Mercurial Mercurial > jdk-sandbox / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
8154190: Deprivilege java.compiler module
authormchung
Thu, 05 May 2016 16:36:00 -0700
changeset 37853 b4ea8806ad1a
parent 37852 4dd95b3cb2e8
child 37854 a76a06106d02
8154190: Deprivilege java.compiler module Reviewed-by: alanb, chegar, jjg
langtools/src/java.compiler/share/classes/javax/tools/ToolProvider.java file | annotate | diff | comparison | revisions
langtools/test/tools/javac/api/ToolProvider/ToolProviderTest.java file | annotate | diff | comparison | revisions
langtools/test/tools/javac/api/ToolProvider/ToolProviderTest1.java file | annotate | diff | comparison | revisions 
--- a/langtools/src/java.compiler/share/classes/javax/tools/ToolProvider.java	Thu May 05 19:10:30 2016 +0000
+++ b/langtools/src/java.compiler/share/classes/javax/tools/ToolProvider.java	Thu May 05 16:36:00 2016 -0700
@@ -27,6 +27,8 @@
 
 import java.lang.reflect.InvocationTargetException;
 import java.lang.reflect.Method;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
 import java.util.Iterator;
 import java.util.ServiceConfigurationError;
 import java.util.ServiceLoader;
@@ -145,23 +147,26 @@
     }
 
     /**
-     * Determine if this is tho desired tool instance.
+     * Determine if this is the desired tool instance.
      * @param <T>        the interface of the tool
      * @param tool       the instance of the tool
      * @param moduleName the name of the module containing the desired implementation
      * @return true if and only if the tool matches the specified criteria
      */
     private static <T> boolean matches(T tool, String moduleName) {
-        // for now, use reflection to implement
-        //      return moduleName.equals(tool.getClass().getModule().getName());
-        try {
-            Method getModuleMethod = Class.class.getDeclaredMethod("getModule");
-            Object toolModule = getModuleMethod.invoke(tool.getClass());
-            Method getNameMethod = toolModule.getClass().getDeclaredMethod("getName");
-            String toolModuleName = (String) getNameMethod.invoke(toolModule);
-            return moduleName.equals(toolModuleName);
-        } catch (InvocationTargetException | NoSuchMethodException | IllegalAccessException e) {
-            return false;
-        }
+        PrivilegedAction<Boolean> pa = () -> {
+            // for now, use reflection to implement
+            //      return moduleName.equals(tool.getClass().getModule().getName());
+            try {
+                Method getModuleMethod = Class.class.getDeclaredMethod("getModule");
+                Object toolModule = getModuleMethod.invoke(tool.getClass());
+                Method getNameMethod = toolModule.getClass().getDeclaredMethod("getName");
+                String toolModuleName = (String) getNameMethod.invoke(toolModule);
+                return moduleName.equals(toolModuleName);
+            } catch (InvocationTargetException | NoSuchMethodException | IllegalAccessException e) {
+                return false;
+            }
+        };
+        return AccessController.doPrivileged(pa);
     }
 }
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/langtools/test/tools/javac/api/ToolProvider/ToolProviderTest.java	Thu May 05 16:36:00 2016 -0700
@@ -0,0 +1,45 @@
+/*
+ * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import javax.tools.ToolProvider;
+import java.util.Objects;
+
+/**
+ * @test
+ * @bug 8154190
+ * @summary Test javax.tools.ToolProvider running with security manager
+ * @modules java.compiler
+ *          jdk.compiler
+ * @run main/othervm ToolProviderTest
+ */
+
+// run in other vm to ensure the initialization code path is exercised.
+public class ToolProviderTest {
+    public static void main(String... args) {
+        System.setSecurityManager(new SecurityManager());
+
+        Objects.requireNonNull(ToolProvider.getSystemDocumentationTool());
+        Objects.requireNonNull(ToolProvider.getSystemJavaCompiler());
+        Objects.requireNonNull(ToolProvider.getSystemToolClassLoader());
+    }
+}
--- a/langtools/test/tools/javac/api/ToolProvider/ToolProviderTest1.java	Thu May 05 19:10:30 2016 +0000
+++ b/langtools/test/tools/javac/api/ToolProvider/ToolProviderTest1.java	Thu May 05 16:36:00 2016 -0700
@@ -43,7 +43,7 @@
 public class ToolProviderTest1 {
     public static void main(String... args) throws Exception {
         if (args.length > 0) {
-            System.err.println(Class.forName(args[0], true, null));
+            System.err.println(Class.forName(args[0], true, ClassLoader.getSystemClassLoader()));
             return;
         }
jdk-sandbox