hotspot/src/share/vm/runtime/reflection.cpp
changeset 25057 f38210f84f8c
parent 24456 8c7933fa5a1f
child 26412 80741eb33ba2
equal deleted inserted replaced
25056:5ad92b0d1beb 25057:f38210f84f8c
   408 #endif //ASSERT
   408 #endif //ASSERT
   409   return result;
   409   return result;
   410 }
   410 }
   411 
   411 
   412 
   412 
   413 bool Reflection::reflect_check_access(Klass* field_class, AccessFlags acc, Klass* target_class, bool is_method_invoke, TRAPS) {
       
   414   // field_class  : declaring class
       
   415   // acc          : declared field access
       
   416   // target_class : for protected
       
   417 
       
   418   // Check if field or method is accessible to client.  Throw an
       
   419   // IllegalAccessException and return false if not.
       
   420 
       
   421   // The "client" is the class associated with the nearest real frame
       
   422   // getCallerClass already skips Method.invoke frames, so pass 0 in
       
   423   // that case (same as classic).
       
   424   ResourceMark rm(THREAD);
       
   425   assert(THREAD->is_Java_thread(), "sanity check");
       
   426   Klass* client_class = ((JavaThread *)THREAD)->security_get_caller_class(is_method_invoke ? 0 : 1);
       
   427 
       
   428   if (client_class != field_class) {
       
   429     if (!verify_class_access(client_class, field_class, false)
       
   430         || !verify_field_access(client_class,
       
   431                                 field_class,
       
   432                                 field_class,
       
   433                                 acc,
       
   434                                 false)) {
       
   435       THROW_(vmSymbols::java_lang_IllegalAccessException(), false);
       
   436     }
       
   437   }
       
   438 
       
   439   // Additional test for protected members: JLS 6.6.2
       
   440 
       
   441   if (acc.is_protected()) {
       
   442     if (target_class != client_class) {
       
   443       if (!is_same_class_package(client_class, field_class)) {
       
   444         if (!target_class->is_subclass_of(client_class)) {
       
   445           THROW_(vmSymbols::java_lang_IllegalAccessException(), false);
       
   446         }
       
   447       }
       
   448     }
       
   449   }
       
   450 
       
   451   // Passed all tests
       
   452   return true;
       
   453 }
       
   454 
       
   455 
       
   456 bool Reflection::verify_class_access(Klass* current_class, Klass* new_class, bool classloader_only) {
   413 bool Reflection::verify_class_access(Klass* current_class, Klass* new_class, bool classloader_only) {
   457   // Verify that current_class can access new_class.  If the classloader_only
   414   // Verify that current_class can access new_class.  If the classloader_only
   458   // flag is set, we automatically allow any accesses in which current_class
   415   // flag is set, we automatically allow any accesses in which current_class
   459   // doesn't have a classloader.
   416   // doesn't have a classloader.
   460   if ((current_class == NULL) ||
   417   if ((current_class == NULL) ||
   461       (current_class == new_class) ||
   418       (current_class == new_class) ||
   462       (new_class->is_public()) ||
   419       (new_class->is_public()) ||
   463       is_same_class_package(current_class, new_class)) {
   420       is_same_class_package(current_class, new_class)) {
   464     return true;
   421     return true;
   465   }
   422   }
   466   // New (1.4) reflection implementation. Allow all accesses from
   423   // Allow all accesses from sun/reflect/MagicAccessorImpl subclasses to
   467   // sun/reflect/MagicAccessorImpl subclasses to succeed trivially.
   424   // succeed trivially.
   468   if (   JDK_Version::is_gte_jdk14x_version()
   425   if (current_class->is_subclass_of(SystemDictionary::reflect_MagicAccessorImpl_klass())) {
   469       && current_class->is_subclass_of(SystemDictionary::reflect_MagicAccessorImpl_klass())) {
       
