Re: Method.invoke() on a non-public class from another package

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

On 4/8/07, Robert Lougher <rob.lougher@xxxxxxxxx> wrote:
Hi Mark,

On 4/8/07, Mark Wielaard <mark@xxxxxxxxx> wrote:
> On Sun, 2007-04-08 at 12:53 +0200, Christian Thalinger wrote:
> > Grrr, I hate this access checks.  I'll try to fix that _again_.
>
> This seems to be pretty subtle and we found multiple runtimes (jamvm,
> cacao, gcj and kaffe at least) that seem to get this wrong.
...
> So when Method.invoke() is called on an method member of an object which
> class type isn't public then it should only be allowed to successfully
> call the method if the caller is in the same package.
>

Strangely enough, I _did_ fix this in JamVM 1.4.4, but then removed
the checks again in JamVM 1.4.5!

http://cvs.berlios.de/cgi-bin/viewcvs.cgi/jamvm/jamvm/src/reflect.c.diff?r1=1.9&r2=1.10

If I remember the reason for removing it again was that it broke some
stuff.  I had a quick look at cacao and gcj, and found they didn't do
the check, and not having the time at that point to look into it
properly just backed the change out.  I'll see if I can find what
broke.


Yes, answering my own post :)

Anyway, I've found what it broke and my original analysis.  After
putting this in, BeanShell GUI stopped working with JamVM.  This was
found during 0.93 testing:

http://www.mail-archive.com/classpath@xxxxxxx/msg13811.html

I did an original analysis, where I tracked it down to the extra
reflection checks.  Of course, I could have been wrong, and I've not
rechecked this.  At the time I just decided to remove the checks...

Date: Thu, 7 Dec 2006 02:16:44 +0000
From: "Robert Lougher" <rob.lougher@xxxxxxxxx>
To: "Mark Wielaard" <mark@xxxxxxxxx>
Subject: Re: Re: 0.93 branch created
In-Reply-To: <1165274185.3061.46.camel@xxxxxxxxxxxxxxxxxxxxxxx>
MIME-Version: 1.0
Content-Type: multipart/mixed;
	boundary="----=_Part_25035_17595680.1165457804811"
References: <1165024599.3054.80.camel@xxxxxxxxxxxxxxxxxxxxxxx>
	 <1165263663.28379.4.camel@localhost>
	 <1165274185.3061.46.camel@xxxxxxxxxxxxxxxxxxxxxxx>
Delivered-To: rob.lougher@xxxxxxxxx

------=_Part_25035_17595680.1165457804811
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Hi Mark,

I've spent some time looking at this.

From what I can see, there's an attempt to invoke via reflection the
method "getValue" on an Object of type
"java.util.Hashtable$HashEntry".  The invoke is from class
"bsh.Reflect".  The method "getValue" is defined in class
"java.util.AbstractMap$BasicMapEntry".

The problem is that although method "getValue" is public, the class
"java.util.AbstractMap$BasicMapEntry" is package-private.

When JamVM does a method invoke, it checks that the class that defined
the method is accessible, and given that, that the method is also
accessible.  The class access check fails, and an
IllegalAccessException is thrown, which is converted to the
UndeclaredThrowableException.

The reason that Cacao works is that its reflection code does not do
the class access check.  If I remove the class access check in JamVM
the UndeclaredThrowableException no longer gets thrown.

The reason I put the class access check in is to fix some reflection
tests.  The attached simple reflection test throws an
IllegalAccessException on both JamVM and Suns VM (to run do jamvm/java
test).  If I remove the class access check, the method invoke wrongly
succeeds.

I don't know where the problem lies.  The class
"java.util.Hashtable$HashEntry" is private, so I don't know if
bsh.Reflect should have a reference anyway.

Anyway, I can't do any more investigation tonight, as it's late!

Thanks,

Rob.


[Index of Archives]     [Linux Kernel]     [Linux Cryptography]     [Fedora]     [Fedora Directory]     [Red Hat Development]

  Powered by Linux