7165628: Issues with java.lang.invoke.MethodHandles.Lookup
Summary: Base SecurityManager checks on either of Lookup.lookupClass or caller class; also clarify Lookup access checks.
Reviewed-by: twisti
--- a/jdk/src/share/classes/java/lang/invoke/MethodHandles.java Thu May 17 12:21:16 2012 +0100
+++ b/jdk/src/share/classes/java/lang/invoke/MethodHandles.java Fri May 18 20:31:28 2012 -0700
@@ -407,7 +407,7 @@
* an access$N method.
*/
Lookup() {
- this(getCallerClassAtEntryPoint(), ALL_MODES);
+ this(getCallerClassAtEntryPoint(false), ALL_MODES);
// make sure we haven't accidentally picked up a privileged class:
checkUnprivilegedlookupClass(lookupClass);
}
@@ -461,8 +461,8 @@
&& !VerifyAccess.isSamePackageMember(this.lookupClass, requestedLookupClass)) {
newModes &= ~PRIVATE;
}
- if (newModes == PUBLIC
- && !VerifyAccess.isClassAccessible(requestedLookupClass, this.lookupClass)) {
+ if ((newModes & PUBLIC) != 0
+ && !VerifyAccess.isClassAccessible(requestedLookupClass, this.lookupClass, allowedModes)) {
// The requested class it not accessible from the lookup class.
// No permissions.
newModes = 0;
@@ -540,13 +540,17 @@
}
}
- // call this from an entry point method in Lookup with extraFrames=0.
- private static Class<?> getCallerClassAtEntryPoint() {
+ /* Obtain the external caller class, when called from Lookup.<init> or a first-level subroutine. */
+ private static Class<?> getCallerClassAtEntryPoint(boolean inSubroutine) {
final int CALLER_DEPTH = 4;
+ // Stack for the constructor entry point (inSubroutine=false):
// 0: Reflection.getCC, 1: getCallerClassAtEntryPoint,
// 2: Lookup.<init>, 3: MethodHandles.*, 4: caller
+ // The stack is slightly different for a subroutine of a Lookup.find* method:
+ // 2: Lookup.*, 3: Lookup.find*.*, 4: caller
// Note: This should be the only use of getCallerClass in this file.
- assert(Reflection.getCallerClass(CALLER_DEPTH-1) == MethodHandles.class);
+ assert(Reflection.getCallerClass(CALLER_DEPTH-2) == Lookup.class);
+ assert(Reflection.getCallerClass(CALLER_DEPTH-1) == (inSubroutine ? Lookup.class : MethodHandles.class));
return Reflection.getCallerClass(CALLER_DEPTH);
}
@@ -1087,7 +1091,7 @@
void checkSymbolicClass(Class<?> refc) throws IllegalAccessException {
Class<?> caller = lookupClassOrNull();
- if (caller != null && !VerifyAccess.isClassAccessible(refc, caller))
+ if (caller != null && !VerifyAccess.isClassAccessible(refc, caller, allowedModes))
throw new MemberName(refc).makeAccessException("symbolic reference class is not public", this);
}
@@ -1102,7 +1106,13 @@
// Step 1:
smgr.checkMemberAccess(refc, Member.PUBLIC);
// Step 2:
- if (!VerifyAccess.classLoaderIsAncestor(lookupClass, refc))
+ Class<?> callerClass = ((allowedModes & PRIVATE) != 0
+ ? lookupClass // for strong access modes, no extra check
+ // next line does stack walk magic; do not refactor:
+ : getCallerClassAtEntryPoint(true));
+ if (!VerifyAccess.classLoaderIsAncestor(lookupClass, refc) ||
+ (callerClass != lookupClass &&
+ !VerifyAccess.classLoaderIsAncestor(callerClass, refc)))
smgr.checkPackageAccess(VerifyAccess.getPackageName(refc));
// Step 3:
if (m.isPublic()) return;
@@ -1153,9 +1163,10 @@
int requestedModes = fixmods(mods); // adjust 0 => PACKAGE
if ((requestedModes & allowedModes) != 0
&& VerifyAccess.isMemberAccessible(refc, m.getDeclaringClass(),
- mods, lookupClass()))
+ mods, lookupClass(), allowedModes))
return;
if (((requestedModes & ~allowedModes) & PROTECTED) != 0
+ && (allowedModes & PACKAGE) != 0
&& VerifyAccess.isSamePackage(m.getDeclaringClass(), lookupClass()))
// Protected members can also be checked as if they were package-private.
