8269297: Bump version numbers for JDK 17.0.1

Reviewed-by: robm, erikj

make/conf/version-numbers.conf

@@ -28,12 +28,12 @@
 
 DEFAULT_VERSION_FEATURE=17
 DEFAULT_VERSION_INTERIM=0
-DEFAULT_VERSION_UPDATE=0
+DEFAULT_VERSION_UPDATE=1
 DEFAULT_VERSION_PATCH=0
 DEFAULT_VERSION_EXTRA1=0
 DEFAULT_VERSION_EXTRA2=0
 DEFAULT_VERSION_EXTRA3=0
-DEFAULT_VERSION_DATE=2021-09-14
+DEFAULT_VERSION_DATE=2021-10-19
 DEFAULT_VERSION_CLASSFILE_MAJOR=61  # "`$EXPR $DEFAULT_VERSION_FEATURE + 44`"
 DEFAULT_VERSION_CLASSFILE_MINOR=0
 DEFAULT_VERSION_DOCS_API_SINCE=11

src/java.base/share/classes/java/net/URLClassLoader.java

@@ -427,6 +427,11 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
                                 return defineClass(name, res);
                             } catch (IOException e) {
                                 throw new ClassNotFoundException(name, e);
+                            } catch (ClassFormatError e2) {
+                                if (res.getDataError() != null) {
+                                    e2.addSuppressed(res.getDataError());
+                                }
+                                throw e2;
                             }
                         } else {
                             return null;

src/java.base/share/classes/java/util/HashMap.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2021, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -27,6 +27,7 @@ package java.util;
 
 import java.io.IOException;
 import java.io.InvalidObjectException;
+import java.io.ObjectInputStream;
 import java.io.Serializable;
 import java.lang.reflect.ParameterizedType;
 import java.lang.reflect.Type;
@@ -1504,23 +1505,28 @@ public class HashMap<K,V> extends AbstractMap<K,V>
      * @throws IOException if an I/O error occurs
      */
     @java.io.Serial
-    private void readObject(java.io.ObjectInputStream s)
+    private void readObject(ObjectInputStream s)
         throws IOException, ClassNotFoundException {
-        // Read in the threshold (ignored), loadfactor, and any hidden stuff
-        s.defaultReadObject();
+
+        ObjectInputStream.GetField fields = s.readFields();
+
+        // Read loadFactor (ignore threshold)
+        float lf = fields.get("loadFactor", 0.75f);
+        if (lf <= 0 || Float.isNaN(lf))
+            throw new InvalidObjectException("Illegal load factor: " + lf);
+
+        lf = Math.min(Math.max(0.25f, lf), 4.0f);
+        HashMap.UnsafeHolder.putLoadFactor(this, lf);
+
         reinitialize();
-        if (loadFactor <= 0 || Float.isNaN(loadFactor))
-            throw new InvalidObjectException("Illegal load factor: " +
-                                             loadFactor);
+
         s.readInt();                // Read and ignore number of buckets
         int mappings = s.readInt(); // Read number of mappings (size)
-        if (mappings < 0)
-            throw new InvalidObjectException("Illegal mappings count: " +
-                                             mappings);
-        else if (mappings > 0) { // (if zero, use defaults)
-            // Size the table using given load factor only if within
-            // range of 0.25...4.0
-            float lf = Math.min(Math.max(0.25f, loadFactor), 4.0f);
+        if (mappings < 0) {
+            throw new InvalidObjectException("Illegal mappings count: " + mappings);
+        } else if (mappings == 0) {
+            // use defaults
+        } else if (mappings > 0) {
             float fc = (float)mappings / lf + 1.0f;
             int cap = ((fc < DEFAULT_INITIAL_CAPACITY) ?
                        DEFAULT_INITIAL_CAPACITY :
@@ -1549,6 +1555,18 @@ public class HashMap<K,V> extends AbstractMap<K,V>
         }
     }
 
+    // Support for resetting final field during deserializing
+    private static final class UnsafeHolder {
+        private UnsafeHolder() { throw new InternalError(); }
+        private static final jdk.internal.misc.Unsafe unsafe
+                = jdk.internal.misc.Unsafe.getUnsafe();
+        private static final long LF_OFFSET
+                = unsafe.objectFieldOffset(HashMap.class, "loadFactor");
+        static void putLoadFactor(HashMap<?, ?> map, float lf) {
+            unsafe.putFloat(map, LF_OFFSET, lf);
+        }
+    }
+
     /* ------------------------------------------------------------ */
     // iterators
 

src/java.base/share/classes/java/util/HashSet.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2021, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -297,8 +297,8 @@ public class HashSet<E>
     @java.io.Serial
     private void readObject(java.io.ObjectInputStream s)
         throws java.io.IOException, ClassNotFoundException {
-        // Read in any hidden serialization magic
-        s.defaultReadObject();
+        // Consume and ignore stream fields (currently zero).
+        s.readFields();
 
         // Read capacity and verify non-negative.
         int capacity = s.readInt();
@@ -313,12 +313,13 @@ public class HashSet<E>
             throw new InvalidObjectException("Illegal load factor: " +
                                              loadFactor);
         }
+        // Clamp load factor to range of 0.25...4.0.
+        loadFactor = Math.min(Math.max(0.25f, loadFactor), 4.0f);
 