   470     return true;
   426     return true;
   471   }
   427   }
   472 
   428 
   473   return can_relax_access_check_for(current_class, new_class, classloader_only);
   429   return can_relax_access_check_for(current_class, new_class, classloader_only);
   474 }
   430 }
   565 
   521 
   566   if (!access.is_private() && is_same_class_package(current_class, field_class)) {
   522   if (!access.is_private() && is_same_class_package(current_class, field_class)) {
   567     return true;
   523     return true;
   568   }
   524   }
   569 
   525 
   570   // New (1.4) reflection implementation. Allow all accesses from
   526   // Allow all accesses from sun/reflect/MagicAccessorImpl subclasses to
   571   // sun/reflect/MagicAccessorImpl subclasses to succeed trivially.
   527   // succeed trivially.
   572   if (   JDK_Version::is_gte_jdk14x_version()
   528   if (current_class->is_subclass_of(SystemDictionary::reflect_MagicAccessorImpl_klass())) {
   573       && current_class->is_subclass_of(SystemDictionary::reflect_MagicAccessorImpl_klass())) {
       
   574     return true;
   529     return true;
   575   }
   530   }
   576 
   531 
   577   return can_relax_access_check_for(
   532   return can_relax_access_check_for(
   578     current_class, field_class, classloader_only);
   533     current_class, field_class, classloader_only);
   705   return Handle(THREAD, nt);
   660   return Handle(THREAD, nt);
   706 }
   661 }
   707 
   662 
   708 
   663 
   709 oop Reflection::new_method(methodHandle method, bool for_constant_pool_access, TRAPS) {
   664 oop Reflection::new_method(methodHandle method, bool for_constant_pool_access, TRAPS) {
   710   // In jdk1.2.x, getMethods on an interface erroneously includes <clinit>, thus the complicated assert.
   665   // Allow sun.reflect.ConstantPool to refer to <clinit> methods as java.lang.reflect.Methods.
   711   // Also allow sun.reflect.ConstantPool to refer to <clinit> methods as java.lang.reflect.Methods.
       
   712   assert(!method()->is_initializer() ||
   666   assert(!method()->is_initializer() ||
   713          (for_constant_pool_access && method()->is_static()) ||
   667          (for_constant_pool_access && method()->is_static()),
   714          (method()->name() == vmSymbols::class_initializer_name()
   668          "should call new_constructor instead");
   715     && method()->method_holder()->is_interface() && JDK_Version::is_jdk12x_version()), "should call new_constructor instead");
       
   716   instanceKlassHandle holder (THREAD, method->method_holder());
   669   instanceKlassHandle holder (THREAD, method->method_holder());
   717   int slot = method->method_idnum();
   670   int slot = method->method_idnum();
   718 
   671 
   719   Symbol*  signature  = method->signature();
   672   Symbol*  signature  = method->signature();
   720   int parameter_count = ArgumentCount(signature).size();
   673   int parameter_count = ArgumentCount(signature).size();
   976                 Method::name_and_sig_as_C_string(klass(),
   929                 Method::name_and_sig_as_C_string(klass(),
   977                                                         reflected_method->name(),
   930                                                         reflected_method->name(),
   978                                                         reflected_method->signature()));
   931                                                         reflected_method->signature()));
   979   }
   932   }
   980 
   933 
   981   // In the JDK 1.4 reflection implementation, the security check is
       
   982   // done at the Java level
       
   983   if (!JDK_Version::is_gte_jdk14x_version()) {
       
   984 
       
   985   // Access checking (unless overridden by Method)
       
   986   if (!override) {
       
   987     if (!(klass->is_public() && reflected_method->is_public())) {
       
   988       bool access = Reflection::reflect_check_access(klass(), reflected_method->access_flags(), target_klass(), is_method_invoke, CHECK_NULL);
       
   989       if (!access) {
       
   990         return NULL; // exception
       
   991       }
       
   992     }
       
   993   }
       
   994 
       
   995   } // !Universe::is_gte_jdk14x_version()
       
   996 
       
   997   assert(ptypes->is_objArray(), "just checking");
   934   assert(ptypes->is_objArray(), "just checking");
   998   int args_len = args.is_null() ? 0 : args->length();
   935   int args_len = args.is_null() ? 0 : args->length();
   999   // Check number of arguments
   936   // Check number of arguments
  1000   if (ptypes->length() != args_len) {
   937   if (ptypes->length() != args_len) {
  1001     THROW_MSG_0(vmSymbols::java_lang_IllegalArgumentException(), "wrong number of arguments");
   938     THROW_MSG_0(vmSymbols::java_lang_IllegalArgumentException(), "wrong number of arguments");