Newer
Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
From: Markus Koschany <apo@debian.org>
Date: Sun, 28 Mar 2021 14:56:13 +0200
Subject: CVE-2021-21290
Bug-Debian: https://bugs.debian.org/982580
Origin: https://github.com/netty/netty/commit/c735357bf29d07856ad171c6611a2e1a0e0000ec
---
.../java/io/netty/buffer/AbstractByteBufTest.java | 4 ++--
.../buffer/ReadOnlyDirectByteBufferBufTest.java | 2 +-
.../codec/http/multipart/AbstractDiskHttpData.java | 5 +++--
.../handler/codec/http/HttpChunkedInputTest.java | 3 ++-
.../io/netty/util/internal/NativeLibraryLoader.java | 2 +-
.../io/netty/util/internal/PlatformDependent.java | 20 ++++++++++++++++++++
.../handler/ssl/util/SelfSignedCertificate.java | 6 ++++--
.../handler/stream/ChunkedWriteHandlerTest.java | 3 ++-
.../transport/socket/SocketFileRegionTest.java | 2 +-
.../java/io/netty/channel/epoll/EpollSpliceTest.java | 3 ++-
.../io/netty/channel/unix/tests/UnixTestUtils.java | 3 ++-
11 files changed, 40 insertions(+), 13 deletions(-)
diff --git a/buffer/src/test/java/io/netty/buffer/AbstractByteBufTest.java b/buffer/src/test/java/io/netty/buffer/AbstractByteBufTest.java
index 59194ab..2679d1e 100644
--- a/buffer/src/test/java/io/netty/buffer/AbstractByteBufTest.java
+++ b/buffer/src/test/java/io/netty/buffer/AbstractByteBufTest.java
@@ -4487,7 +4487,7 @@ public abstract class AbstractByteBufTest {
@Test
public void testReadBytesAndWriteBytesWithFileChannel() throws IOException {
- File file = File.createTempFile("file-channel", ".tmp");
+ File file = PlatformDependent.createTempFile("file-channel", ".tmp", null);
RandomAccessFile randomAccessFile = null;
try {
randomAccessFile = new RandomAccessFile(file, "rw");
@@ -4530,7 +4530,7 @@ public abstract class AbstractByteBufTest {
@Test
public void testGetBytesAndSetBytesWithFileChannel() throws IOException {
- File file = File.createTempFile("file-channel", ".tmp");
+ File file = PlatformDependent.createTempFile("file-channel", ".tmp", null);
RandomAccessFile randomAccessFile = null;
try {
randomAccessFile = new RandomAccessFile(file, "rw");
diff --git a/buffer/src/test/java/io/netty/buffer/ReadOnlyDirectByteBufferBufTest.java b/buffer/src/test/java/io/netty/buffer/ReadOnlyDirectByteBufferBufTest.java
index d51ce11..6e40f08 100644
--- a/buffer/src/test/java/io/netty/buffer/ReadOnlyDirectByteBufferBufTest.java
+++ b/buffer/src/test/java/io/netty/buffer/ReadOnlyDirectByteBufferBufTest.java
@@ -286,7 +286,7 @@ public class ReadOnlyDirectByteBufferBufTest {
@Test
public void testWrapMemoryMapped() throws Exception {
- File file = File.createTempFile("netty-test", "tmp");
+ File file = PlatformDependent.createTempFile("netty-test", "tmp", null);
FileChannel output = null;
FileChannel input = null;
ByteBuf b1 = null;
diff --git a/codec-http/src/main/java/io/netty/handler/codec/http/multipart/AbstractDiskHttpData.java b/codec-http/src/main/java/io/netty/handler/codec/http/multipart/AbstractDiskHttpData.java
index 544bc7c..c28dbae 100644
--- a/codec-http/src/main/java/io/netty/handler/codec/http/multipart/AbstractDiskHttpData.java
+++ b/codec-http/src/main/java/io/netty/handler/codec/http/multipart/AbstractDiskHttpData.java
@@ -20,6 +20,7 @@ import io.netty.handler.codec.http.HttpConstants;
import io.netty.util.internal.EmptyArrays;
import io.netty.util.internal.logging.InternalLogger;
import io.netty.util.internal.logging.InternalLoggerFactory;
+import io.netty.util.internal.PlatformDependent;
import java.io.File;
import java.io.FileInputStream;
@@ -87,9 +88,9 @@ public abstract class AbstractDiskHttpData extends AbstractHttpData {
File tmpFile;
if (getBaseDirectory() == null) {
// create a temporary file
