Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8157464

Disallow StackWalker.getCallerClass() be called by caller-sensitive method

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: P3
    • Resolution: Fixed
    • Affects Version/s: 9
    • Fix Version/s: 9
    • Component/s: core-libs
    • Labels:
    • Subcomponent:
    • Resolved In Build:
      b138
    • Verification:
      Verified

      Description

      StackWalker.getCallerClass() skips all @Hidden & java.lang.invoke methods when looking for caller. If a library uses SW.gCC to implement caller-sensitive logic, it can cause problems.

      java.lang.invoke, when constructing a method handle for @CallerSensitive method, binds it to lookup context by attaching a VMAC w/ lookup class as a host class (see [1] for details). During invocation, it puts a @Hidden frame on stack which represents original caller context.

      SW.gCC() filters out that frame, so a library sees the caller of method handle instead.

      For example, in methodHandleGetCallerClass() [2] if a method handle leaks and it is invoked from another context, the bound context will be ignored if SW.gCC is used (R.gCC correctly returns the class MH is bound to).

      Reflection.getCallerClass() is more conservative when filtering frames [3].

      [1] http://hg.openjdk.java.net/jdk9/dev/jdk/file/248c2f34cc1f/src/java.base/share/classes/java/lang/invoke/MethodHandleImpl.java#l1167

      [2] http://hg.openjdk.java.net/jdk9/dev/jdk/file/248c2f34cc1f/test/java/lang/StackWalker/GetCallerClassTest.java#l129

      [3] http://hg.openjdk.java.net/jdk9/jdk9/hotspot/file/e3ca323dfe1b/src/share/vm/oops/method.cpp#l1122:

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              mchung Mandy Chung
              Reporter:
              vlivanov Vladimir Ivanov
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: