54,7 +54,7 @@ import org.xml.sax.SAXException;
  * serializers (xml, html, text ...) that write output to a stream.
  *
  * @xsl.usage internal
- * @LastModified: June 2021
+ * @LastModified: July 2021
  */
 abstract public class ToStream extends SerializerBase {
 
@@ -895,16 +895,8 @@ abstract public class ToStream extends SerializerBase {
 
             m_writer.write("<!ENTITY ");
             m_writer.write(name);
-            if (publicId != null) {
-                m_writer.write(" PUBLIC \"");
-                m_writer.write(publicId);
-
-            }
-            else {
-                m_writer.write(" SYSTEM \"");
-                m_writer.write(systemId);
-            }
-            m_writer.write("\" >");
+            m_writer.write(JdkXmlUtils.getDTDExternalDecl(publicId, systemId));
+            m_writer.write(">");
             m_writer.write(m_lineSep, 0, m_lineSepLen);
         } catch (IOException e) {
             // TODO Auto-generated catch block
@@ -1967,27 +1959,11 @@ abstract public class ToStream extends SerializerBase {
             final Writer writer = m_writer;
             writer.write("<!DOCTYPE ");
             writer.write(name);
+            String systemId = getDoctypeSystem();
+            writer.write(JdkXmlUtils.getDTDExternalDecl(getDoctypePublic(), systemId));
 
-            String doctypePublic = getDoctypePublic();
-            if (null != doctypePublic)
+            if (null != systemId)
             {
-                writer.write(" PUBLIC \"");
-                writer.write(doctypePublic);
-                writer.write('\"');
-            }
-
-            String doctypeSystem = getDoctypeSystem();
-            if (null != doctypeSystem)
-            {
-                char quote = JdkXmlUtils.getQuoteChar(doctypeSystem);
-                if (null == doctypePublic) {
-                    writer.write(" SYSTEM");
-                }
-                writer.write(" ");
-                writer.write(quote);
-
-                writer.write(doctypeSystem);
-                writer.write(quote);
                 if (closeDecl)
                 {
                     writer.write(">");
@@ -1995,17 +1971,6 @@ abstract public class ToStream extends SerializerBase {
                     closeDecl = false; // done closing
                 }
             }
-            boolean dothis = false;
-            if (dothis)
-            {
-                // at one point this code seemed right,
-                // but not anymore - Brian M.
-                if (closeDecl)
-                {
-                    writer.write('>');
-                    writer.write(m_lineSep, 0, m_lineSepLen);
-                }
-            }
         }
         catch (IOException e)
         {
@@ -3570,16 +3535,8 @@ abstract public class ToStream extends SerializerBase {
 
             m_writer.write("<!NOTATION ");
             m_writer.write(name);
-            if (pubID != null) {
-                m_writer.write(" PUBLIC \"");
-                m_writer.write(pubID);
-
-            }
-            else {
-                m_writer.write(" SYSTEM \"");
-                m_writer.write(sysID);
-            }
-            m_writer.write("\" >");
+            m_writer.write(JdkXmlUtils.getDTDExternalDecl(pubID, sysID));
+            m_writer.write(">");
             m_writer.write(m_lineSep, 0, m_lineSepLen);
         } catch (IOException e) {
             // TODO Auto-generated catch block
@@ -3600,16 +3557,8 @@ abstract public class ToStream extends SerializerBase {
 
             m_writer.write("<!ENTITY ");
             m_writer.write(name);
-            if (pubID != null) {
-                m_writer.write(" PUBLIC \"");
-                m_writer.write(pubID);
-
-            }
-            else {
-                m_writer.write(" SYSTEM \"");
-                m_writer.write(sysID);
-            }
-            m_writer.write("\" NDATA ");
+            m_writer.write(JdkXmlUtils.getDTDExternalDecl(pubID, sysID));
+            m_writer.write(" NDATA ");
             m_writer.write(notationName);
             m_writer.write(" >");
             m_writer.write(m_lineSep, 0, m_lineSepLen);

src/java.xml/share/classes/com/sun/org/apache/xml/internal/serializer/dom3/DOM3TreeWalker.java

