--- a/nashorn/make/project.properties Thu Aug 08 11:20:14 2013 -0300
+++ b/nashorn/make/project.properties Fri Aug 09 20:48:44 2013 +0530
@@ -222,11 +222,16 @@
run.test.user.language=tr
run.test.user.country=TR
-# -XX:+PrintCompilation -XX:+UnlockDiagnosticVMOptions -XX:+PrintNMethods
-run.test.jvmargs.main=-server -Xmx${run.test.xmx} -XX:+TieredCompilation -ea -Dfile.encoding=UTF-8 -Duser.language=${run.test.user.language} -Duser.country=${run.test.user.country} -XX:+HeapDumpOnOutOfMemoryError
+run.test.jvmargs.common=-server -Xmx${run.test.xmx} -XX:+TieredCompilation -Dfile.encoding=UTF-8 -Duser.language=${run.test.user.language} -Duser.country=${run.test.user.country} -XX:+HeapDumpOnOutOfMemoryError
+
+#-XX:-UseCompressedKlassPointers -XX:+PrintHeapAtGC -XX:ClassMetaspaceSize=300M
+# -XX:+PrintCompilation -XX:+UnlockDiagnosticVMOptions -XX:+PrintNMethods
+
+# turn on assertions for tests
+run.test.jvmargs.main=${run.test.jvmargs.common} -ea
#-XX:-UseCompressedKlassPointers -XX:+PrintHeapAtGC -XX:ClassMetaspaceSize=300M
-run.test.jvmargs.octane.main=-Xms${run.test.xms} ${run.test.jvmargs.main}
+run.test.jvmargs.octane.main=-Xms${run.test.xms} ${run.test.jvmargs.common}
run.test.jvmsecurityargs=-Xverify:all -Djava.security.properties=${basedir}/make/java.security.override -Djava.security.manager -Djava.security.policy=${basedir}/build/nashorn.policy
--- a/nashorn/src/jdk/nashorn/api/scripting/NashornScriptEngine.java Thu Aug 08 11:20:14 2013 -0300
+++ b/nashorn/src/jdk/nashorn/api/scripting/NashornScriptEngine.java Fri Aug 09 20:48:44 2013 +0530
@@ -36,10 +36,13 @@
import java.lang.reflect.Modifier;
import java.net.URL;
import java.nio.charset.Charset;
+import java.security.AccessControlContext;
import java.security.AccessController;
+import java.security.Permissions;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
+import java.security.ProtectionDomain;
import java.text.MessageFormat;
import java.util.Locale;
import java.util.ResourceBundle;
@@ -71,6 +74,14 @@
*/
public final class NashornScriptEngine extends AbstractScriptEngine implements Compilable, Invocable {
+ private static AccessControlContext createPermAccCtxt(final String permName) {
+ final Permissions perms = new Permissions();
+ perms.add(new RuntimePermission(permName));
+ return new AccessControlContext(new ProtectionDomain[] { new ProtectionDomain(null, perms) });
+ }
+
+ private static final AccessControlContext CREATE_CONTEXT_ACC_CTXT = createPermAccCtxt(Context.NASHORN_CREATE_CONTEXT);
+ private static final AccessControlContext CREATE_GLOBAL_ACC_CTXT = createPermAccCtxt(Context.NASHORN_CREATE_GLOBAL);
private final ScriptEngineFactory factory;
private final Context nashornContext;
@@ -84,16 +95,9 @@
private static final String MESSAGES_RESOURCE = "jdk.nashorn.api.scripting.resources.Messages";
- // Without do privileged, under security manager messages can not be loaded.
