Mercurial > jdk8-mips64-public > nashorn / annotate

src/jdk/internal/dynalink/beans/FacetIntrospector.java@a58a07a00122 (annotated)

src/jdk/internal/dynalink/beans/FacetIntrospector.java

Wed, 24 Jul 2013 11:13:24 +0200

author
attila
date
Wed, 24 Jul 2013 11:13:24 +0200
changeset 464
a58a07a00122
parent 463
8b97fe2b7c98
child 811
58214b2432e7
permissions
-rw-r--r--

8021189: Prevent access to constructors of restricted classes
Reviewed-by: lagergren, sundar

attila@90 1 /*
attila@90 2 * Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved.
attila@90 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
attila@90 4 *
attila@90 5 * This code is free software; you can redistribute it and/or modify it
attila@90 6 * under the terms of the GNU General Public License version 2 only, as
attila@90 7 * published by the Free Software Foundation. Oracle designates this
attila@90 8 * particular file as subject to the "Classpath" exception as provided
attila@90 9 * by Oracle in the LICENSE file that accompanied this code.
attila@90 10 *
attila@90 11 * This code is distributed in the hope that it will be useful, but WITHOUT
attila@90 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
attila@90 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
attila@90 14 * version 2 for more details (a copy is included in the LICENSE file that
attila@90 15 * accompanied this code).
attila@90 16 *
attila@90 17 * You should have received a copy of the GNU General Public License version
attila@90 18 * 2 along with this work; if not, write to the Free Software Foundation,
attila@90 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
attila@90 20 *
attila@90 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
attila@90 22 * or visit www.oracle.com if you need additional information or have any
attila@90 23 * questions.
attila@90 24 */
attila@90 25
attila@90 26 /*
attila@90 27 * This file is available under and governed by the GNU General Public
attila@90 28 * License version 2 only, as published by the Free Software Foundation.
attila@90 29 * However, the following notice accompanied the original version of this
attila@90 30 * file, and Oracle licenses the original version of this file under the BSD
attila@90 31 * license:
attila@90 32 */
attila@90 33 /*
attila@90 34 Copyright 2009-2013 Attila Szegedi
attila@90 35
attila@90 36 Licensed under both the Apache License, Version 2.0 (the "Apache License")
attila@90 37 and the BSD License (the "BSD License"), with licensee being free to
attila@90 38 choose either of the two at their discretion.
attila@90 39
attila@90 40 You may not use this file except in compliance with either the Apache
attila@90 41 License or the BSD License.
attila@90 42
attila@90 43 If you choose to use this file in compliance with the Apache License, the
attila@90 44 following notice applies to you:
attila@90 45
attila@90 46 You may obtain a copy of the Apache License at
attila@90 47
attila@90 48 http://www.apache.org/licenses/LICENSE-2.0
attila@90 49
attila@90 50 Unless required by applicable law or agreed to in writing, software
attila@90 51 distributed under the License is distributed on an "AS IS" BASIS,
attila@90 52 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
attila@90 53 implied. See the License for the specific language governing
attila@90 54 permissions and limitations under the License.
attila@90 55
attila@90 56 If you choose to use this file in compliance with the BSD License, the
attila@90 57 following notice applies to you:
attila@90 58
attila@90 59 Redistribution and use in source and binary forms, with or without
attila@90 60 modification, are permitted provided that the following conditions are
attila@90 61 met:
attila@90 62 * Redistributions of source code must retain the above copyright
attila@90 63 notice, this list of conditions and the following disclaimer.
attila@90 64 * Redistributions in binary form must reproduce the above copyright
attila@90 65 notice, this list of conditions and the following disclaimer in the
attila@90 66 documentation and/or other materials provided with the distribution.
attila@90 67 * Neither the name of the copyright holder nor the names of
attila@90 68 contributors may be used to endorse or promote products derived from
attila@90 69 this software without specific prior written permission.
attila@90 70
attila@90 71 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
attila@90 72 IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
attila@90 73 TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
attila@90 74 PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL COPYRIGHT HOLDER
attila@90 75 BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
attila@90 76 CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
attila@90 77 SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
