Java example source code file (VerifyAccess.java)
The VerifyAccess.java Java example source code/*
* Copyright (c) 2008, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package sun.invoke.util;
import java.lang.reflect.Modifier;
import static java.lang.reflect.Modifier.*;
import sun.reflect.Reflection;
/**
* This class centralizes information about the JVM's linkage access control.
* @author jrose
*/
public class VerifyAccess {
private VerifyAccess() { } // cannot instantiate
private static final int PACKAGE_ONLY = 0;
private static final int PACKAGE_ALLOWED = java.lang.invoke.MethodHandles.Lookup.PACKAGE;
private static final int PROTECTED_OR_PACKAGE_ALLOWED = (PACKAGE_ALLOWED|PROTECTED);
private static final int ALL_ACCESS_MODES = (PUBLIC|PRIVATE|PROTECTED|PACKAGE_ONLY);
private static final boolean ALLOW_NESTMATE_ACCESS = false;
/**
* Evaluate the JVM linkage rules for access to the given method
* on behalf of a caller class which proposes to perform the access.
* Return true if the caller class has privileges to invoke a method
* or access a field with the given properties.
* This requires an accessibility check of the referencing class,
* plus an accessibility check of the member within the class,
* which depends on the member's modifier flags.
* <p>
* The relevant properties include the defining class ({@code defc})
* of the member, and its modifier flags ({@code mods}).
* Also relevant is the class used to make the initial symbolic reference
* to the member ({@code refc}). If this latter class is not distinguished,
* the defining class should be passed for both arguments ({@code defc == refc}).
* <h3>JVM Specification, 5.4.4 "Access Control"
* A field or method R is accessible to a class or interface D if
* and only if any of the following conditions is true:<ul>
* <li>R is public.
* <li>R is protected and is declared in a class C, and D is either
* a subclass of C or C itself. Furthermore, if R is not
* static, then the symbolic reference to R must contain a
* symbolic reference to a class T, such that T is either a
* subclass of D, a superclass of D or D itself.
* <li>R is either protected or has default access (that is,
* neither public nor protected nor private), and is declared
* by a class in the same runtime package as D.
* <li>R is private and is declared in D.
* </ul>
* This discussion of access control omits a related restriction
* on the target of a protected field access or method invocation
* (the target must be of class D or a subtype of D). That
* requirement is checked as part of the verification process
* (5.4.1); it is not part of link-time access control.
* @param refc the class used in the symbolic reference to the proposed member
* @param defc the class in which the proposed member is actually defined
* @param mods modifier flags for the proposed member
* @param lookupClass the class for which the access check is being made
* @return true iff the the accessing class can access such a member
*/
public static boolean isMemberAccessible(Class<?> refc, // symbolic ref class
Class<?> defc, // actual def class
int mods, // actual member mods
Class<?> lookupClass,
int allowedModes) {
if (allowedModes == 0) return false;
assert((allowedModes & PUBLIC) != 0 &&
(allowedModes & ~(ALL_ACCESS_MODES|PACKAGE_ALLOWED)) == 0);
// The symbolic reference class (refc) must always be fully verified.
if (!isClassAccessible(refc, lookupClass, allowedModes)) {
return false;
}
// Usually refc and defc are the same, but verify defc also in case they differ.
if (defc == lookupClass &&
(allowedModes & PRIVATE) != 0)
return true; // easy check; all self-access is OK
switch (mods & ALL_ACCESS_MODES) {
case PUBLIC:
return true; // already checked above
case PROTECTED:
if ((allowedModes & PROTECTED_OR_PACKAGE_ALLOWED) != 0 &&
isSamePackage(defc, lookupClass))
return true;
if ((allowedModes & PROTECTED) == 0)
return false;
if ((mods & STATIC) != 0 &&
!isRelatedClass(refc, lookupClass))
return false;
if ((allowedModes & PROTECTED) != 0 &&
isSuperClass(defc, lookupClass))
return true;
return false;
case PACKAGE_ONLY: // That is, zero. Unmarked member is package-only access.
return ((allowedModes & PACKAGE_ALLOWED) != 0 &&
isSamePackage(defc, lookupClass));
case PRIVATE:
// Loosened rules for privates follows access rules for inner classes.
return (ALLOW_NESTMATE_ACCESS &&
(allowedModes & PRIVATE) != 0 &&
isSamePackageMember(defc, lookupClass));
default:
throw new IllegalArgumentException("bad modifiers: "+Modifier.toString(mods));
}
}
static boolean isRelatedClass(Class<?> refc, Class lookupClass) {
return (refc == lookupClass ||
refc.isAssignableFrom(lookupClass) ||
lookupClass.isAssignableFrom(refc));
}
static boolean isSuperClass(Class<?> defc, Class lookupClass) {
return defc.isAssignableFrom(lookupClass);
}
static int getClassModifiers(Class<?> c) {
// This would return the mask stored by javac for the source-level modifiers.
// return c.getModifiers();
// But what we need for JVM access checks are the actual bits from the class header.
// ...But arrays and primitives are synthesized with their own odd flags:
if (c.isArray() || c.isPrimitive())
return c.getModifiers();
return Reflection.getClassAccessFlags(c);
}
/**
* Evaluate the JVM linkage rules for access to the given class on behalf of caller.
