OpenJDK / jdk / jdk
changeset 1508:fed1edd772d5
6761678: (ann) SecurityException in AnnotationInvocationHandler.getMemberMethods
Summary: Move call to getDeclaredMethods inside doPrivileged
Reviewed-by: darcy, mullan
Contributed-by: jjb@google.com
| author | martin |
|---|---|
| date | Fri, 24 Oct 2008 20:34:40 -0700 |
| parents | 8a9b53004f38 |
| children | 89e3d8869c94 |
| files | jdk/src/share/classes/sun/reflect/annotation/AnnotationInvocationHandler.java jdk/test/java/lang/annotation/ParameterAnnotations.java |
| diffstat | 2 files changed, 126 insertions(+), 8 deletions(-) [+] |
line wrap: on
line diff
--- a/jdk/src/share/classes/sun/reflect/annotation/AnnotationInvocationHandler.java Mon Oct 20 01:39:38 2008 -0700 +++ b/jdk/src/share/classes/sun/reflect/annotation/AnnotationInvocationHandler.java Fri Oct 24 20:34:40 2008 -0700 @@ -272,14 +272,14 @@ */ private Method[] getMemberMethods() { if (memberMethods == null) { - final Method[] mm = type.getDeclaredMethods(); - AccessController.doPrivileged(new PrivilegedAction<Void>() { - public Void run() { - AccessibleObject.setAccessible(mm, true); - return null; - } - }); - memberMethods = mm; + memberMethods = AccessController.doPrivileged( + new PrivilegedAction<Method[]>() { + public Method[] run() { + final Method[] mm = type.getDeclaredMethods(); + AccessibleObject.setAccessible(mm, true); + return mm; + } + }); } return memberMethods; }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/java/lang/annotation/ParameterAnnotations.java Fri Oct 24 20:34:40 2008 -0700 @@ -0,0 +1,118 @@ +/* + * Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, + * CA 95054 USA or visit www.sun.com if you need additional information or + * have any questions. + */ + +/* + * @test + * @bug 6761678 + * @summary Check properties of Annotations returned from + * getParameterAnnotations, including freedom from security + * exceptions. + * @author Martin Buchholz + */ + +import java.lang.annotation.Annotation; +import java.lang.annotation.ElementType; +import java.lang.annotation.Retention; +import java.lang.annotation.RetentionPolicy; +import java.lang.annotation.Target; +import java.lang.reflect.Method; +import java.security.Permission; +import java.security.Policy; +import java.security.ProtectionDomain; + +@Retention(RetentionPolicy.RUNTIME) +@Target({ ElementType.FIELD, ElementType.PARAMETER }) +@interface Named { + String value(); +} + +public class ParameterAnnotations { + + // A security policy that differs from the default only in that it + // allows a security manager to be uninstalled. + static class MyPolicy extends Policy { + final Policy defaultPolicy; + MyPolicy(Policy defaultPolicy) { + this.defaultPolicy = defaultPolicy; + } + public boolean implies(ProtectionDomain pd, Permission p) { + return p.getName().equals("setSecurityManager") || + defaultPolicy.implies(pd, p); + } + } + + public void nop(@Named("foo") Object foo, + @Named("bar") Object bar) { + } + + void test(String[] args) throws Throwable { + // Test without a security manager + test1(); + + // Test with a security manager + Policy defaultPolicy = Policy.getPolicy(); + Policy.setPolicy(new MyPolicy(defaultPolicy)); + System.setSecurityManager(new SecurityManager()); + try { + test1(); + } finally { + System.setSecurityManager(null); + Policy.setPolicy(defaultPolicy); + } + } + + void test1() throws Throwable { + for (Method m : thisClass.getMethods()) { + if (m.getName().equals("nop")) { + Annotation[][] ann = m.getParameterAnnotations(); + equal(ann.length, 2); + Annotation foo = ann[0][0]; + Annotation bar = ann[1][0]; + equal(foo.toString(), "@Named(value=foo)"); + equal(bar.toString(), "@Named(value=bar)"); + check(foo.equals(foo)); + check(! foo.equals(bar)); + } + } + } + + //--------------------- Infrastructure --------------------------- + volatile int passed = 0, failed = 0; + void pass() {passed++;} + void fail() {failed++; Thread.dumpStack();} + void fail(String msg) {System.err.println(msg); fail();} + void unexpected(Throwable t) {failed++; t.printStackTrace();} + void check(boolean cond) {if (cond) pass(); else fail();} + void equal(Object x, Object y) { + if (x == null ? y == null : x.equals(y)) pass(); + else fail(x + " not equal to " + y);} + static Class<?> thisClass = new Object(){}.getClass().getEnclosingClass(); + public static void main(String[] args) throws Throwable { + try {thisClass.getMethod("instanceMain",String[].class) + .invoke(thisClass.newInstance(), (Object) args);} + catch (Throwable e) {throw e.getCause();}} + public void instanceMain(String[] args) throws Throwable { + try {test(args);} catch (Throwable t) {unexpected(t);} + System.out.printf("%nPassed = %d, failed = %d%n%n", passed, failed); + if (failed > 0) throw new AssertionError("Some tests failed");} +}