Mercurial > hg > release > icedtea7-forest-2.2 > jdk
changeset 5371:3202c8ef7d0c
8010118: Annotate jdk caller sensitive methods with @sun.reflect.CallerSensitive
Reviewed-by: alanb, twisti, jrose, kvn
line wrap: on
line diff
--- a/make/java/java/FILES_c.gmk Fri Jun 14 10:05:04 2013 +0100 +++ b/make/java/java/FILES_c.gmk Tue Jun 18 06:01:18 2013 -0500 @@ -48,7 +48,6 @@ Proxy.c \ RandomAccessFile.c \ RandomAccessFile_md.c \ - ResourceBundle.c \ Runtime.c \ SecurityManager.c \ Shutdown.c \ @@ -69,7 +68,6 @@ jdk_util_md.c \ check_version.c \ java_props_md.c \ - DriverManager.c \ ConstantPool.c \ MessageUtils.c \ GC.c \
--- a/make/java/java/mapfile-vers Fri Jun 14 10:05:04 2013 +0100 +++ b/make/java/java/mapfile-vers Tue Jun 18 06:01:18 2013 -0500 @@ -135,7 +135,6 @@ Java_java_lang_ClassLoader_00024NativeLibrary_find; Java_java_lang_ClassLoader_00024NativeLibrary_load; Java_java_lang_ClassLoader_00024NativeLibrary_unload; - Java_java_lang_ClassLoader_getCaller; Java_java_lang_ClassLoader_registerNatives; Java_java_lang_Compiler_registerNatives; Java_java_lang_Double_longBitsToDouble; @@ -233,8 +232,6 @@ Java_java_security_AccessController_doPrivileged__Ljava_security_PrivilegedExceptionAction_2Ljava_security_AccessControlContext_2; Java_java_security_AccessController_getStackAccessControlContext; Java_java_security_AccessController_getInheritedAccessControlContext; - Java_java_sql_DriverManager_getCallerClassLoader; - Java_java_util_ResourceBundle_getClassContext; Java_java_util_TimeZone_getSystemTimeZoneID; Java_java_util_TimeZone_getSystemGMTOffsetID; Java_java_util_concurrent_atomic_AtomicLong_VMSupportsCS8;
--- a/make/java/java/reorder-i586 Fri Jun 14 10:05:04 2013 +0100 +++ b/make/java/java/reorder-i586 Tue Jun 18 06:01:18 2013 -0500 @@ -73,7 +73,6 @@ # Test Sleep # Test IntToString # Test LoadToolkit -text: .text%Java_java_util_ResourceBundle_getClassContext; text: .text%Java_java_security_AccessController_doPrivileged__Ljava_security_PrivilegedAction_2Ljava_security_AccessControlContext_2; text: .text%JNU_GetEnv; text: .text%Java_java_io_UnixFileSystem_checkAccess;
--- a/make/java/java/reorder-sparc Fri Jun 14 10:05:04 2013 +0100 +++ b/make/java/java/reorder-sparc Tue Jun 18 06:01:18 2013 -0500 @@ -78,7 +78,6 @@ # Test Sleep # Test IntToString # Test LoadToolkit -text: .text%Java_java_util_ResourceBundle_getClassContext; text: .text%Java_java_security_AccessController_doPrivileged__Ljava_security_PrivilegedAction_2Ljava_security_AccessControlContext_2; text: .text%JNU_GetEnv; text: .text%Java_java_io_UnixFileSystem_checkAccess;
--- a/make/java/java/reorder-sparcv9 Fri Jun 14 10:05:04 2013 +0100 +++ b/make/java/java/reorder-sparcv9 Tue Jun 18 06:01:18 2013 -0500 @@ -74,7 +74,6 @@ # Test Sleep # Test IntToString # Test LoadToolkit -text: .text%Java_java_util_ResourceBundle_getClassContext; text: .text%Java_java_security_AccessController_doPrivileged__Ljava_security_PrivilegedAction_2Ljava_security_AccessControlContext_2; text: .text%JNU_GetEnv; text: .text%Java_java_io_UnixFileSystem_checkAccess;
--- a/src/share/classes/java/io/ObjectStreamClass.java Fri Jun 14 10:05:04 2013 +0100 +++ b/src/share/classes/java/io/ObjectStreamClass.java Tue Jun 18 06:01:18 2013 -0500 @@ -49,6 +49,8 @@ import java.util.concurrent.ConcurrentHashMap; import java.util.concurrent.ConcurrentMap; import sun.misc.Unsafe; +import sun.reflect.CallerSensitive; +import sun.reflect.Reflection; import sun.reflect.ReflectionFactory; import sun.reflect.misc.ReflectUtil; @@ -259,12 +261,13 @@ * * @return the <code>Class</code> instance that this descriptor represents */ + @CallerSensitive public Class<?> forClass() { if (cl == null) { return null; } - ClassLoader ccl = ObjectStreamField.getCallerClassLoader(); - if (ReflectUtil.needsPackageAccessCheck(ccl, cl.getClassLoader())) { + Class<?> caller = Reflection.getCallerClass(); + if (ReflectUtil.needsPackageAccessCheck(caller.getClassLoader(), cl.getClassLoader())) { ReflectUtil.checkPackageAccess(cl); } return cl;
--- a/src/share/classes/java/io/ObjectStreamField.java Fri Jun 14 10:05:04 2013 +0100 +++ b/src/share/classes/java/io/ObjectStreamField.java Tue Jun 18 06:01:18 2013 -0500 @@ -26,6 +26,7 @@ package java.io; import java.lang.reflect.Field; +import sun.reflect.CallerSensitive; import sun.reflect.Reflection; import sun.reflect.misc.ReflectUtil; @@ -159,32 +160,15 @@ * @return a <code>Class</code> object representing the type of the * serializable field */ + @CallerSensitive public Class<?> getType() { - ClassLoader ccl = getCallerClassLoader(); - if (ReflectUtil.needsPackageAccessCheck(ccl, type.getClassLoader())) { + Class<?> caller = Reflection.getCallerClass(); + if (ReflectUtil.needsPackageAccessCheck(caller.getClassLoader(), type.getClassLoader())) { ReflectUtil.checkPackageAccess(type); } return type; } - // Returns the invoker's class loader. - // This is package private because it is accessed from ObjectStreamClass. - // NOTE: This must always be invoked when there is exactly one intervening - // frame from the core libraries on the stack between this method's - // invocation and the desired invoker. The frame count of 3 is determined - // as follows: - // - // 0: Reflection.getCallerClass - // 1: getCallerClassLoader() - // 2: ObjectStreamField.getType() or ObjectStreamClass.forClass() - // 3: the caller we want to check - // - // NOTE: copied from java.lang.ClassLoader and modified. - static ClassLoader getCallerClassLoader() { - Class caller = Reflection.getCallerClass(3); - return caller.getClassLoader(); - } - /** * Returns character encoding of field type. The encoding is as follows: * <blockquote><pre>
--- a/src/share/classes/java/lang/Class.java Fri Jun 14 10:05:04 2013 +0100 +++ b/src/share/classes/java/lang/Class.java Tue Jun 18 06:01:18 2013 -0500 @@ -53,6 +53,7 @@ import java.util.Map; import java.util.HashMap; import sun.misc.Unsafe; +import sun.reflect.CallerSensitive; import sun.reflect.ConstantPool; import sun.reflect.Reflection; import sun.reflect.ReflectionFactory; @@ -183,9 +184,11 @@ * by this method fails * @exception ClassNotFoundException if the class cannot be located */ + @CallerSensitive public static Class<?> forName(String className) throws ClassNotFoundException { - return forName0(className, true, ClassLoader.getCallerClassLoader()); + return forName0(className, true, + ClassLoader.getClassLoader(Reflection.getCallerClass())); } @@ -249,6 +252,7 @@ * @see java.lang.ClassLoader * @since 1.2 */ + @CallerSensitive public static Class<?> forName(String name, boolean initialize, ClassLoader loader) throws ClassNotFoundException @@ -256,7 +260,7 @@ if (loader == null) { SecurityManager sm = System.getSecurityManager(); if (sm != null) { - ClassLoader ccl = ClassLoader.getCallerClassLoader(); + ClassLoader ccl = ClassLoader.getClassLoader(Reflection.getCallerClass()); if (ccl != null) { sm.checkPermission( SecurityConstants.GET_CLASSLOADER_PERMISSION); @@ -318,18 +322,14 @@ * </ul> * */ + @CallerSensitive public T newInstance() throws InstantiationException, IllegalAccessException { if (System.getSecurityManager() != null) { - checkMemberAccess(Member.PUBLIC, ClassLoader.getCallerClassLoader(), false); + checkMemberAccess(Member.PUBLIC, Reflection.getCallerClass(), false); } - return newInstance0(); - } - private T newInstance0() - throws InstantiationException, IllegalAccessException - { // NOTE: the following code may not be strictly correct under // the current Java memory model. @@ -363,7 +363,7 @@ // Security check (same as in java.lang.reflect.Constructor) int modifiers = tmpConstructor.getModifiers(); if (!Reflection.quickCheckMemberAccess(this, modifiers)) { - Class<?> caller = Reflection.getCallerClass(3); + Class<?> caller = Reflection.getCallerClass(); if (newInstanceCallerCache != caller) { Reflection.ensureMemberAccess(caller, this, null, modifiers); newInstanceCallerCache = caller; @@ -604,16 +604,14 @@ * @see SecurityManager#checkPermission * @see java.lang.RuntimePermission */ + @CallerSensitive public ClassLoader getClassLoader() { ClassLoader cl = getClassLoader0(); if (cl == null) return null; SecurityManager sm = System.getSecurityManager(); if (sm != null) { - ClassLoader ccl = ClassLoader.getCallerClassLoader(); - if (ccl != null && ccl != cl && !cl.isAncestor(ccl)) { - sm.checkPermission(SecurityConstants.GET_CLASSLOADER_PERMISSION); - } + ClassLoader.checkClassLoaderPermission(cl, Reflection.getCallerClass()); } return cl; } @@ -894,6 +892,7 @@ * that class is a local or anonymous class; otherwise {@code null}. * @since 1.5 */ + @CallerSensitive public Method getEnclosingMethod() { EnclosingMethodInfo enclosingInfo = getEnclosingMethodInfo(); @@ -923,7 +922,7 @@ // // Note that we need to do this on the enclosing class enclosingCandidate.checkMemberAccess(Member.DECLARED, - ClassLoader.getCallerClassLoader(), true); + Reflection.getCallerClass(), true); /* * Loop over all declared methods; match method name, * number of and type of parameters, *and* return @@ -1031,6 +1030,7 @@ * that class is a local or anonymous class; otherwise {@code null}. * @since 1.5 */ + @CallerSensitive public Constructor<?> getEnclosingConstructor() { EnclosingMethodInfo enclosingInfo = getEnclosingMethodInfo(); @@ -1059,7 +1059,7 @@ // // Note that we need to do this on the enclosing class enclosingCandidate.checkMemberAccess(Member.DECLARED, - ClassLoader.getCallerClassLoader(), true); + Reflection.getCallerClass(), true); /* * Loop over all declared constructors; match number * of and type of parameters. @@ -1106,6 +1106,7 @@ * @return the immediately enclosing class of the underlying class * @since 1.5 */ + @CallerSensitive public Class<?> getEnclosingClass() { // There are five kinds of classes (or interfaces): // a) Top level classes @@ -1138,7 +1139,7 @@ // see java.lang.SecurityManager.checkMemberAccess if (enclosingCandidate != null) { enclosingCandidate.checkMemberAccess(Member.DECLARED, - ClassLoader.getCallerClassLoader(), true); + Reflection.getCallerClass(), true); } return enclosingCandidate; } @@ -1323,11 +1324,12 @@ * * @since JDK1.1 */ + @CallerSensitive public Class<?>[] getClasses() { // be very careful not to change the stack depth of this // checkMemberAccess call for security reasons // see java.lang.SecurityManager.checkMemberAccess - checkMemberAccess(Member.PUBLIC, ClassLoader.getCallerClassLoader(), false); + checkMemberAccess(Member.PUBLIC, Reflection.getCallerClass(), false); // Privileged so this implementation can look at DECLARED classes, // something the caller might not have privilege to do. The code here @@ -1398,11 +1400,12 @@ * * @since JDK1.1 */ + @CallerSensitive public Field[] getFields() throws SecurityException { // be very careful not to change the stack depth of this // checkMemberAccess call for security reasons // see java.lang.SecurityManager.checkMemberAccess - checkMemberAccess(Member.PUBLIC, ClassLoader.getCallerClassLoader(), true); + checkMemberAccess(Member.PUBLIC, Reflection.getCallerClass(), true); return copyFields(privateGetPublicFields(null)); } @@ -1449,11 +1452,12 @@ * * @since JDK1.1 */ + @CallerSensitive public Method[] getMethods() throws SecurityException { // be very careful not to change the stack depth of this // checkMemberAccess call for security reasons // see java.lang.SecurityManager.checkMemberAccess - checkMemberAccess(Member.PUBLIC, ClassLoader.getCallerClassLoader(), true); + checkMemberAccess(Member.PUBLIC, Reflection.getCallerClass(), true); return copyMethods(privateGetPublicMethods()); } @@ -1498,11 +1502,12 @@ * * @since JDK1.1 */ + @CallerSensitive public Constructor<?>[] getConstructors() throws SecurityException { // be very careful not to change the stack depth of this // checkMemberAccess call for security reasons // see java.lang.SecurityManager.checkMemberAccess - checkMemberAccess(Member.PUBLIC, ClassLoader.getCallerClassLoader(), true); + checkMemberAccess(Member.PUBLIC, Reflection.getCallerClass(), true); return copyConstructors(privateGetDeclaredConstructors(true)); } @@ -1556,12 +1561,13 @@ * * @since JDK1.1 */ + @CallerSensitive public Field getField(String name) throws NoSuchFieldException, SecurityException { // be very careful not to change the stack depth of this // checkMemberAccess call for security reasons // see java.lang.SecurityManager.checkMemberAccess - checkMemberAccess(Member.PUBLIC, ClassLoader.getCallerClassLoader(), true); + checkMemberAccess(Member.PUBLIC, Reflection.getCallerClass(), true); Field field = getField0(name); if (field == null) { throw new NoSuchFieldException(name); @@ -1641,12 +1647,13 @@ * * @since JDK1.1 */ + @CallerSensitive public Method getMethod(String name, Class<?>... parameterTypes) throws NoSuchMethodException, SecurityException { // be very careful not to change the stack depth of this // checkMemberAccess call for security reasons // see java.lang.SecurityManager.checkMemberAccess - checkMemberAccess(Member.PUBLIC, ClassLoader.getCallerClassLoader(), true); + checkMemberAccess(Member.PUBLIC, Reflection.getCallerClass(), true); Method method = getMethod0(name, parameterTypes); if (method == null) { throw new NoSuchMethodException(getName() + "." + name + argumentTypesToString(parameterTypes)); @@ -1695,12 +1702,13 @@ * * @since JDK1.1 */ + @CallerSensitive public Constructor<T> getConstructor(Class<?>... parameterTypes) throws NoSuchMethodException, SecurityException { // be very careful not to change the stack depth of this // checkMemberAccess call for security reasons // see java.lang.SecurityManager.checkMemberAccess - checkMemberAccess(Member.PUBLIC, ClassLoader.getCallerClassLoader(), true); + checkMemberAccess(Member.PUBLIC, Reflection.getCallerClass(), true); return getConstructor0(parameterTypes, Member.PUBLIC); } @@ -1738,11 +1746,12 @@ * * @since JDK1.1 */ + @CallerSensitive public Class<?