On Thu, 10 Apr 2025 21:26:21 GMT, Michael McMahon <micha...@openjdk.org> wrote:
>> Hi,
>>
>> Enhanced exception messages are designed to hide sensitive information such
>> as hostnames, IP
>> addresses from exception message strings, unless the enhanced mode for the
>> specific category
>> has been explicitly enabled. Enhanced exceptions were first introduced in
>> 8204233 in JDK 11 and
>> updated in 8207846.
>>
>> This PR aims to increase the coverage of enhanced exception messages in the
>> networking code.
>> A limited number of exceptions are already hidden (restricted) by default.
>> The new categories and
>> exceptions in this PR will be restricted on an opt-in basis, ie. the default
>> mode will be enhanced
>> (while preserving the existing behavior).
>>
>> The mechanism is controlled by the security/system property
>> "jdk.includeInExceptions" which takes as value
>> a comma separated list of category names, which identify groups of
>> exceptions where the exception
>> message may be enhanced. Any category not listed is "restricted" which means
>> that potentially
>> sensitive information (such as hostnames, IP addresses, user identities) are
>> excluded from the message text.
>>
>> The changes to the java.security conf file describe the exact changes in
>> terms of the categories now
>> supported and any changes in behavior.
>>
>> Thanks,
>> Michael
>
> Michael McMahon has updated the pull request incrementally with one
> additional commit since the last revision:
>
> update to minimise code changes
src/java.base/share/classes/java/net/NetworkInterface.java line 329:
> 327: } else {
> 328: throw new IllegalArgumentException(
> 329: formatMsg("invalid address type%s",
> filterNetInfo(addr.toString()).prefixWith(": ")));
OK - I see that `addr` cannot be null if we reach here.
src/java.base/share/classes/java/net/Proxy.java line 101:
> 99: throw new IllegalArgumentException(
> 100: formatMsg("type " + type + " is not compatible with
> address %s",
> 101: filterNetInfo(sa.toString())
You will get NullPointerException instead of IllegalArgumentException if `sa`
is `null`. I suggest using `String.valueOf(sa)` rather than `sa.toString()` to
preserve the pre-existing behaviour.
src/java.base/share/classes/java/net/Proxy.java line 102:
> 100: formatMsg("type " + type + " is not compatible with
> address %s",
> 101: filterNetInfo(sa.toString())
> 102: .replaceWith("type " +
> sa.getClass().toString())));
You will have to guard against sa == null here
src/java.base/share/classes/jdk/internal/util/Exceptions.java line 253:
> 251:
> 252: int i = 0;
> 253: boolean enhanced = true;
`enhanced` doesn't seem to be used here. Is this some leftover?
src/java.base/share/classes/sun/net/www/protocol/jar/Handler.java line 203:
> 201: throw new NullPointerException(
> 202: formatMsg("malformed context url%s : no !/",
> 203:
> filterJarName(url.toString()).prefixWith(": ")));
It's not clear whether `url` could be `null` here, so to sidestep the question
maybe use `String::valueOf` rather than `Object::toString`.
src/java.base/share/classes/sun/net/www/protocol/jar/Handler.java line 212:
> 210: throw new NullPointerException(
> 211: formatMsg("malformed context url%s",
> 212:
> filterJarName(url.toString()).prefixWith(": ")));
Same remark here
test/jdk/java/net/URI/Test.java line 29:
> 27: * 7171415 6339649 6933879 8037396 8272072 8051627 8297687
> 28: * @author Mark Reinhold
> 29: * @run main/othervm -Djdk.includeInExceptions=hostInfo Test
This change does not look like it's needed.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2042182598
PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2042187411
PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2042190019
PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2042199577
PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2042214144
PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2042215273
PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2042244694
