8344336: SM cleanup of java.lang.System, Runtime, String, StackWalker
Reviewed-by: dfuchs, alanb, lancea
This commit is contained in:
parent
0f458e2c3e
commit
c199f5326b
src/java.base/share/classes/java/lang
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright (c) 2015, 2022, Oracle and/or its affiliates. All rights reserved.
|
||||
* Copyright (c) 2015, 2024, Oracle and/or its affiliates. All rights reserved.
|
||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||
*
|
||||
* This code is free software; you can redistribute it and/or modify it
|
||||
@ -154,8 +154,6 @@ interface LiveStackFrame extends StackFrame {
|
||||
/**
|
||||
* Gets {@code StackWalker} that can get locals and operands.
|
||||
*
|
||||
* @throws SecurityException if the security manager is present and
|
||||
* denies access to {@code RuntimePermission("liveStackFrames")}
|
||||
*/
|
||||
public static StackWalker getStackWalker() {
|
||||
return getStackWalker(EnumSet.noneOf(StackWalker.Option.class));
|
||||
@ -171,12 +169,6 @@ interface LiveStackFrame extends StackFrame {
|
||||
* The returned {@code StackWalker} can get locals and operands.
|
||||
*
|
||||
* @param options stack walk {@link StackWalker.Option options}
|
||||
*
|
||||
* @throws SecurityException if the security manager is present and
|
||||
* it denies access to {@code RuntimePermission("liveStackFrames")};
|
||||
* or if the given {@code options} contains
|
||||
* {@link StackWalker.Option#RETAIN_CLASS_REFERENCE Option.RETAIN_CLASS_REFERENCE}
|
||||
* and it denies access to {@code RuntimePermission("getStackWalkerWithClassReference")}.
|
||||
*/
|
||||
public static StackWalker getStackWalker(Set<StackWalker.Option> options) {
|
||||
return getStackWalker(options, null);
|
||||
@ -193,19 +185,8 @@ interface LiveStackFrame extends StackFrame {
|
||||
*
|
||||
* @param options stack walk {@link StackWalker.Option options}
|
||||
* @param contScope the continuation scope up to which (inclusive) to walk the stack
|
||||
*
|
||||
* @throws SecurityException if the security manager is present and
|
||||
* it denies access to {@code RuntimePermission("liveStackFrames")}; or
|
||||
* or if the given {@code options} contains
|
||||
* {@link StackWalker.Option#RETAIN_CLASS_REFERENCE Option.RETAIN_CLASS_REFERENCE}
|
||||
* and it denies access to {@code RuntimePermission("getStackWalkerWithClassReference")}.
|
||||
*/
|
||||
public static StackWalker getStackWalker(Set<StackWalker.Option> options, ContinuationScope contScope) {
|
||||
@SuppressWarnings("removal")
|
||||
SecurityManager sm = System.getSecurityManager();
|
||||
if (sm != null) {
|
||||
sm.checkPermission(new RuntimePermission("liveStackFrames"));
|
||||
}
|
||||
return StackWalker.newInstance(options, LOCALS_AND_OPERANDS, contScope);
|
||||
}
|
||||
|
||||
@ -213,9 +194,6 @@ interface LiveStackFrame extends StackFrame {
|
||||
* Gets {@code StackWalker} of the given unmounted continuation, that can get locals and operands.
|
||||
*
|
||||
* @param continuation the continuation to walk
|
||||
*
|
||||
* @throws SecurityException if the security manager is present and
|
||||
* denies access to {@code RuntimePermission("liveStackFrames")}
|
||||
*/
|
||||
public static StackWalker getStackWalker(Continuation continuation) {
|
||||
return getStackWalker(EnumSet.noneOf(StackWalker.Option.class), continuation.getScope(), continuation);
|
||||
@ -232,21 +210,10 @@ interface LiveStackFrame extends StackFrame {
|
||||
*
|
||||
* @param options stack walk {@link StackWalker.Option options}
|
||||
* @param continuation the continuation to walk
|
||||
*
|
||||
* @throws SecurityException if the security manager is present and
|
||||
* it denies access to {@code RuntimePermission("liveStackFrames")}; or
|
||||
* or if the given {@code options} contains
|
||||
* {@link StackWalker.Option#RETAIN_CLASS_REFERENCE Option.RETAIN_CLASS_REFERENCE}
|
||||
* and it denies access to {@code RuntimePermission("getStackWalkerWithClassReference")}.