>[] getDeclaredClasses() throws SecurityException { // be very careful not to change the stack depth of this // checkMemberAccess call for security reasons // see java.lang.SecurityManager.checkMemberAccess - checkMemberAccess(Member.DECLARED, ClassLoader.getCallerClassLoader(), false); + checkMemberAccess(Member.DECLARED, Reflection.getCallerClass(), false); return getDeclaredClasses0(); } @@ -1782,11 +1791,12 @@ * * @since JDK1.1 */ + @CallerSensitive public Field[] getDeclaredFields() throws SecurityException { // be very careful not to change the stack depth of this // checkMemberAccess call for security reasons // see java.lang.SecurityManager.checkMemberAccess - checkMemberAccess(Member.DECLARED, ClassLoader.getCallerClassLoader(), true); + checkMemberAccess(Member.DECLARED, Reflection.getCallerClass(), true); return copyFields(privateGetDeclaredFields(false)); } @@ -1830,11 +1840,12 @@ * * @since JDK1.1 */ + @CallerSensitive public Method[] getDeclaredMethods() throws SecurityException { // be very careful not to change the stack depth of this // checkMemberAccess call for security reasons // see java.lang.SecurityManager.checkMemberAccess - checkMemberAccess(Member.DECLARED, ClassLoader.getCallerClassLoader(), true); + checkMemberAccess(Member.DECLARED, Reflection.getCallerClass(), true); return copyMethods(privateGetDeclaredMethods(false)); } @@ -1875,11 +1886,12 @@ * * @since JDK1.1 */ + @CallerSensitive public Constructor<?>[] getDeclaredConstructors() throws SecurityException { // be very careful not to change the stack depth of this // checkMemberAccess call for security reasons // see java.lang.SecurityManager.checkMemberAccess - checkMemberAccess(Member.DECLARED, ClassLoader.getCallerClassLoader(), true); + checkMemberAccess(Member.DECLARED, Reflection.getCallerClass(), true); return copyConstructors(privateGetDeclaredConstructors(false)); } @@ -1918,12 +1930,13 @@ * * @since JDK1.1 */ + @CallerSensitive public Field getDeclaredField(String name) throws NoSuchFieldException, SecurityException { // be very careful not to change the stack depth of this // checkMemberAccess call for security reasons // see java.lang.SecurityManager.checkMemberAccess - checkMemberAccess(Member.DECLARED, ClassLoader.getCallerClassLoader(), true); + checkMemberAccess(Member.DECLARED, Reflection.getCallerClass(), true); Field field = searchFields(privateGetDeclaredFields(false), name); if (field == null) { throw new NoSuchFieldException(name); @@ -1973,12 +1986,13 @@ * * @since JDK1.1 */ + @CallerSensitive public Method getDeclaredMethod(String name, Class<?>... parameterTypes) throws NoSuchMethodException, SecurityException { // be very careful not to change the stack depth of this // checkMemberAccess call for security reasons // see java.lang.SecurityManager.checkMemberAccess - checkMemberAccess(Member.DECLARED, ClassLoader.getCallerClassLoader(), true); + checkMemberAccess(Member.DECLARED, Reflection.getCallerClass(), true); Method method = searchMethods(privateGetDeclaredMethods(false), name, parameterTypes); if (method == null) { throw new NoSuchMethodException(getName() + "." + name + argumentTypesToString(parameterTypes)); @@ -2023,12 +2037,13 @@ * * @since JDK1.1 */ + @CallerSensitive public Constructor<T> getDeclaredConstructor(Class<?>... parameterTypes) throws NoSuchMethodException, SecurityException { // be very careful not to change the stack depth of this // checkMemberAccess call for security reasons // see java.lang.SecurityManager.checkMemberAccess - checkMemberAccess(Member.DECLARED, ClassLoader.getCallerClassLoader(), true); + checkMemberAccess(Member.DECLARED, Reflection.getCallerClass(), true); return getConstructor0(parameterTypes, Member.DECLARED); } @@ -2186,23 +2201,40 @@ */ static native Class getPrimitiveClass(String name); + private static boolean isCheckMemberAccessOverridden(SecurityManager smgr) { + if (smgr.getClass() == SecurityManager.class) return false; + + Class<?>[] paramTypes = new Class<?>[] {Class.class, int.class}; + return smgr.getClass().getMethod0("checkMemberAccess", paramTypes). + getDeclaringClass() != SecurityManager.class; + } + /* * Check if client is allowed to access members. If access is denied, * throw a SecurityException. * - * Be very careful not to change the stack depth of this checkMemberAccess - * call for security reasons. - * See java.lang.SecurityManager.checkMemberAccess. - * * <p> Default policy: allow all clients access with normal Java access * control. */ - private void checkMemberAccess(int which, ClassLoader ccl, boolean checkProxyInterfaces) { - SecurityManager s = System.getSecurityManager(); + private void checkMemberAccess(int which, Class<?> caller, boolean checkProxyInterfaces) { + final SecurityManager s = System.getSecurityManager(); if (s != null) { - s.checkMemberAccess(this, which); - ClassLoader cl = getClassLoader0(); + final ClassLoader ccl = ClassLoader.getClassLoader(caller); + final ClassLoader cl = getClassLoader0(); + if (!isCheckMemberAccessOverridden(s)) { + // Inlined SecurityManager.checkMemberAccess + if (which != Member.PUBLIC) { + if (ccl != cl) { + s.checkPermission(SecurityConstants.CHECK_MEMBER_ACCESS_PERMISSION); + } + } + } else { + // Don't refactor; otherwise break the stack depth for + // checkMemberAccess of subclasses of SecurityManager as specified. + s.checkMemberAccess(this, which); + } + if (ReflectUtil.needsPackageAccessCheck(ccl, cl)) { String name = this.getName(); int i = name.lastIndexOf('.');
--- a/src/share/classes/java/lang/ClassLoader.java Fri Jun 14 10:05:04 2013 +0100 +++ b/src/share/classes/java/lang/ClassLoader.java Tue Jun 18 06:01:18 2013 -0500 @@ -56,6 +56,7 @@ import sun.misc.Resource; import sun.misc.URLClassPath; import sun.misc.VM; +import sun.reflect.CallerSensitive; import sun.reflect.Reflection; import sun.security.util.SecurityConstants; @@ -1215,11 +1216,6 @@ return java.util.Collections.emptyEnumeration(); } - // index 0: java.lang.ClassLoader.class - // index 1: the immediate caller of index 0. - // index 2: the immediate caller of index 1. - private static native Class<? extends ClassLoader> getCaller(int index); - /** * Registers the caller as parallel capable.</p> * The registration succeeds if and only if all of the following @@ -1235,8 +1231,11 @@ * * @since 1.7 */ + @CallerSensitive protected static boolean registerAsParallelCapable() { - return ParallelLoaders.register(getCaller(1)); + Class<? extends ClassLoader> callerClass = + Reflection.getCallerClass().asSubclass(ClassLoader.class); + return ParallelLoaders.register(callerClass); } /** @@ -1396,15 +1395,13 @@ * * @since 1.2 */ + @CallerSensitive public final ClassLoader getParent() { if (parent == null) return null; SecurityManager sm = System.getSecurityManager(); if (sm != null) { - ClassLoader ccl = getCallerClassLoader(); - if (ccl != null && !isAncestor(ccl)) { - sm.checkPermission(SecurityConstants.GET_CLASSLOADER_PERMISSION); - } + checkClassLoaderPermission(parent, Reflection.getCallerClass()); } return parent; } @@ -1464,6 +1461,7 @@ * * @revised 1.4 */ + @CallerSensitive public static ClassLoader getSystemClassLoader() { initSystemClassLoader(); if (scl == null) { @@ -1471,10 +1469,7 @@ } SecurityManager sm = System.getSecurityManager(); if (sm != null) { - ClassLoader ccl = getCallerClassLoader(); - if (ccl != null && ccl != scl && !scl.isAncestor(ccl)) { - sm.checkPermission(SecurityConstants.GET_CLASSLOADER_PERMISSION); - } + checkClassLoaderPermission(scl, Reflection.getCallerClass()); } return scl; } @@ -1522,13 +1517,25 @@ return false; } - // Returns the invoker's class loader, or null if none. - // NOTE: This must always be invoked when there is exactly one intervening - // frame from the core libraries on the stack between this method's - // invocation and the desired invoker. - static ClassLoader getCallerClassLoader() { - // NOTE use of more generic Reflection.getCallerClass() - Class caller = Reflection.getCallerClass(3); + // Tests if class loader access requires "getClassLoader" permission + // check. A class loader 'from' can access class loader 'to' if + // class loader 'from' is same as class loader 'to' or an ancestor + // of 'to'. The class loader in a system domain can access + // any class loader. + private static boolean needsClassLoaderPermissionCheck(ClassLoader from, + ClassLoader to) + { + if (from == to) + return false; + + if (from == null) + return false; + + return !to.isAncestor(from); + } + + // Returns the class's class loader, or null if none. + static ClassLoader getClassLoader(Class<?> caller) { // This can be null if the VM is requesting it if (caller == null) { return null; @@ -1537,6 +1544,17 @@ return caller.getClassLoader0(); } + static void checkClassLoaderPermission(ClassLoader cl, Class<?> caller) { + SecurityManager sm = System.getSecurityManager(); + if (sm != null) { + // caller can be null if the VM is requesting it + ClassLoader ccl = getClassLoader(caller); + if (needsClassLoaderPermissionCheck(ccl, cl)) { + sm.checkPermission(SecurityConstants.GET_CLASSLOADER_PERMISSION); + } + } + } + // The class loader for the system // @GuardedBy("ClassLoader.class") private static ClassLoader scl;
--- a/src/share/classes/java/lang/Package.java Fri Jun 14 10:05:04 2013 +0100 +++ b/src/share/classes/java/lang/Package.java Tue Jun 18 06:01:18 2013 -0500 @@ -47,9 +47,10 @@ import java.util.HashMap; import java.util.Iterator; +import java.lang.annotation.Annotation; import sun.net.www.ParseUtil; - -import java.lang.annotation.Annotation; +import sun.reflect.CallerSensitive; +import sun.reflect.Reflection; /** * {@code Package} objects contain version information @@ -272,8 +273,9 @@ * @return the package of the requested name. It may be null if no package * information is available from the archive or codebase. */ + @CallerSensitive public static Package getPackage(String name) { - ClassLoader l = ClassLoader.getCallerClassLoader(); + ClassLoader l = ClassLoader.getClassLoader(Reflection.getCallerClass()); if (l != null) { return l.getPackage(name); } else { @@ -293,8 +295,9 @@ * @return a new array of packages known to the callers {@code ClassLoader} * instance. An zero length array is returned if none are known. */ + @CallerSensitive public static Package[] getPackages() { - ClassLoader l = ClassLoader.getCallerClassLoader(); + ClassLoader l = ClassLoader.getClassLoader(Reflection.getCallerClass()); if (l != null) { return l.getPackages(); } else {
--- a/src/share/classes/java/lang/Runtime.java Fri Jun 14 10:05:04 2013 +0100 +++ b/src/share/classes/java/lang/Runtime.java Tue Jun 18 06:01:18 2013 -0500 @@ -27,6 +27,8 @@ import java.io.*; import java.util.StringTokenizer; +import sun.reflect.CallerSensitive; +import sun.reflect.Reflection; /** * Every Java application has a single instance of class @@ -776,8 +778,9 @@ * @see java.lang.SecurityException * @see java.lang.SecurityManager#checkLink(java.lang.String) */ + @CallerSensitive public void load(String filename) { - load0(System.getCallerClass(), filename); + load0(Reflection.getCallerClass(), filename); } synchronized void load0(Class fromClass, String filename) { @@ -829,8 +832,9 @@ * @see java.lang.SecurityException * @see java.lang.SecurityManager#checkLink(java.lang.String) */ + @CallerSensitive public void loadLibrary(String libname) { - loadLibrary0(System.getCallerClass(), libname); + loadLibrary0(Reflection.getCallerClass(), libname); } synchronized void loadLibrary0(Class fromClass, String libname) {
--- a/src/share/classes/java/lang/System.java Fri Jun 14 10:05:04 2013 +0100 +++ b/src/share/classes/java/lang/System.java Tue Jun 18 06:01:18 2013 -0500 @@ -34,6 +34,7 @@ import java.nio.channels.Channel; import java.nio.channels.spi.SelectorProvider; import sun.nio.ch.Interruptible; +import sun.reflect.CallerSensitive; import sun.reflect.Reflection; import sun.security.util.SecurityConstants; import sun.reflect.annotation.AnnotationType; @@ -1055,8 +1056,9 @@ * @see java.lang.Runtime#load(java.lang.String) * @see java.lang.SecurityManager#checkLink(java.lang.String) */ + @CallerSensitive public static void load(String filename) { - Runtime.getRuntime().load0(getCallerClass(), filename); + Runtime.getRuntime().load0(Reflection.getCallerClass(), filename); } /** @@ -1080,8 +1082,9 @@ * @see java.lang.Runtime#loadLibrary(java.lang.String) * @see java.lang.SecurityManager#checkLink(java.lang.String) */ + @CallerSensitive public static void loadLibrary(String libname) { - Runtime.getRuntime().loadLibrary0(getCallerClass(), libname); + Runtime.getRuntime().loadLibrary0(Reflection.getCallerClass(), libname); } /** @@ -1197,10 +1200,4 @@ } }); } - - /* returns the class of the caller. */ - static Class<?> getCallerClass() { - // NOTE use of more generic Reflection.getCallerClass() - return Reflection.getCallerClass(3); - } }
--- a/src/share/classes/java/lang/Thread.java Fri Jun 14 10:05:04 2013 +0100 +++ b/src/share/classes/java/lang/Thread.java Tue Jun 18 06:01:18 2013 -0500 @@ -37,6 +37,8 @@ import java.util.concurrent.ConcurrentMap; import java.util.concurrent.locks.LockSupport; import sun.nio.ch.Interruptible; +import sun.reflect.CallerSensitive; +import sun.reflect.Reflection; import sun.security.util.SecurityConstants; @@ -1440,16 +1442,15 @@ * * @since 1.2 */ + @CallerSensitive public ClassLoader getContextClassLoader() { if (contextClassLoader == null) return null; + SecurityManager sm = System.getSecurityManager(); if (sm != null) { - ClassLoader ccl = ClassLoader.getCallerClassLoader(); - if (ccl != null && ccl != contextClassLoader && - !contextClassLoader.isAncestor(ccl)) { - sm.checkPermission(SecurityConstants.GET_CLASSLOADER_PERMISSION); - } + ClassLoader.checkClassLoaderPermission(contextClassLoader, + Reflection.getCallerClass()); } return contextClassLoader; }
--- a/src/share/classes/java/lang/invoke/MemberName.java Fri Jun 14 10:05:04 2013 +0100 +++ b/src/share/classes/java/lang/invoke/MemberName.java Tue Jun 18 06:01:18 2013 -0500 @@ -275,10 +275,11 @@ // private flags, not part of RECOGNIZED_MODIFIERS: static final int - IS_METHOD = MN_IS_METHOD, // method (not constructor) - IS_CONSTRUCTOR = MN_IS_CONSTRUCTOR, // constructor - IS_FIELD = MN_IS_FIELD, // field - IS_TYPE = MN_IS_TYPE; // nested type + IS_METHOD = MN_IS_METHOD, // method (not constructor) + IS_CONSTRUCTOR = MN_IS_CONSTRUCTOR, // constructor + IS_FIELD = MN_IS_FIELD, // field + IS_TYPE = MN_IS_TYPE, // nested type + IS_CALLER_SENSITIVE = MN_CALLER_SENSITIVE; // @CallerSensitive annotation static final int // for MethodHandleNatives.getMembers SEARCH_SUPERCLASSES = MN_SEARCH_SUPERCLASSES, SEARCH_INTERFACES = MN_SEARCH_INTERFACES; @@ -317,6 +318,10 @@ public boolean isPackage() { return !testAnyFlags(ALL_ACCESS); } + /** Utility method to query whether this member is annotated with @CallerSensitive. */ + public boolean isCallerSensitive() { + return testAllFlags(IS_CALLER_SENSITIVE); + } /** Initialize a query. It is not resolved. */ private void init(Class<?> defClass, String name, Object type, int flags) {
