RFR: 8333796: Add missing serialization functionality to sun.reflect.ReflectionFactory [v3]
David M. Lloyd
duke at openjdk.org
Fri Sep 20 22:01:23 UTC 2024
On Fri, 20 Sep 2024 20:27:00 GMT, Roger Riggs <rriggs at openjdk.org> wrote:
>> David M. Lloyd has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Address review comment
>
> src/java.base/share/classes/jdk/internal/reflect/ReflectionFactory.java line 470:
>
>> 468: return null;
>> 469: }
>> 470: field.setAccessible(true);
>
> setAccessible() might need a doPriv to be successful in all cases.
Other methods on this class do not use `doPrivileged()` so I thought it would be best to copy them; this, custom serialization libraries are using their own `doPrivileged()` blocks for those methods already. This could probably be safely changed (since a runtime permission is already required to access the user-facing `ReflectionFactory` class anyway), but would it be best to change it all at once? Or would it be better to leave it as is?
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/19702#discussion_r1769270696
More information about the core-libs-dev
mailing list