Hi all, Does anyone mind if I commit the following patch to add security checks to all Graphics2D peers? The reason I ask is that the checks might be overly restrictive, but at the moment the stuff after the checks isn't implemented anywhere. I just wanted to get them in so they don't get lost.
Cheers, Gary
Index: ChangeLog =================================================================== RCS file: /cvsroot/classpath/classpath/ChangeLog,v retrieving revision 1.7878 diff -u -r1.7878 ChangeLog --- ChangeLog 19 Jun 2006 12:43:48 -0000 1.7878 +++ ChangeLog 19 Jun 2006 16:00:44 -0000 @@ -1,3 +1,9 @@ +2006-06-19 Gary Benson <[EMAIL PROTECTED]> + + * gnu/java/awt/peer/gtk/CairoGraphics2D.java: Add security check. + * gnu/java/awt/peer/qt/QtGraphics.java: Likewise. + * gnu/java/awt/java2d/AbstractGraphics2D.java: Likewise. + 2006-06-19 Raif S. Naffah <[EMAIL PROTECTED]> * gnu/java/security/jce/hash/HavalSpi.java: Source formatting. Index: gnu/java/awt/peer/gtk/CairoGraphics2D.java =================================================================== RCS file: /cvsroot/classpath/classpath/gnu/java/awt/peer/gtk/CairoGraphics2D.java,v retrieving revision 1.25 diff -u -r1.25 CairoGraphics2D.java --- gnu/java/awt/peer/gtk/CairoGraphics2D.java 16 Jun 2006 10:27:29 -0000 1.25 +++ gnu/java/awt/peer/gtk/CairoGraphics2D.java 19 Jun 2006 16:00:44 -0000 @@ -41,6 +41,7 @@ import gnu.java.awt.ClasspathToolkit; import java.awt.AlphaComposite; +import java.awt.AWTPermission; import java.awt.BasicStroke; import java.awt.Color; import java.awt.Composite; @@ -886,6 +887,12 @@ } else { + // FIXME: this check is only required "if this Graphics2D + // context is drawing to a Component on the display screen". + SecurityManager sm = System.getSecurityManager(); + if (sm != null) + sm.checkPermission(new AWTPermission("readDisplayPixels")); + // FIXME: implement general Composite support throw new java.lang.UnsupportedOperationException(); } Index: gnu/java/awt/peer/qt/QtGraphics.java =================================================================== RCS file: /cvsroot/classpath/classpath/gnu/java/awt/peer/qt/QtGraphics.java,v retrieving revision 1.3 diff -u -r1.3 QtGraphics.java --- gnu/java/awt/peer/qt/QtGraphics.java 23 Aug 2005 02:13:48 -0000 1.3 +++ gnu/java/awt/peer/qt/QtGraphics.java 19 Jun 2006 16:00:44 -0000 @@ -38,6 +38,7 @@ package gnu.java.awt.peer.qt; import java.awt.AlphaComposite; +import java.awt.AWTPermission; import java.awt.BasicStroke; import java.awt.Color; import java.awt.Composite; @@ -605,8 +606,16 @@ composite = comp; } else - throw new UnsupportedOperationException("We don't support custom"+ - " composites yet."); + { + // FIXME: this check is only required "if this Graphics2D + // context is drawing to a Component on the display screen". + SecurityManager sm = System.getSecurityManager(); + if (sm != null) + sm.checkPermission(new AWTPermission("readDisplayPixels")); + + throw new UnsupportedOperationException("We don't support custom"+ + " composites yet."); + } } public Composite getComposite() Index: gnu/java/awt/java2d/AbstractGraphics2D.java =================================================================== RCS file: /cvsroot/classpath/classpath/gnu/java/awt/java2d/AbstractGraphics2D.java,v retrieving revision 1.9 diff -u -r1.9 AbstractGraphics2D.java --- gnu/java/awt/java2d/AbstractGraphics2D.java 9 Jun 2006 20:49:51 -0000 1.9 +++ gnu/java/awt/java2d/AbstractGraphics2D.java 19 Jun 2006 16:00:45 -0000 @@ -39,6 +39,7 @@ import java.awt.AWTError; import java.awt.AlphaComposite; +import java.awt.AWTPermission; import java.awt.BasicStroke; import java.awt.Color; import java.awt.Composite; @@ -539,6 +540,15 @@ */ public void setComposite(Composite comp) { + if (! (comp instanceof AlphaComposite)) + { + // FIXME: this check is only required "if this Graphics2D + // context is drawing to a Component on the display screen". + SecurityManager sm = System.getSecurityManager(); + if (sm != null) + sm.checkPermission(new AWTPermission("readDisplayPixels")); + } + composite = comp; if (! (comp.equals(AlphaComposite.SrcOver))) isOptimized = false;