--- a/src/share/classes/java/lang/invoke/MethodHandleImpl.java Fri Jun 14 10:05:04 2013 +0100 +++ b/src/share/classes/java/lang/invoke/MethodHandleImpl.java Tue Jun 18 06:01:18 2013 -0500 @@ -37,6 +37,8 @@ import sun.invoke.util.VerifyType; import sun.invoke.util.Wrapper; import sun.misc.Unsafe; +import sun.reflect.CallerSensitive; +import sun.reflect.Reflection; import static java.lang.invoke.MethodHandleStatics.*; import static java.lang.invoke.MethodHandles.Lookup.IMPL_LOOKUP; @@ -1362,9 +1364,11 @@ } } + @CallerSensitive private static boolean checkCallerClass(Class<?> expected, Class<?> expected2) { - final int FRAME_COUNT_ARG = 2; // [0] Reflection [1] BindCaller [2] Expected - Class<?> actual = sun.reflect.Reflection.getCallerClass(FRAME_COUNT_ARG); + // This method is called via MH_checkCallerClass and so it's + // correct to ask for the immediate caller here. + Class<?> actual = Reflection.getCallerClass(); if (actual != expected && actual != expected2) throw new InternalError("found "+actual.getName()+", expected "+expected.getName() +(expected == expected2 ? "" : ", or else "+expected2.getName()));
--- a/src/share/classes/java/lang/invoke/MethodHandleNatives.java Fri Jun 14 10:05:04 2013 +0100 +++ b/src/share/classes/java/lang/invoke/MethodHandleNatives.java Tue Jun 18 06:01:18 2013 -0500 @@ -33,7 +33,7 @@ /** * The JVM interface for the method handles package is all here. - * This is an interface internal and private to an implemetantion of JSR 292. + * This is an interface internal and private to an implementation of JSR 292. * <em>This class is not part of the JSR 292 standard.</em> * @author jrose */ @@ -131,6 +131,7 @@ OP_ROT_ARGS_DOWN_LIMIT_BIAS = (k != 0) ? (byte)k : -1; HAVE_RICOCHET_FRAMES = (CONV_OP_IMPLEMENTED_MASK & (1<<OP_COLLECT_ARGS)) != 0; COUNT_GWT = getConstant(Constants.GC_COUNT_GWT) != 0; + //sun.reflect.Reflection.registerMethodsToFilter(MethodHandleImpl.class, "init"); } @@ -162,6 +163,7 @@ MN_IS_CONSTRUCTOR = 0x00020000, // constructor MN_IS_FIELD = 0x00040000, // field MN_IS_TYPE = 0x00080000, // nested type + MN_CALLER_SENSITIVE = 0x00100000, // @CallerSensitive annotation detected MN_SEARCH_SUPERCLASSES = 0x00100000, // for MHN.getMembers MN_SEARCH_INTERFACES = 0x00200000, // for MHN.getMembers VM_INDEX_UNINITIALIZED = -99; @@ -402,21 +404,29 @@ return true; } + /** * Is this method a caller-sensitive method? * I.e., does it call Reflection.getCallerClass or a similer method * to ask about the identity of its caller? */ - // FIXME: Replace this pattern match by an annotation @sun.reflect.CallerSensitive. static boolean isCallerSensitive(MemberName mem) { - if (!mem.isInvocable()) return false; // fields are not caller sensitive - Class<?> defc = mem.getDeclaringClass(); - switch (mem.getName()) { + if (!mem.isMethod()) return false; // only methods are caller sensitive + + // when the VM support is available, call mem.isCallerSensitive() instead + return isCallerSensitiveMethod(mem.getDeclaringClass(), mem.getName()) || + canBeCalledVirtual(mem); + } + + // this method is also called by test/sun/reflect/CallerSensitiveFinder + // to validate the hand-maintained list + private static boolean isCallerSensitiveMethod(Class<?> defc, String method) { + switch (method) { case "doPrivileged": case "doPrivilegedWithCombiner": return defc == java.security.AccessController.class; case "checkMemberAccess": - return canBeCalledVirtual(mem, java.lang.SecurityManager.class); + return defc == java.lang.SecurityManager.class; case "getUnsafe": return defc == sun.misc.Unsafe.class; case "lookup": @@ -446,10 +456,12 @@ if (defc == java.lang.reflect.Constructor.class) return true; if (defc == java.lang.Class.class) return true; break; + case "getFields": + return defc == java.lang.Class.class || + defc == javax.sql.rowset.serial.SerialJavaObject.class; case "forName": case "getClassLoader": case "getClasses": - case "getFields": case "getMethods": case "getConstructors": case "getDeclaredClasses": @@ -471,13 +483,14 @@ case "getDrivers": case "deregisterDriver": return defc == java.sql.DriverManager.class; + case "newUpdater": if (defc == java.util.concurrent.atomic.AtomicIntegerFieldUpdater.class) return true; if (defc == java.util.concurrent.atomic.AtomicLongFieldUpdater.class) return true; if (defc == java.util.concurrent.atomic.AtomicReferenceFieldUpdater.class) return true; break; case "getContextClassLoader": - return canBeCalledVirtual(mem, java.lang.Thread.class); + return defc == java.lang.Thread.class; case "getPackage": case "getPackages": return defc == java.lang.Package.class; @@ -496,7 +509,7 @@ case "getCallerClassLoader": return defc == java.lang.ClassLoader.class; case "registerAsParallelCapable": - return canBeCalledVirtual(mem, java.lang.ClassLoader.class); + return defc == java.lang.ClassLoader.class; case "getProxyClass": case "newProxyInstance": return defc == java.lang.reflect.Proxy.class; @@ -509,9 +522,24 @@ return defc == java.io.ObjectStreamField.class; case "forClass": return defc == java.io.ObjectStreamClass.class; + case "getLogger": + return defc == java.util.logging.Logger.class; } return false; } + + private static boolean canBeCalledVirtual(MemberName mem) { + assert(mem.isInvocable()); + Class<?> defc = mem.getDeclaringClass(); + switch (mem.getName()) { + case "checkMemberAccess": + return canBeCalledVirtual(mem, java.lang.SecurityManager.class); + case "getContextClassLoader": + return canBeCalledVirtual(mem, java.lang.Thread.class); + } + return false; + } + static boolean canBeCalledVirtual(MemberName symbolicRef, Class<?> definingClass) { Class<?> symbolicRefClass = symbolicRef.getDeclaringClass(); if (symbolicRefClass == definingClass) return true;
--- a/src/share/classes/java/lang/invoke/MethodHandleProxies.java Fri Jun 14 10:05:04 2013 +0100 +++ b/src/share/classes/java/lang/invoke/MethodHandleProxies.java Tue Jun 18 06:01:18 2013 -0500 @@ -31,6 +31,7 @@ import sun.invoke.WrapperInstance; import java.util.ArrayList; import sun.reflect.Reflection; +import sun.reflect.CallerSensitive; import sun.reflect.misc.ReflectUtil; /** @@ -137,14 +138,14 @@ // entry points, must be covered by hand-written or automatically // generated adapter classes. // + @CallerSensitive public static <T> T asInterfaceInstance(final Class<T> intfc, final MethodHandle target) { if (!intfc.isInterface() || !Modifier.isPublic(intfc.getModifiers())) throw new IllegalArgumentException("not a public interface: "+intfc.getName()); final MethodHandle mh; if (System.getSecurityManager() != null) { - final int CALLER_FRAME = 2; // 0: Reflection, 1: asInterfaceInstance, 2: caller - final Class<?> caller = Reflection.getCallerClass(CALLER_FRAME); + final Class<?> caller = Reflection.getCallerClass(); final ClassLoader ccl = (caller != null) ? caller.getClassLoader() : null; ReflectUtil.checkProxyPackageAccess(ccl, intfc); mh = maybeBindCaller(target, caller);
--- a/src/share/classes/java/lang/invoke/MethodHandles.java Fri Jun 14 10:05:04 2013 +0100 +++ b/src/share/classes/java/lang/invoke/MethodHandles.java Tue Jun 18 06:01:18 2013 -0500 @@ -32,9 +32,10 @@ import java.util.List; import java.util.ArrayList; import java.util.Arrays; +import sun.reflect.CallerSensitive; import sun.reflect.Reflection; import sun.reflect.misc.ReflectUtil; - +import sun.security.util.SecurityConstants; import static java.lang.invoke.MethodHandleStatics.*; import static java.lang.invoke.MethodHandleNatives.Constants.*; import sun.security.util.SecurityConstants; @@ -68,8 +69,9 @@ * This lookup object is a <em>capability</em> which may be delegated to trusted agents. * Do not store it in place where untrusted code can access it. */ + @CallerSensitive public static Lookup lookup() { - return new Lookup(); + return new Lookup(Reflection.getCallerClass()); } /** @@ -408,14 +410,9 @@ * Also, don't make it private, lest javac interpose * an access$N method. */ - Lookup() { - this(getCallerClassAtEntryPoint(false), ALL_MODES); - // make sure we haven't accidentally picked up a privileged class: - checkUnprivilegedlookupClass(lookupClass); - } - Lookup(Class<?> lookupClass) { this(lookupClass, ALL_MODES); + checkUnprivilegedlookupClass(lookupClass); } private Lookup(Class<?> lookupClass, int allowedModes) { @@ -542,20 +539,6 @@ } } - /* Obtain the external caller class, when called from Lookup.<init> or a first-level subroutine. */ - private static Class<?> getCallerClassAtEntryPoint(boolean inSubroutine) { - final int CALLER_DEPTH = 4; - // Stack for the constructor entry point (inSubroutine=false): - // 0: Reflection.getCC, 1: getCallerClassAtEntryPoint, - // 2: Lookup.<init>, 3: MethodHandles.*, 4: caller - // The stack is slightly different for a subroutine of a Lookup.find* method: - // 2: Lookup.*, 3: Lookup.find*.*, 4: caller - // Note: This should be the only use of getCallerClass in this file. - assert(Reflection.getCallerClass(CALLER_DEPTH-2) == Lookup.class); - assert(Reflection.getCallerClass(CALLER_DEPTH-1) == (inSubroutine ? Lookup.class : MethodHandles.class)); - return Reflection.getCallerClass(CALLER_DEPTH); - } - /** * Produces a method handle for a static method. * The type of the method handle will be that of the method. @@ -582,11 +565,13 @@ * <a href="MethodHandles.Lookup.html#secmgr">refuses access</a> * @throws NullPointerException if any argument is null */ + @CallerSensitive public MethodHandle findStatic(Class<?> refc, String name, MethodType type) throws NoSuchMethodException, IllegalAccessException { MemberName method = resolveOrFail(refc, name, type, true); - checkSecurityManager(refc, method); - return accessStatic(refc, method, findBoundCallerClass(method)); + Class<?> callerClass = Reflection.getCallerClass(); + checkSecurityManager(refc, method, callerClass); + return accessStatic(refc, method, findBoundCallerClass(method, callerClass)); } private MethodHandle accessStatic(Class<?> refc, MemberName method, Class<?> callerClass) throws IllegalAccessException { @@ -639,10 +624,12 @@ * <a href="MethodHandles.Lookup.html#secmgr">refuses access</a> * @throws NullPointerException if any argument is null */ + @CallerSensitive public MethodHandle findVirtual(Class<?> refc, String name, MethodType type) throws NoSuchMethodException, IllegalAccessException { MemberName method = resolveOrFail(refc, name, type, false); - checkSecurityManager(refc, method); - return accessVirtual(refc, method, findBoundCallerClass(method)); + Class<?> callerClass = Reflection.getCallerClass(); + checkSecurityManager(refc, method, callerClass); + return accessVirtual(refc, method, findBoundCallerClass(method, callerClass)); } private MethodHandle resolveVirtual(Class<?> refc, String name, MethodType type) throws NoSuchMethodException, IllegalAccessException { MemberName method = resolveOrFail(refc, name, type, false); @@ -681,10 +668,11 @@ * <a href="MethodHandles.Lookup.html#secmgr">refuses access</a> * @throws NullPointerException if any argument is null */ + @CallerSensitive public MethodHandle findConstructor(Class<?> refc, MethodType type) throws NoSuchMethodException, IllegalAccessException { String name = "<init>"; MemberName ctor = resolveOrFail(refc, name, type, false, false, lookupClassOrNull()); - checkSecurityManager(refc, ctor); + checkSecurityManager(refc, ctor, Reflection.getCallerClass()); return accessConstructor(refc, ctor); } private MethodHandle accessConstructor(Class<?> refc, MemberName ctor) throws IllegalAccessException { @@ -750,12 +738,14 @@ * <a href="MethodHandles.Lookup.html#secmgr">refuses access</a> * @throws NullPointerException if any argument is null */ + @CallerSensitive public MethodHandle findSpecial(Class<?> refc, String name, MethodType type, Class<?> specialCaller) throws NoSuchMethodException, IllegalAccessException { checkSpecialCaller(specialCaller); MemberName method = resolveOrFail(refc, name, type, false, false, specialCaller); - checkSecurityManager(refc, method); - return accessSpecial(refc, method, findBoundCallerClass(method), specialCaller); + Class<?> callerClass = Reflection.getCallerClass(); + checkSecurityManager(refc, method, callerClass); + return accessSpecial(refc, method, findBoundCallerClass(method, callerClass), specialCaller); } private MethodHandle accessSpecial(Class<?> refc, MemberName method, Class<?> callerClass, @@ -812,9 +802,10 @@ * <a href="MethodHandles.Lookup.html#secmgr">refuses access</a> * @throws NullPointerException if any argument is null */ + @CallerSensitive public MethodHandle findGetter(Class<?> refc, String name, Class<?> type) throws NoSuchFieldException, IllegalAccessException { MemberName field = resolveOrFail(refc, name, type, false); - checkSecurityManager(refc, field); + checkSecurityManager(refc, field, Reflection.getCallerClass()); return makeAccessor(refc, field, false, false, 0); } private MethodHandle resolveGetter(Class<?> refc, String name, Class<?> type) throws NoSuchFieldException, IllegalAccessException { @@ -839,9 +830,10 @@ * <a href="MethodHandles.Lookup.html#secmgr">refuses access</a> * @throws NullPointerException if any argument is null */ + @CallerSensitive public MethodHandle findSetter(Class<?> refc, String name, Class<?> type) throws NoSuchFieldException, IllegalAccessException { MemberName field = resolveOrFail(refc, name, type, false); - checkSecurityManager(refc, field); + checkSecurityManager(refc, field, Reflection.getCallerClass()); return makeAccessor(refc, field, false, true, 0); } private MethodHandle resolveSetter(Class<?> refc, String name, Class<?> type) throws NoSuchFieldException, IllegalAccessException { @@ -865,9 +857,10 @@ * <a href="MethodHandles.Lookup.html#secmgr">refuses access</a> * @throws NullPointerException if any argument is null */ + @CallerSensitive public MethodHandle findStaticGetter(Class<?> refc, String name, Class<?