return;
@@ -1170,9 +1181,9 @@
(defc == refc ||
Modifier.isPublic(refc.getModifiers())));
if (!classOK && (allowedModes & PACKAGE) != 0) {
- classOK = (VerifyAccess.isClassAccessible(defc, lookupClass()) &&
+ classOK = (VerifyAccess.isClassAccessible(defc, lookupClass(), ALL_MODES) &&
(defc == refc ||
- VerifyAccess.isClassAccessible(refc, lookupClass())));
+ VerifyAccess.isClassAccessible(refc, lookupClass(), ALL_MODES)));
}
if (!classOK)
return "class is not public";
--- a/jdk/src/share/classes/sun/invoke/util/VerifyAccess.java Thu May 17 12:21:16 2012 +0100
+++ b/jdk/src/share/classes/sun/invoke/util/VerifyAccess.java Fri May 18 20:31:28 2012 -0700
@@ -37,6 +37,8 @@
private VerifyAccess() { } // cannot instantiate
private static final int PACKAGE_ONLY = 0;
+ private static final int PACKAGE_ALLOWED = java.lang.invoke.MethodHandles.Lookup.PACKAGE;
+ private static final int PROTECTED_OR_PACKAGE_ALLOWED = (PACKAGE_ALLOWED|PROTECTED);
private static final int ALL_ACCESS_MODES = (PUBLIC|PRIVATE|PROTECTED|PACKAGE_ONLY);
private static final boolean ALLOW_NESTMATE_ACCESS = false;
@@ -82,14 +84,19 @@
public static boolean isMemberAccessible(Class<?> refc, // symbolic ref class
Class<?> defc, // actual def class
int mods, // actual member mods
- Class<?> lookupClass) {
+ Class<?> lookupClass,
+ int allowedModes) {
+ if (allowedModes == 0) return false;
+ assert((allowedModes & PUBLIC) != 0 &&
+ (allowedModes & ~(ALL_ACCESS_MODES|PACKAGE_ALLOWED)) == 0);
// Usually refc and defc are the same, but if they differ, verify them both.
if (refc != defc) {
- if (!isClassAccessible(refc, lookupClass)) {
+ if (!isClassAccessible(refc, lookupClass, allowedModes)) {
// Note that defc is verified in the switch below.
return false;
}
- if ((mods & (ALL_ACCESS_MODES|STATIC)) == (PROTECTED|STATIC)) {
+ if ((mods & (ALL_ACCESS_MODES|STATIC)) == (PROTECTED|STATIC) &&
+ (allowedModes & PROTECTED_OR_PACKAGE_ALLOWED) != 0) {
// Apply the special rules for refc here.
if (!isRelatedClass(refc, lookupClass))
return isSamePackage(defc, lookupClass);
@@ -98,19 +105,28 @@
// a superclass of the lookup class.
}
}
- if (defc == lookupClass)
+ if (defc == lookupClass &&
+ (allowedModes & PRIVATE) != 0)
return true; // easy check; all self-access is OK
switch (mods & ALL_ACCESS_MODES) {
case PUBLIC:
if (refc != defc) return true; // already checked above
- return isClassAccessible(refc, lookupClass);
+ return isClassAccessible(refc, lookupClass, allowedModes);
case PROTECTED:
- return isSamePackage(defc, lookupClass) || isPublicSuperClass(defc, lookupClass);
- case PACKAGE_ONLY:
- return isSamePackage(defc, lookupClass);
+ if ((allowedModes & PROTECTED_OR_PACKAGE_ALLOWED) != 0 &&
+ isSamePackage(defc, lookupClass))
+ return true;
+ if ((allowedModes & PROTECTED) != 0 &&
+ isPublicSuperClass(defc, lookupClass))
+ return true;
+ return false;
+ case PACKAGE_ONLY: // That is, zero. Unmarked member is package-only access.
