This is the mail archive of the
java-patches@gcc.gnu.org
mailing list for the Java project.
Re: Patch: RFC: PR 27352
Bryce McKinlay writes:
> Tom Tromey wrote:
> > Bryce> This patch fixes PR 27352 by adding a getClassLoaderInternal()
> > Bryce> implementation in Java. This is a shortcut implementation of
> > Bryce> getClassLoader() that bypasses redundant security manager
> > Bryce> checks. getClassLoaderInternal() was already used from natClass.cc,
> > Bryce> but it couldn't be used from Java code because it was only defined in
> > Bryce> Class.h.
> >
> > Actually, why is this needed? According to the PR Andrew already
> > checked in a fix. And according to the test case this fix already
> > works.
>
> Andrew's patch was to rewrite forName() and getClassLoader()
> invocations to add a class argument. Mostly this is for
> performance, since it avoids having to do the stack trace. It fixed
> 27352 as a side-effect, but only for newly-compiled native code.
No, that's not true. The important case is within Class itself, where
a call is made (eg) from Class.getPackage() to Class.getClassLoader().
Class.getClassLoader() knows that it is called from a method in Class,
so it doesn't do the security manager check:
"If a security manager is present, and the caller's class loader is
not null and the caller's class loader is not the same as or an
ancestor of the class loader for the class whose class loader is
requested, then this method calls the security manager's
checkPermission method with a RuntimePermission("getClassLoader")
permission to ensure it's ok to access the class loader for the
class."
Andrew.