         // Read size and verify non-negative.
         int size = s.readInt();
         if (size < 0) {
-            throw new InvalidObjectException("Illegal size: " +
-                                             size);
+            throw new InvalidObjectException("Illegal size: " + size);
         }
 
         // Set the capacity according to the size and load factor ensuring that

src/java.base/share/classes/jdk/internal/loader/Resource.java

@@ -187,4 +187,12 @@ public abstract class Resource {
     public CodeSigner[] getCodeSigners() {
         return null;
     }
+
+    /**
+     * Returns non-fatal reading error during data retrieval if there's any.
+     * For example, CRC error when reading a JAR entry.
+     */
+    public Exception getDataError() {
+        return null;
+    }
 }

src/java.base/share/classes/jdk/internal/loader/URLClassPath.java

@@ -61,6 +61,7 @@ import java.util.Properties;
 import java.util.Set;
 import java.util.StringTokenizer;
 import java.util.jar.JarFile;
+import java.util.zip.CRC32;
 import java.util.zip.ZipEntry;
 import java.util.jar.JarEntry;
 import java.util.jar.Manifest;
@@ -870,6 +871,7 @@ public class URLClassPath {
             }
 
             return new Resource() {
+                private Exception dataError = null;
                 public String getName() { return name; }
                 public URL getURL() { return url; }
                 public URL getCodeSourceURL() { return csu; }
@@ -885,6 +887,18 @@ public class URLClassPath {
                     { return entry.getCertificates(); };
                 public CodeSigner[] getCodeSigners()
                     { return entry.getCodeSigners(); };
+                public Exception getDataError()
+                    { return dataError; }
+                public byte[] getBytes() throws IOException {
+                    byte[] bytes = super.getBytes();
+                    CRC32 crc32 = new CRC32();
+                    crc32.update(bytes);
+                    if (crc32.getValue() != entry.getCrc()) {
+                        dataError = new IOException(
+                                "CRC error while extracting entry from JAR file");
+                    }
+                    return bytes;
+                }
             };
         }
 

src/java.base/share/classes/sun/security/ssl/ECDHClientKeyExchange.java

@@ -27,6 +27,7 @@ package sun.security.ssl;
 
 import java.io.IOException;
 import java.nio.ByteBuffer;
+import java.security.CryptoPrimitive;
 import java.security.GeneralSecurityException;
 import java.security.PublicKey;
 import java.security.interfaces.ECPublicKey;
@@ -35,6 +36,7 @@ import java.security.spec.AlgorithmParameterSpec;
 import java.security.spec.ECParameterSpec;
 import java.security.spec.NamedParameterSpec;
 import java.text.MessageFormat;
+import java.util.EnumSet;
 import java.util.Locale;
 import javax.crypto.SecretKey;
 import sun.security.ssl.SSLHandshake.HandshakeMessage;
@@ -317,12 +319,19 @@ final class ECDHClientKeyExchange {
 
             // create the credentials
             try {
-                NamedGroup ng = namedGroup;  // "effectively final" the lambda
-                // AlgorithmConstraints are checked internally.
-                SSLCredentials sslCredentials = namedGroup.decodeCredentials(
-                        cke.encodedPoint, shc.algorithmConstraints,
-                        s -> shc.conContext.fatal(Alert.INSUFFICIENT_SECURITY,
-                        "ClientKeyExchange " + ng + ": " + s));
+                SSLCredentials sslCredentials =
+                        namedGroup.decodeCredentials(cke.encodedPoint);
+                if (shc.algorithmConstraints != null &&
+                        sslCredentials instanceof
+                            NamedGroupCredentials namedGroupCredentials) {
+                    if (!shc.algorithmConstraints.permits(
+                            EnumSet.of(CryptoPrimitive.KEY_AGREEMENT),
+                            namedGroupCredentials.getPublicKey())) {
+                        shc.conContext.fatal(Alert.INSUFFICIENT_SECURITY,
+                            "ClientKeyExchange for " + namedGroup +
+                            " does not comply with algorithm constraints");
+                    }
+                }
 
                 shc.handshakeCredentials.add(sslCredentials);
             } catch (GeneralSecurityException e) {
@@ -497,12 +506,19 @@ final class ECDHClientKeyExchange {
 
             // create the credentials
             try {
-                NamedGroup ng = namedGroup; // "effectively final" the lambda
-                // AlgorithmConstraints are checked internally.
-                SSLCredentials sslCredentials = namedGroup.decodeCredentials(
-                        cke.encodedPoint, shc.algorithmConstraints,
-                        s -> shc.conContext.fatal(Alert.INSUFFICIENT_SECURITY,
-                        "ClientKeyExchange " + ng + ": " + s));
+                SSLCredentials sslCredentials =
+                        namedGroup.decodeCredentials(cke.encodedPoint);
+                if (shc.algorithmConstraints != null &&
+                        sslCredentials instanceof
+                                NamedGroupCredentials namedGroupCredentials) {
+                    if (!shc.algorithmConstraints.permits(
+                            EnumSet.of(CryptoPrimitive.KEY_AGREEMENT),
+                            namedGroupCredentials.getPublicKey())) {
+                        shc.conContext.fatal(Alert.INSUFFICIENT_SECURITY,
+                            "ClientKeyExchange for " + namedGroup +
+                            " does not comply with algorithm constraints");
+                    }
+                }
 