|
||||
*/
|
||||
public static StackWalker getStackWalker(Set<StackWalker.Option> options,
|
||||
ContinuationScope contScope,
|
||||
Continuation continuation) {
|
||||
@SuppressWarnings("removal")
|
||||
SecurityManager sm = System.getSecurityManager();
|
||||
if (sm != null) {
|
||||
sm.checkPermission(new RuntimePermission("liveStackFrames"));
|
||||
}
|
||||
return StackWalker.newInstance(options, LOCALS_AND_OPERANDS, contScope, continuation);
|
||||
}
|
||||
}
|
||||
|
@ -39,6 +39,8 @@ import java.lang.reflect.AccessFlag;
|
||||
import java.lang.reflect.AnnotatedElement;
|
||||
import java.net.URI;
|
||||
import java.net.URL;
|
||||
import java.security.CodeSource;
|
||||
import java.security.ProtectionDomain;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
@ -294,9 +296,12 @@ public final class Module implements AnnotatedElement {
|
||||
String mod = isNamed() ? "module " + getName() : "an unnamed module";
|
||||
if (currentClass != null) {
|
||||
// try to extract location of the current class (e.g. jar or folder)
|
||||
URL url = System.codeSource(currentClass);
|
||||
if (url != null) {
|
||||
mod += " (" + url + ")";
|
||||
CodeSource cs = currentClass.getProtectionDomain().getCodeSource();
|
||||
if (cs != null) {
|
||||
URL url = cs.getLocation();
|
||||
if (url != null) {
|
||||
mod += " (" + url + ")";
|
||||
}
|
||||
}
|
||||
}
|
||||
if (illegalNativeAccess == ModuleBootstrap.IllegalNativeAccess.DENY) {
|
||||
|
@ -174,11 +174,6 @@ public class Runtime {
|
||||
* @see #halt(int)
|
||||
*/
|
||||
public void exit(int status) {
|
||||
@SuppressWarnings("removal")
|
||||
SecurityManager security = System.getSecurityManager();
|
||||
if (security != null) {
|
||||
security.checkExit(status);
|
||||
}
|
||||
Shutdown.exit(status);
|
||||
}
|
||||
|
||||
@ -232,11 +227,6 @@ public class Runtime {
|
||||
* @since 1.3
|
||||
*/
|
||||
public void addShutdownHook(Thread hook) {
|
||||
@SuppressWarnings("removal")
|
||||
SecurityManager sm = System.getSecurityManager();
|
||||
if (sm != null) {
|
||||
sm.checkPermission(new RuntimePermission("shutdownHooks"));
|
||||
}
|
||||
ApplicationShutdownHooks.add(hook);
|
||||
}
|
||||
|
||||
@ -259,11 +249,6 @@ public class Runtime {
|
||||
* @since 1.3
|
||||
*/
|
||||
public boolean removeShutdownHook(Thread hook) {
|
||||
@SuppressWarnings("removal")
|
||||
SecurityManager sm = System.getSecurityManager();
|
||||
if (sm != null) {
|
||||
sm.checkPermission(new RuntimePermission("shutdownHooks"));
|
||||
}
|
||||
return ApplicationShutdownHooks.remove(hook);
|
||||
}
|
||||
|
||||
@ -293,11 +278,6 @@ public class Runtime {
|
||||
* @since 1.3
|
||||
*/
|
||||
public void halt(int status) {
|
||||
@SuppressWarnings("removal")
|
||||
SecurityManager sm = System.getSecurityManager();
|
||||
if (sm != null) {
|
||||
sm.checkExit(status);
|
||||
}
|
||||
Shutdown.beforeHalt();
|
||||
Shutdown.halt(status);
|
||||
}
|
||||
@ -779,11 +759,6 @@ public class Runtime {
|
||||
}
|
||||
|
||||
void load0(Class<?> fromClass, String filename) {
|
||||
@SuppressWarnings("removal")
|
||||
SecurityManager security = System.getSecurityManager();
|
||||
if (security != null) {
|
||||
security.checkLink(filename);
|
||||
}
|
||||
File file = new File(filename);
|
||||
if (!file.isAbsolute()) {
|
||||
throw new UnsatisfiedLinkError(
|
||||
@ -840,11 +815,6 @@ public class Runtime {
|
||||
}
|
||||
|
||||
void loadLibrary0(Class<?> fromClass, String libname) {
|
||||
@SuppressWarnings("removal")
|
||||