> type) throws NoSuchFieldException, IllegalAccessException { MemberName field = resolveOrFail(refc, name, type, true); - checkSecurityManager(refc, field); + checkSecurityManager(refc, field, Reflection.getCallerClass()); return makeAccessor(refc, field, false, false, 1); } private MethodHandle resolveStaticGetter(Class<?> refc, String name, Class<?> type) throws NoSuchFieldException, IllegalAccessException { @@ -891,9 +884,10 @@ * <a href="MethodHandles.Lookup.html#secmgr">refuses access</a> * @throws NullPointerException if any argument is null */ + @CallerSensitive public MethodHandle findStaticSetter(Class<?> refc, String name, Class<?> type) throws NoSuchFieldException, IllegalAccessException { MemberName field = resolveOrFail(refc, name, type, true); - checkSecurityManager(refc, field); + checkSecurityManager(refc, field, Reflection.getCallerClass()); return makeAccessor(refc, field, false, true, 1); } private MethodHandle resolveStaticSetter(Class<?> refc, String name, Class<?> type) throws NoSuchFieldException, IllegalAccessException { @@ -947,13 +941,15 @@ * <a href="MethodHandles.Lookup.html#secmgr">refuses access</a> * @throws NullPointerException if any argument is null */ + @CallerSensitive public MethodHandle bind(Object receiver, String name, MethodType type) throws NoSuchMethodException, IllegalAccessException { Class<? extends Object> refc = receiver.getClass(); // may get NPE MemberName method = resolveOrFail(refc, name, type, false); - checkSecurityManager(refc, method); + Class<?> callerClass = Reflection.getCallerClass(); + checkSecurityManager(refc, method, callerClass); checkMethod(refc, method, false); MethodHandle dmh = MethodHandleImpl.findMethod(method, true, lookupClassOrNull()); - MethodHandle bcmh = maybeBindCaller(method, dmh, findBoundCallerClass(method)); + MethodHandle bcmh = maybeBindCaller(method, dmh, findBoundCallerClass(method, callerClass)); if (bcmh != dmh) return fixVarargs(bcmh.bindTo(receiver), dmh); MethodHandle bmh = MethodHandleImpl.bindReceiver(dmh, receiver); if (bmh == null) @@ -982,6 +978,7 @@ * is set and {@code asVarargsCollector} fails * @throws NullPointerException if the argument is null */ + @CallerSensitive public MethodHandle unreflect(Method m) throws IllegalAccessException { MemberName method = new MemberName(m); assert(method.isMethod()); @@ -989,7 +986,8 @@ return MethodHandleImpl.findMethod(method, true, /*no lookupClass*/ null); checkMethod(method.getDeclaringClass(), method, method.isStatic()); MethodHandle mh = MethodHandleImpl.findMethod(method, true, lookupClassOrNull()); - mh = maybeBindCaller(method, mh, findBoundCallerClass(method)); + Class<?> callerClass = Reflection.getCallerClass(); + mh = maybeBindCaller(method, mh, findBoundCallerClass(method, callerClass)); return restrictProtectedReceiver(method, mh); } @@ -1014,6 +1012,7 @@ * is set and {@code asVarargsCollector} fails * @throws NullPointerException if any argument is null */ + @CallerSensitive public MethodHandle unreflectSpecial(Method m, Class<?> specialCaller) throws IllegalAccessException { checkSpecialCaller(specialCaller); MemberName method = new MemberName(m); @@ -1021,7 +1020,7 @@ // ignore m.isAccessible: this is a new kind of access checkMethod(m.getDeclaringClass(), method, false); MethodHandle mh = MethodHandleImpl.findMethod(method, false, lookupClassOrNull()); - mh = maybeBindCaller(method, mh, findBoundCallerClass(method)); + mh = maybeBindCaller(method, mh, findBoundCallerClass(method, callerClass)); return restrictReceiver(method, mh, specialCaller); } @@ -1134,10 +1133,8 @@ * Find my trustable caller class if m is a caller sensitive method. * If this lookup object has private access, then the caller class is the lookupClass. * Otherwise, if m is caller-sensitive, throw IllegalAccessException. - * This is the same caller class as is used by checkSecurityManager. - * This function performs stack walk magic: do not refactor it. */ - Class<?> findBoundCallerClass(MemberName m) throws IllegalAccessException { + Class<?> findBoundCallerClass(MemberName m, Class<?> caller) { Class<?> callerClass = null; if (MethodHandleNatives.isCallerSensitive(m)) { // Only full-power lookup is allowed to resolve caller-sensitive methods @@ -1172,59 +1169,57 @@ /** * Perform necessary <a href="MethodHandles.Lookup.html#secmgr">access checks</a>. - * Determines a trustable caller class to compare with refc, the symbolic reference class. - * If this lookup object has private access, then the caller class is the lookupClass. - * Otherwise, it is the caller of the currently executing public API method (e.g., findVirtual). * This function performs stack walk magic: do not refactor it. */ - void checkSecurityManager(Class<?> refc, MemberName m) { + void checkSecurityManager(Class<?> refc, MemberName m, Class<?> caller) { SecurityManager smgr = System.getSecurityManager(); if (smgr == null) return; if (allowedModes == TRUSTED) return; final boolean overridden = isCheckMemberAccessOverridden(smgr); // Step 1: - smgr.checkMemberAccess(refc, Member.PUBLIC); + { + // Default policy is to allow Member.PUBLIC; no need to check + // permission if SecurityManager is the default implementation + final int which = Member.PUBLIC; + final Class<?> clazz = refc; + if (overridden) { + // Don't refactor; otherwise break the stack depth for + // checkMemberAccess of subclasses of SecurityManager as specified. + smgr.checkMemberAccess(clazz, which); + } + } + // Step 2: if (!isFullPowerLookup() || !VerifyAccess.classLoaderIsAncestor(lookupClass, refc)) { ReflectUtil.checkPackageAccess(refc); } + // Step 3: if (m.isPublic()) return; Class<?> defc = m.getDeclaringClass(); - if (!overridden) { - if (!isFullPowerLookup() || + { + // Inline SecurityManager.checkMemberAccess + final int which = Member.DECLARED; + final Class<?> clazz = defc; + if (!overridden) { + if (!isFullPowerLookup() || (lookupClass.getClassLoader() != defc.getClassLoader())) { smgr.checkPermission(SecurityConstants.CHECK_MEMBER_ACCESS_PERMISSION); + } + } else { + // Don't refactor; otherwise break the stack depth for + // checkMemberAccess of subclasses of SecurityManager as specified. + smgr.checkMemberAccess(defc, Member.DECLARED); } - } else { - // Don't refactor; otherwise break the stack depth for - // checkMemberAccess of subclasses of SecurityManager as specified. - smgr.checkMemberAccess(defc, Member.DECLARED); } + // Step 4: if (defc != refc) { ReflectUtil.checkPackageAccess(defc); } - // Comment from SM.checkMemberAccess, where which=DECLARED: - /* - * stack depth of 4 should be the caller of one of the - * methods in java.lang.Class that invoke checkMember - * access. The stack should look like: - * - * someCaller [3] - * java.lang.Class.someReflectionAPI [2] - * java.lang.Class.checkMemberAccess [1] - * SecurityManager.checkMemberAccess [0] - * - */ - // For us it is this stack: - // someCaller [3] - // Lookup.findSomeMember [2] - // Lookup.checkSecurityManager [1] - // SecurityManager.checkMemberAccess [0] } void checkMethod(Class<?> refc, MemberName m, boolean wantStatic) throws IllegalAccessException {
--- a/src/share/classes/java/lang/reflect/Constructor.java Fri Jun 14 10:05:04 2013 +0100 +++ b/src/share/classes/java/lang/reflect/Constructor.java Tue Jun 18 06:01:18 2013 -0500 @@ -25,6 +25,7 @@ package java.lang.reflect; +import sun.reflect.CallerSensitive; import sun.reflect.ConstructorAccessor; import sun.reflect.Reflection; import sun.reflect.generics.repository.ConstructorRepository; @@ -505,14 +506,14 @@ * @exception ExceptionInInitializerError if the initialization provoked * by this method fails. */ + @CallerSensitive public T newInstance(Object ... initargs) throws InstantiationException, IllegalAccessException, IllegalArgumentException, InvocationTargetException { if (!override) { if (!Reflection.quickCheckMemberAccess(clazz, modifiers)) { - Class<?> caller = Reflection.getCallerClass(2); - + Class<?> caller = Reflection.getCallerClass(); checkAccess(caller, clazz, null, modifiers); } }
--- a/src/share/classes/java/lang/reflect/Field.java Fri Jun 14 10:05:04 2013 +0100 +++ b/src/share/classes/java/lang/reflect/Field.java Tue Jun 18 06:01:18 2013 -0500 @@ -25,6 +25,7 @@ package java.lang.reflect; +import sun.reflect.CallerSensitive; import sun.reflect.FieldAccessor; import sun.reflect.Reflection; import sun.reflect.generics.repository.FieldRepository; @@ -366,9 +367,15 @@ * @exception ExceptionInInitializerError if the initialization provoked * by this method fails. */ + @CallerSensitive public Object get(Object obj) throws IllegalArgumentException, IllegalAccessException { + if (!override) { + if (!Reflection.quickCheckMemberAccess(clazz, modifiers)) { + checkAccess(Reflection.getCallerClass(), clazz, obj, modifiers); + } + } return getFieldAccessor(obj).get(obj); } @@ -394,9 +401,15 @@ * by this method fails. * @see Field#get */ + @CallerSensitive public boolean getBoolean(Object obj) throws IllegalArgumentException, IllegalAccessException { + if (!override) { + if (!Reflection.quickCheckMemberAccess(clazz, modifiers)) { + checkAccess(Reflection.getCallerClass(), clazz, obj, modifiers); + } + } return getFieldAccessor(obj).getBoolean(obj); } @@ -422,9 +435,15 @@ * by this method fails. * @see Field#get */ + @CallerSensitive public byte getByte(Object obj) throws IllegalArgumentException, IllegalAccessException { + if (!override) { + if (!Reflection.quickCheckMemberAccess(clazz, modifiers)) { + checkAccess(Reflection.getCallerClass(), clazz, obj, modifiers); + } + } return getFieldAccessor(obj).getByte(obj); } @@ -452,9 +471,15 @@ * by this method fails. * @see Field#get */ + @CallerSensitive public char getChar(Object obj) throws IllegalArgumentException, IllegalAccessException { + if (!override) { + if (!Reflection.quickCheckMemberAccess(clazz, modifiers)) { + checkAccess(Reflection.getCallerClass(), clazz, obj, modifiers); + } + } return getFieldAccessor(obj).getChar(obj); } @@ -482,9 +507,15 @@ * by this method fails. * @see Field#get */ + @CallerSensitive public short getShort(Object obj) throws IllegalArgumentException, IllegalAccessException { + if (!override) { + if (!Reflection.quickCheckMemberAccess(clazz, modifiers)) { + checkAccess(Reflection.getCallerClass(), clazz, obj, modifiers); + } + } return getFieldAccessor(obj).getShort(obj); } @@ -512,9 +543,15 @@ * by this method fails. * @see Field#get */ + @CallerSensitive public int getInt(Object obj) throws IllegalArgumentException, IllegalAccessException { + if (!override) { + if (!Reflection.quickCheckMemberAccess(clazz, modifiers)) { + checkAccess(Reflection.getCallerClass(), clazz, obj, modifiers); + } + } return getFieldAccessor(obj).getInt(obj); } @@ -542,9 +579,15 @@ * by this method fails. * @see Field#get */ + @CallerSensitive public long getLong(Object obj) throws IllegalArgumentException, IllegalAccessException { + if (!override) { + if (!Reflection.quickCheckMemberAccess(clazz, modifiers)) { + checkAccess(Reflection.getCallerClass(), clazz, obj, modifiers); + } + } return getFieldAccessor(obj).getLong(obj); } @@ -572,9 +615,15 @@ * by this method fails. * @see Field#get */ + @CallerSensitive public float getFloat(Object obj) throws IllegalArgumentException, IllegalAccessException { + if (!override) { + if (!Reflection.quickCheckMemberAccess(clazz, modifiers)) { + checkAccess(Reflection.getCallerClass(), clazz, obj, modifiers); + } + } return getFieldAccessor(obj).getFloat(obj); } @@ -602,9 +651,15 @@ * by this method fails. * @see Field#get */ + @CallerSensitive public double getDouble(Object obj) throws IllegalArgumentException, IllegalAccessException { + if (!override) { + if (!Reflection.quickCheckMemberAccess(clazz, modifiers)) { + checkAccess(Reflection.getCallerClass(), clazz, obj, modifiers); + } + } return getFieldAccessor(obj).getDouble(obj); } @@ -674,9 +729,15 @@ * @exception ExceptionInInitializerError if the initialization provoked * by this method fails. */ + @CallerSensitive public void set(Object obj, Object value) throws IllegalArgumentException, IllegalAccessException { + if (!override) { + if (!Reflection.quickCheckMemberAccess(clazz, modifiers)) { + checkAccess(Reflection.getCallerClass(), clazz, obj, modifiers); + } + } getFieldAccessor(obj).set(obj, value); } @@ -704,9 +765,15 @@ * by this method fails. * @see Field#set */ + @CallerSensitive public void setBoolean(Object obj, boolean z) throws IllegalArgumentException, IllegalAccessException { + if (!override) { + if (!Reflection.quickCheckMemberAccess(clazz, modifiers)) { + checkAccess(Reflection.getCallerClass(), clazz, obj, modifiers); + } + } getFieldAccessor(obj).setBoolean(obj, z); } @@ -734,9 +801,15 @@ * by this method fails. * @see Field#set */ + @CallerSensitive public void setByte(Object obj, byte b) throws IllegalArgumentException, IllegalAccessException { + if (!override) { + if (!Reflection.quickCheckMemberAccess(clazz, modifiers)) { + checkAccess(Reflection.getCallerClass(), clazz, obj, modifiers); + } + } getFieldAccessor(obj).setByte(obj, b); } @@ -764,9 +837,15 @@ * by this method fails. * @see Field#set */ + @CallerSensitive public void setChar(Object obj, char c) throws IllegalArgumentException, IllegalAccessException { + if (!override) { + if (!Reflection.quickCheckMemberAccess(clazz, modifiers)) { + checkAccess(Reflection.getCallerClass(), clazz, obj, modifiers); + } + } getFieldAccessor(obj).setChar(obj, c); } @@ -794,9 +873,15 @@ * by this method fails. * @see Field#set */ + @CallerSensitive public void setShort(Object obj, short s) throws IllegalArgumentException, IllegalAccessException { + if (!override) { + if (!Reflection.quickCheckMemberAccess(clazz, modifiers)) { + checkAccess(Reflection.getCallerClass(), clazz, obj, modifiers); + } + } getFieldAccessor(obj).setShort(obj, s); } @@ -824,9 +909,15 @@ * by this method fails. * @see Field#set */ + @CallerSensitive public void setInt(Object obj, int i) throws IllegalArgumentException, IllegalAccessException { + if (!override) { + if (!Reflection.quickCheckMemberAccess(clazz, modifiers)) { + checkAccess(Reflection.getCallerClass(), clazz, obj, modifiers); + } + } getFieldAccessor(obj).setInt(obj, i); } @@ -854,9 +945,15 @@ * by this method fails. * @see Field#set */ + @CallerSensitive public void setLong(Object obj, long l) throws IllegalArgumentException, IllegalAccessException { + if (!override) { + if (!Reflection.quickCheckMemberAccess(clazz, modifiers)) { + checkAccess(Reflection.getCallerClass(), clazz, obj, modifiers); + } + } getFieldAccessor(obj).setLong(obj, l); } @@ -884,9 +981,15 @@ * by this method fails. * @see Field#set */ + @CallerSensitive public void setFloat(Object obj, float f) throws IllegalArgumentException, IllegalAccessException { + if (!override) { + if (!Reflection.quickCheckMemberAccess(clazz, modifiers)) { + checkAccess(Reflection.getCallerClass(), clazz, obj, modifiers); + } + } getFieldAccessor(obj).setFloat(obj, f); } @@ -914,20 +1017,25 @@ * by this method fails. * @see Field#set */ + @CallerSensitive public void setDouble(Object obj, double d) throws IllegalArgumentException, IllegalAccessException { + if (!override) { + if (!Reflection.quickCheckMemberAccess(clazz, modifiers)) { + checkAccess(Reflection.getCallerClass(), clazz, obj, modifiers); + } + } getFieldAccessor(obj).setDouble(obj, d); } - // Convenience routine which performs security checks + // security check is done before calling this method private FieldAccessor getFieldAccessor(Object obj) throws IllegalAccessException { - doSecurityCheck(obj); boolean ov = override; - FieldAccessor a = (ov)? overrideFieldAccessor : fieldAccessor; - return (a != null)? a : acquireFieldAccessor(ov); + FieldAccessor a = (ov) ? overrideFieldAccessor : fieldAccessor; + return (a != null) ? a : acquireFieldAccessor(ov); } // NOTE that there is no synchronization used here. It is correct @@ -972,19 +1080,6 @@ } } - // NOTE: be very careful if you change the stack depth of this - // routine. The depth of the "getCallerClass" call is hardwired so - // that the compiler can have an easier time if this gets inlined. - private void doSecurityCheck(Object obj) throws IllegalAccessException { - if (!override) { - if (!Reflection.quickCheckMemberAccess(clazz, modifiers)) { - Class<?