+ return ((allowedModes & PACKAGE_ALLOWED) != 0 &&
+ isSamePackage(defc, lookupClass));
case PRIVATE:
// Loosened rules for privates follows access rules for inner classes.
return (ALLOW_NESTMATE_ACCESS &&
+ (allowedModes & PRIVATE) != 0 &&
isSamePackageMember(defc, lookupClass));
default:
throw new IllegalArgumentException("bad modifiers: "+Modifier.toString(mods));
@@ -138,11 +154,16 @@
* @param refc the symbolic reference class to which access is being checked (C)
* @param lookupClass the class performing the lookup (D)
*/
- public static boolean isClassAccessible(Class<?> refc, Class<?> lookupClass) {
+ public static boolean isClassAccessible(Class<?> refc, Class<?> lookupClass,
+ int allowedModes) {
+ if (allowedModes == 0) return false;
+ assert((allowedModes & PUBLIC) != 0 &&
+ (allowedModes & ~(ALL_ACCESS_MODES|PACKAGE_ALLOWED)) == 0);
int mods = refc.getModifiers();
if (isPublic(mods))
return true;
- if (isSamePackage(lookupClass, refc))
+ if ((allowedModes & PACKAGE_ALLOWED) != 0 &&
+ isSamePackage(lookupClass, refc))
return true;
return false;
}
@@ -157,7 +178,7 @@
assert(!class1.isArray() && !class2.isArray());
if (class1 == class2)
return true;
- if (!loadersAreRelated(class1.getClassLoader(), class2.getClassLoader(), false))
+ if (class1.getClassLoader() != class2.getClassLoader())
return false;
String name1 = class1.getName(), name2 = class2.getName();
int dot = name1.lastIndexOf('.');
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/java/lang/invoke/AccessControlTest.java Fri May 18 20:31:28 2012 -0700
@@ -0,0 +1,495 @@
+/*
+ * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation. Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/* @test
+ * @summary test access checking by java.lang.invoke.MethodHandles.Lookup
+ * @library ../../../..
+ * @build test.java.lang.invoke.AccessControlTest
+ * @build test.java.lang.invoke.AccessControlTest_subpkg.Acquaintance_remote
+ * @run junit/othervm test.java.lang.invoke.AccessControlTest
+ */
+
+package test.java.lang.invoke;
+
+import java.lang.invoke.*;
+import java.lang.reflect.*;
+import java.util.*;
+import org.junit.*;
+
+import static java.lang.invoke.MethodHandles.*;
+import static java.lang.invoke.MethodHandles.Lookup.*;
+import static java.lang.invoke.MethodType.*;
+import static org.junit.Assert.*;
+import test.java.lang.invoke.AccessControlTest_subpkg.Acquaintance_remote;
+
+
+/**
+ * Test many combinations of Lookup access and cross-class lookupStatic.
+ * @author jrose
+ */
+public class AccessControlTest {
+ static final Class<?> THIS_CLASS = AccessControlTest.class;
+ // How much output?