SecurityManager security = System.getSecurityManager();
|
||||
if (security != null) {
|
||||
security.checkLink(libname);
|
||||
}
|
||||
if (libname.indexOf((int)File.separatorChar) != -1) {
|
||||
throw new UnsatisfiedLinkError(
|
||||
"Directory separator should not appear in library name: " + libname);
|
||||
|
@ -379,7 +379,6 @@ public final class StackWalker {
|
||||
}
|
||||
|
||||
EnumSet<Option> optionSet = toEnumSet(options);
|
||||
checkPermission(optionSet);
|
||||
return new StackWalker(optionSet);
|
||||
}
|
||||
|
||||
@ -409,7 +408,6 @@ public final class StackWalker {
|
||||
throw new IllegalArgumentException("estimateDepth must be > 0");
|
||||
}
|
||||
EnumSet<Option> optionSet = toEnumSet(options);
|
||||
checkPermission(optionSet);
|
||||
return new StackWalker(optionSet, estimateDepth);
|
||||
}
|
||||
|
||||
@ -433,17 +431,6 @@ public final class StackWalker {
|
||||
this.continuation = continuation;
|
||||
}
|
||||
|
||||
private static void checkPermission(Set<Option> options) {
|
||||
Objects.requireNonNull(options);
|
||||
@SuppressWarnings("removal")
|
||||
SecurityManager sm = System.getSecurityManager();
|
||||
if (sm != null) {
|
||||
if (options.contains(Option.RETAIN_CLASS_REFERENCE)) {
|
||||
sm.checkPermission(new RuntimePermission("getStackWalkerWithClassReference"));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* Returns a defensive copy
|
||||
*/
|
||||
@ -637,7 +624,6 @@ public final class StackWalker {
|
||||
|
||||
static StackWalker newInstance(Set<Option> options, ExtendedOption extendedOption, ContinuationScope contScope, Continuation continuation) {
|
||||
EnumSet<Option> optionSet = toEnumSet(options);
|
||||
checkPermission(optionSet);
|
||||
return new StackWalker(optionSet, 0, extendedOption, contScope, continuation);
|
||||
}
|
||||
|
||||
|
@ -685,12 +685,6 @@ public final class String
|
||||
cd.onMalformedInput(CodingErrorAction.REPLACE)
|
||||
.onUnmappableCharacter(CodingErrorAction.REPLACE);
|
||||
char[] ca = new char[en];
|
||||
if (charset.getClass().getClassLoader0() != null &&
|
||||
System.getSecurityManager() != null) {
|
||||
bytes = Arrays.copyOfRange(bytes, offset, offset + length);
|
||||
offset = 0;
|
||||
}
|
||||
|
||||
int caLen;
|
||||
try {
|
||||
caLen = decodeWithDecoder(cd, ca, bytes, offset, length);
|
||||
@ -828,10 +822,6 @@ public final class String
|
||||
}
|
||||
int en = scale(len, cd.maxCharsPerByte());
|
||||
char[] ca = new char[en];
|
||||
if (cs.getClass().getClassLoader0() != null &&
|
||||
System.getSecurityManager() != null) {
|
||||
src = Arrays.copyOf(src, len);
|
||||
}
|
||||
int caLen;
|
||||
try {
|
||||
caLen = decodeWithDecoder(cd, ca, src, 0, src.length);
|
||||
@ -850,9 +840,8 @@ public final class String
|
||||
private static final char REPL = '\ufffd';
|
||||
|
||||
// Trim the given byte array to the given length
|
||||
@SuppressWarnings("removal")
|
||||
private static byte[] safeTrim(byte[] ba, int len, boolean isTrusted) {
|
||||
if (len == ba.length && (isTrusted || System.getSecurityManager() == null)) {
|
||||
private static byte[] trimArray(byte[] ba, int len) {
|
||||
if (len == ba.length) {
|
||||
return ba;
|
||||
} else {
|
||||
return Arrays.copyOf(ba, len);
|
||||
@ -907,7 +896,7 @@ public final class String
|
||||
int blen = (coder == LATIN1) ? ae.encodeFromLatin1(val, 0, len, ba)
|
||||
: ae.encodeFromUTF16(val, 0, len, ba);
|
||||
if (blen != -1) {
|
||||
return safeTrim(ba, blen, true);
|
||||
return trimArray(ba, blen);