private static final ResourceBundle MESSAGES_BUNDLE;
static {
- MESSAGES_BUNDLE = AccessController.doPrivileged(
- new PrivilegedAction<ResourceBundle>() {
- @Override
- public ResourceBundle run() {
- return ResourceBundle.getBundle(MESSAGES_RESOURCE, Locale.getDefault());
- }
- });
+ MESSAGES_BUNDLE = ResourceBundle.getBundle(MESSAGES_RESOURCE, Locale.getDefault());
}
private static String getMessage(final String msgId, final String... args) {
@@ -128,7 +132,7 @@
throw e;
}
}
- });
+ }, CREATE_CONTEXT_ACC_CTXT);
// create new global object
this.global = createNashornGlobal();
@@ -340,7 +344,7 @@
throw e;
}
}
- });
+ }, CREATE_GLOBAL_ACC_CTXT);
nashornContext.initGlobal(newGlobal);
@@ -362,10 +366,8 @@
}
private void evalEngineScript() throws ScriptException {
- evalSupportScript("resources/engine.js", NashornException.ENGINE_SCRIPT_SOURCE_NAME);
- }
-
- private void evalSupportScript(final String script, final String name) throws ScriptException {
+ final String script = "resources/engine.js";
+ final String name = NashornException.ENGINE_SCRIPT_SOURCE_NAME;
try {
final InputStream is = AccessController.doPrivileged(
new PrivilegedExceptionAction<InputStream>() {
@@ -380,6 +382,9 @@
eval(isr);
}
} catch (final PrivilegedActionException | IOException e) {
+ if (Context.DEBUG) {
+ e.printStackTrace();
+ }
throw new ScriptException(e);
} finally {
put(ScriptEngine.FILENAME, null);
--- a/nashorn/src/jdk/nashorn/api/scripting/NashornScriptEngineFactory.java Thu Aug 08 11:20:14 2013 -0300
+++ b/nashorn/src/jdk/nashorn/api/scripting/NashornScriptEngineFactory.java Fri Aug 09 20:48:44 2013 +0530
@@ -30,6 +30,7 @@
import java.util.List;
import javax.script.ScriptEngine;
import javax.script.ScriptEngineFactory;
+import jdk.nashorn.internal.runtime.Context;
import jdk.nashorn.internal.runtime.Version;
/**
@@ -136,7 +137,14 @@
@Override
public ScriptEngine getScriptEngine() {
- return new NashornScriptEngine(this, getAppClassLoader());
+ try {
+ return new NashornScriptEngine(this, getAppClassLoader());
+ } catch (final RuntimeException e) {
+ if (Context.DEBUG) {
+ e.printStackTrace();
+ }
+ throw e;
+ }
}
/**
@@ -178,7 +186,7 @@
private static void checkConfigPermission() {
final SecurityManager sm = System.getSecurityManager();
if (sm != null) {
- sm.checkPermission(new RuntimePermission("nashorn.setConfig"));
+ sm.checkPermission(new RuntimePermission(Context.NASHORN_SET_CONFIG));
}
}
--- a/nashorn/src/jdk/nashorn/api/scripting/ScriptObjectMirror.java Thu Aug 08 11:20:14 2013 -0300
+++ b/nashorn/src/jdk/nashorn/api/scripting/ScriptObjectMirror.java Fri Aug 09 20:48:44 2013 +0530
@@ -25,14 +25,17 @@
package jdk.nashorn.api.scripting;
+import java.security.AccessControlContext;
import java.security.AccessController;
+import java.security.Permissions;
import java.security.PrivilegedAction;
+import java.security.ProtectionDomain;
import java.util.AbstractMap;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
+import java.util.Iterator;
import java.util.LinkedHashSet;
-import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
@@ -49,6 +52,14 @@
* netscape.javascript.JSObject interface.
*/
public final class ScriptObjectMirror extends JSObject implements Bindings {
+ private static AccessControlContext getContextAccCtxt() {
+ final Permissions perms = new Permissions();
+ perms.add(new RuntimePermission(Context.NASHORN_GET_CONTEXT));
+ return new AccessControlContext(new ProtectionDomain[] { new ProtectionDomain(null, perms) });
+ }
+
+ private static final AccessControlContext GET_CONTEXT_ACC_CTXT = getContextAccCtxt();
+
private final ScriptObject sobj;
private final ScriptObject global;
@@ -144,7 +155,7 @@
public Context run() {
return Context.getContext();
}
- });
+ }, GET_CONTEXT_ACC_CTXT);
return wrap(context.eval(global, s, null, null, false), global);
}
});
--- a/nashorn/src/jdk/nashorn/internal/objects/Global.java Thu Aug 08 11:20:14 2013 -0300
+++ b/nashorn/src/jdk/nashorn/internal/objects/Global.java Fri Aug 09 20:48:44 2013 +0530
@@ -35,8 +35,6 @@
import java.lang.invoke.MethodHandles;
import java.lang.ref.SoftReference;
import java.lang.reflect.Field;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.Arrays;
import java.util.LinkedHashMap;
import java.util.List;
@@ -420,7 +418,7 @@
// security check first
final SecurityManager sm = System.getSecurityManager();
if (sm != null) {
- sm.checkPermission(new RuntimePermission("nashorn.newGlobal"));
+ sm.checkPermission(new RuntimePermission(Context.NASHORN_CREATE_GLOBAL));
}
// null check on context
@@ -1780,19 +1778,13 @@
}
private static void copyOptions(final ScriptObject options, final ScriptEnvironment scriptEnv) {
- AccessController.doPrivileged(new PrivilegedAction<Void>() {
- @Override
- public Void run() {
- for (Field f : scriptEnv.getClass().getFields()) {
- try {
- options.set(f.getName(), f.get(scriptEnv), false);
- } catch (final IllegalArgumentException | IllegalAccessException exp) {
- throw new RuntimeException(exp);
- }
- }
- return null;
+ for (Field f : scriptEnv.getClass().getFields()) {
+ try {
+ options.set(f.getName(), f.get(scriptEnv), false);
+ } catch (final IllegalArgumentException | IllegalAccessException exp) {
+ throw new RuntimeException(exp);
}
- });
+ }
}
private void initTypedArray() {
--- a/nashorn/src/jdk/nashorn/internal/objects/NativeDebug.java Thu Aug 08 11:20:14 2013 -0300
+++ b/nashorn/src/jdk/nashorn/internal/objects/NativeDebug.java Fri Aug 09 20:48:44 2013 +0530
@@ -72,7 +72,7 @@
public static Object getContext(final Object self) {
final SecurityManager sm = System.getSecurityManager();
if (sm != null) {
- sm.checkPermission(new RuntimePermission("nashorn.getContext"));
+ sm.checkPermission(new RuntimePermission(Context.NASHORN_GET_CONTEXT));
}
return Global.getThisContext();
}
--- a/nashorn/src/jdk/nashorn/internal/runtime/Context.java Thu Aug 08 11:20:14 2013 -0300
+++ b/nashorn/src/jdk/nashorn/internal/runtime/Context.java Fri Aug 09 20:48:44 2013 +0530
@@ -64,6 +64,31 @@
* This class manages the global state of execution. Context is immutable.
*/
public final class Context {
+ // nashorn specific security runtime access permission names
+ /**
+ * Permission needed to pass arbitrary nashorn command line options when creating Context.
+ */
+ public static final String NASHORN_SET_CONFIG = "nashorn.setConfig";
+
+ /**
+ * Permission needed to create Nashorn Context instance.
+ */
+ public static final String NASHORN_CREATE_CONTEXT = "nashorn.createContext";
+
+ /**
+ * Permission needed to create Nashorn Global instance.
+ */
+ public static final String NASHORN_CREATE_GLOBAL = "nashorn.createGlobal";
+
+ /**
+ * Permission to get current Nashorn Context from thread local storage.
+ */
+ public static final String NASHORN_GET_CONTEXT = "nashorn.getContext";
+
+ /**
+ * Permission to use Java reflection/jsr292 from script code.
+ */
+ public static final String NASHORN_JAVA_REFLECTION = "nashorn.JavaReflection";
/**
* ContextCodeInstaller that has the privilege of installing classes in the Context.