+ static int verbosity = 0;
+ static {
+ String vstr = System.getProperty(THIS_CLASS.getSimpleName()+".verbosity");
+ if (vstr == null)
+ vstr = System.getProperty(THIS_CLASS.getName()+".verbosity");
+ if (vstr != null) verbosity = Integer.parseInt(vstr);
+ }
+
+ private class LookupCase implements Comparable<LookupCase> {
+ final Lookup lookup;
+ final Class<?> lookupClass;
+ final int lookupModes;
+ public LookupCase(Lookup lookup) {
+ this.lookup = lookup;
+ this.lookupClass = lookup.lookupClass();
+ this.lookupModes = lookup.lookupModes();
+ assert(lookupString().equals(lookup.toString()));
+ numberOf(lookupClass().getClassLoader()); // assign CL#
+ }
+ public LookupCase(Class<?> lookupClass, int lookupModes) {
+ this.lookup = null;
+ this.lookupClass = lookupClass;
+ this.lookupModes = lookupModes;
+ numberOf(lookupClass().getClassLoader()); // assign CL#
+ }
+
+ public final Class<?> lookupClass() { return lookupClass; }
+ public final int lookupModes() { return lookupModes; }
+
+ public Lookup lookup() { lookup.getClass(); return lookup; }
+
+ @Override
+ public int compareTo(LookupCase that) {
+ Class<?> c1 = this.lookupClass();
+ Class<?> c2 = that.lookupClass();
+ if (c1 != c2) {
+ int cmp = c1.getName().compareTo(c2.getName());
+ if (cmp != 0) return cmp;
+ cmp = numberOf(c1.getClassLoader()) - numberOf(c2.getClassLoader());
+ assert(cmp != 0);
+ return cmp;
+ }
+ return -(this.lookupModes() - that.lookupModes());
+ }
+
+ @Override
+ public boolean equals(Object that) {
+ return (that instanceof LookupCase && equals((LookupCase)that));
+ }
+ public boolean equals(LookupCase that) {
+ return (this.lookupClass() == that.lookupClass() &&
+ this.lookupModes() == that.lookupModes());
+ }
+
+ @Override
+ public int hashCode() {
+ return lookupClass().hashCode() + (lookupModes() * 31);
+ }
+
+ /** Simulate all assertions in the spec. for Lookup.toString. */
+ private String lookupString() {
+ String name = lookupClass.getName();
+ String suffix = "";
+ if (lookupModes == 0)
+ suffix = "/noaccess";
+ else if (lookupModes == PUBLIC)
+ suffix = "/public";
+ else if (lookupModes == (PUBLIC|PACKAGE))
+ suffix = "/package";
+ else if (lookupModes == (PUBLIC|PACKAGE|PRIVATE))
+ suffix = "/private";
+ else if (lookupModes == (PUBLIC|PACKAGE|PRIVATE|PROTECTED))
+ suffix = "";
+ else
+ suffix = "/#"+Integer.toHexString(lookupModes);
+ return name+suffix;
+ }
+
+ /** Simulate all assertions from the spec. for Lookup.in:
+ * <hr/>
+ * Creates a lookup on the specified new lookup class.
+ * [A1] The resulting object will report the specified
+ * class as its own {@link #lookupClass lookupClass}.
+ * <p>
+ * [A2] However, the resulting {@code Lookup} object is guaranteed
+ * to have no more access capabilities than the original.
+ * In particular, access capabilities can be lost as follows:<ul>
+ * <li>[A3] If the new lookup class differs from the old one,
+ * protected members will not be accessible by virtue of inheritance.
+ * (Protected members may continue to be accessible because of package sharing.)
+ * <li>[A4] If the new lookup class is in a different package
+ * than the old one, protected and default (package) members will not be accessible.
+ * <li>[A5] If the new lookup class is not within the same package member
+ * as the old one, private members will not be accessible.
+ * <li>[A6] If the new lookup class is not accessible to the old lookup class,
+ * using the original access modes,
+ * then no members, not even public members, will be accessible.
+ * [A7] (In all other cases, public members will continue to be accessible.)