@@ -63,7 +63,7 @@ import org.xml.sax.helpers.LocatorImpl;
  * parameters and filters if any during serialization.
  *
  * @xsl.usage internal
- * @LastModified: Apr 2021
+ * @LastModified: July 2021
  */
 final class DOM3TreeWalker {
 
@@ -506,23 +506,7 @@ final class DOM3TreeWalker {
 
                     dtd.append("<!DOCTYPE ");
                     dtd.append(docTypeName);
-                    if (null != publicId) {
-                        dtd.append(" PUBLIC \"");
-                        dtd.append(publicId);
-                        dtd.append('\"');
-                    }
-
-                    if (null != systemId) {
-                        char quote = JdkXmlUtils.getQuoteChar(systemId);
-                        if (null == publicId) {
-                            dtd.append(" SYSTEM ").append(quote);
-                        } else {
-                            dtd.append(" ").append(quote);
-                        }
-                        dtd.append(systemId);
-                        dtd.append(quote);
-                    }
-
+                    dtd.append(JdkXmlUtils.getDTDExternalDecl(publicId, systemId));
                     dtd.append(" [ ");
 
                     dtd.append(fNewLine);

src/java.xml/share/classes/com/sun/xml/internal/stream/events/EntityDeclarationImpl.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2021, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -28,6 +28,7 @@ package com.sun.xml.internal.stream.events;
 import javax.xml.stream.events.EntityDeclaration;
 import javax.xml.stream.events.XMLEvent;
 import com.sun.org.apache.xerces.internal.xni.XMLResourceIdentifier;
+import jdk.xml.internal.JdkXmlUtils;
 
 /**
  *
@@ -129,18 +130,12 @@ public class EntityDeclarationImpl extends DummyEvent implements EntityDeclarati
             //escape quotes, lt and amps
             writer.write(" \"");
             charEncode(writer, fReplacementText);
+            writer.write("\"");
         } else {
             //external entity
-            String pubId = getPublicId();
-            if (pubId != null) {
-                writer.write(" PUBLIC \"");
-                writer.write(pubId);
-            } else {
-                writer.write(" SYSTEM \"");
-                writer.write(getSystemId());
-            }
+            writer.write(JdkXmlUtils.getDTDExternalDecl(getPublicId(), getSystemId()));
         }
-        writer.write("\"");
+
         if (fNotationName != null) {
             writer.write(" NDATA ");
             writer.write(fNotationName);

src/java.xml/share/classes/com/sun/xml/internal/stream/events/NotationDeclarationImpl.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2021, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -28,6 +28,7 @@ package com.sun.xml.internal.stream.events;
 import javax.xml.stream.events.NotationDeclaration;
 import javax.xml.stream.events.XMLEvent;
 import com.sun.xml.internal.stream.dtd.nonvalidating.XMLNotationDecl;
+import jdk.xml.internal.JdkXmlUtils;
 
 /**
  * Implementation of NotationDeclaration event.
@@ -88,16 +89,7 @@ public class NotationDeclarationImpl extends DummyEvent implements NotationDecla
     {
         writer.write("<!NOTATION ");
         writer.write(getName());
-        if (fPublicId != null) {
-            writer.write(" PUBLIC \"");
-            writer.write(fPublicId);
-            writer.write("\"");
-        } else if (fSystemId != null) {
-            writer.write(" SYSTEM");
-            writer.write(" \"");
-            writer.write(fSystemId);
-            writer.write("\"");
-        }
+        writer.write(JdkXmlUtils.getDTDExternalDecl(fPublicId, fSystemId));
         writer.write('>');
     }
 }