                 shc.handshakeCredentials.add(sslCredentials);
             } catch (GeneralSecurityException e) {

src/java.base/share/classes/sun/security/ssl/ECDHServerKeyExchange.java

@@ -27,6 +27,7 @@ package sun.security.ssl;
 
 import java.io.IOException;
 import java.nio.ByteBuffer;
+import java.security.CryptoPrimitive;
 import java.security.GeneralSecurityException;
 import java.security.InvalidAlgorithmParameterException;
 import java.security.InvalidKeyException;
@@ -37,6 +38,7 @@ import java.security.PublicKey;
 import java.security.Signature;
 import java.security.SignatureException;
 import java.text.MessageFormat;
+import java.util.EnumSet;
 import java.util.Locale;
 import java.util.Map;
 import sun.security.ssl.SSLHandshake.HandshakeMessage;
@@ -214,10 +216,19 @@ final class ECDHServerKeyExchange {
             }
 
             try {
-                sslCredentials = namedGroup.decodeCredentials(
-                    publicPoint, handshakeContext.algorithmConstraints,
-                     s -> chc.conContext.fatal(Alert.INSUFFICIENT_SECURITY,
-                     "ServerKeyExchange " + namedGroup + ": " + (s)));
+                sslCredentials =
+                        namedGroup.decodeCredentials(publicPoint);
+                if (handshakeContext.algorithmConstraints != null &&
+                        sslCredentials instanceof
+                                NamedGroupCredentials namedGroupCredentials) {
+                    if (!handshakeContext.algorithmConstraints.permits(
+                            EnumSet.of(CryptoPrimitive.KEY_AGREEMENT),
+                            namedGroupCredentials.getPublicKey())) {
+                        chc.conContext.fatal(Alert.INSUFFICIENT_SECURITY,
+                            "ServerKeyExchange for " + namedGroup +
+                            " does not comply with algorithm constraints");
+                    }
+                }
             } catch (GeneralSecurityException ex) {
                 throw chc.conContext.fatal(Alert.UNEXPECTED_MESSAGE,
                         "Cannot decode named group: " +

src/java.base/share/classes/sun/security/ssl/KeyShareExtension.java

@@ -27,6 +27,7 @@ package sun.security.ssl;
 
 import java.io.IOException;
 import java.nio.ByteBuffer;
+import java.security.CryptoPrimitive;
 import java.security.GeneralSecurityException;
 import java.text.MessageFormat;
 import java.util.Collections;
@@ -349,7 +350,8 @@ final class KeyShareExtension {
                 NamedGroup ng = NamedGroup.valueOf(entry.namedGroupId);
                 if (ng == null || !SupportedGroups.isActivatable(
                         shc.algorithmConstraints, ng)) {
-                    if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
+                    if (SSLLogger.isOn &&
+                            SSLLogger.isOn("ssl,handshake")) {
                         SSLLogger.fine(
                                 "Ignore unsupported named group: " +
                                 NamedGroup.nameOf(entry.namedGroupId));
@@ -359,16 +361,33 @@ final class KeyShareExtension {
 
                 try {
                     SSLCredentials kaCred =
-                        ng.decodeCredentials(entry.keyExchange,
-                        shc.algorithmConstraints,
-                        s -> SSLLogger.warning(s));
+                        ng.decodeCredentials(entry.keyExchange);
+                    if (shc.algorithmConstraints != null &&
+                            kaCred instanceof
+                                NamedGroupCredentials namedGroupCredentials) {
+                        if (!shc.algorithmConstraints.permits(
+                                EnumSet.of(CryptoPrimitive.KEY_AGREEMENT),
+                                namedGroupCredentials.getPublicKey())) {
+                            if (SSLLogger.isOn &&
+                                    SSLLogger.isOn("ssl,handshake")) {
+                                SSLLogger.warning(
+                                    "key share entry of " + ng + " does not " +
+                                    " comply with algorithm constraints");
+                            }
+
+                            kaCred = null;
+                        }
+                    }
+
                     if (kaCred != null) {
                         credentials.add(kaCred);
                     }
                 } catch (GeneralSecurityException ex) {
-                    SSLLogger.warning(
-                        "Cannot decode named group: " +
-                        NamedGroup.nameOf(entry.namedGroupId));
+                    if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
+                        SSLLogger.warning(
+                                "Cannot decode named group: " +
+                                NamedGroup.nameOf(entry.namedGroupId));
+                    }
                 }
             }
 
