Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8235351

Lookup::unreflect should bind with the original caller independent of Method's accessible flag

    XMLWordPrintable

    Details

      Backports

        Description

        A DESCRIPTION OF THE PROBLEM :
        The problem is that a public @CallerSensitive methods can be tricked to see MethodHandle as caller. This can be done by getting the Method, call setAccessible(true) on it. Since it is public this call will succeed. Using this Method now in Lookup.unreflect will use the IMPL_LOOKUP, since the Method is accessible and does therefore not bind the caller. Calling the resulting MethodHandle via invokeWithArguments, the Method will see MethodHandle as caller. This can be used to open java.base.

        STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
        Run:

        Method m = Module.class.getMethod("addOpens", String.class, Module.class);
        m.setAccessible(true);
        MethodHandle mh = MethodHandles.lookup().unreflect(m);
        mh.invokeWithArguments(Object.class.getModule(), "java.lang", Test.class.getModule());

        EXPECTED VERSUS ACTUAL BEHAVIOR :
        EXPECTED -
        Exception in thread "main" java.lang.IllegalCallerException: java.lang is not open to module test.
        ACTUAL -
        Module java.lang is opened to module test.

        ---------- BEGIN SOURCE ----------
        package test;

        import java.lang.invoke.MethodHandle;
        import java.lang.invoke.MethodHandles;
        import java.lang.reflect.Method;

        public class Test {

        public static void main(String[] args) throws Throwable {
        Method m = Module.class.getMethod("addOpens", String.class, Module.class);
        m.setAccessible(true);
        MethodHandle mh = MethodHandles.lookup().unreflect(m);

        mh.invokeWithArguments(Object.class.getModule(), "java.lang", Test.class.getModule());
        }

        }

        ---------- END SOURCE ----------

        FREQUENCY : always


          Attachments

            Issue Links

              Activity

                People

                Assignee:
                mchung Mandy Chung
                Reporter:
                webbuggrp Webbug Group
                Votes:
                0 Vote for this issue
                Watchers:
                7 Start watching this issue

                  Dates

                  Created:
                  Updated:
                  Resolved: