Mercurial > hg > graal-compiler
comparison src/share/vm/prims/jvm.cpp @ 18051:21444610cb92
8015256: Better class accessibility
Summary: Improve protection domain check in forName()
Reviewed-by: mchung, acorn, jdn
author | coleenp |
---|---|
date | Thu, 08 May 2014 17:19:49 -0400 |
parents | 615d83933195 |
children | 54bc75c144b0 |
comparison
equal
deleted
inserted
replaced
18050:6424a6aac192 | 18051:21444610cb92 |
---|---|
1 /* | 1 /* |
2 * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. | 2 * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. | 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 * | 4 * |
5 * This code is free software; you can redistribute it and/or modify it | 5 * This code is free software; you can redistribute it and/or modify it |
6 * under the terms of the GNU General Public License version 2 only, as | 6 * under the terms of the GNU General Public License version 2 only, as |
7 * published by the Free Software Foundation. | 7 * published by the Free Software Foundation. |
775 trace_class_resolution(k); | 775 trace_class_resolution(k); |
776 } | 776 } |
777 return (jclass) JNIHandles::make_local(env, k->java_mirror()); | 777 return (jclass) JNIHandles::make_local(env, k->java_mirror()); |
778 JVM_END | 778 JVM_END |
779 | 779 |
780 // Not used; JVM_FindClassFromCaller replaces this. | |
780 JVM_ENTRY(jclass, JVM_FindClassFromClassLoader(JNIEnv* env, const char* name, | 781 JVM_ENTRY(jclass, JVM_FindClassFromClassLoader(JNIEnv* env, const char* name, |
781 jboolean init, jobject loader, | 782 jboolean init, jobject loader, |
782 jboolean throwError)) | 783 jboolean throwError)) |
783 JVMWrapper3("JVM_FindClassFromClassLoader %s throw %s", name, | 784 JVMWrapper3("JVM_FindClassFromClassLoader %s throw %s", name, |
784 throwError ? "error" : "exception"); | 785 throwError ? "error" : "exception"); |
801 trace_class_resolution(java_lang_Class::as_Klass(JNIHandles::resolve_non_null(result))); | 802 trace_class_resolution(java_lang_Class::as_Klass(JNIHandles::resolve_non_null(result))); |
802 } | 803 } |
803 return result; | 804 return result; |
804 JVM_END | 805 JVM_END |
805 | 806 |
807 // Find a class with this name in this loader, using the caller's protection domain. | |
808 JVM_ENTRY(jclass, JVM_FindClassFromCaller(JNIEnv* env, const char* name, | |
809 jboolean init, jobject loader, | |
810 jclass caller)) | |
811 JVMWrapper2("JVM_FindClassFromCaller %s throws ClassNotFoundException", name); | |
812 // Java libraries should ensure that name is never null... | |
813 if (name == NULL || (int)strlen(name) > Symbol::max_length()) { | |
814 // It's impossible to create this class; the name cannot fit | |
815 // into the constant pool. | |
816 THROW_MSG_0(vmSymbols::java_lang_ClassNotFoundException(), name); | |
817 } | |
818 | |
819 TempNewSymbol h_name = SymbolTable::new_symbol(name, CHECK_NULL); | |
820 | |
821 oop loader_oop = JNIHandles::resolve(loader); | |
822 oop from_class = JNIHandles::resolve(caller); | |
823 oop protection_domain = NULL; | |
824 // If loader is null, shouldn't call ClassLoader.checkPackageAccess; otherwise get | |
825 // NPE. Put it in another way, the bootstrap class loader has all permission and | |
826 // thus no checkPackageAccess equivalence in the VM class loader. | |
827 // The caller is also passed as NULL by the java code if there is no security | |
828 // manager to avoid the performance cost of getting the calling class. | |
829 if (from_class != NULL && loader_oop != NULL) { | |
830 protection_domain = java_lang_Class::as_Klass(from_class)->protection_domain(); | |
831 } | |
832 | |
833 Handle h_loader(THREAD, loader_oop); | |
834 Handle h_prot(THREAD, protection_domain); | |
835 jclass result = find_class_from_class_loader(env, h_name, init, h_loader, | |
836 h_prot, false, THREAD); | |
837 | |
838 if (TraceClassResolution && result != NULL) { | |
839 trace_class_resolution(java_lang_Class::as_Klass(JNIHandles::resolve_non_null(result))); | |
840 } | |
841 return result; | |
842 JVM_END | |
806 | 843 |
807 JVM_ENTRY(jclass, JVM_FindClassFromClass(JNIEnv *env, const char *name, | 844 JVM_ENTRY(jclass, JVM_FindClassFromClass(JNIEnv *env, const char *name, |
808 jboolean init, jclass from)) | 845 jboolean init, jclass from)) |
809 JVMWrapper2("JVM_FindClassFromClass %s", name); | 846 JVMWrapper2("JVM_FindClassFromClass %s", name); |
810 if (name == NULL || (int)strlen(name) > Symbol::max_length()) { | 847 if (name == NULL || (int)strlen(name) > Symbol::max_length()) { |
3954 | 3991 |
3955 | 3992 |
3956 | 3993 |
3957 // Shared JNI/JVM entry points ////////////////////////////////////////////////////////////// | 3994 // Shared JNI/JVM entry points ////////////////////////////////////////////////////////////// |
3958 | 3995 |
3959 jclass find_class_from_class_loader(JNIEnv* env, Symbol* name, jboolean init, Handle loader, Handle protection_domain, jboolean throwError, TRAPS) { | 3996 jclass find_class_from_class_loader(JNIEnv* env, Symbol* name, jboolean init, |
3997 Handle loader, Handle protection_domain, | |
3998 jboolean throwError, TRAPS) { | |
3960 // Security Note: | 3999 // Security Note: |
3961 // The Java level wrapper will perform the necessary security check allowing | 4000 // The Java level wrapper will perform the necessary security check allowing |
3962 // us to pass the NULL as the initiating class loader. | 4001 // us to pass the NULL as the initiating class loader. The VM is responsible for |
4002 // the checkPackageAccess relative to the initiating class loader via the | |
4003 // protection_domain. The protection_domain is passed as NULL by the java code | |
4004 // if there is no security manager in 3-arg Class.forName(). | |
3963 Klass* klass = SystemDictionary::resolve_or_fail(name, loader, protection_domain, throwError != 0, CHECK_NULL); | 4005 Klass* klass = SystemDictionary::resolve_or_fail(name, loader, protection_domain, throwError != 0, CHECK_NULL); |
3964 | 4006 |
3965 KlassHandle klass_handle(THREAD, klass); | 4007 KlassHandle klass_handle(THREAD, klass); |
3966 // Check if we should initialize the class | 4008 // Check if we should initialize the class |
3967 if (init && klass_handle->oop_is_instance()) { | 4009 if (init && klass_handle->oop_is_instance()) { |