stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

8344365: SecurityManager cleanups in java.sql and java.sql.rowset modules

Browse Source 
Reviewed-by: rriggs, bchristi
This commit is contained in:
Eirik Bjørsnøs 2024-11-19 05:43:22 +00:00
parent 9e92a9e2ba
commit d85dd77edf
9 changed files with 52 additions and 395 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
src/java.sql.rowset/share/classes/com/sun/rowset/CachedRowSetImpl.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2022, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -31,16 +31,12 @@ import java.io.*;
import java.math.*;
import java.util.*;
import java.text.*;
import java.security.AccessController;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import javax.sql.rowset.*;
import javax.sql.rowset.spi.*;
import javax.sql.rowset.serial.*;
import com.sun.rowset.internal.*;
import com.sun.rowset.providers.*;
import sun.reflect.misc.ReflectUtil;
import static java.nio.charset.StandardCharsets.US_ASCII;
@ -357,7 +353,6 @@ public class CachedRowSetImpl extends BaseRowSet implements RowSet, RowSetIntern
* <P>
* @throws SQLException if an error occurs
*/
@SuppressWarnings("removal")
public CachedRowSetImpl() throws SQLException {
try {
@ -367,16 +362,7 @@ public class CachedRowSetImpl extends BaseRowSet implements RowSet, RowSetIntern
}
// set the Reader, this maybe overridden latter
try {
provider = AccessController.doPrivileged(new PrivilegedExceptionAction<>() {
@Override
public SyncProvider run() throws SyncFactoryException {
return SyncFactory.getInstance(DEFAULT_SYNC_PROVIDER);
}
}, null, new RuntimePermission("accessClassInPackage.com.sun.rowset.providers"));
} catch (PrivilegedActionException pae) {
throw (SyncFactoryException) pae.getException();
}
provider = SyncFactory.getInstance(DEFAULT_SYNC_PROVIDER);
if (!(provider instanceof RIOptimisticProvider)) {
throw new SQLException(resBundle.handleGetObject("cachedrowsetimpl.invalidp").toString());
@ -2976,7 +2962,6 @@ public class CachedRowSetImpl extends BaseRowSet implements RowSet, RowSetIntern
// create new instance of the class
SQLData obj = null;
try {
ReflectUtil.checkPackageAccess(c);
@SuppressWarnings("deprecation")
Object tmp = c.newInstance();
obj = (SQLData) tmp;
@ -5726,7 +5711,6 @@ public class CachedRowSetImpl extends BaseRowSet implements RowSet, RowSetIntern
// create new instance of the class
SQLData obj = null;
try {
ReflectUtil.checkPackageAccess(c);
@SuppressWarnings("deprecation")
Object tmp = c.newInstance();
obj = (SQLData) tmp;

4
src/java.sql.rowset/share/classes/com/sun/rowset/internal/CachedRowSetWriter.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2022, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -29,7 +29,6 @@ import java.sql.*;
import javax.sql.*;
import java.util.*;
import java.io.*;
import sun.reflect.misc.ReflectUtil;
import com.sun.rowset.*;
import java.text.MessageFormat;
@ -575,7 +574,6 @@ public class CachedRowSetWriter implements TransactionalWriter, Serializable {
// create new instance of the class
SQLData obj = null;
try {
ReflectUtil.checkPackageAccess(c);
@SuppressWarnings("deprecation")
Object tmp = c.newInstance();
obj = (SQLData)tmp;