> caller = Reflection.getCallerClass(4); - - checkAccess(caller, clazz, obj, modifiers); - } - } - } - /* * Utility routine to paper over array type names */
--- a/src/share/classes/java/lang/reflect/Method.java Fri Jun 14 10:05:04 2013 +0100 +++ b/src/share/classes/java/lang/reflect/Method.java Tue Jun 18 06:01:18 2013 -0500 @@ -25,6 +25,7 @@ package java.lang.reflect; +import sun.reflect.CallerSensitive; import sun.reflect.MethodAccessor; import sun.reflect.Reflection; import sun.reflect.generics.repository.MethodRepository; @@ -583,14 +584,18 @@ * @exception ExceptionInInitializerError if the initialization * provoked by this method fails. */ + @CallerSensitive public Object invoke(Object obj, Object... args) throws IllegalAccessException, IllegalArgumentException, InvocationTargetException { if (!override) { if (!Reflection.quickCheckMemberAccess(clazz, modifiers)) { - Class<?> caller = Reflection.getCallerClass(1); - + // Until there is hotspot @CallerSensitive support + // can't call Reflection.getCallerClass() here + // Workaround for now: add a frame getCallerClass to + // make the caller at stack depth 2 + Class<?> caller = getCallerClass(); checkAccess(caller, clazz, obj, modifiers); } } @@ -601,6 +606,16 @@ return ma.invoke(obj, args); } + /* + * This method makes the frame count to be 2 to find the caller + */ + @CallerSensitive + private Class<?> getCallerClass() { + // Reflection.getCallerClass() currently returns the frame at depth 2 + // before the hotspot support is in. + return Reflection.getCallerClass(); + } + /** * Returns {@code true} if this method is a bridge * method; returns {@code false} otherwise.
--- a/src/share/classes/java/lang/reflect/Proxy.java Fri Jun 14 10:05:04 2013 +0100 +++ b/src/share/classes/java/lang/reflect/Proxy.java Tue Jun 18 06:01:18 2013 -0500 @@ -39,6 +39,7 @@ import java.util.List; import java.util.WeakHashMap; import sun.misc.ProxyGenerator; +import sun.reflect.CallerSensitive; import sun.reflect.Reflection; import sun.reflect.misc.ReflectUtil; import sun.security.util.SecurityConstants; @@ -406,28 +407,21 @@ * @throws NullPointerException if the {@code interfaces} array * argument or any of its elements are {@code null} */ + @CallerSensitive public static Class<?> getProxyClass(ClassLoader loader, Class<?>... interfaces) throws IllegalArgumentException { - return getProxyClass0(loader, interfaces); // stack walk magic: do not refactor - } - - private static void checkProxyLoader(ClassLoader ccl, - ClassLoader loader) - { SecurityManager sm = System.getSecurityManager(); if (sm != null) { - if (loader == null && ccl != null) { - if (!ProxyAccessHelper.allowNullLoader) { - sm.checkPermission(SecurityConstants.GET_CLASSLOADER_PERMISSION); - } - } + checkProxyAccess(Reflection.getCallerClass(), loader, interfaces); } + + return getProxyClass0(loader, interfaces); } /* - * Generate a proxy class (caller-sensitive). + * Check permissions required to create a Proxy class. * * To define a proxy class, it performs the access checks as in * Class.forName (VM will invoke ClassLoader.checkPackageAccess): @@ -444,17 +438,28 @@ * will throw IllegalAccessError when the generated proxy class is * being defined via the defineClass0 method. */ - private static Class<?> getProxyClass0(ClassLoader loader, - Class<?>... interfaces) { + private static void checkProxyAccess(Class<?> caller, + ClassLoader loader, + Class<?>... interfaces) + { SecurityManager sm = System.getSecurityManager(); if (sm != null) { - final int CALLER_FRAME = 3; // 0: Reflection, 1: getProxyClass0 2: Proxy 3: caller - final Class<?> caller = Reflection.getCallerClass(CALLER_FRAME); - final ClassLoader ccl = caller.getClassLoader(); - checkProxyLoader(ccl, loader); + ClassLoader ccl = caller.getClassLoader(); + if (loader == null && ccl != null) { + if (!ProxyAccessHelper.allowNullLoader) { + sm.checkPermission(SecurityConstants.GET_CLASSLOADER_PERMISSION); + } + } ReflectUtil.checkProxyPackageAccess(ccl, interfaces); } + } + /** + * Generate a proxy class. Must call the checkProxyAccess method + * to perform permission checks before calling this. + */ + private static Class<?> getProxyClass0(ClassLoader loader, + Class<?>... interfaces) { if (interfaces.length > 65535) { throw new IllegalArgumentException("interface limit exceeded"); } @@ -696,6 +701,7 @@ * if the invocation handler, {@code h}, is * {@code null} */ + @CallerSensitive public static Object newProxyInstance(ClassLoader loader, Class<?>[] interfaces, InvocationHandler h) @@ -705,10 +711,15 @@ throw new NullPointerException(); } + final SecurityManager sm = System.getSecurityManager(); + if (sm != null) { + checkProxyAccess(Reflection.getCallerClass(), loader, interfaces); + } + /* * Look up or generate the designated proxy class. */ - Class<?> cl = getProxyClass0(loader, interfaces); // stack walk magic: do not refactor + Class<?> cl = getProxyClass0(loader, interfaces); /* * Invoke its constructor with the designated invocation handler. @@ -716,7 +727,6 @@ try { final Constructor<?> cons = cl.getConstructor(constructorParams); final InvocationHandler ih = h; - SecurityManager sm = System.getSecurityManager(); if (sm != null && ProxyAccessHelper.needsNewInstanceCheck(cl)) { // create proxy instance with doPrivilege as the proxy class may // implement non-public interfaces that requires a special permission
--- a/src/share/classes/java/security/AccessController.java Fri Jun 14 10:05:04 2013 +0100 +++ b/src/share/classes/java/security/AccessController.java Tue Jun 18 06:01:18 2013 -0500 @@ -26,6 +26,8 @@ package java.security; import sun.security.util.Debug; +import sun.reflect.CallerSensitive; +import sun.reflect.Reflection; /** * <p> The AccessController class is used for access control operations @@ -264,6 +266,7 @@ * @see java.security.DomainCombiner */ + @CallerSensitive public static native <T> T doPrivileged(PrivilegedAction<T> action); /** @@ -288,14 +291,14 @@ * * @since 1.6 */ + @CallerSensitive public static <T> T doPrivilegedWithCombiner(PrivilegedAction<T> action) { - AccessControlContext acc = getStackAccessControlContext(); if (acc == null) { return AccessController.doPrivileged(action); } DomainCombiner dc = acc.getAssignedCombiner(); - return AccessController.doPrivileged(action, preserveCombiner(dc)); + return AccessController.doPrivileged(action, preserveCombiner(dc, Reflection.getCallerClass())); } @@ -326,6 +329,7 @@ * @see #doPrivileged(PrivilegedAction) * @see #doPrivileged(PrivilegedExceptionAction,AccessControlContext) */ + @CallerSensitive public static native <T> T doPrivileged(PrivilegedAction<T> action, AccessControlContext context); @@ -353,6 +357,7 @@ * @see #doPrivilegedWithCombiner(PrivilegedExceptionAction) * @see java.security.DomainCombiner */ + @CallerSensitive public static native <T> T doPrivileged(PrivilegedExceptionAction<T> action) throws PrivilegedActionException; @@ -383,6 +388,7 @@ * * @since 1.6 */ + @CallerSensitive public static <T> T doPrivilegedWithCombiner (PrivilegedExceptionAction<T> action) throws PrivilegedActionException { @@ -391,26 +397,18 @@ return AccessController.doPrivileged(action); } DomainCombiner dc = acc.getAssignedCombiner(); - return AccessController.doPrivileged(action, preserveCombiner(dc)); + return AccessController.doPrivileged(action, preserveCombiner(dc, Reflection.getCallerClass())); } /** * preserve the combiner across the doPrivileged call */ - private static AccessControlContext preserveCombiner - (DomainCombiner combiner) { - - /** - * callerClass[0] = Reflection.getCallerClass - * callerClass[1] = AccessController.preserveCombiner - * callerClass[2] = AccessController.doPrivileged - * callerClass[3] = caller - */ - final Class callerClass = sun.reflect.Reflection.getCallerClass(3); + private static AccessControlContext preserveCombiner(DomainCombiner combiner, + final Class<?> caller) { ProtectionDomain callerPd = doPrivileged (new PrivilegedAction<ProtectionDomain>() { public ProtectionDomain run() { - return callerClass.getProtectionDomain(); + return caller.getProtectionDomain(); } }); @@ -455,6 +453,7 @@ * @see #doPrivileged(PrivilegedAction) * @see #doPrivileged(PrivilegedExceptionAction,AccessControlContext) */ + @CallerSensitive public static native <T> T doPrivileged(PrivilegedExceptionAction<T> action, AccessControlContext context)
--- a/src/share/classes/java/sql/DriverManager.java Fri Jun 14 10:05:04 2013 +0100 +++ b/src/share/classes/java/sql/DriverManager.java Tue Jun 18 06:01:18 2013 -0500 @@ -30,7 +30,8 @@ import java.security.AccessController; import java.security.PrivilegedAction; import java.util.concurrent.CopyOnWriteArrayList; - +import sun.reflect.CallerSensitive; +import sun.reflect.Reflection; /** * <P>The basic service for managing a set of JDBC drivers.<br> @@ -180,14 +181,10 @@ * @return a Connection to the URL * @exception SQLException if a database access error occurs */ + @CallerSensitive public static Connection getConnection(String url, java.util.Properties info) throws SQLException { - - // Gets the classloader of the code that called this method, may - // be null. - ClassLoader callerCL = DriverManager.getCallerClassLoader(); - - return (getConnection(url, info, callerCL)); + return (getConnection(url, info, Reflection.getCallerClass())); } /** @@ -203,14 +200,11 @@ * @return a connection to the URL * @exception SQLException if a database access error occurs */ + @CallerSensitive public static Connection getConnection(String url, String user, String password) throws SQLException { java.util.Properties info = new java.util.Properties(); - // Gets the classloader of the code that called this method, may - // be null. - ClassLoader callerCL = DriverManager.getCallerClassLoader(); - if (user != null) { info.put("user", user); } @@ -218,7 +212,7 @@ info.put("password", password); } - return (getConnection(url, info, callerCL)); + return (getConnection(url, info, Reflection.getCallerClass())); } /** @@ -231,16 +225,12 @@ * @return a connection to the URL * @exception SQLException if a database access error occurs */ + @CallerSensitive public static Connection getConnection(String url) throws SQLException { java.util.Properties info = new java.util.Properties(); - - // Gets the classloader of the code that called this method, may - // be null. - ClassLoader callerCL = DriverManager.getCallerClassLoader(); - - return (getConnection(url, info, callerCL)); + return (getConnection(url, info, Reflection.getCallerClass())); } /** @@ -254,21 +244,20 @@ * that can connect to the given URL * @exception SQLException if a database access error occurs */ + @CallerSensitive public static Driver getDriver(String url) throws SQLException { println("DriverManager.getDriver(\"" + url + "\")"); - // Gets the classloader of the code that called this method, may - // be null. - ClassLoader callerCL = DriverManager.getCallerClassLoader(); + Class<?> callerClass = Reflection.getCallerClass(); // Walk through the loaded registeredDrivers attempting to locate someone // who understands the given URL. for (DriverInfo aDriver : registeredDrivers) { // If the caller does not have permission to load the driver then // skip it. - if(isDriverAllowed(aDriver.driver, callerCL)) { + if(isDriverAllowed(aDriver.driver, callerClass)) { try { if(aDriver.driver.acceptsURL(url)) { // Success! @@ -322,20 +311,18 @@ * @param driver the JDBC Driver to drop * @exception SQLException if a database access error occurs */ + @CallerSensitive public static synchronized void deregisterDriver(Driver driver) throws SQLException { if (driver == null) { return; } - // Gets the classloader of the code that called this method, - // may be null. - ClassLoader callerCL = DriverManager.getCallerClassLoader(); println("DriverManager.deregisterDriver: " + driver); DriverInfo aDriver = new DriverInfo(driver); if(registeredDrivers.contains(aDriver)) { - if (isDriverAllowed(driver, callerCL)) { + if (isDriverAllowed(driver, Reflection.getCallerClass())) { registeredDrivers.remove(aDriver); } else { // If the caller does not have permission to load the driver then @@ -356,18 +343,17 @@ * * @return the list of JDBC Drivers loaded by the caller's class loader */ + @CallerSensitive public static java.util.Enumeration<Driver> getDrivers() { java.util.Vector<Driver> result = new java.util.Vector<Driver>(); - // Gets the classloader of the code that called this method, may - // be null. - ClassLoader callerCL = DriverManager.getCallerClassLoader(); + Class<?