@@ -646,9 +665,20 @@ final class KeyShareExtension {
 
             SSLCredentials credentials = null;
             try {
-                SSLCredentials kaCred = ng.decodeCredentials(
-                    keyShare.keyExchange, chc.algorithmConstraints,
-                    s -> chc.conContext.fatal(Alert.UNEXPECTED_MESSAGE, s));
+                SSLCredentials kaCred =
+                        ng.decodeCredentials(keyShare.keyExchange);
+                if (chc.algorithmConstraints != null &&
+                        kaCred instanceof
+                                NamedGroupCredentials namedGroupCredentials) {
+                    if (!chc.algorithmConstraints.permits(
+                            EnumSet.of(CryptoPrimitive.KEY_AGREEMENT),
+                            namedGroupCredentials.getPublicKey())) {
+                        chc.conContext.fatal(Alert.INSUFFICIENT_SECURITY,
+                            "key share entry of " + ng + " does not " +
+                            " comply with algorithm constraints");
+                    }
+                }
+
                 if (kaCred != null) {
                     credentials = kaCred;
                 }

src/java.base/share/classes/sun/security/ssl/NamedGroup.java

@@ -419,12 +419,9 @@ enum NamedGroup {
         return spec.encodePossessionPublicKey(namedGroupPossession);
     }
 
-    SSLCredentials decodeCredentials(byte[] encoded,
-            AlgorithmConstraints constraints,
-            ExceptionSupplier onConstraintFail)
-            throws IOException, GeneralSecurityException {
-        return spec.decodeCredentials(
-                this, encoded, constraints, onConstraintFail);
+    SSLCredentials decodeCredentials(
+            byte[] encoded) throws IOException, GeneralSecurityException {
+        return spec.decodeCredentials(this, encoded);
     }
 
     SSLPossession createPossession(SecureRandom random) {
@@ -436,30 +433,13 @@ enum NamedGroup {
         return spec.createKeyDerivation(hc);
     }
 
-    interface ExceptionSupplier {
-        void apply(String s) throws SSLException;
-    }
-
     // A list of operations related to named groups.
     private interface NamedGroupScheme {
-        default void checkConstraints(PublicKey publicKey,
-                AlgorithmConstraints constraints,
-                ExceptionSupplier onConstraintFail) throws SSLException {
-            if (!constraints.permits(
-                    EnumSet.of(CryptoPrimitive.KEY_AGREEMENT), publicKey)) {
-                onConstraintFail.apply("key share entry does not "
-                        + "comply with algorithm constraints");
-            }
-        }
-
         byte[] encodePossessionPublicKey(
                 NamedGroupPossession namedGroupPossession);
 
-        SSLCredentials decodeCredentials(
-                NamedGroup ng, byte[] encoded,
-                AlgorithmConstraints constraints,
-                ExceptionSupplier onConstraintFail
-            ) throws IOException, GeneralSecurityException;
+        SSLCredentials decodeCredentials(NamedGroup ng,
+                byte[] encoded) throws IOException, GeneralSecurityException;
 
         SSLPossession createPossession(NamedGroup ng, SecureRandom random);
 
@@ -524,13 +504,10 @@ enum NamedGroup {
         }
 
         @Override
-        public SSLCredentials decodeCredentials(NamedGroup ng, byte[] encoded,
-                    AlgorithmConstraints constraints,
-                    ExceptionSupplier onConstraintFail
-                ) throws IOException, GeneralSecurityException {
+        public SSLCredentials decodeCredentials(NamedGroup ng,
+                byte[] encoded) throws IOException, GeneralSecurityException {
             if (scheme != null) {
-                return scheme.decodeCredentials(
-                        ng, encoded, constraints, onConstraintFail);
+                return scheme.decodeCredentials(ng, encoded);
             }
 
             return null;
@@ -567,18 +544,9 @@ enum NamedGroup {
         }
 
         @Override
-        public SSLCredentials decodeCredentials(NamedGroup ng, byte[] encoded,
-                AlgorithmConstraints constraints,
-                ExceptionSupplier onConstraintFail
-            ) throws IOException, GeneralSecurityException {
-
-            DHKeyExchange.DHECredentials result
-                    = DHKeyExchange.DHECredentials.valueOf(ng, encoded);
-
-            checkConstraints(result.getPublicKey(), constraints,
-                    onConstraintFail);
-
-            return result;
+        public SSLCredentials decodeCredentials(NamedGroup ng,
+                byte[] encoded) throws IOException, GeneralSecurityException {
+            return DHKeyExchange.DHECredentials.valueOf(ng, encoded);
         }
 
         @Override
@@ -605,18 +573,9 @@ enum NamedGroup {
         }
 
         @Override
-        public SSLCredentials decodeCredentials(NamedGroup ng, byte[] encoded,
-                AlgorithmConstraints constraints,
-                ExceptionSupplier onConstraintFail
-            ) throws IOException, GeneralSecurityException {
-
-            ECDHKeyExchange.ECDHECredentials result
-                    = ECDHKeyExchange.ECDHECredentials.valueOf(ng, encoded);
-
-            checkConstraints(result.getPublicKey(), constraints,
-                    onConstraintFail);
-
-            return result;
+        public SSLCredentials decodeCredentials(NamedGroup ng,
+                byte[] encoded) throws IOException, GeneralSecurityException {
+            return ECDHKeyExchange.ECDHECredentials.valueOf(ng, encoded);
         }
 