63
src/java.sql.rowset/share/classes/javax/sql/rowset/RowSetProvider.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2010, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2010, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -25,13 +25,9 @@
package javax.sql.rowset;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.sql.SQLException;
import java.util.PropertyPermission;
import java.util.ServiceConfigurationError;
import java.util.ServiceLoader;
import sun.reflect.misc.ReflectUtil;
/**
* A factory API that enables applications to obtain a
@ -68,7 +64,7 @@ public class RowSetProvider {
static {
// Check to see if the debug property is set
String val = getSystemProperty(ROWSET_DEBUG_PROPERTY);
String val = System.getProperty(ROWSET_DEBUG_PROPERTY);
// Allow simply setting the prop to turn on debug
debug = val != null && !"false".equals(val);
}
@ -128,7 +124,8 @@ public class RowSetProvider {
String factoryClassName = null;
try {
trace("Checking for Rowset System Property...");
factoryClassName = getSystemProperty(ROWSET_FACTORY_NAME);
factoryClassName = System.getProperty(ROWSET_FACTORY_NAME);
if (factoryClassName != null) {
trace("Found system property, value=" + factoryClassName);
if (factoryClassName.equals(ROWSET_FACTORY_IMPL)) {
@ -193,11 +190,6 @@ public class RowSetProvider {
if(factoryClassName == null) {
throw new SQLException("Error: factoryClassName cannot be null");
}
try {
ReflectUtil.checkPackageAccess(factoryClassName);
} catch (@SuppressWarnings("removal") java.security.AccessControlException e) {
throw new SQLException("Access Exception",e);
}
try {
// getFactoryClass takes care of adding the read edge if
@ -225,22 +217,14 @@ public class RowSetProvider {
* @return The ClassLoader to use.
*
*/
@SuppressWarnings("removal")
private static ClassLoader getContextClassLoader() throws SecurityException {
return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
private static ClassLoader getContextClassLoader() {
ClassLoader cl = Thread.currentThread().getContextClassLoader();
public ClassLoader run() {
ClassLoader cl = null;
if (cl == null) {
cl = ClassLoader.getSystemClassLoader();
}
cl = Thread.currentThread().getContextClassLoader();
if (cl == null) {
cl = ClassLoader.getSystemClassLoader();
}
return cl;
}
});
return cl;
}
/**
@ -276,7 +260,6 @@ public class RowSetProvider {
}
}
ReflectUtil.checkPackageAccess(factoryClass);
return factoryClass;
}
@ -302,32 +285,6 @@ public class RowSetProvider {
}
/**
* Returns the requested System Property. If a {@code SecurityException}
* occurs, just return NULL
* @param propName - System property to retrieve
* @return The System property value or NULL if the property does not exist
* or a {@code SecurityException} occurs.
*/
@SuppressWarnings("removal")
private static String getSystemProperty(final String propName) {
String property = null;
try {
property = AccessController.doPrivileged(new PrivilegedAction<String>() {
public String run() {
return System.getProperty(propName);
}
}, null, new PropertyPermission(propName, "read"));
} catch (SecurityException se) {
trace("error getting " + propName + ": "+ se);
if (debug) {
se.printStackTrace();
}
}
return property;
}
/**
* Debug routine which will output tracing if the System Property
* -Djavax.sql.rowset.RowSetFactory.debug is set

4
src/java.sql.rowset/share/classes/javax/sql/rowset/serial/SQLInputImpl.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -27,7 +27,6 @@ package javax.sql.rowset.serial;
import java.sql.*;
import java.util.Arrays;
import java.util.Map;
import sun.reflect.misc.ReflectUtil;
/**
* An input stream used for custom mapping user-defined types (UDTs).
@ -477,7 +476,6 @@ public class SQLInputImpl implements SQLInput {
// create new instance of the class
SQLData obj = null;
try {
ReflectUtil.checkPackageAccess(c);
@SuppressWarnings("deprecation")
Object tmp = c.newInstance();
obj = (SQLData)tmp;

17
src/java.sql.rowset/share/classes/javax/sql/rowset/serial/SerialJavaObject.java
View File

