6893947: Deserialization of RMIConnectionImpl objects should enforce stricter checks [ZDI-CAN-588]

Narrow the doPrivileged block to only set context ClassLoader

Reviewed-by: hawtin, emcmanus

jdk/src/share/classes/javax/management/remote/rmi/RMIConnectionImpl.java

@@ -1271,6 +1271,7 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
      *
      * @return a String representation of this object.
      **/
+    @Override
     public String toString() {
         return super.toString() + ": connectionId=" + connectionId;
     }
@@ -1514,6 +1515,21 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
         }
     }
 
+    private static class SetCcl implements PrivilegedExceptionAction<ClassLoader> {
+        private final ClassLoader classLoader;
+
+        SetCcl(ClassLoader classLoader) {
+            this.classLoader = classLoader;
+        }
+
+        public ClassLoader run() {
+            Thread currentThread = Thread.currentThread();
+            ClassLoader old = currentThread.getContextClassLoader();
+            currentThread.setContextClassLoader(classLoader);
+            return old;
+        }
+    }
+
     private static <T> T unwrap(final MarshalledObject<?> mo,
                                 final ClassLoader cl,
                                 final Class<T> wrappedClass)
@@ -1522,22 +1538,14 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
             return null;
         }
         try {
-            return AccessController.doPrivileged(
+            final ClassLoader old = AccessController.doPrivileged(new SetCcl(cl));
-                new PrivilegedExceptionAction<T>() {
+            try {
-                    public T run()
+                return wrappedClass.cast(mo.get());
-                            throws IOException {
+            } catch (ClassNotFoundException cnfe) {
-                        final ClassLoader old =
+                throw new UnmarshalException(cnfe.toString(), cnfe);
-                            Thread.currentThread().getContextClassLoader();
+            } finally {
-                        Thread.currentThread().setContextClassLoader(cl);
+                AccessController.doPrivileged(new SetCcl(old));
-                        try {
+            }
-                            return wrappedClass.cast(mo.get());
-                        } catch (ClassNotFoundException cnfe) {
-                            throw new UnmarshalException(cnfe.toString(), cnfe);
-                        } finally {
-                            Thread.currentThread().setContextClassLoader(old);
-                        }
-                    }
-                });
         } catch (PrivilegedActionException pe) {
             Exception e = extractException(pe);
             if (e instanceof IOException) {
@@ -1561,14 +1569,14 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
             return null;
         }
         try {
-            return AccessController.doPrivileged(
+            ClassLoader orderCL = AccessController.doPrivileged(
-                   new PrivilegedExceptionAction<T>() {
+                new PrivilegedExceptionAction<ClassLoader>() {
-                       public T run()
+                    public ClassLoader run() throws Exception {
-                           throws IOException {
+                        return new OrderClassLoaders(cl1, cl2);
-                           return unwrap(mo, new OrderClassLoaders(cl1, cl2),
+                    }
-                                         wrappedClass);
+                }
-                       }
+            );
-                   });
+            return unwrap(mo, orderCL, wrappedClass);
         } catch (PrivilegedActionException pe) {
             Exception e = extractException(pe);
             if (e instanceof IOException) {