+ * </ul>
+ * Other than the above cases, the new lookup will have the same
+ * access capabilities as the original. [A8]
+ * <hr/>
+ */
+ public LookupCase in(Class<?> c2) {
+ Class<?> c1 = lookupClass();
+ int m1 = lookupModes();
+ int changed = 0;
+ boolean samePackage = (c1.getClassLoader() == c2.getClassLoader() &&
+ packagePrefix(c1).equals(packagePrefix(c2)));
+ boolean sameTopLevel = (topLevelClass(c1) == topLevelClass(c2));
+ boolean sameClass = (c1 == c2);
+ assert(samePackage || !sameTopLevel);
+ assert(sameTopLevel || !sameClass);
+ boolean accessible = sameClass; // [A6]
+ if ((m1 & PACKAGE) != 0) accessible |= samePackage;
+ if ((m1 & PUBLIC ) != 0) accessible |= (c2.getModifiers() & PUBLIC) != 0;
+ if (!accessible) {
+ // Different package and no access to c2; lose all access.
+ changed |= (PUBLIC|PACKAGE|PRIVATE|PROTECTED); // [A6]
+ }
+ if (!samePackage) {
+ // Different package; lose PACKAGE and lower access.
+ changed |= (PACKAGE|PRIVATE|PROTECTED); // [A4]
+ }
+ if (!sameTopLevel) {
+ // Different top-level class. Lose PRIVATE and lower access.
+ changed |= (PRIVATE|PROTECTED); // [A5]
+ }
+ if (!sameClass) {
+ changed |= (PROTECTED); // [A3]
+ } else {
+ assert(changed == 0); // [A8] (no deprivation if same class)
+ }
+ if (accessible) assert((changed & PUBLIC) == 0); // [A7]
+ int m2 = m1 & ~changed;
+ LookupCase l2 = new LookupCase(c2, m2);
+ assert(l2.lookupClass() == c2); // [A1]
+ assert((m1 | m2) == m1); // [A2] (no elevation of access)
+ return l2;
+ }
+
+ @Override
+ public String toString() {
+ String s = lookupClass().getSimpleName();
+ String lstr = lookupString();
+ int sl = lstr.indexOf('/');
+ if (sl >= 0) s += lstr.substring(sl);
+ ClassLoader cld = lookupClass().getClassLoader();
+ if (cld != THIS_LOADER) s += "/loader#"+numberOf(cld);
+ return s;
+ }
+
+ /** Predict the success or failure of accessing this method. */
+ public boolean willAccess(Method m) {
+ Class<?> c1 = lookupClass();
+ Class<?> c2 = m.getDeclaringClass();
+ LookupCase lc = this.in(c2);
+ int m1 = lc.lookupModes();
+ int m2 = fixMods(m.getModifiers());
+ // privacy is strictly enforced on lookups
+ if (c1 != c2) m1 &= ~PRIVATE;
+ // protected access is sometimes allowed
+ if ((m2 & PROTECTED) != 0) {
+ int prev = m2;
+ m2 |= PACKAGE; // it acts like a package method also
+ if ((lookupModes() & PROTECTED) != 0 &&
+ c2.isAssignableFrom(c1))
+ m2 |= PUBLIC; // from a subclass, it acts like a public method also
+ }
+ if (verbosity >= 2)
+ System.out.println(this+" willAccess "+lc+" m1="+m1+" m2="+m2+" => "+((m2 & m1) != 0));
+ return (m2 & m1) != 0;
+ }
+ }
+
+ private static Class<?> topLevelClass(Class<?> cls) {
+ Class<?> c = cls;
+ for (Class<?> ec; (ec = c.getEnclosingClass()) != null; )
+ c = ec;
+ assert(c.getEnclosingClass() == null);
+ assert(c == cls || cls.getEnclosingClass() != null);
+ return c;
+ }
+
+ private static String packagePrefix(Class<?> c) {
+ while (c.isArray()) c = c.getComponentType();
+ String s = c.getName();
+ assert(s.indexOf('/') < 0);
+ return s.substring(0, s.lastIndexOf('.')+1);
+ }
+
+
+ private final TreeSet<LookupCase> CASES = new TreeSet<>();
+ private final TreeMap<LookupCase,TreeSet<LookupCase>> CASE_EDGES = new TreeMap<>();
+ private final ArrayList<ClassLoader> LOADERS = new ArrayList<>();
