< prev index next >

src/java.base/share/classes/java/lang/reflect/AccessibleObject.java

Print this page


   1 /*
   2  * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.  Oracle designates this
   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any


  39 import sun.security.util.SecurityConstants;
  40 
  41 /**
  42  * The {@code AccessibleObject} class is the base class for {@code Field},
  43  * {@code Method}, and {@code Constructor} objects (known as <em>reflected
  44  * objects</em>). It provides the ability to flag a reflected object as
  45  * suppressing checks for Java language access control when it is used. This
  46  * permits sophisticated applications with sufficient privilege, such as Java
  47  * Object Serialization or other persistence mechanisms, to manipulate objects
  48  * in a manner that would normally be prohibited.
  49  *
  50  * <p> Java language access control prevents use of private members outside
  51  * their top-level class; package access members outside their package; protected members
  52  * outside their package or subclasses; and public members outside their
  53  * module unless they are declared in an {@link Module#isExported(String,Module)
  54  * exported} package and the user {@link Module#canRead reads} their module. By
  55  * default, Java language access control is enforced (with one variation) when
  56  * {@code Field}s, {@code Method}s, or {@code Constructor}s are used to get or
  57  * set fields, to invoke methods, or to create and initialize new instances of
  58  * classes, respectively. Every reflected object checks that the code using it
  59  * is in an appropriate class, package, or module. The check when invoked by
  60  * <a href="{@docRoot}/../specs/jni/index.html">JNI code</a> with no Java
  61  * class on the stack only succeeds if the member and the declaring class are
  62  * public, and the class is in a package that is exported to all modules. </p>
  63  *
  64  * <p> The one variation from Java language access control is that the checks
  65  * by reflected objects assume readability. That is, the module containing
  66  * the use of a reflected object is assumed to read the module in which
  67  * the underlying field, method, or constructor is declared. </p>
  68  *
  69  * <p> Whether the checks for Java language access control can be suppressed
  70  * (and thus, whether access can be enabled) depends on whether the reflected
  71  * object corresponds to a member in an exported or open package
  72  * (see {@link #setAccessible(boolean)}). </p>
  73  *
  74  * @jls 6.6 Access Control
  75  * @since 1.2
  76  * @revised 9
  77  * @spec JPMS
  78  */
  79 public class AccessibleObject implements AnnotatedElement {
  80 
  81     static void checkPermission() {
  82         SecurityManager sm = System.getSecurityManager();


 656         }
 657         if (targetClass != null // instance member or constructor
 658             && Modifier.isProtected(modifiers)
 659             && targetClass != memberClass) {
 660             if (isAccessChecked(caller, targetClass)) {
 661                 return true;         // ACCESS IS OK
 662             }
 663         } else if (isAccessChecked(caller)) {
 664             // Non-protected case (or targetClass == memberClass or static member).
 665             return true;             // ACCESS IS OK
 666         }
 667 
 668         // If no return, fall through to the slow path.
 669         return slowVerifyAccess(caller, memberClass, targetClass, modifiers);
 670     }
 671 
 672     // Keep all this slow stuff out of line:
 673     private boolean slowVerifyAccess(Class<?> caller, Class<?> memberClass,
 674                                      Class<?> targetClass, int modifiers)
 675     {
 676 
 677         if (caller == null) {
 678             // No caller frame when a native thread attaches to the VM
 679             // only allow access to a public accessible member
 680             return Reflection.verifyPublicMemberAccess(memberClass, modifiers);
 681         }
 682 
 683         if (!Reflection.verifyMemberAccess(caller, memberClass, targetClass, modifiers)) {
 684             // access denied
 685             return false;
 686         }
 687 
 688         // access okay
 689         logIfExportedForIllegalAccess(caller, memberClass);
 690 
 691         // Success: Update the cache.
 692         Object cache = (targetClass != null
 693                         && Modifier.isProtected(modifiers)
 694                         && targetClass != memberClass)
 695                         ? Cache.protectedMemberCallerCache(caller, targetClass)
 696                         : new WeakReference<>(caller);
 697         accessCheckCache = cache;         // write volatile
 698         return true;
 699     }
 700 
 701     // true to print a stack trace when access fails
 702     private static volatile boolean printStackWhenAccessFails;


