RFR 8073056: Repeating annotations throws java.security.AccessControlException with a SecurityManager
Mandy Chung
mandy.chung at oracle.com
Wed Feb 25 22:19:51 UTC 2015
On 2/25/2015 5:19 AM, Joel Borggrén-Franck wrote:
> InvocationHandler::invoke unfortunately throws Throwable, but I restructured it a bit so it is easier to follow.
>
> http://cr.openjdk.java.net/~jfranck/8073056/webrev.01/
196 InvocationHandler handler = Proxy.getInvocationHandler(container);
Do you want to ensure it's from our implementation?
i.e. sun.reflect.annotation.AnnotationInvocationHandler
204 }catch (Throwable t) { // from InvocationHandler::invoke
Missing space between } and catch
182 // According to JLS the container must have an array-valued value
183 // method. Get the AnnotationType, get the "value" method and invoke
184 // it to get the content.
190 Method m = annoType.members().get("value");
212 m.setAccessible(true);
I am missing something here. I read the code and I think
annoType is of sun.reflect.annotation.AnnotationType type.
Does the old implementation still exist that is supported?
Which method is it in the old implementation? If it's still
supported, as Class.getAnnotationsByType is not specified to
require any permission check nor throw any SecurityException,
and it seems that setAccessible(true) should be wrapped with
doPrivileged.
If it's not used in our implementation after your patch,
perhaps better to take m.setAccessible(true) out.
Mandy
More information about the core-libs-dev
mailing list