- tmpFile = File.createTempFile(getPrefix(), newpostfix);
+ tmpFile = PlatformDependent.createTempFile(getPrefix(), newpostfix, null);
} else {
- tmpFile = File.createTempFile(getPrefix(), newpostfix, new File(
+ tmpFile = PlatformDependent.createTempFile(getPrefix(), newpostfix, new File(
getBaseDirectory()));
}
if (deleteOnExit()) {
diff --git a/codec-http/src/test/java/io/netty/handler/codec/http/HttpChunkedInputTest.java b/codec-http/src/test/java/io/netty/handler/codec/http/HttpChunkedInputTest.java
index 002c8d0..8e75eb9 100644
--- a/codec-http/src/test/java/io/netty/handler/codec/http/HttpChunkedInputTest.java
+++ b/codec-http/src/test/java/io/netty/handler/codec/http/HttpChunkedInputTest.java
@@ -25,6 +25,7 @@ import io.netty.handler.stream.ChunkedNioFile;
import io.netty.handler.stream.ChunkedNioStream;
import io.netty.handler.stream.ChunkedStream;
import io.netty.handler.stream.ChunkedWriteHandler;
+import io.netty.util.internal.PlatformDependent;
import org.junit.Test;
import java.io.ByteArrayInputStream;
@@ -46,7 +47,7 @@ public class HttpChunkedInputTest {
FileOutputStream out = null;
try {
- TMP = File.createTempFile("netty-chunk-", ".tmp");
+ TMP = PlatformDependent.createTempFile("netty-chunk-", ".tmp", null);
TMP.deleteOnExit();
out = new FileOutputStream(TMP);
out.write(BYTES);
diff --git a/common/src/main/java/io/netty/util/internal/NativeLibraryLoader.java b/common/src/main/java/io/netty/util/internal/NativeLibraryLoader.java
index 31b4a46..a47a7f5 100644
--- a/common/src/main/java/io/netty/util/internal/NativeLibraryLoader.java
+++ b/common/src/main/java/io/netty/util/internal/NativeLibraryLoader.java
@@ -180,7 +180,7 @@ public final class NativeLibraryLoader {
String prefix = libname.substring(0, index);
String suffix = libname.substring(index, libname.length());
- tmpFile = File.createTempFile(prefix, suffix, WORKDIR);
+ tmpFile = PlatformDependent.createTempFile(prefix, suffix, WORKDIR);
in = url.openStream();
out = new FileOutputStream(tmpFile);
diff --git a/common/src/main/java/io/netty/util/internal/PlatformDependent.java b/common/src/main/java/io/netty/util/internal/PlatformDependent.java
index 1baeecb..fd2af44 100644
--- a/common/src/main/java/io/netty/util/internal/PlatformDependent.java
+++ b/common/src/main/java/io/netty/util/internal/PlatformDependent.java
@@ -33,6 +33,7 @@ import java.lang.reflect.Field;
import java.lang.reflect.Method;
import java.nio.ByteBuffer;
import java.nio.ByteOrder;
+import java.nio.file.Files;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.Deque;
@@ -56,6 +57,7 @@ import static io.netty.util.internal.PlatformDependent0.hashCodeAsciiSanitize;
import static io.netty.util.internal.PlatformDependent0.unalignedAccess;
import static java.lang.Math.max;
import static java.lang.Math.min;
+import java.io.IOException;
/**
* Utility that detects various properties specific to the current runtime
@@ -1228,6 +1230,24 @@ public final class PlatformDependent {
return true;
}
+ @SuppressJava6Requirement(reason = "Guarded by version check")
+ public static File createTempFile(String prefix, String suffix, File directory) throws IOException {
+ if (javaVersion() >= 7) {
+ if (directory == null) {
+ return Files.createTempFile(prefix, suffix).toFile();
+ }
+ return Files.createTempFile(directory.toPath(), prefix, suffix).toFile();
+ }
+ if (directory == null) {
+ return File.createTempFile(prefix, suffix);
+ }
+ File file = File.createTempFile(prefix, suffix, directory);
+ // Try to adjust the perms, if this fails there is not much else we can do...
+ file.setReadable(false, false);
+ file.setReadable(true, true);
+ return file;
+ }
+
/**
* Package private for testing purposes only!