@ -30,9 +30,6 @@ import java.lang.reflect.*;
import java.util.Arrays;
import java.util.Vector;
import javax.sql.rowset.RowSetWarning;
import jdk.internal.reflect.CallerSensitive;
import jdk.internal.reflect.Reflection;
import sun.reflect.misc.ReflectUtil;
/**
* A serializable mapping in the Java programming language of an SQL
@ -125,23 +122,9 @@ public class SerialJavaObject implements Serializable, Cloneable {
* the serialized object
* @see Class#getFields
*/
@CallerSensitive
public Field[] getFields() throws SerialException {
if (fields != null) {
Class<?> c = this.obj.getClass();
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
/*
* Check if the caller is allowed to access the specified class's package.
* If access is denied, throw a SecurityException.
*/
Class<?> caller = Reflection.getCallerClass();
if (ReflectUtil.needsPackageAccessCheck(caller.getClassLoader(),
c.getClassLoader())) {
ReflectUtil.checkPackageAccess(c);
}
}
return c.getFields();
} else {
throw new SerialException("SerialJavaObject does not contain" +

88
src/java.sql.rowset/share/classes/javax/sql/rowset/spi/SyncFactory.java
View File

@ -35,13 +35,8 @@ import java.io.FileInputStream;
import java.io.InputStream;
import java.io.IOException;
import java.io.FileNotFoundException;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import javax.naming.*;
import sun.reflect.misc.ReflectUtil;
/**
* The Service Provider Interface (SPI) mechanism that generates <code>SyncProvider</code>
@ -236,11 +231,6 @@ public class SyncFactory {
*/
private static String ROWSET_PROPERTIES = "rowset.properties";
/**
* Permission required to invoke setJNDIContext and setLogger
*/
private static final SQLPermission SET_SYNCFACTORY_PERMISSION =
new SQLPermission("setSyncFactory");
/**
* The initial JNDI context where <code>SyncProvider</code> implementations can
* be stored and from which they can be invoked.
@ -355,17 +345,7 @@ public class SyncFactory {
/*
* Dependent on application
*/
String strRowsetProperties;
try {
strRowsetProperties = AccessController.doPrivileged(new PrivilegedAction<String>() {
public String run() {
return System.getProperty("rowset.properties");
}
}, null, new PropertyPermission("rowset.properties", "read"));
} catch (Exception ex) {
System.out.println("errorget rowset.properties: " + ex);
strRowsetProperties = null;
};
String strRowsetProperties = System.getProperty("rowset.properties");
if (strRowsetProperties != null) {
// Load user's implementation of SyncProvider
@ -385,25 +365,17 @@ public class SyncFactory {
"rowset.properties";
try {
AccessController.doPrivileged((PrivilegedExceptionAction<Void>) () -> {
InputStream in = SyncFactory.class.getModule().getResourceAsStream(ROWSET_PROPERTIES);
if (in == null) {