> callerClass = Reflection.getCallerClass(); // Walk through the loaded registeredDrivers. for(DriverInfo aDriver : registeredDrivers) { // If the caller does not have permission to load the driver then // skip it. - if(isDriverAllowed(aDriver.driver, callerCL)) { + if(isDriverAllowed(aDriver.driver, callerClass)) { result.addElement(aDriver.driver); } else { println(" skipping: " + aDriver.getClass().getName()); @@ -464,6 +450,11 @@ // Indicates whether the class object that would be created if the code calling // DriverManager is accessible. + private static boolean isDriverAllowed(Driver driver, Class<?> caller) { + ClassLoader callerCL = caller != null ? caller.getClassLoader() : null; + return isDriverAllowed(driver, callerCL); + } + private static boolean isDriverAllowed(Driver driver, ClassLoader classLoader) { boolean result = false; if(driver != null) { @@ -546,18 +537,19 @@ // Worker method called by the public getConnection() methods. private static Connection getConnection( - String url, java.util.Properties info, ClassLoader callerCL) throws SQLException { + String url, java.util.Properties info, Class<?> caller) throws SQLException { /* * When callerCl is null, we should check the application's * (which is invoking this class indirectly) * classloader, so that the JDBC driver class outside rt.jar * can be loaded from here. */ - synchronized(DriverManager.class) { - // synchronize loading of the correct classloader. - if(callerCL == null) { - callerCL = Thread.currentThread().getContextClassLoader(); - } + ClassLoader callerCL = caller != null ? caller.getClassLoader() : null; + synchronized (DriverManager.class) { + // synchronize loading of the correct classloader. + if (callerCL == null) { + callerCL = Thread.currentThread().getContextClassLoader(); + } } if(url == null) { @@ -603,10 +595,6 @@ println("getConnection: no suitable driver found for "+ url); throw new SQLException("No suitable driver found for "+ url, "08001"); } - - /* Returns the caller's class loader, or null if none */ - private static native ClassLoader getCallerClassLoader(); - } /*
--- a/src/share/classes/java/util/ResourceBundle.java Fri Jun 14 10:05:04 2013 +0100 +++ b/src/share/classes/java/util/ResourceBundle.java Tue Jun 18 06:01:18 2013 -0500 @@ -56,6 +56,8 @@ import java.util.concurrent.ConcurrentMap; import java.util.jar.JarEntry; +import sun.reflect.CallerSensitive; +import sun.reflect.Reflection; import sun.util.locale.BaseLocale; import sun.util.locale.LocaleObjectCache; @@ -412,14 +414,10 @@ /* * Automatic determination of the ClassLoader to be used to load - * resources on behalf of the client. N.B. The client is getLoader's - * caller's caller. + * resources on behalf of the client. */ - private static ClassLoader getLoader() { - Class[] stack = getClassContext(); - /* Magic number 2 identifies our caller's caller */ - Class c = stack[2]; - ClassLoader cl = (c == null) ? null : c.getClassLoader(); + private static ClassLoader getLoader(Class<?> caller) { + ClassLoader cl = caller == null ? null : caller.getClassLoader(); if (cl == null) { // When the caller's loader is the boot class loader, cl is null // here. In that case, ClassLoader.getSystemClassLoader() may @@ -433,8 +431,6 @@ return cl; } - private static native Class[] getClassContext(); - /** * A wrapper of ClassLoader.getSystemClassLoader(). */ @@ -719,11 +715,12 @@ * if no resource bundle for the specified base name can be found * @return a resource bundle for the given base name and the default locale */ + @CallerSensitive public static final ResourceBundle getBundle(String baseName) { return getBundleImpl(baseName, Locale.getDefault(), /* must determine loader here, else we break stack invariant */ - getLoader(), + getLoader(Reflection.getCallerClass()), Control.INSTANCE); } @@ -761,11 +758,12 @@ * needed. * @since 1.6 */ + @CallerSensitive public static final ResourceBundle getBundle(String baseName, Control control) { return getBundleImpl(baseName, Locale.getDefault(), /* must determine loader here, else we break stack invariant */ - getLoader(), + getLoader(Reflection.getCallerClass()), control); } @@ -790,12 +788,13 @@ * if no resource bundle for the specified base name can be found * @return a resource bundle for the given base name and locale */ + @CallerSensitive public static final ResourceBundle getBundle(String baseName, Locale locale) { return getBundleImpl(baseName, locale, /* must determine loader here, else we break stack invariant */ - getLoader(), + getLoader(Reflection.getCallerClass()), Control.INSTANCE); } @@ -836,11 +835,12 @@ * needed. * @since 1.6 */ + @CallerSensitive public static final ResourceBundle getBundle(String baseName, Locale targetLocale, Control control) { return getBundleImpl(baseName, targetLocale, /* must determine loader here, else we break stack invariant */ - getLoader(), + getLoader(Reflection.getCallerClass()), control); } @@ -1676,8 +1676,9 @@ * @since 1.6 * @see ResourceBundle.Control#getTimeToLive(String,Locale) */ + @CallerSensitive public static final void clearCache() { - clearCache(getLoader()); + clearCache(getLoader(Reflection.getCallerClass())); } /**
--- a/src/share/classes/java/util/concurrent/atomic/AtomicIntegerFieldUpdater.java Fri Jun 14 10:05:04 2013 +0100 +++ b/src/share/classes/java/util/concurrent/atomic/AtomicIntegerFieldUpdater.java Tue Jun 18 06:01:18 2013 -0500 @@ -34,8 +34,10 @@ */ package java.util.concurrent.atomic; +import java.lang.reflect.*; import sun.misc.Unsafe; -import java.lang.reflect.*; +import sun.reflect.CallerSensitive; +import sun.reflect.Reflection; /** * A reflection-based utility that enables atomic updates to @@ -69,8 +71,9 @@ * @throws RuntimeException with a nested reflection-based * exception if the class does not hold field or is the wrong type */ + @CallerSensitive public static <U> AtomicIntegerFieldUpdater<U> newUpdater(Class<U> tclass, String fieldName) { - return new AtomicIntegerFieldUpdaterImpl<U>(tclass, fieldName); + return new AtomicIntegerFieldUpdaterImpl<U>(tclass, fieldName, Reflection.getCallerClass()); } /** @@ -268,13 +271,11 @@ private final Class<T> tclass; private final Class cclass; - AtomicIntegerFieldUpdaterImpl(Class<T> tclass, String fieldName) { + AtomicIntegerFieldUpdaterImpl(Class<T> tclass, String fieldName, Class<?> caller) { Field field = null; - Class caller = null; int modifiers = 0; try { field = tclass.getDeclaredField(fieldName); - caller = sun.reflect.Reflection.getCallerClass(3); modifiers = field.getModifiers(); sun.reflect.misc.ReflectUtil.ensureMemberAccess( caller, tclass, null, modifiers);
--- a/src/share/classes/java/util/concurrent/atomic/AtomicLongFieldUpdater.java Fri Jun 14 10:05:04 2013 +0100 +++ b/src/share/classes/java/util/concurrent/atomic/AtomicLongFieldUpdater.java Tue Jun 18 06:01:18 2013 -0500 @@ -34,8 +34,10 @@ */ package java.util.concurrent.atomic; +import java.lang.reflect.*; import sun.misc.Unsafe; -import java.lang.reflect.*; +import sun.reflect.CallerSensitive; +import sun.reflect.Reflection; /** * A reflection-based utility that enables atomic updates to @@ -69,11 +71,13 @@ * @throws RuntimeException with a nested reflection-based * exception if the class does not hold field or is the wrong type. */ + @CallerSensitive public static <U> AtomicLongFieldUpdater<U> newUpdater(Class<U> tclass, String fieldName) { + Class<?> caller = Reflection.getCallerClass(); if (AtomicLong.VM_SUPPORTS_LONG_CAS) - return new CASUpdater<U>(tclass, fieldName); + return new CASUpdater<U>(tclass, fieldName, caller); else - return new LockedUpdater<U>(tclass, fieldName); + return new LockedUpdater<U>(tclass, fieldName, caller); } /** @@ -267,13 +271,11 @@ private final Class<T> tclass; private final Class cclass; - CASUpdater(Class<T> tclass, String fieldName) { + CASUpdater(Class<T> tclass, String fieldName, Class<?> caller) { Field field = null; - Class caller = null; int modifiers = 0; try { field = tclass.getDeclaredField(fieldName); - caller = sun.reflect.Reflection.getCallerClass(3); modifiers = field.getModifiers(); sun.reflect.misc.ReflectUtil.ensureMemberAccess( caller, tclass, null, modifiers); @@ -350,13 +352,11 @@ private final Class<T> tclass; private final Class cclass; - LockedUpdater(Class<T> tclass, String fieldName) { + LockedUpdater(Class<T> tclass, String fieldName, Class<?> caller) { Field field = null; - Class caller = null; int modifiers = 0; try { field = tclass.getDeclaredField(fieldName); - caller = sun.reflect.Reflection.getCallerClass(3); modifiers = field.getModifiers(); sun.reflect.misc.ReflectUtil.ensureMemberAccess( caller, tclass, null, modifiers);
--- a/src/share/classes/java/util/concurrent/atomic/AtomicReferenceFieldUpdater.java Fri Jun 14 10:05:04 2013 +0100 +++ b/src/share/classes/java/util/concurrent/atomic/AtomicReferenceFieldUpdater.java Tue Jun 18 06:01:18 2013 -0500 @@ -34,8 +34,10 @@ */ package java.util.concurrent.atomic; +import java.lang.reflect.*; import sun.misc.Unsafe; -import java.lang.reflect.*; +import sun.reflect.CallerSensitive; +import sun.reflect.Reflection; /** * A reflection-based utility that enables atomic updates to @@ -88,10 +90,12 @@ * @throws RuntimeException with a nested reflection-based * exception if the class does not hold field or is the wrong type. */ + @CallerSensitive public static <U, W> AtomicReferenceFieldUpdater<U,W> newUpdater(Class<U> tclass, Class<W> vclass, String fieldName) { return new AtomicReferenceFieldUpdaterImpl<U,W>(tclass, vclass, - fieldName); + fieldName, + Reflection.getCallerClass()); } /** @@ -199,14 +203,13 @@ AtomicReferenceFieldUpdaterImpl(Class<T> tclass, Class<V> vclass, - String fieldName) { + String fieldName, + Class<?> caller) { Field field = null; Class fieldClass = null; - Class caller = null; int modifiers = 0; try { field = tclass.getDeclaredField(fieldName); - caller = sun.reflect.Reflection.getCallerClass(3); modifiers = field.getModifiers(); sun.reflect.misc.ReflectUtil.ensureMemberAccess( caller, tclass, null, modifiers);
--- a/src/share/classes/java/util/logging/Logger.java Fri Jun 14 10:05:04 2013 +0100 +++ b/src/share/classes/java/util/logging/Logger.java Tue Jun 18 06:01:18 2013 -0500 @@ -30,6 +30,8 @@ import java.util.concurrent.CopyOnWriteArrayList; import java.security.*; import java.lang.ref.WeakReference; +import sun.reflect.CallerSensitive; +import sun.reflect.Reflection; /** * A Logger object is used to log messages for a specific @@ -303,13 +305,10 @@ } } - private static Logger demandLogger(String name, String resourceBundleName) { + private static Logger demandLogger(String name, String resourceBundleName, Class<?> caller) { LogManager manager = LogManager.getLogManager(); SecurityManager sm = System.getSecurityManager(); if (sm != null && !SystemLoggerHelper.disableCallerCheck) { - // 0: Reflection 1: Logger.demandLogger 2: Logger.getLogger 3: caller - final int SKIP_FRAMES = 3; - Class<?> caller = sun.reflect.Reflection.getCallerClass(SKIP_FRAMES); if (caller.getClassLoader() == null) { return manager.demandSystemLogger(name, resourceBundleName); } @@ -347,6 +346,7 @@ // Synchronization is not required here. All synchronization for // adding a new Logger object is handled by LogManager.addLogger(). + @CallerSensitive public static Logger getLogger(String name) { // This method is intentionally not a wrapper around a call // to getLogger(name, resourceBundleName). If it were then @@ -358,7 +358,7 @@ // would throw an IllegalArgumentException in the second call // because the wrapper would result in an attempt to replace // the existing "resourceBundleForFoo" with null. - return demandLogger(name, null); + return demandLogger(name, null, Reflection.getCallerClass()); } /** @@ -404,8 +404,9 @@ // Synchronization is not required here. All synchronization for // adding a new Logger object is handled by LogManager.addLogger(). + @CallerSensitive public static Logger getLogger(String name, String resourceBundleName) { - Logger result = demandLogger(name, resourceBundleName); + Logger result = demandLogger(name, resourceBundleName, Reflection.getCallerClass()); if (result.resourceBundleName == null) { // Note: we may get a MissingResourceException here. result.setupResourceInfo(resourceBundleName);
--- a/src/share/classes/javax/sql/rowset/serial/SerialJavaObject.java Fri Jun 14 10:05:04 2013 +0100 +++ b/src/share/classes/javax/sql/rowset/serial/SerialJavaObject.java Tue Jun 18 06:01:18 2013 -0500 @@ -28,7 +28,9 @@ import java.io.*; import java.lang.reflect.*; import javax.sql.rowset.RowSetWarning; +import sun.reflect.CallerSensitive; import sun.reflect.Reflection; +import sun.reflect.misc.ReflectUtil; /** * A serializable mapping in the Java programming language of an SQL @@ -123,10 +125,22 @@ * the serialized object * @see Class#getFields */ + @CallerSensitive public Field[] getFields() throws SerialException { if (fields != null) { Class<?> c = this.obj.getClass(); - checkPackageAccess(c); + SecurityManager sm = System.getSecurityManager(); + if (sm != null) { + /* + * Check if the caller is allowed to access the specified class's package. + * If access is denied, throw a SecurityException. + */ + Class<?> caller = sun.reflect.Reflection.getCallerClass(); + if (ReflectUtil.needsPackageAccessCheck(caller.getClassLoader(), + c.getClassLoader())) { + ReflectUtil.checkPackageAccess(c); + } + } return c.getFields(); } else { throw new SerialException("SerialJavaObject does not contain" + @@ -156,38 +170,4 @@ } chain.add(e); } - - /* - * Check if the caller is allowed to access the specified class's package. If access is denied, - * throw a SecurityException. - * - */ - private void checkPackageAccess(Class<?> clz) { - SecurityManager s = System.getSecurityManager(); - if (s != null) { - if (sun.reflect.misc.ReflectUtil.needsPackageAccessCheck( - getCallerClassLoader(), clz.getClassLoader())) { - String name = clz.getName(); - int i = name.lastIndexOf('.'); - if (i != -1) { - s.checkPackageAccess(name.substring(0, i)); - } - } - } - } - - /* Internal method used to get the caller's caller class loader. - * Caution is required if you attempt to make changes as this method assumes - * the following stack frame count: - * 0: Reflection - * 1: getCallerClassLoader - * 2: checkPackageAccess - * 3: getFields - * 4: caller of getFields - */ - private static ClassLoader getCallerClassLoader() { - Class<?> cc = Reflection.getCallerClass(4); - ClassLoader cl = (cc != null) ? cc.getClassLoader() : null; - return cl; - } }