         @Override
@@ -641,18 +600,9 @@ enum NamedGroup {
         }
 
         @Override
-        public SSLCredentials decodeCredentials(NamedGroup ng, byte[] encoded,
-                AlgorithmConstraints constraints,
-                ExceptionSupplier onConstraintFail
-            ) throws IOException, GeneralSecurityException {
-
-            XDHKeyExchange.XDHECredentials result
-                    = XDHKeyExchange.XDHECredentials.valueOf(ng, encoded);
-
-            checkConstraints(result.getPublicKey(), constraints,
-                    onConstraintFail);
-
-            return result;
+        public SSLCredentials decodeCredentials(NamedGroup ng,
+                byte[] encoded) throws IOException, GeneralSecurityException {
+            return XDHKeyExchange.XDHECredentials.valueOf(ng, encoded);
         }
 
         @Override

src/java.base/share/classes/sun/security/ssl/SSLLogger.java

@@ -184,7 +184,7 @@ public final class SSLLogger {
     }
 
     private static void log(Level level, String msg, Object... params) {
-        if (logger.isLoggable(level)) {
+        if (logger != null && logger.isLoggable(level)) {
             if (params == null || params.length == 0) {
                 logger.log(level, msg);
             } else {

src/java.base/share/classes/sun/security/tools/keytool/CertAndKeyGen.java

@@ -32,7 +32,10 @@ import java.security.cert.CertificateEncodingException;
 import java.security.*;
 import java.security.spec.ECGenParameterSpec;
 import java.security.spec.NamedParameterSpec;
+import java.util.Calendar;
 import java.util.Date;
+import java.util.GregorianCalendar;
+import java.util.TimeZone;
 
 import sun.security.pkcs10.PKCS10;
 import sun.security.util.SignatureUtil;
@@ -304,6 +307,12 @@ public final class CertAndKeyGen {
         try {
             lastDate = new Date ();
             lastDate.setTime (firstDate.getTime () + validity * 1000);
+            Calendar c = new GregorianCalendar(TimeZone.getTimeZone("UTC"));
+            c.setTime(lastDate);
+            if (c.get(Calendar.YEAR) > 9999) {
+                throw new CertificateException("Validity period ends at calendar year " +
+                        c.get(Calendar.YEAR) + " which is greater than 9999");
+            }
 
             CertificateValidity interval =
                                    new CertificateValidity(firstDate,lastDate);

src/java.base/share/classes/sun/security/tools/keytool/Main.java

@@ -1445,8 +1445,7 @@ public final class Main {
                                            X509CertInfo.DN_NAME);
 
         Date firstDate = getStartDate(startDate);
-        Date lastDate = new Date();
-        lastDate.setTime(firstDate.getTime() + validity*1000L*24L*60L*60L);
+        Date lastDate = getLastDate(firstDate, validity);
         CertificateValidity interval = new CertificateValidity(firstDate,
                                                                lastDate);
 
@@ -1560,12 +1559,10 @@ public final class Main {
                                                       X509CertInfo.DN_NAME);
 
         Date firstDate = getStartDate(startDate);
-        Date lastDate = (Date) firstDate.clone();
-        lastDate.setTime(lastDate.getTime() + validity*1000*24*60*60);
+        Date lastDate = getLastDate(firstDate, validity);
         CertificateValidity interval = new CertificateValidity(firstDate,
                                                                lastDate);
 
-
         PrivateKey privateKey =
                 (PrivateKey)recoverKey(alias, storePass, keyPass).fst;
         if (sigAlgName == null) {
@@ -3033,8 +3030,7 @@ public final class Main {
 
         // Extend its validity
         Date firstDate = getStartDate(startDate);
-        Date lastDate = new Date();
-        lastDate.setTime(firstDate.getTime() + validity*1000L*24L*60L*60L);
+        Date lastDate = getLastDate(firstDate, validity);
         CertificateValidity interval = new CertificateValidity(firstDate,
                                                                lastDate);
         certInfo.set(X509CertInfo.VALIDITY, interval);
@@ -4695,6 +4691,21 @@ public final class Main {
         return result;
     }
 
+    private Date getLastDate(Date firstDate, long validity)
+            throws Exception {
+        Date lastDate = new Date();
+        lastDate.setTime(firstDate.getTime() + validity*1000L*24L*60L*60L);
+
+        Calendar c = new GregorianCalendar(TimeZone.getTimeZone("UTC"));
+        c.setTime(lastDate);
+        if (c.get(Calendar.YEAR) > 9999) {
+            throw new Exception("Validity period ends at calendar year " +
+                    c.get(Calendar.YEAR) + " which is greater than 9999");
+        }
+
+        return lastDate;
+    }
+
     private boolean isTrustedCert(Certificate cert) throws KeyStoreException {
         if (caks != null && caks.getCertificateAlias(cert) != null) {
             return true;

src/java.base/share/classes/sun/security/util/DerIndefLenConverter.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2019, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2021, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -31,9 +31,12 @@ import java.util.ArrayList;
 import java.util.Arrays;
 