attila@90 78 BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
attila@90 79 WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
attila@90 80 OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
attila@90 81 ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
attila@90 82 */
attila@90 83
attila@90 84 package jdk.internal.dynalink.beans;
attila@90 85
attila@90 86 import java.lang.invoke.MethodHandle;
attila@90 87 import java.lang.reflect.Field;
attila@90 88 import java.lang.reflect.Member;
attila@90 89 import java.lang.reflect.Method;
attila@90 90 import java.lang.reflect.Modifier;
attila@90 91 import java.util.ArrayList;
attila@90 92 import java.util.Collection;
attila@90 93 import java.util.Collections;
attila@90 94 import java.util.Map;
attila@463 95 import jdk.internal.dynalink.support.Lookup;
attila@90 96
attila@90 97 /**
attila@90 98 * Base for classes that expose class field and method information to an {@link AbstractJavaLinker}. There are
attila@90 99 * subclasses for instance (bean) and static facet of a class.
attila@90 100 * @author Attila Szegedi
attila@90 101 */
attila@101 102 abstract class FacetIntrospector {
attila@90 103 private final Class<?> clazz;
attila@90 104 private final boolean instance;
attila@90 105 private final boolean isRestricted;
attila@90 106
attila@90 107 protected final AccessibleMembersLookup membersLookup;
attila@90 108
attila@90 109 FacetIntrospector(Class<?> clazz, boolean instance) {
attila@90 110 this.clazz = clazz;
attila@90 111 this.instance = instance;
attila@90 112 isRestricted = CheckRestrictedPackage.isRestrictedClass(clazz);
attila@90 113 membersLookup = new AccessibleMembersLookup(clazz, instance);
attila@90 114 }
attila@90 115
attila@90 116 /**
attila@90 117 * Returns getters for inner classes.
attila@90 118 * @return getters for inner classes.
attila@90 119 */
attila@90 120 abstract Map<String, MethodHandle> getInnerClassGetters();
attila@90 121
attila@90 122 /**
attila@90 123 * Returns the fields for the class facet.
attila@90 124 * @return the fields for the class facet.
attila@90 125 */
attila@90 126 Collection<Field> getFields() {
attila@90 127 if(isRestricted) {
attila@90 128 // NOTE: we can't do anything here. Unlike with methods in AccessibleMethodsLookup, we can't just return
attila@90 129 // the fields from a public superclass, because this class might define same-named fields which will shadow
attila@90 130 // the superclass fields, and we have no way to know if they do, since we're denied invocation of
attila@90 131 // getFields(). Therefore, the only correct course of action is to not expose any public fields from a class
attila@90 132 // defined in a restricted package.
attila@90 133 return Collections.emptySet();
attila@90 134 }
attila@90 135
attila@90 136 final Field[] fields = clazz.getFields();
attila@90 137 final Collection<Field> cfields = new ArrayList<>(fields.length);
attila@90 138 for(Field field: fields) {
attila@90 139 if(instance != Modifier.isStatic(field.getModifiers()) && isAccessible(field)) {
attila@90 140 cfields.add(field);
attila@90 141 }
attila@90 142 }
attila@90 143 return cfields;
attila@90 144 }
attila@90 145
attila@90 146 boolean isAccessible(Member m) {
attila@90 147 final Class<?> declaring = m.getDeclaringClass();
attila@90 148 // (declaring == clazz) is just an optimization - we're calling this only from code that operates on a
attila@90 149 // non-restriced class, so if the declaring class is identical to the class being inspected, then forego
attila@90 150 // a potentially expensive restricted-package check.
attila@90 151 return declaring == clazz || !CheckRestrictedPackage.isRestrictedClass(declaring);
attila@90 152 }
attila@90 153
attila@90 154 /**
attila@90 155 * Returns all the methods in the facet.
attila@90 156 * @return all the methods in the facet.
attila@90 157 */
attila@90 158 Collection<Method> getMethods() {
attila@90 159 return membersLookup.getMethods();
attila@90 160 }
attila@90 161
attila@90 162
attila@90 163 MethodHandle unreflectGetter(Field field) {
attila@464 164 return editMethodHandle(Lookup.PUBLIC.unreflectGetter(field));
attila@90 165 }
attila@90 166
attila@90 167 MethodHandle unreflectSetter(Field field) {
attila@464 168 return editMethodHandle(Lookup.PUBLIC.unreflectSetter(field));
attila@90 169 }
attila@90 170
attila@90 171 /**
attila@90 172 * Returns an edited method handle. A facet might need to edit an unreflected method handle before it is usable with
attila@90 173 * the facet. By default, returns the passed method handle unchanged. The class' static facet will introduce a
attila@90 174 * dropArguments.
attila@90 175 * @param mh the method handle to edit.
attila@90 176 * @return the edited method handle.
attila@90 177 */
attila@90 178 abstract MethodHandle editMethodHandle(MethodHandle mh);
attila@101 179 }

Mercurial Repository: jdk8-mips64-public/nashorn

mercurial