|
||||
}
|
||||
}
|
||||
|
||||
@ -937,7 +926,7 @@ public final class String
|
||||
throw new Error(x);
|
||||
}
|
||||
}
|
||||
return safeTrim(ba, bb.position(), cs.getClass().getClassLoader0() == null);
|
||||
return trimArray(ba, bb.position());
|
||||
}
|
||||
|
||||
/*
|
||||
|
@ -42,25 +42,18 @@ import java.lang.module.ModuleDescriptor;
|
||||
import java.lang.reflect.Executable;
|
||||
import java.lang.reflect.Method;
|
||||
import java.net.URI;
|
||||
import java.net.URL;
|
||||
import java.nio.channels.Channel;
|
||||
import java.nio.channels.spi.SelectorProvider;
|
||||
import java.nio.charset.CharacterCodingException;
|
||||
import java.nio.charset.Charset;
|
||||
import java.security.AccessController;
|
||||
import java.security.CodeSource;
|
||||
import java.security.PrivilegedAction;
|
||||
import java.security.ProtectionDomain;
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
import java.util.Locale;
|
||||
import java.util.Map;
|
||||
import java.util.Objects;
|
||||
import java.util.Properties;
|
||||
import java.util.PropertyPermission;
|
||||
import java.util.ResourceBundle;
|
||||
import java.util.Set;
|
||||
import java.util.WeakHashMap;
|
||||
import java.util.concurrent.Executor;
|
||||
import java.util.function.Supplier;
|
||||
import java.util.concurrent.ConcurrentHashMap;
|
||||
@ -92,7 +85,6 @@ import jdk.internal.vm.annotation.Stable;
|
||||
import sun.reflect.annotation.AnnotationType;
|
||||
import sun.nio.ch.Interruptible;
|
||||
import sun.nio.cs.UTF_8;
|
||||
import sun.security.util.SecurityConstants;
|
||||
|
||||
/**
|
||||
* The {@code System} class contains several useful class fields
|
||||
@ -200,7 +192,6 @@ public final class System {
|
||||
* @since 1.1
|
||||
*/
|
||||
public static void setIn(InputStream in) {
|
||||
checkIO();
|
||||
setIn0(in);
|
||||
}
|
||||
|
||||
@ -212,7 +203,6 @@ public final class System {
|
||||
* @since 1.1
|
||||
*/
|
||||
public static void setOut(PrintStream out) {
|
||||
checkIO();
|
||||
setOut0(out);
|
||||
}
|
||||
|
||||
@ -224,7 +214,6 @@ public final class System {
|
||||
* @since 1.1
|
||||
*/
|
||||
public static void setErr(PrintStream err) {
|
||||
checkIO();
|
||||
setErr0(err);
|
||||
}
|
||||
|
||||
@ -275,32 +264,10 @@ public final class System {
|
||||
return SelectorProvider.provider().inheritedChannel();
|
||||
}
|
||||
|
||||
private static void checkIO() {
|
||||
@SuppressWarnings("removal")
|
||||
SecurityManager sm = getSecurityManager();
|
||||
if (sm != null) {
|
||||
sm.checkPermission(new RuntimePermission("setIO"));
|
||||
}
|
||||
}
|
||||
|
||||
private static native void setIn0(InputStream in);
|
||||
private static native void setOut0(PrintStream out);
|
||||
private static native void setErr0(PrintStream err);
|
||||
|
||||
private static class CallersHolder {
|
||||
// Remember callers of setSecurityManager() here so that warning
|
||||
// is only printed once for each different caller
|
||||
static final Map<Class<?>, Boolean> callers
|
||||
= Collections.synchronizedMap(new WeakHashMap<>());
|
||||
}
|
||||
|
||||
static URL codeSource(Class<?> clazz) {
|
||||
PrivilegedAction<ProtectionDomain> pa = clazz::getProtectionDomain;
|
||||
@SuppressWarnings("removal")
|
||||
CodeSource cs = AccessController.doPrivileged(pa).getCodeSource();
|
||||
return (cs != null) ? cs.getLocation() : null;
|
||||
}
|
||||
|
||||
/**
|
||||
* Throws {@code UnsupportedOperationException}. Setting a security manager
|
||||
* is not supported.
