[security-dev 00358]: Re: SecurityException in AnnotationInvocationHandler.getMemberMethods

Joe Darcy Joe.Darcy at Sun.COM
Mon Oct 20 19:01:23 PDT 2008


PS Martin, I haven't written tests that setup and use a security 
manager, etc., that should go along with this fix.  Having a stand-alone 
regression test along those lines would be helpful.

Thanks,

-Joe

On 10/20/08 06:59 PM, Joe Darcy wrote:
> Hello.
>
> On 10/16/08 12:46 PM, Martin Buchholz wrote:
>> Hi all,
>>
>> This is a bug report with fix.
>> Joe Darcy, please file a bug and review this change,
>>   
>
> I've filed 6761678 "(ann) SecurityException in 
> AnnotationInvocationHandler.getMemberMethods" for this issue.  The 
> problem seems similar to 6370080 "(ann) Method.getAnnotations() 
> sometimes throw SecurityException: doPrivileged or javadoc missing?," 
> which was fixed in JDK 6 and a JDK 5 update release.
>
> Martin, can you, Toby, and Josh review any other uses of reflection in 
> the src/share/classes/sun/reflect/annotation package for similar 
> problems so we can address any other such issues now?
>
> I've looked over the change and the use of getMemberMethods in 
> equalsImpl and don't see a problem.  However, I'd like the security 
> team to give it a once over too; security-dev folk, please take a look 
> at this.
>
> Thanks,
>
> -Joe
>> and perhaps provide a small test case (it is impractical
>> to share the test we have at Google).
>>
>> Description:
>>
>> sun/reflect/annotation/AnnotationInvocationHandler.java.getMemberMethods
>> might throw if there is a security manager that does not allow
>> getDeclaredMethods.
>>
>> The author of this code (Josh Bloch) confirms that the intent was for 
>> the
>> doPrivileged block in this method to prevent security exceptions.
>> The methods cannot escape to untrusted code.
>>
>> Evaluation:
>>
>> Yes.  Fix provided courtesy of Toby Reyelts and Josh Bloch at Google.
>>
>> # HG changeset patch
>> # User martin
>> # Date 1224185752 25200
>> # Node ID 68730f05449cd4f39ce1cb82adc6c4e57f87554f
>> # Parent  214ebdcf7252d4862449fe0ae295e6c60a127315
>> SecurityException in AnnotationInvocationHandler.getMemberMethods
>> Summary: Move call to getDeclaredMethods inside doPrivileged
>> Reviewed-by:
>> Contributed-by: jjb at google.com
>>
>> diff --git 
>> a/src/share/classes/sun/reflect/annotation/AnnotationInvocationHandler.java 
>>
>> b/src/share/classes/sun/reflect/annotation/AnnotationInvocationHandler.java 
>>
>> --- 
>> a/src/share/classes/sun/reflect/annotation/AnnotationInvocationHandler.java 
>>
>> +++ 
>> b/src/share/classes/sun/reflect/annotation/AnnotationInvocationHandler.java 
>>
>> @@ -272,14 +272,14 @@
>>       */
>>      private Method[] getMemberMethods() {
>>          if (memberMethods == null) {
>> -            final Method[] mm = type.getDeclaredMethods();
>> -            AccessController.doPrivileged(new 
>> PrivilegedAction<Void>() {
>> -                public Void run() {
>> -                    AccessibleObject.setAccessible(mm, true);
>> -                    return null;
>> -                }
>> -            });
>> -            memberMethods = mm;
>> +            memberMethods = AccessController.doPrivileged(
>> +                new PrivilegedAction<Method[]>() {
>> +                    public Method[] run() {
>> +                        final Method[] mm = type.getDeclaredMethods();
>> +                        AccessibleObject.setAccessible(mm, true);
>> +                        return mm;
>> +                    }
>> +                });
>>          }
>>          return memberMethods;
>>      }
>>   
>




More information about the security-dev mailing list