@@ -139,7 +164,7 @@
public static Context getContext() {
final SecurityManager sm = System.getSecurityManager();
if (sm != null) {
- sm.checkPermission(new RuntimePermission("nashorn.getContext"));
+ sm.checkPermission(new RuntimePermission(NASHORN_GET_CONTEXT));
}
return getContextTrusted();
}
@@ -204,7 +229,20 @@
private static final ClassLoader myLoader = Context.class.getClassLoader();
private static final StructureLoader sharedLoader;
- private static final AccessControlContext NO_PERMISSIONS_CONTEXT;
+
+ private static AccessControlContext createNoPermAccCtxt() {
+ return new AccessControlContext(new ProtectionDomain[] { new ProtectionDomain(null, new Permissions()) });
+ }
+
+ private static AccessControlContext createPermAccCtxt(final String permName) {
+ final Permissions perms = new Permissions();
+ perms.add(new RuntimePermission(permName));
+ return new AccessControlContext(new ProtectionDomain[] { new ProtectionDomain(null, perms) });
+ }
+
+ private static final AccessControlContext NO_PERMISSIONS_ACC_CTXT = createNoPermAccCtxt();
+ private static final AccessControlContext CREATE_LOADER_ACC_CTXT = createPermAccCtxt("createClassLoader");
+ private static final AccessControlContext CREATE_GLOBAL_ACC_CTXT = createPermAccCtxt(NASHORN_CREATE_GLOBAL);
static {
sharedLoader = AccessController.doPrivileged(new PrivilegedAction<StructureLoader>() {
@@ -212,8 +250,7 @@
public StructureLoader run() {
return new StructureLoader(myLoader, null);
}
- });
- NO_PERMISSIONS_CONTEXT = new AccessControlContext(new ProtectionDomain[] { new ProtectionDomain(null, new Permissions()) });
+ }, CREATE_LOADER_ACC_CTXT);
}
/**
@@ -254,7 +291,7 @@
public Context(final Options options, final ErrorManager errors, final PrintWriter out, final PrintWriter err, final ClassLoader appLoader) {
final SecurityManager sm = System.getSecurityManager();
if (sm != null) {
- sm.checkPermission(new RuntimePermission("nashorn.createContext"));
+ sm.checkPermission(new RuntimePermission(NASHORN_CREATE_CONTEXT));
}
this.env = new ScriptEnvironment(options, out, err);
@@ -516,7 +553,7 @@
@Override
public ScriptObject run() {
try {
- return createGlobal();
+ return newGlobal();
} catch (final RuntimeException e) {
if (Context.DEBUG) {
e.printStackTrace();
@@ -524,7 +561,9 @@
throw e;
}
}
- });
+ }, CREATE_GLOBAL_ACC_CTXT);
+ // initialize newly created Global instance
+ initGlobal(newGlobal);
setGlobalTrusted(newGlobal);
final Object[] wrapped = args == null? ScriptRuntime.EMPTY_ARRAY : ScriptObjectMirror.wrapArray(args, oldGlobal);
@@ -577,7 +616,7 @@
sm.checkPackageAccess(fullName.substring(0, index));
return null;
}
- }, NO_PERMISSIONS_CONTEXT);
+ }, NO_PERMISSIONS_ACC_CTXT);
}
}
}
@@ -856,7 +895,7 @@
public ScriptLoader run() {
return new ScriptLoader(sharedLoader, Context.this);
}
- });
+ }, CREATE_LOADER_ACC_CTXT);
}
private long getUniqueScriptId() {
--- a/nashorn/src/jdk/nashorn/internal/runtime/ECMAErrors.java Thu Aug 08 11:20:14 2013 -0300
+++ b/nashorn/src/jdk/nashorn/internal/runtime/ECMAErrors.java Fri Aug 09 20:48:44 2013 +0530
@@ -25,8 +25,6 @@
package jdk.nashorn.internal.runtime;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.text.MessageFormat;
import java.util.Locale;
import java.util.ResourceBundle;
@@ -40,16 +38,9 @@
public final class ECMAErrors {
private static final String MESSAGES_RESOURCE = "jdk.nashorn.internal.runtime.resources.Messages";
- // Without do privileged, under security manager messages can not be loaded.
private static final ResourceBundle MESSAGES_BUNDLE;
static {
- MESSAGES_BUNDLE = AccessController.doPrivileged(
- new PrivilegedAction<ResourceBundle>() {
- @Override
- public ResourceBundle run() {
- return ResourceBundle.getBundle(MESSAGES_RESOURCE, Locale.getDefault());
- }
- });
+ MESSAGES_BUNDLE = ResourceBundle.getBundle(MESSAGES_RESOURCE, Locale.getDefault());
}
/** We assume that compiler generates script classes into the known package. */
--- a/nashorn/src/jdk/nashorn/internal/runtime/Logging.java Thu Aug 08 11:20:14 2013 -0300
+++ b/nashorn/src/jdk/nashorn/internal/runtime/Logging.java Fri Aug 09 20:48:44 2013 +0530
@@ -25,6 +25,11 @@
package jdk.nashorn.internal.runtime;
+import java.security.AccessControlContext;
+import java.security.AccessController;
+import java.security.Permissions;
+import java.security.PrivilegedAction;
+import java.security.ProtectionDomain;
import java.util.HashMap;
import java.util.Locale;
import java.util.Map;
@@ -35,6 +40,7 @@
import java.util.logging.Level;
import java.util.logging.LogRecord;
import java.util.logging.Logger;
+import java.util.logging.LoggingPermission;
/**
* Logging system for getting loggers for arbitrary subsystems as
@@ -50,12 +56,20 @@
private static final Logger disabledLogger = Logger.getLogger("disabled");
+ private static AccessControlContext createLoggerControlAccCtxt() {
+ final Permissions perms = new Permissions();
+ perms.add(new LoggingPermission("control", null));
+ return new AccessControlContext(new ProtectionDomain[] { new ProtectionDomain(null, perms) });
+ }
+
static {
- try {
- Logging.disabledLogger.setLevel(Level.OFF);
- } catch (final SecurityException e) {
- //ignored
- }
+ AccessController.doPrivileged(new PrivilegedAction<Void>() {
+ @Override
+ public Void run() {
+ Logging.disabledLogger.setLevel(Level.OFF);
+ return null;
+ }
+ }, createLoggerControlAccCtxt());
}
/** Maps logger name to loggers. Names are typically per package */
--- a/nashorn/src/jdk/nashorn/internal/runtime/linker/ClassAndLoader.java Thu Aug 08 11:20:14 2013 -0300
+++ b/nashorn/src/jdk/nashorn/internal/runtime/linker/ClassAndLoader.java Fri Aug 09 20:48:44 2013 +0530
@@ -27,8 +27,11 @@
import static jdk.nashorn.internal.runtime.ECMAErrors.typeError;
+import java.security.AccessControlContext;
import java.security.AccessController;
+import java.security.Permissions;
import java.security.PrivilegedAction;
+import java.security.ProtectionDomain;
import java.util.Collection;
import java.util.Iterator;
import java.util.LinkedHashMap;
@@ -43,6 +46,16 @@
* used to determine if one loader can see the other loader's classes.
*/
final class ClassAndLoader {
+ static AccessControlContext createPermAccCtxt(final String... permNames) {
+ final Permissions perms = new Permissions();
+ for (final String permName : permNames) {
+ perms.add(new RuntimePermission(permName));
+ }
+ return new AccessControlContext(new ProtectionDomain[] { new ProtectionDomain(null, perms) });
+ }
+
+ private static final AccessControlContext GET_LOADER_ACC_CTXT = createPermAccCtxt("getClassLoader");
+
private final Class<?> representativeClass;
// Don't access this directly; most of the time, use getRetrievedLoader(), or if you know what you're doing,
// getLoader().
@@ -116,7 +129,7 @@
public ClassAndLoader run() {
return getDefiningClassAndLoaderPrivileged(types);
}
- });
+ }, GET_LOADER_ACC_CTXT);
}
static ClassAndLoader getDefiningClassAndLoaderPrivileged(final Class<?>[] types) {
--- a/nashorn/src/jdk/nashorn/internal/runtime/linker/JavaAdapterBytecodeGenerator.java Thu Aug 08 11:20:14 2013 -0300
+++ b/nashorn/src/jdk/nashorn/internal/runtime/linker/JavaAdapterBytecodeGenerator.java Fri Aug 09 20:48:44 2013 +0530
@@ -49,6 +49,7 @@
import java.lang.reflect.Constructor;
import java.lang.reflect.Method;
import java.lang.reflect.Modifier;
+import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.Arrays;