|
||||
@ -681,12 +648,6 @@ public final class System {
|
||||
* @see java.util.Properties
|
||||
*/
|
||||
public static Properties getProperties() {
|
||||
@SuppressWarnings("removal")
|
||||
SecurityManager sm = getSecurityManager();
|
||||
if (sm != null) {
|
||||
sm.checkPropertiesAccess();
|
||||
}
|
||||
|
||||
return props;
|
||||
}
|
||||
|
||||
@ -725,12 +686,6 @@ public final class System {
|
||||
* @see java.util.Properties
|
||||
*/
|
||||
public static void setProperties(Properties props) {
|
||||
@SuppressWarnings("removal")
|
||||
SecurityManager sm = getSecurityManager();
|
||||
if (sm != null) {
|
||||
sm.checkPropertiesAccess();
|
||||
}
|
||||
|
||||
if (props == null) {
|
||||
Map<String, String> tempProps = SystemProps.initProperties();
|
||||
VersionProps.init(tempProps);
|
||||
@ -762,12 +717,6 @@ public final class System {
|
||||
*/
|
||||
public static String getProperty(String key) {
|
||||
checkKey(key);
|
||||
@SuppressWarnings("removal")
|
||||
SecurityManager sm = getSecurityManager();
|
||||
if (sm != null) {
|
||||
sm.checkPropertyAccess(key);
|
||||
}
|
||||
|
||||
return props.getProperty(key);
|
||||
}
|
||||
|
||||
@ -790,12 +739,6 @@ public final class System {
|
||||
*/
|
||||
public static String getProperty(String key, String def) {
|
||||
checkKey(key);
|
||||
@SuppressWarnings("removal")
|
||||
SecurityManager sm = getSecurityManager();
|
||||
if (sm != null) {
|
||||
sm.checkPropertyAccess(key);
|
||||
}
|
||||
|
||||
return props.getProperty(key, def);
|
||||
}
|
||||
|
||||
@ -822,13 +765,6 @@ public final class System {
|
||||
*/
|
||||
public static String setProperty(String key, String value) {
|
||||
checkKey(key);
|
||||
@SuppressWarnings("removal")
|
||||
SecurityManager sm = getSecurityManager();
|
||||
if (sm != null) {
|
||||
sm.checkPermission(new PropertyPermission(key,
|
||||
SecurityConstants.PROPERTY_WRITE_ACTION));
|
||||
}
|
||||
|
||||
return (String) props.setProperty(key, value);
|
||||
}
|
||||
|
||||
@ -853,12 +789,6 @@ public final class System {
|
||||
*/
|
||||
public static String clearProperty(String key) {
|
||||
checkKey(key);
|
||||
@SuppressWarnings("removal")
|
||||
SecurityManager sm = getSecurityManager();
|
||||
if (sm != null) {
|
||||
sm.checkPermission(new PropertyPermission(key, "write"));
|
||||
}
|
||||
|
||||
return (String) props.remove(key);
|
||||
}
|
||||
|
||||
@ -905,12 +835,6 @@ public final class System {
|
||||
* @see ProcessBuilder#environment()
|
||||
*/
|
||||
public static String getenv(String name) {
|
||||
@SuppressWarnings("removal")
|
||||
SecurityManager sm = getSecurityManager();
|
||||
if (sm != null) {
|
||||
sm.checkPermission(new RuntimePermission("getenv."+name));
|
||||
}
|
||||
|
||||
return ProcessEnvironment.getenv(name);
|
||||
}
|
||||
|
||||
@ -945,12 +869,6 @@ public final class System {
|
||||
* @since 1.5
|
||||
*/
|
||||
public static java.util.Map<String,String> getenv() {
|
||||
@SuppressWarnings("removal")
|
||||
SecurityManager sm = getSecurityManager();
|
||||
if (sm != null) {
|
||||
sm.checkPermission(new RuntimePermission("getenv.*"));
|
||||
}
|
||||
|
||||
return ProcessEnvironment.getenv();
|
||||
}
|
||||
|
||||
@ -1376,13 +1294,6 @@ public final class System {
|
||||
*/
|
||||
@SuppressWarnings("doclint:reference") // cross-module links
|
||||
public abstract static class LoggerFinder {
|
||||
/**
|
||||
* The {@code RuntimePermission("loggerFinder")} is
|
||||
* necessary to subclass and instantiate the {@code LoggerFinder} class,
|
||||
* as well as to obtain loggers from an instance of that class.
