[11u] RFR: 8235351: Lookup::unreflect should bind with the original caller independent of Method's accessible flag

Doerr, Martin martin.doerr at sap.com
Mon Dec 21 10:52:24 UTC 2020 

Hi,

JDK-8235351 is backported to 11.0.11-oracle. I'd like to backport it for parity.
Change doesn't apply cleanly, because https://bugs.openjdk.java.net/browse/JDK-8233527 is not in 11u (jdk14 uses hasFullPrivilegeAccess(), but older versions use hasPrivateAccess()).

Bug:
https://bugs.openjdk.java.net/browse/JDK-8235351

Original change:
https://hg.openjdk.java.net/jdk/jdk/rev/4437d58547ce

11u backport:
http://cr.openjdk.java.net/~mdoerr/8235351_methodhandles_11u/webrev.00/

This is the adaptation:
diff -r a670e0826a66 src/java.base/share/classes/java/lang/invoke/MethodHandles.java
--- a/src/java.base/share/classes/java/lang/invoke/MethodHandles.java   Fri Dec 06 15:10:40 2019 -0800
+++ b/src/java.base/share/classes/java/lang/invoke/MethodHandles.java   Fri Dec 18 18:01:25 2020 +0100
@@ -2074,8 +2074,8 @@
          * Otherwise, if m is caller-sensitive, throw IllegalAccessException.
          */
          Lookup findBoundCallerLookup(MemberName m) throws IllegalAccessException {
-             if (MethodHandleNatives.isCallerSensitive(m) && !hasFullPrivilegeAccess()) {
-                // Only lookups with full privilege access are allowed to resolve caller-sensitive methods
+             if (MethodHandleNatives.isCallerSensitive(m) && !hasPrivateAccess()) {
+                // Only lookups with private access are allowed to resolve caller-sensitive methods
                 throw new IllegalAccessException("Attempt to lookup caller-sensitive method using restricted lookup object");
             }
             return this;
@@ -2335,9 +2335,9 @@
             if (boundCaller.allowedModes == TRUSTED || !MethodHandleNatives.isCallerSensitive(method))
                 return mh;

-            // boundCaller must have full privilege access.
+            // boundCaller must have private access.
             // It should have been checked by findBoundCallerLookup. Safe to check this again.
-            if (!boundCaller.hasFullPrivilegeAccess())
+            if (!boundCaller.hasPrivateAccess())
                 throw new IllegalAccessException("Attempt to lookup caller-sensitive method using restricted lookup object");

             MethodHandle cbmh = MethodHandleImpl.bindCaller(mh, boundCaller.lookupClass);

Please review.

Best regards,
Martin

More information about the jdk-updates-dev mailing list