[11u] RFR: 8235351: Lookup::unreflect should bind with the original caller independent of Method's accessible flag
Doerr, Martin
martin.doerr at sap.com
Mon Dec 21 13:51:04 UTC 2020
Hi Götz,
thanks for the review!
Best regards,
Martin
From: Lindenmaier, Goetz <goetz.lindenmaier at sap.com>
Sent: Montag, 21. Dezember 2020 14:44
To: Doerr, Martin <martin.doerr at sap.com>; core-libs-dev <core-libs-dev at openjdk.java.net>; jdk-updates-dev at openjdk.java.net
Cc: Langer, Christoph <christoph.langer at sap.com>
Subject: RE: [11u] RFR: 8235351: Lookup::unreflect should bind with the original caller independent of Method's accessible flag
Hi Martin,
The change looks good.
The private methods have been called at those places before, so this is
straight forward.
Best regards,
Goetz.
From: Doerr, Martin <martin.doerr at sap.com<mailto:martin.doerr at sap.com>>
Sent: Monday, December 21, 2020 11:52 AM
To: core-libs-dev <core-libs-dev at openjdk.java.net<mailto:core-libs-dev at openjdk.java.net>>; jdk-updates-dev at openjdk.java.net<mailto:jdk-updates-dev at openjdk.java.net>
Cc: Langer, Christoph <christoph.langer at sap.com<mailto:christoph.langer at sap.com>>; Lindenmaier, Goetz <goetz.lindenmaier at sap.com<mailto:goetz.lindenmaier at sap.com>>
Subject: [11u] RFR: 8235351: Lookup::unreflect should bind with the original caller independent of Method's accessible flag
Hi,
JDK-8235351 is backported to 11.0.11-oracle. I'd like to backport it for parity.
Change doesn't apply cleanly, because https://bugs.openjdk.java.net/browse/JDK-8233527 is not in 11u (jdk14 uses hasFullPrivilegeAccess(), but older versions use hasPrivateAccess()).
Bug:
https://bugs.openjdk.java.net/browse/JDK-8235351
Original change:
https://hg.openjdk.java.net/jdk/jdk/rev/4437d58547ce
11u backport:
http://cr.openjdk.java.net/~mdoerr/8235351_methodhandles_11u/webrev.00/
This is the adaptation:
diff -r a670e0826a66 src/java.base/share/classes/java/lang/invoke/MethodHandles.java
--- a/src/java.base/share/classes/java/lang/invoke/MethodHandles.java Fri Dec 06 15:10:40 2019 -0800
+++ b/src/java.base/share/classes/java/lang/invoke/MethodHandles.java Fri Dec 18 18:01:25 2020 +0100
@@ -2074,8 +2074,8 @@
* Otherwise, if m is caller-sensitive, throw IllegalAccessException.
*/
Lookup findBoundCallerLookup(MemberName m) throws IllegalAccessException {
- if (MethodHandleNatives.isCallerSensitive(m) && !hasFullPrivilegeAccess()) {
- // Only lookups with full privilege access are allowed to resolve caller-sensitive methods
+ if (MethodHandleNatives.isCallerSensitive(m) && !hasPrivateAccess()) {
+ // Only lookups with private access are allowed to resolve caller-sensitive methods
throw new IllegalAccessException("Attempt to lookup caller-sensitive method using restricted lookup object");
}
return this;
@@ -2335,9 +2335,9 @@
if (boundCaller.allowedModes == TRUSTED || !MethodHandleNatives.isCallerSensitive(method))
return mh;
- // boundCaller must have full privilege access.
+ // boundCaller must have private access.
// It should have been checked by findBoundCallerLookup. Safe to check this again.
- if (!boundCaller.hasFullPrivilegeAccess())
+ if (!boundCaller.hasPrivateAccess())
throw new IllegalAccessException("Attempt to lookup caller-sensitive method using restricted lookup object");
MethodHandle cbmh = MethodHandleImpl.bindCaller(mh, boundCaller.lookupClass);
Please review.
Best regards,
Martin
More information about the jdk-updates-dev
mailing list