# HG changeset patch # User attila # Date 1374657204 -7200 # Node ID 49bb7e75b32671c71ffb8439a8e68778c68c3095 # Parent e23f2618ffde438f4492cb2cb39de16f371800e3 8021189: Prevent access to constructors of restricted classes Reviewed-by: lagergren, sundar diff -r e23f2618ffde -r 49bb7e75b326 nashorn/src/jdk/internal/dynalink/beans/AbstractJavaLinker.java --- a/nashorn/src/jdk/internal/dynalink/beans/AbstractJavaLinker.java Tue Jul 23 18:28:58 2013 +0200 +++ b/nashorn/src/jdk/internal/dynalink/beans/AbstractJavaLinker.java Wed Jul 24 11:13:24 2013 +0200 @@ -292,8 +292,6 @@ return new SimpleDynamicMethod(unreflectSafely(m), member.getDeclaringClass(), member.getName()); } - private static final Lookup publicLookup = new Lookup(MethodHandles.publicLookup()); - /** * Unreflects a method handle from a Method or a Constructor using safe (zero-privilege) unreflection. Should be * only used for methods and constructors that are not caller sensitive. If a caller sensitive method were @@ -305,13 +303,13 @@ private static MethodHandle unreflectSafely(AccessibleObject m) { if(m instanceof Method) { final Method reflMethod = (Method)m; - final MethodHandle handle = publicLookup.unreflect(reflMethod); + final MethodHandle handle = Lookup.PUBLIC.unreflect(reflMethod); if(Modifier.isStatic(reflMethod.getModifiers())) { return StaticClassIntrospector.editStaticMethodHandle(handle); } return handle; } - return StaticClassIntrospector.editConstructorMethodHandle(publicLookup.unreflectConstructor((Constructor)m)); + return StaticClassIntrospector.editConstructorMethodHandle(Lookup.PUBLIC.unreflectConstructor((Constructor)m)); } private static DynamicMethod mergeMethods(SingleDynamicMethod method, DynamicMethod existing, Class clazz, String name) { diff -r e23f2618ffde -r 49bb7e75b326 nashorn/src/jdk/internal/dynalink/beans/FacetIntrospector.java --- a/nashorn/src/jdk/internal/dynalink/beans/FacetIntrospector.java Tue Jul 23 18:28:58 2013 +0200 +++ b/nashorn/src/jdk/internal/dynalink/beans/FacetIntrospector.java Wed Jul 24 11:13:24 2013 +0200 @@ -84,7 +84,6 @@ package jdk.internal.dynalink.beans; import java.lang.invoke.MethodHandle; -import java.lang.invoke.MethodHandles; import java.lang.reflect.Field; import java.lang.reflect.Member; import java.lang.reflect.Method; @@ -101,8 +100,6 @@ * @author Attila Szegedi */ abstract class FacetIntrospector { - private static final Lookup publicLookup = new Lookup(MethodHandles.publicLookup()); - private final Class clazz; private final boolean instance; private final boolean isRestricted; @@ -164,11 +161,11 @@ MethodHandle unreflectGetter(Field field) { - return editMethodHandle(publicLookup.unreflectGetter(field)); + return editMethodHandle(Lookup.PUBLIC.unreflectGetter(field)); } MethodHandle unreflectSetter(Field field) { - return editMethodHandle(publicLookup.unreflectSetter(field)); + return editMethodHandle(Lookup.PUBLIC.unreflectSetter(field)); } /** diff -r e23f2618ffde -r 49bb7e75b326 nashorn/src/jdk/internal/dynalink/beans/StaticClassLinker.java --- a/nashorn/src/jdk/internal/dynalink/beans/StaticClassLinker.java Tue Jul 23 18:28:58 2013 +0200 +++ b/nashorn/src/jdk/internal/dynalink/beans/StaticClassLinker.java Wed Jul 24 11:13:24 2013 +0200 @@ -132,7 +132,9 @@ return new SimpleDynamicMethod(StaticClassIntrospector.editConstructorMethodHandle( boundArrayCtor.asType(boundArrayCtor.type().changeReturnType(clazz))), clazz, ""); } - + if(CheckRestrictedPackage.isRestrictedClass(clazz)) { + return null; + } return createDynamicMethod(Arrays.asList(clazz.getConstructors()), clazz, ""); } diff -r e23f2618ffde -r 49bb7e75b326 nashorn/test/script/trusted/JDK-8006529.js --- a/nashorn/test/script/trusted/JDK-8006529.js Tue Jul 23 18:28:58 2013 +0200 +++ b/nashorn/test/script/trusted/JDK-8006529.js Wed Jul 24 11:13:24 2013 +0200 @@ -51,6 +51,7 @@ var UnaryNode = Java.type("jdk.nashorn.internal.ir.UnaryNode") var BinaryNode = Java.type("jdk.nashorn.internal.ir.BinaryNode") var ThrowErrorManager = Java.type("jdk.nashorn.internal.runtime.Context$ThrowErrorManager") +var ErrorManager = Java.type("jdk.nashorn.internal.runtime.ErrorManager") var Debug = Java.type("jdk.nashorn.internal.runtime.Debug") var parseMethod = Parser.class.getMethod("parse"); @@ -111,18 +112,22 @@ var getContextMethod = Context.class.getMethod("getContext") var getEnvMethod = Context.class.getMethod("getEnv") +var SourceConstructor = Source.class.getConstructor(java.lang.String.class, java.lang.String.class) +var ParserConstructor = Parser.class.getConstructor(ScriptEnvironment.class, Source.class, ErrorManager.class) +var CompilerConstructor = Compiler.class.getConstructor(ScriptEnvironment.class) + // compile(script) -- compiles a script specified as a string with its // source code, returns a jdk.nashorn.internal.ir.FunctionNode object // representing it. function compile(source) { - var source = new Source("", source); + var source = SourceConstructor.newInstance("", source); var env = getEnvMethod.invoke(getContextMethod.invoke(null)) - var parser = new Parser(env, source, new ThrowErrorManager()); + var parser = ParserConstructor.newInstance(env, source, new ThrowErrorManager()); var func = parseMethod.invoke(parser); - var compiler = new Compiler(env); + var compiler = CompilerConstructor.newInstance(env); return compileMethod.invoke(compiler, func); }; diff -r e23f2618ffde -r 49bb7e75b326 nashorn/test/script/trusted/JDK-8021129.js --- a/nashorn/test/script/trusted/JDK-8021129.js Tue Jul 23 18:28:58 2013 +0200 +++ b/nashorn/test/script/trusted/JDK-8021129.js Wed Jul 24 11:13:24 2013 +0200 @@ -29,7 +29,9 @@ * @test * @run */ -var r1 = new (Java.type("jdk.nashorn.internal.test.models.InternalRunnable")) +var R = Java.type("jdk.nashorn.internal.test.models.InternalRunnable") +var r1 = R.class.newInstance() + r1.run() // Can execute method from an implemented non-restricted interface print(r1.toString()) // Can execute public method from a superclass @@ -40,4 +42,4 @@ print(r1.canNotSeeThisField === undefined) // Can't see its own fields var r2 = new (Java.type("jdk.nashorn.test.models.InternalRunnableSuperclass")) -print(r2.canSeeThisField) // Superclass field works fine on its own \ No newline at end of file +print(r2.canSeeThisField) // Superclass field works fine on its own diff -r e23f2618ffde -r 49bb7e75b326 nashorn/test/script/trusted/JDK-8021189.js --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/nashorn/test/script/trusted/JDK-8021189.js Wed Jul 24 11:13:24 2013 +0200 @@ -0,0 +1,34 @@ +/* + * Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/** + * JDK-8021189: Prevent access to constructors of restricted classes + * + * @test + * @run + */ +try { + new (Java.type("jdk.nashorn.internal.test.models.InternalRunnable")) +} catch(e) { + print(e) +} diff -r e23f2618ffde -r 49bb7e75b326 nashorn/test/script/trusted/JDK-8021189.js.EXPECTED --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/nashorn/test/script/trusted/JDK-8021189.js.EXPECTED Wed Jul 24 11:13:24 2013 +0200 @@ -0,0 +1,1 @@ +TypeError: Can not construct jdk.nashorn.internal.test.models.InternalRunnable with the passed arguments; they do not match any of its constructor signatures.