Review request for JDK-8139435: Make sure CallSiteDescriptor.getLookup is subject to a security check
Hannes Wallnoefer
hannes.wallnoefer at oracle.com
Fri Oct 16 15:11:12 UTC 2015
What's the rationale for providing the static lookupEquals and
lookupHashCode methods in AbstractCallSiteDescriptor instead of just
putting the code in non-abstract instance methods? This way it's a bit
more flexible, but I'm not sure it warrants the additional API surface.
There are references to the old getTarget(Lookup) method in the javadoc
comments of CallerSensitiveDynamicMethod.java and
SimpleDynamicMethod.java that should be changed to getTarget(
CallSiteDescriptor).
+1
Hannes
Am 2015-10-14 um 15:30 schrieb Attila Szegedi:
> Please review JDK-8139435 "Make sure CallSiteDescriptor.getLookup is subject to a security check" at <http://cr.openjdk.java.net/~attila/8139435/webrev.jdk9> for <https://bugs.openjdk.java.net/browse/JDK-8139435>
>
> Notes:
> - webrev also shows a previous issue in the history of some of the files, but the changes for that issue are not in the diffs.
> - the mechanism for security checks in this changeset is sound, but it is even further improved by making CallSiteDescriptor into a proper class and internalizing the checks later on (I will be sending that changeset for review separately later).
>
> Thanks,
> Attila.
More information about the nashorn-dev
mailing list