throw new SyncFactoryException("Resource " + ROWSET_PROPERTIES + " not found");
}
try (in) {
properties.load(in);
}
return null;
});
} catch (PrivilegedActionException ex) {
Throwable e = ex.getException();
if (e instanceof SyncFactoryException) {
throw (SyncFactoryException) e;
} else {
SyncFactoryException sfe = new SyncFactoryException();
sfe.initCause(ex.getException());
throw sfe;
InputStream in = SyncFactory.class.getModule().getResourceAsStream(ROWSET_PROPERTIES);
if (in == null) {
throw new SyncFactoryException("Resource " + ROWSET_PROPERTIES + " not found");
}
try (in) {
properties.load(in);
}
} catch (IOException e) {
SyncFactoryException sfe = new SyncFactoryException();
sfe.initCause(e);
throw sfe;
}
parseProperties(properties);
@ -421,17 +393,7 @@ public class SyncFactory {
* load additional properties from -D command line
*/
properties.clear();
String providerImpls;
try {
providerImpls = AccessController.doPrivileged(new PrivilegedAction<String>() {
public String run() {
return System.getProperty(ROWSET_SYNC_PROVIDER);
}
}, null, new PropertyPermission(ROWSET_SYNC_PROVIDER, "read"));
} catch (Exception ex) {
providerImpls = null;
}
String providerImpls = System.getProperty(ROWSET_SYNC_PROVIDER);
if (providerImpls != null) {
int i = 0;
if (providerImpls.indexOf(colon) > 0) {
@ -563,14 +525,6 @@ public class SyncFactory {
return new com.sun.rowset.providers.RIOptimisticProvider();
}
try {
ReflectUtil.checkPackageAccess(providerID);
} catch (@SuppressWarnings("removal") java.security.AccessControlException e) {
SyncFactoryException sfe = new SyncFactoryException();
sfe.initCause(e);
throw sfe;
}
// Attempt to invoke classname from registered SyncProvider list
Class<?> c = null;
try {
@ -626,12 +580,6 @@ public class SyncFactory {
*/
public static void setLogger(Logger logger) {
@SuppressWarnings("removal")
SecurityManager sec = System.getSecurityManager();
if (sec != null) {
sec.checkPermission(SET_SYNCFACTORY_PERMISSION);
}
if(logger == null){
throw new NullPointerException("You must provide a Logger");
}
@ -652,12 +600,6 @@ public class SyncFactory {
*/
public static void setLogger(Logger logger, Level level) {
// singleton
@SuppressWarnings("removal")
SecurityManager sec = System.getSecurityManager();
if (sec != null) {
sec.checkPermission(SET_SYNCFACTORY_PERMISSION);
}
if(logger == null){
throw new NullPointerException("You must provide a Logger");
}
@ -692,11 +634,7 @@ public class SyncFactory {
*/
public static synchronized void setJNDIContext(javax.naming.Context ctx)
throws SyncFactoryException {
@SuppressWarnings("removal")
SecurityManager sec = System.getSecurityManager();
if (sec != null) {
sec.checkPermission(SET_SYNCFACTORY_PERMISSION);
}
if (ctx == null) {
throw new SyncFactoryException("Invalid JNDI context supplied");
}