+ private final ClassLoader THIS_LOADER = this.getClass().getClassLoader();
+ { if (THIS_LOADER != null) LOADERS.add(THIS_LOADER); } // #1
+
+ private LookupCase lookupCase(String name) {
+ for (LookupCase lc : CASES) {
+ if (lc.toString().equals(name))
+ return lc;
+ }
+ throw new AssertionError(name);
+ }
+
+ private int numberOf(ClassLoader cl) {
+ if (cl == null) return 0;
+ int i = LOADERS.indexOf(cl);
+ if (i < 0) {
+ i = LOADERS.size();
+ LOADERS.add(cl);
+ }
+ return i+1;
+ }
+
+ private void addLookupEdge(LookupCase l1, Class<?> c2, LookupCase l2) {
+ TreeSet<LookupCase> edges = CASE_EDGES.get(l2);
+ if (edges == null) CASE_EDGES.put(l2, edges = new TreeSet<>());
+ if (edges.add(l1)) {
+ Class<?> c1 = l1.lookupClass();
+ assert(l2.lookupClass() == c2); // [A1]
+ int m1 = l1.lookupModes();
+ int m2 = l2.lookupModes();
+ assert((m1 | m2) == m1); // [A2] (no elevation of access)
+ LookupCase expect = l1.in(c2);
+ if (!expect.equals(l2))
+ System.out.println("*** expect "+l1+" => "+expect+" but got "+l2);
+ assertEquals(expect, l2);
+ }
+ }
+
+ private void makeCases(Lookup[] originalLookups) {
+ // make initial set of lookup test cases
+ CASES.clear(); LOADERS.clear(); CASE_EDGES.clear();
+ ArrayList<Class<?>> classes = new ArrayList<>();
+ for (Lookup l : originalLookups) {
+ CASES.add(new LookupCase(l));
+ classes.remove(l.lookupClass()); // no dups please
+ classes.add(l.lookupClass());
+ }
+ System.out.println("loaders = "+LOADERS);
+ int rounds = 0;
+ for (int lastCount = -1; lastCount != CASES.size(); ) {
+ lastCount = CASES.size(); // if CASES grow in the loop we go round again
+ for (LookupCase lc1 : CASES.toArray(new LookupCase[0])) {
+ for (Class<?> c2 : classes) {
+ LookupCase lc2 = new LookupCase(lc1.lookup().in(c2));
+ addLookupEdge(lc1, c2, lc2);
+ CASES.add(lc2);
+ }
+ }
+ rounds++;
+ }
+ System.out.println("filled in "+CASES.size()+" cases from "+originalLookups.length+" original cases in "+rounds+" rounds");
+ if (false) {
+ System.out.println("CASES: {");
+ for (LookupCase lc : CASES) {
+ System.out.println(lc);
+ Set<LookupCase> edges = CASE_EDGES.get(lc);
+ if (edges != null)
+ for (LookupCase prev : edges) {
+ System.out.println("\t"+prev);
+ }
+ }
+ System.out.println("}");
+ }
+ }
+
+ @Test public void test() {
+ makeCases(lookups());
+ if (verbosity > 0) {
+ verbosity += 9;
+ Method pro_in_self = targetMethod(THIS_CLASS, PROTECTED, methodType(void.class));
+ testOneAccess(lookupCase("AccessControlTest/public"), pro_in_self, "find");
+ testOneAccess(lookupCase("Remote_subclass/public"), pro_in_self, "find");
+ testOneAccess(lookupCase("Remote_subclass"), pro_in_self, "find");
+ verbosity -= 9;
+ }
+ Set<Class<?>> targetClassesDone = new HashSet<>();
+ for (LookupCase targetCase : CASES) {
+ Class<?> targetClass = targetCase.lookupClass();
+ if (!targetClassesDone.add(targetClass)) continue; // already saw this one
+ String targetPlace = placeName(targetClass);
+ if (targetPlace == null) continue; // Object, String, not a target
+ for (int targetAccess : ACCESS_CASES) {
+ MethodType methodType = methodType(void.class);
+ Method method = targetMethod(targetClass, targetAccess, methodType);
+ // Try to access target method from various contexts.