*/
diff --git a/handler/src/main/java/io/netty/handler/ssl/util/SelfSignedCertificate.java b/handler/src/main/java/io/netty/handler/ssl/util/SelfSignedCertificate.java
index 9f010ce..34212bd 100644
--- a/handler/src/main/java/io/netty/handler/ssl/util/SelfSignedCertificate.java
+++ b/handler/src/main/java/io/netty/handler/ssl/util/SelfSignedCertificate.java
@@ -20,6 +20,7 @@ import io.netty.buffer.ByteBuf;
import io.netty.buffer.Unpooled;
import io.netty.handler.codec.base64.Base64;
import io.netty.util.CharsetUtil;
+import io.netty.util.internal.PlatformDependent;
import io.netty.util.internal.SystemPropertyUtil;
import io.netty.util.internal.logging.InternalLogger;
import io.netty.util.internal.logging.InternalLoggerFactory;
@@ -29,6 +30,7 @@ import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.OutputStream;
+import java.nio.file.Files;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
@@ -238,7 +240,7 @@ public final class SelfSignedCertificate {
wrappedBuf.release();
}
- File keyFile = File.createTempFile("keyutil_" + fqdn + '_', ".key");
+ File keyFile = PlatformDependent.createTempFile("keyutil_" + fqdn + '_', ".key", null);
keyFile.deleteOnExit();
OutputStream keyOut = new FileOutputStream(keyFile);
@@ -269,7 +271,7 @@ public final class SelfSignedCertificate {
wrappedBuf.release();
}
- File certFile = File.createTempFile("keyutil_" + fqdn + '_', ".crt");
+ File certFile = PlatformDependent.createTempFile("keyutil_" + fqdn + '_', ".crt", null);
certFile.deleteOnExit();
OutputStream certOut = new FileOutputStream(certFile);
diff --git a/handler/src/test/java/io/netty/handler/stream/ChunkedWriteHandlerTest.java b/handler/src/test/java/io/netty/handler/stream/ChunkedWriteHandlerTest.java
index 5b03048..6caf0af 100644
--- a/handler/src/test/java/io/netty/handler/stream/ChunkedWriteHandlerTest.java
+++ b/handler/src/test/java/io/netty/handler/stream/ChunkedWriteHandlerTest.java
@@ -26,6 +26,7 @@ import io.netty.channel.ChannelOutboundHandlerAdapter;
import io.netty.channel.embedded.EmbeddedChannel;
import io.netty.util.CharsetUtil;
import io.netty.util.ReferenceCountUtil;
+import io.netty.util.internal.PlatformDependent;
import org.junit.Test;
import java.io.ByteArrayInputStream;
@@ -49,7 +50,7 @@ public class ChunkedWriteHandlerTest {
FileOutputStream out = null;
try {
- TMP = File.createTempFile("netty-chunk-", ".tmp");
+ TMP = PlatformDependent.createTempFile("netty-chunk-", ".tmp", null);
TMP.deleteOnExit();
out = new FileOutputStream(TMP);
out.write(BYTES);
diff --git a/testsuite/src/main/java/io/netty/testsuite/transport/socket/SocketFileRegionTest.java b/testsuite/src/main/java/io/netty/testsuite/transport/socket/SocketFileRegionTest.java
index 53deb6c..d4f43f7 100644
--- a/testsuite/src/main/java/io/netty/testsuite/transport/socket/SocketFileRegionTest.java
+++ b/testsuite/src/main/java/io/netty/testsuite/transport/socket/SocketFileRegionTest.java
@@ -100,7 +100,7 @@ public class SocketFileRegionTest extends AbstractSocketTest {
cb.option(ChannelOption.AUTO_READ, autoRead);
final int bufferSize = 1024;
- final File file = File.createTempFile("netty-", ".tmp");
+ final File file = PlatformDependent.createTempFile("netty-", ".tmp", null);
file.deleteOnExit();
final FileOutputStream out = new FileOutputStream(file);
diff --git a/transport-native-epoll/src/test/java/io/netty/channel/epoll/EpollSpliceTest.java b/transport-native-epoll/src/test/java/io/netty/channel/epoll/EpollSpliceTest.java
index c53ff1e..eae1711 100644
--- a/transport-native-epoll/src/test/java/io/netty/channel/epoll/EpollSpliceTest.java
+++ b/transport-native-epoll/src/test/java/io/netty/channel/epoll/EpollSpliceTest.java
@@ -29,6 +29,7 @@ import io.netty.channel.SimpleChannelInboundHandler;
import io.netty.channel.unix.FileDescriptor;
import io.netty.testsuite.util.TestUtils;
import io.netty.util.NetUtil;
+import io.netty.util.internal.PlatformDependent;
import org.junit.Assert;
import org.junit.Test;
@@ -193,7 +194,7 @@ public class EpollSpliceTest {
@Test
public void spliceToFile() throws Throwable {
EventLoopGroup group = new EpollEventLoopGroup(1);
- File file = File.createTempFile("netty-splice", null);
+ File file = PlatformDependent.createTempFile("netty-splice", null, null);
file.deleteOnExit();
SpliceHandler sh = new SpliceHandler(file);
diff --git a/transport-native-unix-common-tests/src/main/java/io/netty/channel/unix/tests/UnixTestUtils.java b/transport-native-unix-common-tests/src/main/java/io/netty/channel/unix/tests/UnixTestUtils.java
index e4ebcb4..6124ec1 100644
--- a/transport-native-unix-common-tests/src/main/java/io/netty/channel/unix/tests/UnixTestUtils.java
+++ b/transport-native-unix-common-tests/src/main/java/io/netty/channel/unix/tests/UnixTestUtils.java
@@ -17,6 +17,7 @@ package io.netty.channel.unix.tests;
import io.netty.channel.unix.DomainSocketAddress;
import io.netty.channel.unix.Socket;
+import io.netty.util.internal.PlatformDependent;
import java.io.File;
import java.io.IOException;
@@ -26,7 +27,7 @@ public final class UnixTestUtils {
try {
File file;
do {
- file = File.createTempFile("NETTY", "UDS");
+ file = PlatformDependent.createTempFile("NETTY", "UDS", null);
if (!file.delete()) {
throw new IOException("failed to delete: " + file);
}