93
src/java.sql/share/classes/java/sql/DriverManager.java
View File

@ -31,8 +31,6 @@ import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import java.util.ServiceLoader;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.concurrent.CopyOnWriteArrayList;
import java.util.stream.Stream;
@ -98,22 +96,6 @@ public class DriverManager {
/* Prevent the DriverManager class from being instantiated. */
private DriverManager(){}
/**
* The {@code SQLPermission} constant that allows the
* setting of the logging stream.
* @since 1.3
*/
static final SQLPermission SET_LOG_PERMISSION =
new SQLPermission("setLog");
/**
* The {@code SQLPermission} constant that allows the
* un-register a registered JDBC driver.
* @since 1.8
*/
static final SQLPermission DEREGISTER_DRIVER_PERMISSION =
new SQLPermission("deregisterDriver");
//--------------------------JDBC 2.0-----------------------------
/**
@ -140,14 +122,8 @@ public class DriverManager {
* @since 1.2
*/
public static void setLogWriter(java.io.PrintWriter out) {
@SuppressWarnings("removal")
SecurityManager sec = System.getSecurityManager();
if (sec != null) {
sec.checkPermission(SET_LOG_PERMISSION);
}
logStream = null;
logWriter = out;
logStream = null;
logWriter = out;
}
@ -367,12 +343,6 @@ public class DriverManager {
return;
}
@SuppressWarnings("removal")
SecurityManager sec = System.getSecurityManager();
if (sec != null) {
sec.checkPermission(DEREGISTER_DRIVER_PERMISSION);
}
println("DriverManager.deregisterDriver: " + driver);
DriverInfo aDriver = new DriverInfo(driver, null);
@ -477,13 +447,6 @@ public class DriverManager {
*/
@Deprecated(since="1.2")
public static void setLogStream(java.io.PrintStream out) {
@SuppressWarnings("removal")
SecurityManager sec = System.getSecurityManager();
if (sec != null) {
sec.checkPermission(SET_LOG_PERMISSION);
}
logStream = out;
if ( out != null )
logWriter = new java.io.PrintWriter(out);
@ -549,7 +512,6 @@ public class DriverManager {
* Load the initial JDBC drivers by checking the System property
* jdbc.drivers and then use the {@code ServiceLoader} mechanism
*/
@SuppressWarnings("removal")
private static void ensureDriversInitialized() {
if (driversInitialized) {
return;
@ -561,11 +523,7 @@ public class DriverManager {
}
String drivers;
try {
drivers = AccessController.doPrivileged(new PrivilegedAction<String>() {
public String run() {
return System.getProperty(JDBC_DRIVERS_PROPERTY);
}
});
drivers = System.getProperty(JDBC_DRIVERS_PROPERTY);
} catch (Exception ex) {
drivers = null;
}
@ -574,34 +532,29 @@ public class DriverManager {
// exposed as a java.sql.Driver.class service.
// ServiceLoader.load() replaces the sun.misc.Providers()
AccessController.doPrivileged(new PrivilegedAction<Void>() {
public Void run() {
ServiceLoader<Driver> loadedDrivers = ServiceLoader.load(Driver.class);
Iterator<Driver> driversIterator = loadedDrivers.iterator();
ServiceLoader<Driver> loadedDrivers = ServiceLoader.load(Driver.class);
Iterator<Driver> driversIterator = loadedDrivers.iterator();
/* Load these drivers, so that they can be instantiated.
* It may be the case that the driver class may not be there
* i.e. there may be a packaged driver with the service class
* as implementation of java.sql.Driver but the actual class
* may be missing. In that case a java.util.ServiceConfigurationError
* will be thrown at runtime by the VM trying to locate
* and load the service.
*
* Adding a try catch block to catch those runtime errors
* if driver not available in classpath but it's
* packaged as service and that service is there in classpath.
*/
try {
while (driversIterator.hasNext()) {
driversIterator.next();
}
} catch (Throwable t) {
// Do nothing
}
return null;
/* Load these drivers, so that they can be instantiated.
* It may be the case that the driver class may not be there
* i.e. there may be a packaged driver with the service class
* as implementation of java.sql.Driver but the actual class
* may be missing. In that case a java.util.ServiceConfigurationError
* will be thrown at runtime by the VM trying to locate
* and load the service.
*
* Adding a try catch block to catch those runtime errors
* if driver not available in classpath but it's
* packaged as service and that service is there in classpath.
*/
try {
while (driversIterator.hasNext()) {
driversIterator.next();
}
});
} catch (Throwable t) {
// Do nothing
}
println("DriverManager.initialize: jdbc.drivers = " + drivers);