 /**
- * A package private utility class to convert indefinite length DER
+ * A package private utility class to convert indefinite length BER
  * encoded byte arrays to definite length DER encoded byte arrays.
- *
+ * <p>
+ * Note: This class only substitute indefinite length octets to definite
+ * length octets. It does not update the contents even if they are not DER.
+ * <p>
  * This assumes that the basic data structure is "tag, length, value"
  * triplet. In the case where the length is "indefinite", terminating
  * end-of-contents bytes are expected.
@@ -42,26 +45,30 @@ import java.util.Arrays;
  */
 class DerIndefLenConverter {
 
-    private static final int TAG_MASK            = 0x1f; // bits 5-1
-    private static final int FORM_MASK           = 0x20; // bits 6
-    private static final int CLASS_MASK          = 0xC0; // bits 8 and 7
-
     private static final int LEN_LONG            = 0x80; // bit 8 set
     private static final int LEN_MASK            = 0x7f; // bits 7 - 1
-    private static final int SKIP_EOC_BYTES      = 2;
 
     private byte[] data, newData;
     private int newDataPos, dataPos, dataSize, index;
     private int unresolved = 0;
 
+    // A list to store each indefinite length occurrence. Whenever an indef
+    // length is seen, the position after the 0x80 byte is appended to the
+    // list as an integer. Whenever its matching EOC is seen, we know the
+    // actual length and the position value is substituted with a calculated
+    // length octets. At the end, the new DER encoding is a concatenation of
+    // all existing tags, existing definite length octets, existing contents,
+    // and the newly created definte length octets in this list.
     private ArrayList<Object> ndefsList = new ArrayList<Object>();
 
+    // Length of extra bytes needed to convert indefinite encoding to definite.
+    // For each resolved indefinite length encoding, the starting 0x80 byte
+    // and the ending 00 00 bytes will be removed and a new definite length
+    // octets will be added. This value might be positive or negative.
     private int numOfTotalLenBytes = 0;
 
-    private boolean isEOC(int tag) {
-        return (((tag & TAG_MASK) == 0x00) &&  // EOC
-                ((tag & FORM_MASK) == 0x00) && // primitive
-                ((tag & CLASS_MASK) == 0x00)); // universal
+    private static boolean isEOC(byte[] data, int pos) {
+        return data[pos] == 0 && data[pos + 1] == 0;
     }
 
     // if bit 8 is set then it implies either indefinite length or long form
@@ -70,9 +77,9 @@ class DerIndefLenConverter {
     }
 
     /*
-     * Default package private constructor
+     * Private constructor
      */
-    DerIndefLenConverter() { }
+    private DerIndefLenConverter() { }
 
     /**
      * Checks whether the given length byte is of the form
@@ -88,11 +95,14 @@ class DerIndefLenConverter {
     }
 
     /**
-     * Parse the tag and if it is an end-of-contents tag then
-     * add the current position to the <code>eocList</code> vector.
+     * Consumes the tag at {@code dataPos}.
+     * <p>
+     * If it is EOC then replace the matching start position (i.e. the previous
+     * {@code dataPos} where an indefinite length was found by #parseLength)
+     * in {@code ndefsList} with a length octets for this section.
      */
     private void parseTag() throws IOException {
-        if (isEOC(data[dataPos]) && (data[dataPos + 1] == 0)) {
+        if (isEOC(data, dataPos)) {
             int numOfEncapsulatedLenBytes = 0;
             Object elem = null;
             int index;
@@ -103,6 +113,9 @@ class DerIndefLenConverter {
                 if (elem instanceof Integer) {
                     break;
                 } else {
+                    // For each existing converted part, 3 bytes (80 at the
+                    // beginning and 00 00 at the end) are removed and a
+                    // new length octets is added.
                     numOfEncapsulatedLenBytes += ((byte[])elem).length - 3;
                 }
             }
@@ -114,6 +127,7 @@ class DerIndefLenConverter {
                              numOfEncapsulatedLenBytes;
             byte[] sectionLenBytes = getLengthBytes(sectionLen);
             ndefsList.set(index, sectionLenBytes);
+            assert unresolved > 0;
             unresolved--;
 
             // Add the number of bytes required to represent this section
@@ -130,34 +144,41 @@ class DerIndefLenConverter {
      * then skip the tag and its 1 byte length of zero.
      */
     private void writeTag() {
-        if (dataPos == dataSize)
+        if (dataPos == dataSize) {
             return;
-        int tag = data[dataPos++];
-        if (isEOC(tag) && (data[dataPos] == 0)) {
-            dataPos++;  // skip length
+        }
+        assert dataPos + 1 < dataSize;
+        if (isEOC(data, dataPos)) {
+            dataPos += 2;  // skip tag and length
             writeTag();
-        } else
-            newData[newDataPos++] = (byte)tag;
+        } else {
+            newData[newDataPos++] = data[dataPos++];
+        }
     }
 