+ for (LookupCase sourceCase : CASES) {
+ testOneAccess(sourceCase, method, "find");
+ testOneAccess(sourceCase, method, "unreflect");
+ }
+ }
+ }
+ System.out.println("tested "+testCount+" access scenarios; "+testCountFails+" accesses were denied");
+ }
+
+ private int testCount, testCountFails;
+
+ private void testOneAccess(LookupCase sourceCase, Method method, String kind) {
+ Class<?> targetClass = method.getDeclaringClass();
+ String methodName = method.getName();
+ MethodType methodType = methodType(method.getReturnType(), method.getParameterTypes());
+ boolean willAccess = sourceCase.willAccess(method);
+ boolean didAccess = false;
+ ReflectiveOperationException accessError = null;
+ try {
+ switch (kind) {
+ case "find":
+ if ((method.getModifiers() & Modifier.STATIC) != 0)
+ sourceCase.lookup().findStatic(targetClass, methodName, methodType);
+ else
+ sourceCase.lookup().findVirtual(targetClass, methodName, methodType);
+ break;
+ case "unreflect":
+ sourceCase.lookup().unreflect(method);
+ break;
+ default:
+ throw new AssertionError(kind);
+ }
+ didAccess = true;
+ } catch (ReflectiveOperationException ex) {
+ accessError = ex;
+ }
+ if (willAccess != didAccess) {
+ System.out.println(sourceCase+" => "+targetClass.getSimpleName()+"."+methodName+methodType);
+ System.out.println("fail on "+method+" ex="+accessError);
+ assertEquals(willAccess, didAccess);
+ }
+ testCount++;
+ if (!didAccess) testCountFails++;
+ }
+
+ static Method targetMethod(Class<?> targetClass, int targetAccess, MethodType methodType) {
+ String methodName = accessName(targetAccess)+placeName(targetClass);
+ if (verbosity >= 2)
+ System.out.println(targetClass.getSimpleName()+"."+methodName+methodType);
+ try {
+ Method method = targetClass.getDeclaredMethod(methodName, methodType.parameterArray());
+ assertEquals(method.getReturnType(), methodType.returnType());
+ int haveMods = method.getModifiers();
+ assert(Modifier.isStatic(haveMods));
+ assert(targetAccess == fixMods(haveMods));
+ return method;
+ } catch (NoSuchMethodException ex) {
+ throw new AssertionError(methodName, ex);
+ }
+ }
+
+ static String placeName(Class<?> cls) {
+ // return "self", "sibling", "nestmate", etc.