--- a/src/share/classes/sun/misc/Unsafe.java Fri Jun 14 10:05:04 2013 +0100 +++ b/src/share/classes/sun/misc/Unsafe.java Tue Jun 18 06:01:18 2013 -0500 @@ -28,6 +28,9 @@ import java.security.*; import java.lang.reflect.*; +import sun.reflect.CallerSensitive; +import sun.reflect.Reflection; + /** * A collection of methods for performing low-level, unsafe operations. @@ -80,8 +83,9 @@ * <code>checkPropertiesAccess</code> method doesn't allow * access to the system properties. */ + @CallerSensitive public static Unsafe getUnsafe() { - Class cc = sun.reflect.Reflection.getCallerClass(2); + Class cc = Reflection.getCallerClass(); if (cc.getClassLoader() != null) throw new SecurityException("Unsafe"); return theUnsafe; @@ -809,6 +813,12 @@ ClassLoader loader, ProtectionDomain protectionDomain); + /** + * @deprecated Use defineClass(String, byte[], int, int, ClassLoader, ProtectionDomain) + * instead. This method will be removed in JDK 8. + */ + @Deprecated + @CallerSensitive public native Class defineClass(String name, byte[] b, int off, int len); /**
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/share/classes/sun/reflect/CallerSensitive.java Tue Jun 18 06:01:18 2013 -0500 @@ -0,0 +1,41 @@ +/* + * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Oracle designates this + * particular file as subject to the "Classpath" exception as provided + * by Oracle in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +package sun.reflect; + +import java.lang.annotation.*; +import static java.lang.annotation.ElementType.*; + +/** + * A method annotated @CallerSensitive is sensitive to its calling class, + * via {@link sun.reflect.Reflection#getCallerClass Reflection.getCallerClass}, + * or via some equivalent. + * + * @author John R. Rose + */ +@Retention(RetentionPolicy.RUNTIME) +@Target({METHOD}) +public @interface CallerSensitive { +}
--- a/src/share/classes/sun/reflect/Reflection.java Fri Jun 14 10:05:04 2013 +0100 +++ b/src/share/classes/sun/reflect/Reflection.java Tue Jun 18 06:01:18 2013 -0500 @@ -52,16 +52,11 @@ methodFilterMap = new HashMap<Class,String[]>(); } - /** Returns the class of the method <code>realFramesToSkip</code> - frames up the stack (zero-based), ignoring frames associated - with java.lang.reflect.Method.invoke() and its implementation. - The first frame is that associated with this method, so - <code>getCallerClass(0)</code> returns the Class object for - sun.reflect.Reflection. Frames associated with - java.lang.reflect.Method.invoke() and its implementation are - completely ignored and do not count toward the number of "real" - frames skipped. */ - public static native Class getCallerClass(int realFramesToSkip); + /** Returns the class of the caller of the method calling this method, + ignoring frames associated with java.lang.reflect.Method.invoke() + and its implementation. */ + @CallerSensitive + public static native Class getCallerClass(); /** Retrieves the access flags written to the class file. For inner classes these flags may differ from those returned by @@ -322,4 +317,27 @@ } return newMembers; } + + /** + * Tests if the given method is caller-sensitive and the declaring class + * is defined by either the bootstrap class loader or extension class loader. + */ + public static boolean isCallerSensitive(Method m) { + final ClassLoader loader = m.getDeclaringClass().getClassLoader(); + if (loader == null || isExtClassLoader(loader)) { + return m.isAnnotationPresent(CallerSensitive.class); + } + return false; + } + + private static boolean isExtClassLoader(ClassLoader loader) { + ClassLoader cl = ClassLoader.getSystemClassLoader(); + while (cl != null) { + if (cl.getParent() == null && cl == loader) { + return true; + } + cl = cl.getParent(); + } + return false; + } }
--- a/src/share/native/java/lang/ClassLoader.c Fri Jun 14 10:05:04 2013 +0100 +++ b/src/share/native/java/lang/ClassLoader.c Tue Jun 18 06:01:18 2013 -0500 @@ -439,20 +439,3 @@ return res; } -JNIEXPORT jobject JNICALL -Java_java_lang_ClassLoader_getCaller(JNIEnv *env, jclass cls, jint index) -{ - jobjectArray jcallerStack; - int len; - - jcallerStack = JVM_GetClassContext(env); - if ((*env)->ExceptionCheck(env)) { - return NULL; - } - len = (*env)->GetArrayLength(env, jcallerStack); - if (index < len) { - return (*env)->GetObjectArrayElement(env, jcallerStack, index); - } - return NULL; -} -
--- a/src/share/native/java/lang/SecurityManager.c Fri Jun 14 10:05:04 2013 +0100 +++ b/src/share/native/java/lang/SecurityManager.c Tue Jun 18 06:01:18 2013 -0500 @@ -29,7 +29,6 @@ #include "java_lang_SecurityManager.h" #include "java_lang_ClassLoader.h" -#include "java_util_ResourceBundle.h" /* * Make sure a security manager instance is initialized.
--- a/src/share/native/sun/reflect/Reflection.c Fri Jun 14 10:05:04 2013 +0100 +++ b/src/share/native/sun/reflect/Reflection.c Tue Jun 18 06:01:18 2013 -0500 @@ -27,9 +27,11 @@ #include "sun_reflect_Reflection.h" JNIEXPORT jclass JNICALL Java_sun_reflect_Reflection_getCallerClass -(JNIEnv *env, jclass unused, jint depth) +(JNIEnv *env, jclass unused) { - return JVM_GetCallerClass(env, depth); + // Until there is hotspot @CallerSensitive support, + // depth must always be 2 to get the immediate caller + return JVM_GetCallerClass(env, 2); } JNIEXPORT jint JNICALL Java_sun_reflect_Reflection_getClassAccessFlags
--- a/test/Makefile Fri Jun 14 10:05:04 2013 +0100 +++ b/test/Makefile Tue Jun 18 06:01:18 2013 -0500 @@ -473,7 +473,7 @@ # Stable agentvm testruns (minus items from PROBLEM_LIST) JDK_ALL_TARGETS += jdk_lang -jdk_lang: $(call TestDirs, java/lang) +jdk_lang: $(call TestDirs, java/lang sun/reflect) $(call RunAgentvmBatch) # Stable othervm testruns (minus items from PROBLEM_LIST)
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/sun/reflect/CallerSensitive/CallerSensitiveFinder.java Tue Jun 18 06:01:18 2013 -0500 @@ -0,0 +1,248 @@ +/* + * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import com.sun.tools.classfile.*; +import static com.sun.tools.classfile.ConstantPool.*; +import java.io.File; +import java.io.IOException; +import java.lang.reflect.InvocationTargetException; +import java.nio.file.FileVisitResult; +import java.nio.file.Files; +import java.nio.file.Path; +import java.nio.file.Paths; +import java.nio.file.SimpleFileVisitor; +import java.nio.file.attribute.BasicFileAttributes; +import java.util.ArrayList; +import java.util.List; +import java.util.Set; +import java.util.concurrent.Callable; +import java.util.concurrent.ExecutionException; +import java.util.concurrent.ExecutorService; +import java.util.concurrent.Executors; +import java.util.concurrent.FutureTask; + +/* + * @test + * @bug 8010117 + * @summary Verify if CallerSensitive methods are annotated with + * sun.reflect.CallerSensitive annotation + * @build CallerSensitiveFinder MethodFinder ClassFileReader + * @run main/othervm/timeout=900 -mx800m CallerSensitiveFinder + */ +public class CallerSensitiveFinder extends MethodFinder { + private static int numThreads = 3; + private static boolean verbose = false; + public static void main(String[] args) throws Exception { + List<Path> classes = new ArrayList<>(); + String testclasses = System.getProperty("test.classes", "."); + int i = 0; + while (i < args.length) { + String arg = args[i++]; + if (arg.equals("-v")) { + verbose = true; + } else { + Path p = Paths.get(testclasses, arg); + if (!p.toFile().exists()) { + throw new IllegalArgumentException(arg + " does not exist"); + } + classes.add(p); + } + } + if (classes.isEmpty()) { + classes.addAll(PlatformClassPath.getJREClasses()); + } + final String method = "sun/reflect/Reflection.getCallerClass"; + CallerSensitiveFinder csfinder = new CallerSensitiveFinder(method); + + List<String> errors = csfinder.run(classes); + if (!errors.isEmpty()) { + throw new RuntimeException(errors.size() + + " caller-sensitive methods are missing @CallerSensitive annotation"); + } + } + + private final List<String> csMethodsMissingAnnotation = new ArrayList<>(); + private final java.lang.reflect.Method mhnCallerSensitiveMethod; + public CallerSensitiveFinder(String... methods) throws Exception { + super(methods); + this.mhnCallerSensitiveMethod = getIsCallerSensitiveMethod(); + } + + static java.lang.reflect.Method getIsCallerSensitiveMethod() + throws ClassNotFoundException, NoSuchMethodException + { + Class<?> cls = Class.forName("java.lang.invoke.MethodHandleNatives"); + java.lang.reflect.Method m = cls.getDeclaredMethod("isCallerSensitiveMethod", Class.class, String.class); + m.setAccessible(true); + return m; + } + + boolean inMethodHandlesList(String classname, String method) { + Class<?> cls; + try { + cls = Class.forName(classname.replace('/', '.'), + false, + ClassLoader.getSystemClassLoader()); + return (Boolean) mhnCallerSensitiveMethod.invoke(null, cls, method); + } catch (ClassNotFoundException|IllegalAccessException e) { + throw new RuntimeException(e); + } catch (InvocationTargetException e) { + throw new RuntimeException(e.getCause()); + } + } + + public List<String> run(List<Path> classes) throws IOException, InterruptedException, + ExecutionException, ConstantPoolException + { + ExecutorService pool = Executors.newFixedThreadPool(numThreads); + for (Path path : classes) { + ClassFileReader reader = ClassFileReader.newInstance(path.toFile()); + for (ClassFile cf : reader.getClassFiles()) { + String classFileName = cf.getName(); + // for each ClassFile + // parse constant pool to find matching method refs + // parse each method (caller) + // - visit and find method references matching the given method name + pool.submit(getTask(cf)); + } + } + waitForCompletion(); + pool.shutdown(); + return csMethodsMissingAnnotation; + } + + private static final String CALLER_SENSITIVE_ANNOTATION = "Lsun/reflect/CallerSensitive;"; + private static boolean isCallerSensitive(Method m, ConstantPool cp) + throws ConstantPoolException + { + RuntimeAnnotations_attribute attr = + (RuntimeAnnotations_attribute)m.attributes.get(Attribute.RuntimeVisibleAnnotations); + int index = 0; + if (attr != null) { + for (int i = 0; i < attr.annotations.length; i++) { + Annotation ann = attr.annotations[i]; + String annType = cp.getUTF8Value(ann.type_index); + if (CALLER_SENSITIVE_ANNOTATION.equals(annType)) { + return true; + } + } + } + return false; + } + + public void referenceFound(ClassFile cf, Method m, Set<Integer> refs) + throws ConstantPoolException + { + String name = String.format("%s#%s %s", cf.getName(), + m.getName(cf.constant_pool), + m.descriptor.getValue(cf.constant_pool)); + if (!CallerSensitiveFinder.isCallerSensitive(m, cf.constant_pool)) { + csMethodsMissingAnnotation.add(name); + System.err.println(" Missing @CallerSensitive: " + name); + } else if (verbose) { + System.out.format("Caller found: %s%n", name); + } + if (m.access_flags.is(AccessFlags.ACC_PUBLIC)) { + if (!inMethodHandlesList(cf.getName(), m.getName(cf.constant_pool))) { + csMethodsMissingAnnotation.add(name); + System.err.println(" Missing in MethodHandleNatives list: " + name); + } else if (verbose) { + System.out.format("Caller found in MethodHandleNatives list: %s%n", name); + + } + } + } + + private final List<FutureTask<String>> tasks = new ArrayList<FutureTask<String>>(); + private FutureTask<String> getTask(final ClassFile cf) { + FutureTask<String> task = new FutureTask<String>(new Callable<String>() { + public String call() throws Exception { + return parse(cf); + } + }); + tasks.add(task); + return task; + } + + private void waitForCompletion() throws InterruptedException, ExecutionException { + for (FutureTask<String> t : tasks) { + String s = t.get(); + } + System.out.println("Parsed " + tasks.size() + " classfiles"); + } + + static class PlatformClassPath { + static List<Path> getJREClasses() throws IOException { + List<Path> result = new ArrayList<Path>(); + Path home = Paths.get(System.getProperty("java.home")); + + if (home.endsWith("jre")) { + // jar files in <javahome>/jre/lib + // skip <javahome>/lib + result.addAll(addJarFiles(home.resolve("lib"))); + } else if (home.resolve("lib").toFile().exists()) { + // either a JRE or a jdk build image + File classes = home.resolve("classes").toFile(); + if (classes.exists() && classes.isDirectory()) { + // jdk build outputdir + result.add(classes.toPath()); + } + // add other JAR files + result.addAll(addJarFiles(home.resolve("lib"))); + } else { + throw new RuntimeException("\"" + home + "\" not a JDK home"); + } + return result; + } + + static List<Path> addJarFiles(final Path root) throws IOException { + final List<Path> result = new ArrayList<Path>(); + final Path ext = root.resolve("ext"); + Files.walkFileTree(root, new SimpleFileVisitor<Path>() { + @Override + public FileVisitResult preVisitDirectory(Path dir, BasicFileAttributes attrs) + throws IOException { + if (dir.equals(root) || dir.equals(ext)) { + return FileVisitResult.CONTINUE; + } else { + // skip other cobundled JAR files + return FileVisitResult.SKIP_SUBTREE; + } + } + + @Override + public FileVisitResult visitFile(Path file, BasicFileAttributes attrs) + throws IOException { + File f = file.toFile(); + String fn = f.getName(); + // parse alt-rt.jar as well + if (fn.endsWith(".jar") && !fn.equals("jfxrt.jar")) { + result.add(file); + } + return FileVisitResult.CONTINUE; + } + }); + return result; + } + } +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/sun/reflect/CallerSensitive/ClassFileReader.java Tue Jun 18 06:01:18 2013 -0500 @@ -0,0 +1,338 @@ +/* + * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import com.sun.tools.classfile.ClassFile; +import com.sun.tools.classfile.ConstantPoolException; +import java.io.