A Bug involving MethodHandles, Nestmates, Reflection and @CallerSensitive
Mandy Chung
mandy.chung at oracle.com
Wed Dec 9 18:44:26 UTC 2020
On 12/8/20 6:02 PM, Johannes Kuhn wrote:
> There are a lot of things to consider when trying to fix JDK-8013527.
Exactly in particular security implication! What is clear is that the
expected lookup class should not be the injected class. The key
message here is that we can't fix JDK-8257874 until we fix JDK-8013527
unfortunately.
Mandy
More information about the core-libs-dev
mailing list