+ if (cls == AccessControlTest.class) return "self";
+ String cln = cls.getSimpleName();
+ int under = cln.lastIndexOf('_');
+ if (under < 0) return null;
+ return cln.substring(under+1);
+ }
+ static String accessName(int acc) {
+ switch (acc) {
+ case PUBLIC: return "pub_in_";
+ case PROTECTED: return "pro_in_";
+ case PACKAGE: return "pkg_in_";
+ case PRIVATE: return "pri_in_";
+ }
+ assert(false);
+ return "?";
+ }
+ private static final int[] ACCESS_CASES = {
+ PUBLIC, PACKAGE, PRIVATE, PROTECTED
+ };
+ /** Return one of the ACCESS_CASES. */
+ static int fixMods(int mods) {
+ mods &= (PUBLIC|PRIVATE|PROTECTED);
+ switch (mods) {
+ case PUBLIC: case PRIVATE: case PROTECTED: return mods;
+ case 0: return PACKAGE;
+ }
+ throw new AssertionError(mods);
+ }
+
+ static Lookup[] lookups() {
+ ArrayList<Lookup> tem = new ArrayList<>();
+ Collections.addAll(tem,
+ AccessControlTest.lookup_in_self(),
+ Inner_nestmate.lookup_in_nestmate(),
+ AccessControlTest_sibling.lookup_in_sibling());
+ if (true) {
+ Collections.addAll(tem,Acquaintance_remote.lookups());
+ } else {
+ try {
+ Class<?> remc = Class.forName("test.java.lang.invoke.AccessControlTest_subpkg.Acquaintance_remote");
+ Lookup[] remls = (Lookup[]) remc.getMethod("lookups").invoke(null);
+ Collections.addAll(tem, remls);
+ } catch (ReflectiveOperationException ex) {
+ throw new LinkageError("reflection failed", ex);
+ }
+ }
+ tem.add(publicLookup());
+ tem.add(publicLookup().in(String.class));
+ tem.add(publicLookup().in(List.class));
+ return tem.toArray(new Lookup[0]);
+ }
+
+ static Lookup lookup_in_self() {
+ return MethodHandles.lookup();
+ }
+ static public void pub_in_self() { }
+ static protected void pro_in_self() { }
+ static /*package*/ void pkg_in_self() { }
+ static private void pri_in_self() { }
+
+ static class Inner_nestmate {
+ static Lookup lookup_in_nestmate() {
+ return MethodHandles.lookup();
+ }
+ static public void pub_in_nestmate() { }
+ static protected void pro_in_nestmate() { }
+ static /*package*/ void pkg_in_nestmate() { }
+ static private void pri_in_nestmate() { }
+ }
+}
+class AccessControlTest_sibling {
+ static Lookup lookup_in_sibling() {
+ return MethodHandles.lookup();
+ }
+ static public void pub_in_sibling() { }
+ static protected void pro_in_sibling() { }
+ static /*package*/ void pkg_in_sibling() { }
+ static private void pri_in_sibling() { }
+}
+
+// This guy tests access from outside the package:
+/*
+package test.java.lang.invoke.AccessControlTest_subpkg;
+public class Acquaintance_remote {
+ public static Lookup[] lookups() { ...
+ }
+ ...
+}
+*/
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/java/lang/invoke/AccessControlTest_subpkg/Acquaintance_remote.java Fri May 18 20:31:28 2012 -0700
@@ -0,0 +1,42 @@
+package test.java.lang.invoke.AccessControlTest_subpkg;
+import test.java.lang.invoke.AccessControlTest;
+import java.lang.invoke.*;
+import static java.lang.invoke.MethodHandles.*;
+
+// This guy tests access from outside the package test.java.lang.invoke:
+public class Acquaintance_remote {
+ public static Lookup[] lookups() {
+ return new Lookup[] {
+ Acquaintance_remote.lookup_in_remote(),
+ Remote_subclass.lookup_in_subclass(),
+ Remote_hidden.lookup_in_hidden()
+ };
+ }
+
+ public static Lookup lookup_in_remote() {
+ return MethodHandles.lookup();
+ }
+ static public void pub_in_remote() { }
+ static protected void pro_in_remote() { }
+ static /*package*/ void pkg_in_remote() { }
+ static private void pri_in_remote() { }
+
+ static public class Remote_subclass extends AccessControlTest {
+ static Lookup lookup_in_subclass() {
+ return MethodHandles.lookup();
+ }
+ static public void pub_in_subclass() { }
+ static protected void pro_in_subclass() { }
+ static /*package*/ void pkg_in_subclass() { }
+ static private void pri_in_subclass() { }
+ }
+ static /*package*/ class Remote_hidden {
+ static Lookup lookup_in_hidden() {
+ return MethodHandles.lookup();
+ }
+ static public void pub_in_hidden() { }
+ static protected void pro_in_hidden() { }
+ static /*package*/ void pkg_in_hidden() { }
+ static private void pri_in_hidden() { }
+ }
+}