* <h3>JVM Specification, 5.4.4 "Access Control"
* A class or interface C is accessible to a class or interface D
* if and only if either of the following conditions are true:<ul>
* <li>C is public.
* <li>C and D are members of the same runtime package.
* </ul>
* @param refc the symbolic reference class to which access is being checked (C)
* @param lookupClass the class performing the lookup (D)
*/
public static boolean isClassAccessible(Class<?> refc, Class lookupClass,
int allowedModes) {
if (allowedModes == 0) return false;
assert((allowedModes & PUBLIC) != 0 &&
(allowedModes & ~(ALL_ACCESS_MODES|PACKAGE_ALLOWED)) == 0);
int mods = getClassModifiers(refc);
if (isPublic(mods))
return true;
if ((allowedModes & PACKAGE_ALLOWED) != 0 &&
isSamePackage(lookupClass, refc))
return true;
return false;
}
/**
* Decide if the given method type, attributed to a member or symbolic
* reference of a given reference class, is really visible to that class.
* @param type the supposed type of a member or symbolic reference of refc
* @param refc the class attempting to make the reference
*/
public static boolean isTypeVisible(Class<?> type, Class refc) {
if (type == refc) return true; // easy check
while (type.isArray()) type = type.getComponentType();
if (type.isPrimitive() || type == Object.class) return true;
ClassLoader parent = type.getClassLoader();
if (parent == null) return true;
ClassLoader child = refc.getClassLoader();
if (child == null) return false;
if (parent == child || loadersAreRelated(parent, child, true))
return true;
// Do it the hard way: Look up the type name from the refc loader.
try {
Class<?> res = child.loadClass(type.getName());
return (type == res);
} catch (ClassNotFoundException ex) {
return false;
}
}
/**
* Decide if the given method type, attributed to a member or symbolic
* reference of a given reference class, is really visible to that class.
* @param type the supposed type of a member or symbolic reference of refc
* @param refc the class attempting to make the reference
*/
public static boolean isTypeVisible(java.lang.invoke.MethodType type, Class<?> refc) {
for (int n = -1, max = type.parameterCount(); n < max; n++) {
Class<?> ptype = (n < 0 ? type.returnType() : type.parameterType(n));
if (!isTypeVisible(ptype, refc))
return false;
}
return true;
}
/**
* Test if two classes have the same class loader and package qualifier.
* @param class1 a class
* @param class2 another class
* @return whether they are in the same package
*/
public static boolean isSamePackage(Class<?> class1, Class class2) {
assert(!class1.isArray() && !class2.isArray());
if (class1 == class2)
return true;
if (class1.getClassLoader() != class2.getClassLoader())
return false;
String name1 = class1.getName(), name2 = class2.getName();
int dot = name1.lastIndexOf('.');
if (dot != name2.lastIndexOf('.'))
return false;
for (int i = 0; i < dot; i++) {
if (name1.charAt(i) != name2.charAt(i))
return false;
}
return true;
}
/** Return the package name for this class.
*/
public static String getPackageName(Class<?> cls) {
assert(!cls.isArray());
String name = cls.getName();
int dot = name.lastIndexOf('.');
if (dot < 0) return "";
return name.substring(0, dot);
}
/**
* Test if two classes are defined as part of the same package member (top-level class).
* If this is true, they can share private access with each other.
* @param class1 a class
* @param class2 another class
* @return whether they are identical or nested together
*/
public static boolean isSamePackageMember(Class<?> class1, Class class2) {
if (class1 == class2)
return true;
if (!isSamePackage(class1, class2))
return false;
if (getOutermostEnclosingClass(class1) != getOutermostEnclosingClass(class2))
return false;
return true;
}
private static Class<?> getOutermostEnclosingClass(Class c) {
Class<?> pkgmem = c;
for (Class<?> enc = c; (enc = enc.getEnclosingClass()) != null; )
pkgmem = enc;
return pkgmem;
}
private static boolean loadersAreRelated(ClassLoader loader1, ClassLoader loader2,
boolean loader1MustBeParent) {
if (loader1 == loader2 || loader1 == null
|| (loader2 == null && !loader1MustBeParent)) {
return true;
}
for (ClassLoader scan2 = loader2;
scan2 != null; scan2 = scan2.getParent()) {
if (scan2 == loader1) return true;
}
if (loader1MustBeParent) return false;
// see if loader2 is a parent of loader1:
for (ClassLoader scan1 = loader1;
scan1 != null; scan1 = scan1.getParent()) {
if (scan1 == loader2) return true;
}
return false;
}
/**
* Is the class loader of parentClass identical to, or an ancestor of,
* the class loader of childClass?
* @param parentClass a class
* @param childClass another class, which may be a descendent of the first class
* @return whether parentClass precedes or equals childClass in class loader order
*/
public static boolean classLoaderIsAncestor(Class<?> parentClass, Class childClass) {
return loadersAreRelated(parentClass.getClassLoader(), childClass.getClassLoader(), true);
}
}
Other Java examples (source code examples)Here is a short list of links related to this Java VerifyAccess.java source code file: |
The search page
Other Java source code examples at this package level
Click here to learn more about this project