150
test/jdk/java/sql/testng/util/TestPolicy.java
View File

@ -1,150 +0,0 @@
/*
* Copyright (c) 2014, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package util;
import java.io.FilePermission;
import java.lang.reflect.ReflectPermission;
import java.security.AllPermission;
import java.security.CodeSource;
import java.security.Permission;
import java.security.PermissionCollection;
import java.security.Permissions;
import java.security.Policy;
import java.security.ProtectionDomain;
import java.security.SecurityPermission;
import java.sql.SQLPermission;
import java.util.Enumeration;
import java.util.PropertyPermission;
import java.util.StringJoiner;
import java.util.logging.LoggingPermission;
/*
* Simple Policy class that supports the required Permissions to validate the
* JDBC concrete classes
*/
public class TestPolicy extends Policy {
static final Policy DEFAULT_POLICY = Policy.getPolicy();
final PermissionCollection permissions = new Permissions();
/**
* Constructor which sets the minimum permissions allowing testNG to work
* with a SecurityManager
*/
public TestPolicy() {
setMinimalPermissions();
}
/*
* Constructor which determines which permissions are defined for this
* Policy used by the JDBC tests Possible values are: all (ALLPermissions),
* setLog (SQLPemission("setLog"), deregisterDriver
* (SQLPermission("deregisterDriver") (SQLPermission("deregisterDriver"),
* setSyncFactory(SQLPermission(setSyncFactory), and also
* LoggerPermission("control", null) when setting a Level
*
* @param policy Permissions to set
*/
public TestPolicy(String policy) {
switch (policy) {
case "all":
permissions.add(new AllPermission());
break;
case "setLog":
setMinimalPermissions();
permissions.add(new SQLPermission("setLog"));
break;
case "deregisterDriver":
setMinimalPermissions();
permissions.add(new SQLPermission("deregisterDriver"));
break;
case "setSyncFactory":
setMinimalPermissions();
permissions.add(new SQLPermission("setSyncFactory"));
break;
case "setSyncFactoryLogger":
setMinimalPermissions();
permissions.add(new SQLPermission("setSyncFactory"));
permissions.add(new LoggingPermission("control", null));
break;
default:
setMinimalPermissions();
}
}
/*
* Defines the minimal permissions required by testNG when running these
* tests
*/
private void setMinimalPermissions() {
permissions.add(new SecurityPermission("getPolicy"));
permissions.add(new SecurityPermission("setPolicy"));
permissions.add(new RuntimePermission("getClassLoader"));
permissions.add(new RuntimePermission("setSecurityManager"));
permissions.add(new RuntimePermission("createSecurityManager"));
permissions.add(new PropertyPermission("line.separator", "read"));
permissions.add(new PropertyPermission("fileStringBuffer", "read"));
permissions.add(new PropertyPermission("dataproviderthreadcount", "read"));
permissions.add(new PropertyPermission("java.io.tmpdir", "read"));
permissions.add(new PropertyPermission("testng.show.stack.frames",
"read"));
permissions.add(new PropertyPermission("testng.thread.affinity", "read"));
permissions.add(new PropertyPermission("testng.memory.friendly", "read"));
permissions.add(new PropertyPermission("testng.mode.dryrun", "read"));
permissions.add(new PropertyPermission("testng.report.xml.name", "read"));
permissions.add(new PropertyPermission("testng.timezone", "read"));
permissions.add(new ReflectPermission("suppressAccessChecks"));
permissions.add(new FilePermission("<<ALL FILES>>",
"read, write, delete"));
}
/*
* Overloaded methods from the Policy class
*/
@Override
public String toString() {
StringJoiner sj = new StringJoiner("\n", "policy: ", "");
Enumeration<Permission> perms = permissions.elements();
while (perms.hasMoreElements()) {
sj.add(perms.nextElement().toString());
}
return sj.toString();
}
@Override
public PermissionCollection getPermissions(ProtectionDomain domain) {
return permissions;
}
@Override
public PermissionCollection getPermissions(CodeSource codesource) {
return permissions;
}
@Override
public boolean implies(ProtectionDomain domain, Permission perm) {
return permissions.implies(perm) || DEFAULT_POLICY.implies(domain, perm);
}
}

8
test/jdk/jdk/internal/reflect/CallerSensitive/CheckCSMs.java
View File

@ -71,16 +71,12 @@ public class CheckCSMs {
// over time. Do not add any new one to this list.
private static final Set<String> KNOWN_NON_FINAL_CSMS =
Set.of("java/lang/Runtime#load (Ljava/lang/String;)V",
"java/lang/Runtime#loadLibrary (Ljava/lang/String;)V",
"javax/sql/rowset/serial/SerialJavaObject#getFields ()[Ljava/lang/reflect/Field;"
"java/lang/Runtime#loadLibrary (Ljava/lang/String;)V"
);
// These non-static non-final methods must not have @CallerSensitiveAdapter
// methods that takes an additional caller class parameter.
private static Set<String> UNSUPPORTED_VIRTUAL_METHODS =
Set.of("java/io/ObjectStreamField#getType (Ljava/lang/Class;)Ljava/lang/Class;",
"javax/sql/rowset/serial/SerialJavaObject#getFields (Ljava/lang/Class;)[Ljava/lang/reflect/Field;"
);
private static Set<String> UNSUPPORTED_VIRTUAL_METHODS = Set.of();
public static void main(String[] args) throws Exception {
if (args.length > 0 && args[0].equals("--list")) {