src/java.xml/share/classes/jdk/xml/internal/JdkXmlUtils.java

@@ -367,19 +367,40 @@ public class JdkXmlUtils {
     }
 
     /**
-     * Returns the character to be used to quote the input content. Between
-     * single and double quotes, this method returns the one that is not found
-     * in the input. Returns double quote by default.
+     * Returns the external declaration for a DTD construct.
      *
-     * @param s the input string
-     * @return returns the quote not found in the input
+     * @param publicId the public identifier
+     * @param systemId the system identifier
+     * @return a DTD external declaration
      */
-    public static char getQuoteChar(String s) {
-        if (s != null && s.indexOf('"') > -1) {
-            return '\'';
-        } else {
-            return '"';
+    public static String getDTDExternalDecl(String publicId, String systemId) {
+        StringBuilder sb = new StringBuilder();
+        if (null != publicId) {
+            sb.append(" PUBLIC ");
+            sb.append(quoteString(publicId));
         }
+
+        if (null != systemId) {
+            if (null == publicId) {
+                sb.append(" SYSTEM ");
+            } else {
+                sb.append(" ");
+            }
+
+            sb.append(quoteString(systemId));
+        }
+        return sb.toString();
+    }
+
+    /**
+     * Returns the input string quoted with double quotes or single ones if
+     * there is a double quote in the string.
+     * @param s the input string, can not be null
+     * @return the quoted string
+     */
+    private static String quoteString(String s) {
+        char c = (s.indexOf('"') > -1) ? '\'' : '"';
+        return c + s + c;
     }
 
     private static XMLReader getXMLReaderWSAXFactory(boolean overrideDefaultParser) {

src/jdk.crypto.ec/share/classes/sun/security/ec/ECDSAOperations.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2018, 2020, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2018, 2021, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -30,6 +30,7 @@ import sun.security.util.ArrayUtil;
 import sun.security.util.math.*;
 import static sun.security.ec.ECOperations.IntermediateValueException;
 
+import java.math.BigInteger;
 import java.security.ProviderException;
 import java.security.spec.*;
 import java.util.Arrays;
@@ -200,7 +201,8 @@ public class ECDSAOperations {
 
         IntegerFieldModuloP field = ecOps.getField();
         IntegerFieldModuloP orderField = ecOps.getOrderField();
-        int length = (orderField.getSize().bitLength() + 7) / 8;
+        BigInteger mod = orderField.getSize();
+        int length = (mod.bitLength() + 7) / 8;
 
         byte[] r;
         byte[] s;
@@ -218,6 +220,13 @@ public class ECDSAOperations {
             System.arraycopy(sig, encodeLength, s, length - encodeLength, encodeLength);
         }
 
+        BigInteger rb = new BigInteger(1, r);
+        BigInteger sb = new BigInteger(1, s);
+        if (rb.signum() == 0 || sb.signum() == 0
+                || rb.compareTo(mod) >= 0 || sb.compareTo(mod) >= 0) {
+            return false;
+        }
+
         ArrayUtil.reverse(r);
         ArrayUtil.reverse(s);
         IntegerModuloP ri = orderField.getElement(r);

src/jdk.jfr/share/classes/jdk/jfr/internal/tool/JSONWriter.java

@@ -185,7 +185,7 @@ final class JSONWriter extends EventPrintWriter {
     private void printDataStructureName(String text) {
         printIndent();
         print("\"");
-        print(text);
+        printEscaped(text);
         print("\": ");
     }
 

src/jdk.jfr/share/classes/jdk/jfr/internal/tool/XMLWriter.java

@@ -83,7 +83,11 @@ final class XMLWriter extends EventPrintWriter {
     }
 
     private void printAttribute(String name, String value) {
-        print(" ", name, "=\"", value, "\"");
+        print(" ");
+        print(name); // Only known strings
+        print("=\"");
+        printEscaped(value);
+        print("\"");
     }
 
     public void printObject(RecordedObject struct) {

test/hotspot/gtest/runtime/test_os.cpp

@@ -351,6 +351,23 @@ TEST_VM(os, jio_snprintf) {
   test_snprintf(jio_snprintf, false);
 }
 