*; +import java.nio.file.FileVisitResult; +import java.nio.file.Files; +import java.nio.file.Path; +import java.nio.file.SimpleFileVisitor; +import java.nio.file.attribute.BasicFileAttributes; +import java.util.*; +import java.util.jar.JarEntry; +import java.util.jar.JarFile; + +/** + * ClassFileReader reads ClassFile(s) of a given path that can be + * a .class file, a directory, or a JAR file. + */ +public class ClassFileReader { + /** + * Returns a ClassFileReader instance of a given path. + */ + public static ClassFileReader newInstance(File path) throws IOException { + if (!path.exists()) { + throw new FileNotFoundException(path.getAbsolutePath()); + } + + if (path.isDirectory()) { + return new DirectoryReader(path.toPath()); + } else if (path.getName().endsWith(".jar")) { + return new JarFileReader(path.toPath()); + } else { + return new ClassFileReader(path.toPath()); + } + } + + /** + * Returns a ClassFileReader instance of a given JarFile. + */ + public static ClassFileReader newInstance(Path path, JarFile jf) throws IOException { + return new JarFileReader(path, jf); + } + + protected final Path path; + protected final String baseFileName; + private ClassFileReader(Path path) { + this.path = path; + this.baseFileName = path.getFileName() != null + ? path.getFileName().toString() + : path.toString(); + } + + public String getFileName() { + return baseFileName; + } + + /** + * Returns the ClassFile matching the given binary name + * or a fully-qualified class name. + */ + public ClassFile getClassFile(String name) throws IOException { + if (name.indexOf('.') > 0) { + int i = name.lastIndexOf('.'); + String pathname = name.replace('.', File.separatorChar) + ".class"; + if (baseFileName.equals(pathname) || + baseFileName.equals(pathname.substring(0, i) + "$" + + pathname.substring(i+1, pathname.length()))) { + return readClassFile(path); + } + } else { + if (baseFileName.equals(name.replace('/', File.separatorChar) + ".class")) { + return readClassFile(path); + } + } + return null; + } + + public Iterable<ClassFile> getClassFiles() throws IOException { + return new Iterable<ClassFile>() { + public Iterator<ClassFile> iterator() { + return new FileIterator(); + } + }; + } + + protected ClassFile readClassFile(Path p) throws IOException { + InputStream is = null; + try { + is = Files.newInputStream(p); + return ClassFile.read(is); + } catch (ConstantPoolException e) { + throw new ClassFileError(e); + } finally { + if (is != null) { + is.close(); + } + } + } + + class FileIterator implements Iterator<ClassFile> { + int count; + FileIterator() { + this.count = 0; + } + public boolean hasNext() { + return count == 0 && baseFileName.endsWith(".class"); + } + + public ClassFile next() { + if (!hasNext()) { + throw new NoSuchElementException(); + } + try { + ClassFile cf = readClassFile(path); + count++; + return cf; + } catch (IOException e) { + throw new ClassFileError(e); + } + } + + public void remove() { + throw new UnsupportedOperationException("Not supported yet."); + } + } + + public String toString() { + return path.toString(); + } + + private static class DirectoryReader extends ClassFileReader { + DirectoryReader(Path path) throws IOException { + super(path); + } + + public ClassFile getClassFile(String name) throws IOException { + if (name.indexOf('.') > 0) { + int i = name.lastIndexOf('.'); + String pathname = name.replace('.', File.separatorChar) + ".class"; + Path p = path.resolve(pathname); + if (!p.toFile().exists()) { + p = path.resolve(pathname.substring(0, i) + "$" + + pathname.substring(i+1, pathname.length())); + } + if (p.toFile().exists()) { + return readClassFile(p); + } + } else { + Path p = path.resolve(name + ".class"); + if (p.toFile().exists()) { + return readClassFile(p); + } + } + return null; + } + + public Iterable<ClassFile> getClassFiles() throws IOException { + final Iterator<ClassFile> iter = new DirectoryIterator(); + return new Iterable<ClassFile>() { + public Iterator<ClassFile> iterator() { + return iter; + } + }; + } + + private List<Path> walkTree(Path dir) throws IOException { + final List<Path> files = new ArrayList<Path>(); + Files.walkFileTree(dir, new SimpleFileVisitor<Path>() { + public FileVisitResult visitFile(Path file, BasicFileAttributes attrs) + throws IOException { + if (file.toFile().getName().endsWith(".class")) { + files.add(file); + } + return FileVisitResult.CONTINUE; + } + }); + return files; + } + + class DirectoryIterator implements Iterator<ClassFile> { + private List<Path> entries; + private int index = 0; + DirectoryIterator() throws IOException { + entries = walkTree(path); + index = 0; + } + + public boolean hasNext() { + return index != entries.size(); + } + + public ClassFile next() { + if (!hasNext()) { + throw new NoSuchElementException(); + } + Path path = entries.get(index++); + try { + return readClassFile(path); + } catch (IOException e) { + throw new ClassFileError(e); + } + } + + public void remove() { + throw new UnsupportedOperationException("Not supported yet."); + } + } + } + + private static class JarFileReader extends ClassFileReader { + final JarFile jarfile; + JarFileReader(Path path) throws IOException { + this(path, new JarFile(path.toFile())); + } + JarFileReader(Path path, JarFile jf) throws IOException { + super(path); + this.jarfile = jf; + } + + public ClassFile getClassFile(String name) throws IOException { + if (name.indexOf('.') > 0) { + int i = name.lastIndexOf('.'); + String entryName = name.replace('.', '/') + ".class"; + JarEntry e = jarfile.getJarEntry(entryName); + if (e == null) { + e = jarfile.getJarEntry(entryName.substring(0, i) + "$" + + entryName.substring(i + 1, entryName.length())); + } + if (e != null) { + return readClassFile(e); + } + } else { + JarEntry e = jarfile.getJarEntry(name + ".class"); + if (e != null) { + return readClassFile(e); + } + } + return null; + } + + private ClassFile readClassFile(JarEntry e) throws IOException { + InputStream is = null; + try { + is = jarfile.getInputStream(e); + return ClassFile.read(is); + } catch (ConstantPoolException ex) { + throw new IOException(ex); + } finally { + if (is != null) + is.close(); + } + } + + public Iterable<ClassFile> getClassFiles() throws IOException { + final Iterator<ClassFile> iter = new JarFileIterator(); + return new Iterable<ClassFile>() { + public Iterator<ClassFile> iterator() { + return iter; + } + }; + } + + class JarFileIterator implements Iterator<ClassFile> { + private Enumeration<JarEntry> entries; + private JarEntry nextEntry; + JarFileIterator() { + this.entries = jarfile.entries(); + while (entries.hasMoreElements()) { + JarEntry e = entries.nextElement(); + String name = e.getName(); + if (name.endsWith(".class")) { + this.nextEntry = e; + break; + } + } + } + + public boolean hasNext() { + return nextEntry != null; + } + + public ClassFile next() { + if (!hasNext()) { + throw new NoSuchElementException(); + } + + ClassFile cf; + try { + cf = readClassFile(nextEntry); + } catch (IOException e) { + throw new ClassFileError(e); + } + JarEntry entry = nextEntry; + nextEntry = null; + while (entries.hasMoreElements()) { + JarEntry e = entries.nextElement(); + String name = e.getName(); + if (name.endsWith(".class")) { + nextEntry = e; + break; + } + } + return cf; + } + + public void remove() { + throw new UnsupportedOperationException("Not supported yet."); + } + } + } + + public static class ClassFileError extends Error { + public ClassFileError(Throwable t) { + super(t); + } + } +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/sun/reflect/CallerSensitive/MethodFinder.java Tue Jun 18 06:01:18 2013 -0500 @@ -0,0 +1,201 @@ +/* + * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import java.util.*; +import com.sun.tools.classfile.*; +import static com.sun.tools.classfile.ConstantPool.*; +import com.sun.tools.classfile.Instruction.TypeKind; + +/** + * MethodFinder utility class to find references to the given methods. + */ +public abstract class MethodFinder { + final List<String> methods; + public MethodFinder(String... methods) { + this.methods = Arrays.asList(methods); + } + + /** + * A callback method will be invoked when a method referencing + * any of the lookup methods. + * + * @param cf ClassFile + * @param m Method + * @param refs Set of constant pool indices that reference the methods + * matching the given lookup method names + */ + public abstract void referenceFound(ClassFile cf, Method m, Set<Integer> refs) + throws ConstantPoolException; + + public String parse(ClassFile cf) throws ConstantPoolException { + List<Integer> cprefs = new ArrayList<Integer>(); + int index = 1; + for (ConstantPool.CPInfo cpInfo : cf.constant_pool.entries()) { + if (cpInfo.accept(cpVisitor, null)) { + cprefs.add(index); + } + index += cpInfo.size(); + } + + if (!cprefs.isEmpty()) { + for (Method m : cf.methods) { + Set<Integer> refs = new HashSet<Integer>(); + Code_attribute c_attr = (Code_attribute) m.attributes.get(Attribute.Code); + if (c_attr != null) { + for (Instruction instr : c_attr.getInstructions()) { + int idx = instr.accept(codeVisitor, cprefs); + if (idx > 0) { + refs.add(idx); + } + } + } + if (refs.size() > 0) { + referenceFound(cf, m, refs); + } + } + } + return cprefs.isEmpty() ? "" : cf.getName(); + } + + private ConstantPool.Visitor<Boolean,Void> cpVisitor = + new ConstantPool.Visitor<Boolean,Void>() + { + private boolean matches(CPRefInfo info) { + try { + CONSTANT_NameAndType_info nat = info.getNameAndTypeInfo(); + return matches(info.getClassName(), nat.getName(), nat.getType()); + } catch (ConstantPoolException ex) { + return false; + } + } + + private boolean matches(String cn, String name, String type) { + return methods.contains(cn + "." + name); + } + + public Boolean visitClass(CONSTANT_Class_info info, Void p) { + return false; + } + + public Boolean visitInterfaceMethodref(CONSTANT_InterfaceMethodref_info info, Void p) { + return matches(info); + } + + public Boolean visitMethodref(CONSTANT_Methodref_info info, Void p) { + return matches(info); + } + + public Boolean visitDouble(CONSTANT_Double_info info, Void p) { + return false; + } + + public Boolean visitFieldref(CONSTANT_Fieldref_info info, Void p) { + return false; + } + + public Boolean visitFloat(CONSTANT_Float_info info, Void p) { + return false; + } + + public Boolean visitInteger(CONSTANT_Integer_info info, Void p) { + return false; + } + + public Boolean visitInvokeDynamic(CONSTANT_InvokeDynamic_info info, Void p) { + return false; + } + + public Boolean visitLong(CONSTANT_Long_info info, Void p) { + return false; + } + + public Boolean visitNameAndType(CONSTANT_NameAndType_info info, Void p) { + return false; + } + + public Boolean visitMethodHandle(CONSTANT_MethodHandle_info info, Void p) { + return false; + } + + public Boolean visitMethodType(CONSTANT_MethodType_info info, Void p) { + return false; + } + + public Boolean visitString(CONSTANT_String_info info, Void p) { + return false; + } + + public Boolean visitUtf8(CONSTANT_Utf8_info info, Void p) { + return false; + } + }; + + private Instruction.KindVisitor<Integer, List<Integer>> codeVisitor = + new Instruction.KindVisitor<Integer, List<Integer>>() + { + public Integer visitNoOperands(Instruction instr, List<Integer> p) { + return 0; + } + + public Integer visitArrayType(Instruction instr, TypeKind kind, List<Integer> p) { + return 0; + } + + public Integer visitBranch(Instruction instr, int offset, List<Integer> p) { + return 0; + } + + public Integer visitConstantPoolRef(Instruction instr, int index, List<Integer> p) { + return p.contains(index) ? index : 0; + } + + public Integer visitConstantPoolRefAndValue(Instruction instr, int index, int value, List<Integer> p) { + return p.contains(index) ? index : 0; + } + + public Integer visitLocal(Instruction instr, int index, List<Integer> p) { + return 0; + } + + public Integer visitLocalAndValue(Instruction instr, int index, int value, List<Integer> p) { + return 0; + } + + public Integer visitLookupSwitch(Instruction instr, int default_, int npairs, int[] matches, int[] offsets, List<Integer> p) { + return 0; + } + + public Integer visitTableSwitch(Instruction instr, int default_, int low, int high, int[] offsets, List<Integer> p) { + return 0; + } + + public Integer visitValue(Instruction instr, int value, List<Integer> p) { + return 0; + } + + public Integer visitUnknown(Instruction instr, List<Integer> p) { + return 0; + } + }; +} +
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/sun/reflect/CallerSensitive/MissingCallerSensitive.java Tue Jun 18 06:01:18 2013 -0500 @@ -0,0 +1,73 @@ +/* + * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 8010117 + * @summary Test CallerSensitiveFinder to find missing annotation + * @compile -XDignore.symbol.file MissingCallerSensitive.java + * @build CallerSensitiveFinder MethodFinder ClassFileReader + * @run main/othervm MissingCallerSensitive + */ + +import java.nio.file.Path; +import java.nio.file.Paths; +import java.util.*; +public class MissingCallerSensitive { + public static void main(String[] args) throws Exception { + String testclasses = System.getProperty("test.classes", "."); + List<Path> classes = new ArrayList<>(); + classes.add(Paths.get(testclasses, "MissingCallerSensitive.class")); + + final String method = "sun/reflect/Reflection.getCallerClass"; + CallerSensitiveFinder csfinder = new CallerSensitiveFinder(method); + List<String> errors = csfinder.run(classes); + /* + * Expected 1 method missing @CallerSenitive and 2 methods not in + * the MethodHandleNatives CS list + */ + if (errors.size() != 3) { + throw new RuntimeException("Unexpected number of methods found: " + errors.size()); + } + int count=0; + for (String e : errors) { + if (e.startsWith("MissingCallerSensitive#missingCallerSensitiveAnnotation ")) { + count++; + } + } + if (count != 2) { + throw new RuntimeException("Error: expected 1 method missing annotation & missing in the list"); + } + } + + @sun.reflect.CallerSensitive + public ClassLoader getCallerLoader() { + Class<?> c = sun.reflect.Reflection.getCallerClass(); + return c.getClassLoader(); + } + + public ClassLoader missingCallerSensitiveAnnotation() { + Class<?> c = sun.reflect.Reflection.getCallerClass(); + return c.getClassLoader(); + } +}