Mercurial > hg > release > icedtea7-forest-2.1 > jdk
changeset 4968:2d3faf217561
8011139: (reflect) Revise checking in getEnclosingClass
Reviewed-by: darcy, mchung, ahgross
author | jfranck |
---|---|
date | Thu, 18 Apr 2013 13:18:28 +0200 |
parents | 871acb7cd95c |
children | 5e190bcba6be |
files | src/share/classes/java/lang/Class.java |
diffstat | 1 files changed, 17 insertions(+), 7 deletions(-) [+] |
line wrap: on
line diff
--- a/src/share/classes/java/lang/Class.java Fri Apr 19 16:50:10 2013 -0700 +++ b/src/share/classes/java/lang/Class.java Thu Apr 18 13:18:28 2013 +0200 @@ -1134,13 +1134,9 @@ enclosingCandidate = enclosingClass; } - // be very careful not to change the stack depth of this - // checkMemberAccess call for security reasons - // see java.lang.SecurityManager.checkMemberAccess - if (enclosingCandidate != null) { - enclosingCandidate.checkMemberAccess(Member.DECLARED, - Reflection.getCallerClass(), true); - } + if (enclosingCandidate != null) + enclosingCandidate.checkPackageAccess( + ClassLoader.getClassLoader(Reflection.getCallerClass()), true); return enclosingCandidate; } @@ -2214,6 +2210,8 @@ * Check if client is allowed to access members. If access is denied, * throw a SecurityException. * + * This method also enforces package access. + * * <p> Default policy: allow all clients access with normal Java access * control. */ @@ -2234,7 +2232,19 @@ // checkMemberAccess of subclasses of SecurityManager as specified. s.checkMemberAccess(this, which); } + this.checkPackageAccess(ccl, checkProxyInterfaces); + } + } + /* + * Checks if a client loaded in ClassLoader ccl is allowed to access this + * class under the current package access policy. If access is denied, + * throw a SecurityException. + */ + private void checkPackageAccess(final ClassLoader ccl, boolean checkProxyInterfaces) { + final SecurityManager s = System.getSecurityManager(); + if (s != null) { + final ClassLoader cl = getClassLoader0(); if (ReflectUtil.needsPackageAccessCheck(ccl, cl)) { String name = this.getName(); int i = name.lastIndexOf('.');