   1 /*
   2  * Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.  Oracle designates this
   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any


  39 import sun.security.util.SecurityConstants;
  40 
  41 /**
  42  * The {@code AccessibleObject} class is the base class for {@code Field},
  43  * {@code Method}, and {@code Constructor} objects (known as <em>reflected
  44  * objects</em>). It provides the ability to flag a reflected object as
  45  * suppressing checks for Java language access control when it is used. This
  46  * permits sophisticated applications with sufficient privilege, such as Java
  47  * Object Serialization or other persistence mechanisms, to manipulate objects
  48  * in a manner that would normally be prohibited.
  49  *
  50  * <p> Java language access control prevents use of private members outside
  51  * their top-level class; package access members outside their package; protected members
  52  * outside their package or subclasses; and public members outside their
  53  * module unless they are declared in an {@link Module#isExported(String,Module)
  54  * exported} package and the user {@link Module#canRead reads} their module. By
  55  * default, Java language access control is enforced (with one variation) when
  56  * {@code Field}s, {@code Method}s, or {@code Constructor}s are used to get or
  57  * set fields, to invoke methods, or to create and initialize new instances of
  58  * classes, respectively. Every reflected object checks that the code using it
  59  * is in an appropriate class, package, or module. </p>



  60  *
  61  * <p> The one variation from Java language access control is that the checks
  62  * by reflected objects assume readability. That is, the module containing
  63  * the use of a reflected object is assumed to read the module in which
  64  * the underlying field, method, or constructor is declared. </p>
  65  *
  66  * <p> Whether the checks for Java language access control can be suppressed
  67  * (and thus, whether access can be enabled) depends on whether the reflected
  68  * object corresponds to a member in an exported or open package
  69  * (see {@link #setAccessible(boolean)}). </p>
  70  *
  71  * @jls 6.6 Access Control
  72  * @since 1.2
  73  * @revised 9
  74  * @spec JPMS
  75  */
  76 public class AccessibleObject implements AnnotatedElement {
  77 
  78     static void checkPermission() {
  79         SecurityManager sm = System.getSecurityManager();


 653         }
 654         if (targetClass != null // instance member or constructor
 655             && Modifier.isProtected(modifiers)
 656             && targetClass != memberClass) {
 657             if (isAccessChecked(caller, targetClass)) {
 658                 return true;         // ACCESS IS OK
 659             }
 660         } else if (isAccessChecked(caller)) {
 661             // Non-protected case (or targetClass == memberClass or static member).
 662             return true;             // ACCESS IS OK
 663         }
 664 
 665         // If no return, fall through to the slow path.
 666         return slowVerifyAccess(caller, memberClass, targetClass, modifiers);
 667     }
 668 
 669     // Keep all this slow stuff out of line:
 670     private boolean slowVerifyAccess(Class<?> caller, Class<?> memberClass,
 671                                      Class<?> targetClass, int modifiers)
 672     {







 673         if (!Reflection.verifyMemberAccess(caller, memberClass, targetClass, modifiers)) {
 674             // access denied
 675             return false;
 676         }
 677 
 678         // access okay
 679         logIfExportedForIllegalAccess(caller, memberClass);
 680 
 681         // Success: Update the cache.
 682         Object cache = (targetClass != null
 683                         && Modifier.isProtected(modifiers)
 684                         && targetClass != memberClass)
 685                         ? Cache.protectedMemberCallerCache(caller, targetClass)
 686                         : new WeakReference<>(caller);
 687         accessCheckCache = cache;         // write volatile
 688         return true;
 689     }
 690 
 691     // true to print a stack trace when access fails
 692     private static volatile boolean printStackWhenAccessFails;


< prev index next >