Fwd: What about Array.newInstance for restricted value-types?
Brian Goetz
brian.goetz at oracle.com
Wed Jul 27 16:10:19 UTC 2022
Received on the -comments list.
Yes, this issue is well understood; I believe John has written about
this on the -experts list already, or if not he will soon. Reflection
frequently has to bake back in access control checks that otherwise
would be done by the VM during linkage, and many reflective methods are
caller-sensitive for exactly this reason.
Do you have any reason to believe that the standard techniques of
securing reflection would result in problems?
-------- Forwarded Message --------
Subject: What about Array.newInstance for restricted value-types?
Date: Tue, 26 Jul 2022 14:38:05 +0200
From: Gernot Neppert <mcnepp02 at googlemail.com>
To: valhalla-spec-comments at openjdk.java.net
There is an ongoing discussion about how to prevent the creation of
values with non-sensible zero-defaults.
Currently, the consensus seems to be that restricting access to a
value-type's "companion-type" will achieve this.
However, I found this Anomaly:
The method java.lang.reflect.Array.newInstance(Class<?>
componentType,int length) currently does not take the accessibility of
the "componentType" into account!
So, it looks as if one could still create flat, zero-initialized arrays
of private companion-types from anywhere in the codebase:
package org.secrets;
public value class Bar {
private value companion Bar.val;
}
package com.external;
import java.lang.reflect.Array;
public class Main {
Bar[] bars =
(Bar[])Array.newInstance(Class.forName("org.secrets.Bar.val"), 42);
}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/valhalla-dev/attachments/20220727/80e2ca9a/attachment.htm>
More information about the valhalla-dev
mailing list