@@ -868,6 +869,8 @@
}
}
+ private static final AccessControlContext GET_DECLARED_MEMBERS_ACC_CTXT = ClassAndLoader.createPermAccCtxt("accessDeclaredMembers");
+
/**
* Creates a collection of methods that are not final, but we still never allow them to be overridden in adapters,
* as explicitly declaring them automatically is a bad idea. Currently, this means {@code Object.finalize()} and
@@ -886,7 +889,7 @@
throw new AssertionError(e);
}
}
- });
+ }, GET_DECLARED_MEMBERS_ACC_CTXT);
}
private String getCommonSuperClass(final String type1, final String type2) {
--- a/nashorn/src/jdk/nashorn/internal/runtime/linker/JavaAdapterClassLoader.java Thu Aug 08 11:20:14 2013 -0300
+++ b/nashorn/src/jdk/nashorn/internal/runtime/linker/JavaAdapterClassLoader.java Fri Aug 09 20:48:44 2013 +0530
@@ -25,6 +25,7 @@
package jdk.nashorn.internal.runtime.linker;
+import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.AllPermission;
import java.security.CodeSigner;
@@ -46,6 +47,7 @@
@SuppressWarnings("javadoc")
final class JavaAdapterClassLoader {
private static final ProtectionDomain GENERATED_PROTECTION_DOMAIN = createGeneratedProtectionDomain();
+ private static final AccessControlContext CREATE_LOADER_ACC_CTXT = ClassAndLoader.createPermAccCtxt("createClassLoader");
private final String className;
private volatile byte[] classBytes;
@@ -77,7 +79,7 @@
throw new AssertionError(e); // cannot happen
}
}
- });
+ }, CREATE_LOADER_ACC_CTXT);
}
// Note that the adapter class is created in the protection domain of the class/interface being
--- a/nashorn/src/jdk/nashorn/internal/runtime/linker/JavaAdapterFactory.java Thu Aug 08 11:20:14 2013 -0300
+++ b/nashorn/src/jdk/nashorn/internal/runtime/linker/JavaAdapterFactory.java Fri Aug 09 20:48:44 2013 +0530
@@ -31,9 +31,9 @@
import java.lang.invoke.MethodHandles;
import java.lang.invoke.MethodType;
import java.lang.reflect.Modifier;
+import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.PrivilegedAction;
-import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
@@ -70,6 +70,11 @@
@SuppressWarnings("javadoc")
public final class JavaAdapterFactory {
+ // context with permissions needs for AdapterInfo creation
+ private static final AccessControlContext CREATE_ADAPTER_INFO_ACC_CTXT =
+ ClassAndLoader.createPermAccCtxt("createClassLoader", "getClassLoader",
+ "accessDeclaredMembers", "accessClassInPackage.jdk.nashorn.internal.runtime");
+
/**
* A mapping from an original Class object to AdapterInfo representing the adapter for the class it represents.
*/
@@ -124,17 +129,10 @@
*/
public static MethodHandle getConstructor(final Class<?> sourceType, final Class<?> targetType) throws Exception {
final StaticClass adapterClass = getAdapterClassFor(new Class<?>[] { targetType }, null);
- return AccessController.doPrivileged(new PrivilegedExceptionAction<MethodHandle>() {
- @Override
- public MethodHandle run() throws Exception {
- // NOTE: we use publicLookup(), but none of our adapter constructors are caller sensitive, so this is
- // okay, we won't artificially limit access.
- return MH.bindTo(Bootstrap.getLinkerServices().getGuardedInvocation(new LinkRequestImpl(
- NashornCallSiteDescriptor.get(MethodHandles.publicLookup(), "dyn:new",
- MethodType.methodType(targetType, StaticClass.class, sourceType), 0), false,
- adapterClass, null)).getInvocation(), adapterClass);
- }
- });
+ return MH.bindTo(Bootstrap.getLinkerServices().getGuardedInvocation(new LinkRequestImpl(
+ NashornCallSiteDescriptor.get(MethodHandles.publicLookup(), "dyn:new",
+ MethodType.methodType(targetType, StaticClass.class, sourceType), 0), false,
+ adapterClass, null)).getInvocation(), adapterClass);
}
/**
@@ -171,7 +169,7 @@
return (List)Collections.singletonList(clazz);
}
- /**
+ /**
* For a given class, create its adapter class and associated info.
* @param type the class for which the adapter is created
* @return the adapter info for the class.
@@ -190,12 +188,19 @@
}
superClass = t;
} else {
+ if (interfaces.size() > 65535) {
+ throw new IllegalArgumentException("interface limit exceeded");
+ }
+
interfaces.add(t);
}
+
if(!Modifier.isPublic(mod)) {
return new AdapterInfo(AdaptationResult.Outcome.ERROR_NON_PUBLIC_CLASS, t.getCanonicalName());
}
}
+
+
final Class<?> effectiveSuperClass = superClass == null ? Object.class : superClass;
return AccessController.doPrivileged(new PrivilegedAction<AdapterInfo>() {
@Override
@@ -206,7 +211,7 @@
return new AdapterInfo(e.getAdaptationResult());
}
}
- });
+ }, CREATE_ADAPTER_INFO_ACC_CTXT);
}
private static class AdapterInfo {
--- a/nashorn/src/jdk/nashorn/internal/runtime/linker/ReflectionCheckLinker.java Thu Aug 08 11:20:14 2013 -0300
+++ b/nashorn/src/jdk/nashorn/internal/runtime/linker/ReflectionCheckLinker.java Fri Aug 09 20:48:44 2013 +0530
@@ -88,6 +88,6 @@
}
private static void checkReflectionPermission(final SecurityManager sm) {
- sm.checkPermission(new RuntimePermission("nashorn.JavaReflection"));
+ sm.checkPermission(new RuntimePermission(Context.NASHORN_JAVA_REFLECTION));
}
}
--- a/nashorn/src/jdk/nashorn/internal/runtime/options/Options.java Thu Aug 08 11:20:14 2013 -0300
+++ b/nashorn/src/jdk/nashorn/internal/runtime/options/Options.java Fri Aug 09 20:48:44 2013 +0530
@@ -26,8 +26,11 @@
package jdk.nashorn.internal.runtime.options;
import java.io.PrintWriter;
+import java.security.AccessControlContext;
import java.security.AccessController;
+import java.security.Permissions;
import java.security.PrivilegedAction;
+import java.security.ProtectionDomain;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.Collection;
@@ -39,6 +42,7 @@
import java.util.Locale;
import java.util.Map;
import java.util.MissingResourceException;
+import java.util.PropertyPermission;
import java.util.ResourceBundle;
import java.util.StringTokenizer;
import java.util.TimeZone;
@@ -51,6 +55,15 @@
* Manages global runtime options.
*/
public final class Options {
+ // permission to just read nashorn.* System properties
+ private static AccessControlContext createPropertyReadAccCtxt() {
+ final Permissions perms = new Permissions();
+ perms.add(new PropertyPermission("nashorn.*", "read"));
+ return new AccessControlContext(new ProtectionDomain[] { new ProtectionDomain(null, perms) });
+ }
+
+ private static final AccessControlContext READ_PROPERTY_ACC_CTXT = createPropertyReadAccCtxt();
+
/** Resource tag. */
private final String resource;
@@ -144,7 +157,7 @@
return false;
}
}
- });
+ }, READ_PROPERTY_ACC_CTXT);
}
/**
@@ -171,7 +184,7 @@
return defValue;
}
}
- });
+ }, READ_PROPERTY_ACC_CTXT);
}
/**
@@ -198,7 +211,7 @@
return defValue;
}
}
- });
+ }, READ_PROPERTY_ACC_CTXT);
}
/**
@@ -567,15 +580,7 @@
private static String definePropPrefix;
static {
- // Without do privileged, under security manager messages can not be
- // loaded.
- Options.bundle = AccessController.doPrivileged(new PrivilegedAction<ResourceBundle>() {
- @Override
- public ResourceBundle run() {
- return ResourceBundle.getBundle(Options.MESSAGES_RESOURCE, Locale.getDefault());
- }
- });
-
+ Options.bundle = ResourceBundle.getBundle(Options.MESSAGES_RESOURCE, Locale.getDefault());
Options.validOptions = new TreeSet<>();
Options.usage = new HashMap<>();
--- a/nashorn/src/jdk/nashorn/tools/Shell.java Thu Aug 08 11:20:14 2013 -0300
+++ b/nashorn/src/jdk/nashorn/tools/Shell.java Fri Aug 09 20:48:44 2013 +0530
@@ -34,8 +34,6 @@
import java.io.OutputStream;
import java.io.PrintStream;
import java.io.PrintWriter;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.List;
import java.util.Locale;
import java.util.ResourceBundle;
@@ -68,18 +66,7 @@
/**
* Shell message bundle.
*/
- private static ResourceBundle bundle;
-
- static {
- // Without do privileged, under security manager messages can not be
- // loaded.
- bundle = AccessController.doPrivileged(new PrivilegedAction<ResourceBundle>() {
- @Override
- public ResourceBundle run() {
- return ResourceBundle.getBundle(MESSAGE_RESOURCE, Locale.getDefault());
- }
- });
- }
+ private static final ResourceBundle bundle = ResourceBundle.getBundle(MESSAGE_RESOURCE, Locale.getDefault());
/**
* Exit code for command line tool - successful