RFR: 8225694: Destination option missing in FlightRecorderMXBeanImpl
Erik Gahlin
erik.gahlin at oracle.com
Sat Sep 14 21:34:19 UTC 2019
Hi Chihiro.
I noticed that you do.
r.getDestination().toString();
I’m not sure if it safe. A malicious user could implement their own version of a Path object and have it execute in the context of the MBeanServer thread. I would prefer if you would access the PlatformRecording object (see PrivateAccess::getPlatformRecording) and use WriteableUserPath#getText to get a textual representation of a path you can return to getOptions(). You can add a method to the class jdk.jfr.internal.managemnet.ManagementSupport, i.e getRecordingDestintaion(Recording), where you can tunnel things to the jdk.management.jfr module.
Maybe you could also add the message “Not a valid destination” to the IAE.
Thanks
Erik
> On 14 Sep 2019, at 19:06, Chihiro Ito <chiroito107 at gmail.com> wrote:
>
> Hi,
>
> Could you review this tiny change, please?
>
> JBS https://bugs.openjdk.java.net/browse/JDK-8225694
> Webrev http://cr.openjdk.java.net/~cito/JDK-8225694/webrev.00/
>
> Regards,
> Chihiro
More information about the hotspot-jfr-dev
mailing list