+#ifdef __APPLE__
+// Not all macOS versions can use os::reserve_memory (i.e. anon_mmap) API
+// to reserve executable memory, so before attempting to use it,
+// we need to verify that we can do so by asking for a tiny executable
+// memory chunk.
+static inline bool can_reserve_executable_memory(void) {
+  bool executable = true;
+  size_t len = 128;
+  char* p = os::reserve_memory(len, executable);
+  bool exec_supported = (p != NULL);
+  if (exec_supported) {
+    os::release_memory(p, len);
+  }
+  return exec_supported;
+}
+#endif
+
 // Test that os::release_memory() can deal with areas containing multiple mappings.
 #define PRINT_MAPPINGS(s) { tty->print_cr("%s", s); os::print_memory_mappings((char*)p, total_range_len, tty); }
 //#define PRINT_MAPPINGS
@@ -360,6 +377,13 @@ TEST_VM(os, jio_snprintf) {
 //  (from multiple calls to os::reserve_memory)
 static address reserve_multiple(int num_stripes, size_t stripe_len) {
   assert(is_aligned(stripe_len, os::vm_allocation_granularity()), "Sanity");
+
+#ifdef __APPLE__
+  // Workaround: try reserving executable memory to figure out
+  // if such operation is supported on this macOS version
+  const bool exec_supported = can_reserve_executable_memory();
+#endif
+
   size_t total_range_len = num_stripes * stripe_len;
   // Reserve a large contiguous area to get the address space...
   address p = (address)os::reserve_memory(total_range_len);
@@ -371,7 +395,11 @@ static address reserve_multiple(int num_stripes, size_t stripe_len) {
     address q = p + (stripe * stripe_len);
     // Commit, alternatingly with or without exec permission,
     //  to prevent kernel from folding these mappings.
+#ifdef __APPLE__
+    const bool executable = exec_supported ? (stripe % 2 == 0) : false;
+#else
     const bool executable = stripe % 2 == 0;
+#endif
     q = (address)os::attempt_reserve_memory_at((char*)q, stripe_len, executable);
     EXPECT_NE(q, (address)NULL);
     EXPECT_TRUE(os::commit_memory((char*)q, stripe_len, executable));
@@ -413,11 +441,7 @@ struct NUMASwitcher {
 #endif
 
 #ifndef _AIX // JDK-8257041
-#if defined(__APPLE__) && !defined(AARCH64)  // See JDK-8267341.
-  TEST_VM(os, DISABLED_release_multi_mappings) {
-#else
   TEST_VM(os, release_multi_mappings) {
-#endif
 
   // With NMT enabled, this will trigger JDK-8263464. For now disable the test if NMT=on.
   if (MemTracker::tracking_level() > NMT_off) {

test/lib/jdk/test/lib/SecurityTools.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2016, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2016, 2022, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,6 +23,7 @@
 
 package jdk.test.lib;
 
+import java.io.Closeable;
 import java.io.File;
 import java.io.IOException;
 import java.nio.file.Files;
@@ -275,5 +276,63 @@ public class SecurityTools {
         }
         return result;
     }
+
+    // Create a temporary keychain in macOS and use it. The original
+    // keychains will be restored when the object is closed.
+    public static class TemporaryKeychain implements Closeable {
+        // name of new keychain
+        private final String newChain;
+        // names of the original keychains
+        private final List<String> oldChains;
+
+        public TemporaryKeychain(String name) {
+            Path p = Path.of(name + ".keychain-db");
+            newChain = p.toAbsolutePath().toString();
+            try {
+                oldChains = ProcessTools.executeProcess("security", "list-keychains")
+                        .shouldHaveExitValue(0)
+                        .getStdout()
+                        .lines()
+                        .map(String::trim)
+                        .map(x -> x.startsWith("\"") ? x.substring(1, x.length() - 1) : x)
+                        .collect(Collectors.toList());
+                if (!Files.exists(p)) {
+                    ProcessTools.executeProcess("security", "create-keychain", "-p", "changeit", newChain)
+                            .shouldHaveExitValue(0);
+                }
+                ProcessTools.executeProcess("security", "unlock-keychain", "-p", "changeit", newChain)
+                        .shouldHaveExitValue(0);
+                ProcessTools.executeProcess("security", "list-keychains", "-s", newChain)
+                        .shouldHaveExitValue(0);
+            } catch (Throwable t) {
+                if (t instanceof RuntimeException re) {
+                    throw re;
+                } else {
+                    throw new RuntimeException(t);
+                }
+            }
+        }
+
+        public String chain() {
+            return newChain;
+        }
+
+        @Override
+        public void close() throws IOException {
+            List<String> cmds = new ArrayList<>();
+            cmds.addAll(List.of("security", "list-keychains", "-s"));
+            cmds.addAll(oldChains);
+            try {
+                ProcessTools.executeProcess(cmds.toArray(new String[0]))
+                        .shouldHaveExitValue(0);
+            } catch (Throwable t) {
+                if (t instanceof RuntimeException re) {
+                    throw re;
+                } else {
+                    throw new RuntimeException(t);
+                }
+            }
+        }
+    }
 }