Review request for JDK-8133299: Nashorn Java adapters should not early bind to functions
Attila Szegedi
szegedia at gmail.com
Mon Jan 4 13:48:28 UTC 2016
On Mon, Jan 4, 2016 at 5:13 AM, Sundararajan Athijegannathan <
sundararajan.athijegannathan at oracle.com> wrote:
> I'm yet to look at the code. Is it possible to use any callable for
> methods?
For members of a delegate ScriptObject, yes. The adapter constructors still
only accept either a ScriptObject or a ScriptFunction, but if you pass in
an object, its members implementing methods can now be arbitrary callables.
> If so, do we have tests to cover those cases (like JSObject "functions",
> DynamicMethods etc.)? In particular, sandbox tests to make sure can't get
> any more privilege by implementing an interface (for eg. binding sensitive
> Java method as function implementing interface method and making sure it
> gets SecurityException when interface method is called).
>
We generate separate adapter classes for every ProtectionDomain, so I'm
quite confident everything is secure, but it's better to not be
overconfident when it comes to security… surely we can add such tests. Do
you have some go-to sensitive functionality for testing in this fashion?
FWIW, I actually started writing some tests for other functionality; what I
have so far is tests for correct conversion of primitive return values as
well as tests for try/finally for restoring old Global being executed when
UnsupportedOperationException is thrown. (All tests I wrote pass, so the
code as it is now is correct for these.) I wanted to write few more tests,
specifically for binding to vararg functions.
Actually, I realized that there's one deficiency in the current code that
wasn't there before my changes, namely since the CALL operation takes
explicit callee and this arguments, the adapter code will actually fail to
generate a delegate for a method with more than 253 parameters. I might
need to introduce a special case for this, to have them packed into an
Object array in this case and do a Nashorn vararg invocation…
Speaking of which, anyone knows why is LinkerCallSite.ARGLIMIT set to 250
and not 253?
Attila.
>
> Thanks,
> -Sundar
>
>
> On 1/2/2016 8:31 PM, Attila Szegedi wrote:
>
>> Please review JDK-8133299 "Nashorn Java adapters should not early bind to
>> functions" at <http://cr.openjdk.java.net/~attila/8133299/webrev.jdk9>
>> for <https://bugs.openjdk.java.net/browse/JDK-8133299>
>>
>> See implementation notes in <
>> https://bugs.openjdk.java.net/browse/JDK-8133299?focusedCommentId=13883269&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-13883269
>> >
>>
>> Also note that this changeset is based on current tip (rev 1584,
>> [da397aea8ada]) and is as such independent of the change sets for
>> JDK-8144917 and JDK-8144919 that are still pending review.
>>
>> Thanks,
>> Attila.
>>
>
>
More information about the nashorn-dev
mailing list