|
||||
*/
|
||||
static final RuntimePermission LOGGERFINDER_PERMISSION =
|
||||
new RuntimePermission("loggerFinder");
|
||||
|
||||
/**
|
||||
* Creates a new instance of {@code LoggerFinder}.
|
||||
@ -1393,20 +1304,6 @@ public final class System {
|
||||
* loading cycles during the instantiation of the service provider.
|
||||
*/
|
||||
protected LoggerFinder() {
|
||||
this(checkPermission());
|
||||
}
|
||||
|
||||
private LoggerFinder(Void unused) {
|
||||
// nothing to do.
|
||||
}
|
||||
|
||||
private static Void checkPermission() {
|
||||
@SuppressWarnings("removal")
|
||||
final SecurityManager sm = System.getSecurityManager();
|
||||
if (sm != null) {
|
||||
sm.checkPermission(LOGGERFINDER_PERMISSION);
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
@ -1476,11 +1373,6 @@ public final class System {
|
||||
* @return the {@link LoggerFinder LoggerFinder} instance.
|
||||
*/
|
||||
public static LoggerFinder getLoggerFinder() {
|
||||
@SuppressWarnings("removal")
|
||||
final SecurityManager sm = System.getSecurityManager();
|
||||
if (sm != null) {
|
||||
sm.checkPermission(LOGGERFINDER_PERMISSION);
|
||||
}
|
||||
return accessProvider();
|
||||
}
|
||||
|
||||
@ -1493,10 +1385,7 @@ public final class System {
|
||||
// just fetch it again.
|
||||
LoggerFinder finder = service;
|
||||
if (finder == null) {
|
||||
PrivilegedAction<LoggerFinder> pa =
|
||||
() -> LoggerFinderLoader.getLoggerFinder();
|
||||
finder = AccessController.doPrivileged(pa, null,
|
||||
LOGGERFINDER_PERMISSION);
|
||||
finder = LoggerFinderLoader.getLoggerFinder();
|
||||
if (finder instanceof TemporaryLoggerFinder) return finder;
|
||||
service = finder;
|
||||
}
|
||||
@ -1602,17 +1491,6 @@ public final class System {
|
||||
if (caller == null) {
|
||||
throw new IllegalCallerException("no caller frame");
|
||||
}
|
||||
final SecurityManager sm = System.getSecurityManager();
|
||||
// We don't use LazyLoggers if a resource bundle is specified.
|
||||
// Bootstrap sensitive classes in the JDK do not use resource bundles
|
||||
// when logging. This could be revisited later, if it needs to.
|
||||
if (sm != null) {
|
||||
final PrivilegedAction<Logger> pa =
|
||||
() -> LoggerFinder.accessProvider()
|
||||
.getLocalizedLogger(name, rb, caller.getModule());
|
||||
return AccessController.doPrivileged(pa, null,
|
||||
LoggerFinder.LOGGERFINDER_PERMISSION);
|
||||
}
|
||||
return LoggerFinder.accessProvider()
|
||||
.getLocalizedLogger(name, rb, caller.getModule());
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user