[jboss-cvs] javassist/src/main/javassist/util/proxy ...
Kabir Khan
kkhan at jboss.com
Tue Feb 12 13:55:46 EST 2008
User: kkhan
Date: 08/02/12 13:55:46
Modified: src/main/javassist/util/proxy FactoryHelper.java
ProxyFactory.java
Added: src/main/javassist/util/proxy SecurityActions.java
Log:
Make ProxyFactory use privileged blocks when a security manager is present
Revision Changes Path
1.7 +8 -4 javassist/src/main/javassist/util/proxy/FactoryHelper.java
(In the diff below, changes in quantity of whitespace are not shown.)
Index: FactoryHelper.java
===================================================================
RCS file: /cvsroot/jboss/javassist/src/main/javassist/util/proxy/FactoryHelper.java,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -b -r1.6 -r1.7
--- FactoryHelper.java 4 Jun 2007 03:11:10 -0000 1.6
+++ FactoryHelper.java 12 Feb 2008 18:55:46 -0000 1.7
@@ -39,11 +39,15 @@
static {
try {
Class cl = Class.forName("java.lang.ClassLoader");
- defineClass1 = cl.getDeclaredMethod("defineClass",
+ defineClass1 = SecurityActions.getDeclaredMethod(
+ cl,
+ "defineClass",
new Class[] { String.class, byte[].class,
int.class, int.class });
- defineClass2 = cl.getDeclaredMethod("defineClass",
+ defineClass2 = SecurityActions.getDeclaredMethod(
+ cl,
+ "defineClass",
new Class[] { String.class, byte[].class,
int.class, int.class, ProtectionDomain.class });
}
@@ -173,9 +177,9 @@
ClassLoader loader, Object[] args)
throws Exception
{
- method.setAccessible(true);
+ SecurityActions.setAccessible(method, true);
Class clazz = (Class)method.invoke(loader, args);
- method.setAccessible(false);
+ SecurityActions.setAccessible(method, false);
return clazz;
}
1.28 +2 -41 javassist/src/main/javassist/util/proxy/ProxyFactory.java
(In the diff below, changes in quantity of whitespace are not shown.)
Index: ProxyFactory.java
===================================================================
RCS file: /cvsroot/jboss/javassist/src/main/javassist/util/proxy/ProxyFactory.java,v
retrieving revision 1.27
retrieving revision 1.28
diff -u -b -r1.27 -r1.28
--- ProxyFactory.java 12 Feb 2008 17:06:13 -0000 1.27
+++ ProxyFactory.java 12 Feb 2008 18:55:46 -0000 1.28
@@ -21,8 +21,6 @@
import java.lang.reflect.Constructor;
import java.lang.reflect.Member;
import java.lang.reflect.Modifier;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.security.ProtectionDomain;
import java.util.HashMap;
import java.util.WeakHashMap;
@@ -350,9 +348,9 @@
if (thisClass != null && value != null)
try {
Field f = thisClass.getField(fieldName);
- f.setAccessible(true);
+ SecurityActions.setAccessible(f, true);
f.set(null, value);
- f.setAccessible(false);
+ SecurityActions.setAccessible(f, false);
}
catch (Exception e) {
throw new RuntimeException(e);
@@ -1043,41 +1041,4 @@
minfo.setCodeAttribute(code.toCodeAttribute());
return minfo;
}
-
- private static class SecurityActions
- {
- private static Method[] getDeclaredMethods(final Class clazz)
- {
- if (System.getSecurityManager() == null)
- {
- return clazz.getDeclaredMethods();
- }
- else
- {
- return (Method[])AccessController.doPrivileged(new PrivilegedAction() {
-
- public Object run()
- {
- return clazz.getDeclaredMethods();
- }});
- }
- }
-
- private static Constructor[] getDeclaredConstructors(final Class clazz)
- {
- if (System.getSecurityManager() == null)
- {
- return clazz.getDeclaredConstructors();
- }
- else
- {
- return (Constructor[])AccessController.doPrivileged(new PrivilegedAction() {
-
- public Object run()
- {
- return clazz.getDeclaredConstructors();
- }});
- }
- }
- }
}
1.1 date: 2008/02/12 18:55:46; author: kkhan; state: Exp;javassist/src/main/javassist/util/proxy/SecurityActions.java
Index: SecurityActions.java
===================================================================
/*
* Javassist, a Java-bytecode translator toolkit.
* Copyright (C) 1999-2007 Shigeru Chiba. All Rights Reserved.
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. Alternatively, the contents of this file may be used under
* the terms of the GNU Lesser General Public License Version 2.1 or later.
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*/
package javassist.util.proxy;
import java.lang.reflect.AccessibleObject;
import java.lang.reflect.Constructor;
import java.lang.reflect.Field;
import java.lang.reflect.Method;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
class SecurityActions
{
static Method[] getDeclaredMethods(final Class clazz)
{
if (System.getSecurityManager() == null)
{
return clazz.getDeclaredMethods();
}
else
{
return (Method[])AccessController.doPrivileged(new PrivilegedAction() {
public Object run()
{
return clazz.getDeclaredMethods();
}});
}
}
static Constructor[] getDeclaredConstructors(final Class clazz)
{
if (System.getSecurityManager() == null)
{
return clazz.getDeclaredConstructors();
}
else
{
return (Constructor[])AccessController.doPrivileged(new PrivilegedAction() {
public Object run()
{
return clazz.getDeclaredConstructors();
}});
}
}
static Method getDeclaredMethod(final Class clazz, final String name, final Class[] types) throws NoSuchMethodException
{
if (System.getSecurityManager() == null)
{
return clazz.getDeclaredMethod(name, types);
}
else
{
try
{
return (Method)AccessController.doPrivileged(new PrivilegedExceptionAction() {
public Object run()throws Exception
{
return clazz.getDeclaredMethod(name, types);
}});
}
catch(PrivilegedActionException e)
{
if (e.getCause() instanceof NoSuchMethodException)
{
throw (NoSuchMethodException)e.getCause();
}
throw new RuntimeException(e.getCause());
}
}
}
static Constructor getDeclaredConstructor(final Class clazz, final Class[] types) throws NoSuchMethodException
{
if (System.getSecurityManager() == null)
{
return clazz.getDeclaredConstructor(types);
}
else
{
try
{
return (Constructor)AccessController.doPrivileged(new PrivilegedExceptionAction() {
public Object run() throws Exception
{
return clazz.getDeclaredConstructor(types);
}});
}
catch (PrivilegedActionException e)
{
if (e.getCause() instanceof NoSuchMethodException)
{
throw (NoSuchMethodException)e.getCause();
}
throw new RuntimeException(e.getCause());
}
}
}
static void setAccessible(final AccessibleObject ao, final boolean accessible)
{
if (System.getSecurityManager() == null)
{
ao.setAccessible(accessible);
}
else
{
AccessController.doPrivileged(new PrivilegedAction() {
public Object run()
{
ao.setAccessible(accessible);
return null;
}});
}
}
static void set(final Field fld, final Object target, final Object value) throws IllegalAccessException
{
if (System.getSecurityManager() == null)
{
fld.set(target, value);
}
else
{
try
{
AccessController.doPrivileged(new PrivilegedExceptionAction() {
public Object run() throws Exception
{
fld.set(target, value);
return null;
}});
}
catch (PrivilegedActionException e)
{
if (e.getCause() instanceof NoSuchMethodException)
{
throw (IllegalAccessException)e.getCause();
}
throw new RuntimeException(e.getCause());
}
}
}
}
More information about the jboss-cvs-commits
mailing list