     /**
-     * Parse the length and if it is an indefinite length then add
-     * the current position to the <code>ndefsList</code> vector.
+     * Parse the length octets started at {@code dataPos}. After this method
+     * is called, {@code dataPos} is placed after the length octets except
+     * -1 is returned.
      *
-     * @return the length of definite length data next, or -1 if there is
-     *         not enough bytes to determine it
+     * @return a) the length of definite length data next
+     *         b) -1, if it is a definite length data next but the length
+     *            octets is not complete to determine the actual length
+     *         c) 0, if it is an indefinite length. Also, append the current
+     *            position to the {@code ndefsList} vector.
      * @throws IOException if invalid data is read
      */
     private int parseLength() throws IOException {
-        int curLen = 0;
-        if (dataPos == dataSize)
-            return curLen;
+        if (dataPos == dataSize) {
+            return 0;
+        }
         int lenByte = data[dataPos++] & 0xff;
         if (isIndefinite(lenByte)) {
             ndefsList.add(dataPos);
             unresolved++;
-            return curLen;
+            return 0;
         }
+        int curLen = 0;
         if (isLongForm(lenByte)) {
             lenByte &= LEN_MASK;
             if (lenByte > 4) {
@@ -179,14 +200,17 @@ class DerIndefLenConverter {
     }
 
     /**
-     * Write the length and if it is an indefinite length
-     * then calculate the definite length from the positions
-     * of the indefinite length and its matching EOC terminator.
-     * Then, write the value.
+     * Write the length and value.
+     * <p>
+     * If it was definite length, just re-write the length and copy the value.
+     * If it was an indefinite length, copy the precalculated definite octets
+     * from {@code ndefsList}. There is no values here because they will be
+     * sub-encodings of a constructed encoding.
      */
     private void writeLengthAndValue() throws IOException {
-        if (dataPos == dataSize)
-           return;
+        if (dataPos == dataSize) {
+            return;
+        }
         int curLen = 0;
         int lenByte = data[dataPos++] & 0xff;
         if (isIndefinite(lenByte)) {
@@ -194,21 +218,21 @@ class DerIndefLenConverter {
             System.arraycopy(lenBytes, 0, newData, newDataPos,
                              lenBytes.length);
             newDataPos += lenBytes.length;
-            return;
-        }
-        if (isLongForm(lenByte)) {
-            lenByte &= LEN_MASK;
-            for (int i = 0; i < lenByte; i++) {
-                curLen = (curLen << 8) + (data[dataPos++] & 0xff);
-            }
-            if (curLen < 0) {
-                throw new IOException("Invalid length bytes");
-            }
         } else {
-            curLen = (lenByte & LEN_MASK);
+            if (isLongForm(lenByte)) {
+                lenByte &= LEN_MASK;
+                for (int i = 0; i < lenByte; i++) {
+                    curLen = (curLen << 8) + (data[dataPos++] & 0xff);
+                }
+                if (curLen < 0) {
+                    throw new IOException("Invalid length bytes");
+                }
+            } else {
+                curLen = (lenByte & LEN_MASK);
+            }
+            writeLength(curLen);
+            writeValue(curLen);
         }
-        writeLength(curLen);
-        writeValue(curLen);
     }
 
     private void writeLength(int curLen) {
@@ -296,19 +320,13 @@ class DerIndefLenConverter {
         return numOfLenBytes;
     }
 
-    /**
-     * Parse the value;
-     */
-    private void parseValue(int curLen) {
-        dataPos += curLen;
-    }
-
     /**
      * Write the value;
      */
     private void writeValue(int curLen) {
-        for (int i=0; i < curLen; i++)
-            newData[newDataPos++] = data[dataPos++];
+        System.arraycopy(data, dataPos, newData, newDataPos, curLen);
+        dataPos += curLen;
+        newDataPos += curLen;
     }
 
     /**
@@ -323,10 +341,8 @@ class DerIndefLenConverter {
      */
     byte[] convertBytes(byte[] indefData) throws IOException {
         data = indefData;
-        dataPos=0; index=0;
+        dataPos = 0;
         dataSize = data.length;
-        int len=0;
-        int unused = 0;
 
         // parse and set up the vectors of all the indefinite-lengths
         while (dataPos < dataSize) {
@@ -335,14 +351,17 @@ class DerIndefLenConverter {
                 return null;
             }
             parseTag();
-            len = parseLength();
+            int len = parseLength();
             if (len < 0) {
                 return null;
             }
-            parseValue(len);
+            dataPos += len;
+            if (dataPos < 0) {
+                // overflow
+                throw new IOException("Data overflow");
+            }
             if (unresolved == 0) {
-                unused = dataSize - dataPos;
-                dataSize = dataPos;
+                assert !ndefsList.isEmpty() && ndefsList.get(0) instanceof byte[];
                 break;
             }
         }
@@ -351,14 +370,18 @@ class DerIndefLenConverter {
             return null;
         }
 
+        int unused = dataSize - dataPos;
+        assert unused >= 0;
+        dataSize = dataPos;
+
         newData = new byte[dataSize + numOfTotalLenBytes + unused];
-        dataPos=0; newDataPos=0; index=0;
+        dataPos = 0; newDataPos = 0; index = 0;
 
         // write out the new byte array replacing all the indefinite-lengths
         // and EOCs
         while (dataPos < dataSize) {
-           writeTag();
-           writeLengthAndValue();
+            writeTag();
+            writeLengthAndValue();
         }
         System.arraycopy(indefData, dataSize,
                          newData, dataSize + numOfTotalLenBytes, unused);
@@ -395,7 +418,7 @@ class DerIndefLenConverter {
             if (result == null) {
                 int next = in.read(); // This could block, but we need more
                 if (next == -1) {
-                    throw new IOException("not all indef len BER resolved");
+                    throw new IOException("not enough data to resolve indef len BER");
                 }
                 int more = in.available();
                 // expand array to include next and more

src/java.desktop/share/classes/com/sun/imageio/plugins/bmp/BMPImageReader.java

@@ -591,6 +591,13 @@ public class BMPImageReader extends ImageReader implements BMPConstants {
             height = Math.abs(height);
         }
 
+        if (metadata.compression == BI_RGB) {
+            long imageDataSize = (width * height * (bitsPerPixel / 8));
+            if (imageDataSize > (bitmapFileSize - bitmapOffset)) {
+                throw new IIOException(I18N.getString("BMPImageReader9"));
+            }
+        }
+
         // Reset Image Layout so there's only one tile.
         //Define the color space
         ColorSpace colorSpace = ColorSpace.getInstance(ColorSpace.CS_sRGB);

src/java.desktop/share/classes/com/sun/imageio/plugins/common/iio-plugin.properties

@@ -24,6 +24,7 @@ BMPImageReader5=Input has not been set.
 BMPImageReader6=Unable to read the image header.
 BMPImageReader7=Invalid bitmap offset.
 BMPImageReader8=Invalid bits per pixel in image header.
+BMPImageReader9=Invalid width/height for BI_RGB image data.
 BMPImageWriter0=Output is not an ImageOutputStream.
 BMPImageWriter1=The image region to be encoded is empty.
 BMPImageWriter2=Only 1 or 3 band image is encoded.

src/java.desktop/share/classes/javax/swing/text/rtf/RTFParser.java

@@ -233,25 +233,52 @@ abstract class RTFParser extends AbstractFilter
           currentCharacters.append(ch);
         } else {
           /* TODO: Test correct behavior of \bin keyword */
+
           if (pendingKeyword.equals("bin")) {  /* magic layer-breaking kwd */
-            long parameter = Long.parseLong(currentCharacters.toString());
+            long parameter = 0L;
+            try {
+              parameter = Long.parseLong(currentCharacters.toString());
+            } catch (NumberFormatException e) {
+              warning("Illegal number format " + currentCharacters.toString()
+                              + " in \bin tag");
+              pendingKeyword = null;
+              currentCharacters = new StringBuffer();
+              state = S_text;
+              // Delimiters here are interpreted as text too
+              if (!Character.isWhitespace(ch))
+                write(ch);
+              break;
+            }
             pendingKeyword = null;
             state = S_inblob;
+            int maxBytes = 4 * 1024 * 1024;
             binaryBytesLeft = parameter;
-            if (binaryBytesLeft > Integer.MAX_VALUE)
-                binaryBuf = new ByteArrayOutputStream(Integer.MAX_VALUE);
-            else
-                binaryBuf = new ByteArrayOutputStream((int)binaryBytesLeft);
+
+            if (binaryBytesLeft > maxBytes) {
+              binaryBuf = new ByteArrayOutputStream(maxBytes);
+            } else if (binaryBytesLeft < 0) {
+              binaryBytesLeft = 0;
+              binaryBuf = new ByteArrayOutputStream((int)binaryBytesLeft);
+            } else {
+              binaryBuf = new ByteArrayOutputStream((int) binaryBytesLeft);
+            }
             savedSpecials = specialsTable;
             specialsTable = allSpecialsTable;
             break;
           }
 
-          int parameter = Integer.parseInt(currentCharacters.toString());
-          ok = handleKeyword(pendingKeyword, parameter);
-          if (!ok)
-            warning("Unknown keyword: " + pendingKeyword +
-                    " (param " + currentCharacters + ")");
+          int parameter = 0;
+          try {
+            parameter = Integer.parseInt(currentCharacters.toString());
+            ok = handleKeyword(pendingKeyword, parameter);
+            if (!ok) {
+                warning("Unknown keyword: " + pendingKeyword +
+                        " (param " + currentCharacters + ")");
+            }
+          } catch (NumberFormatException e) {
+            warning("Illegal number format " + currentCharacters.toString()
+                    + " in " + pendingKeyword + " tag");
+          }
           pendingKeyword = null;
           currentCharacters = new StringBuffer();
           state = S_text;
@@ -280,14 +307,15 @@ abstract class RTFParser extends AbstractFilter
         }
         break;
       case S_inblob:
-        binaryBuf.write(ch);
-        binaryBytesLeft --;
-        if (binaryBytesLeft == 0) {
-            state = S_text;
-            specialsTable = savedSpecials;
-            savedSpecials = null;
-            handleBinaryBlob(binaryBuf.toByteArray());
-            binaryBuf = null;
+        if (binaryBytesLeft > 0) {
+          binaryBuf.write(ch);
+          binaryBytesLeft--;
+        } else {
+          state = S_text;
+          specialsTable = savedSpecials;
+          savedSpecials = null;
+          handleBinaryBlob(binaryBuf.toByteArray());
+          binaryBuf = null;
         }
       }
   }