--- old/src/java.base/share/classes/sun/invoke/util/VerifyAccess.java 2018-02-11 21:06:09.155060581 -0500
+++ new/src/java.base/share/classes/sun/invoke/util/VerifyAccess.java 2018-02-11 21:06:07.678975605 -0500
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2008, 2017, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2008, 2018, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -44,7 +44,6 @@
private static final int PACKAGE_ALLOWED = java.lang.invoke.MethodHandles.Lookup.PACKAGE;
private static final int PROTECTED_OR_PACKAGE_ALLOWED = (PACKAGE_ALLOWED|PROTECTED);
private static final int ALL_ACCESS_MODES = (PUBLIC|PRIVATE|PROTECTED|PACKAGE_ONLY);
- private static final boolean ALLOW_NESTMATE_ACCESS = false;
/**
* Evaluate the JVM linkage rules for access to the given method
@@ -62,23 +61,29 @@
* the defining class should be passed for both arguments ({@code defc == refc}).
*
JVM Specification, 5.4.4 "Access Control"
* A field or method R is accessible to a class or interface D if
- * and only if any of the following conditions is true:
- * - R is public.
+ * and only if any of the following is true:
+ *
+ * - R is public.
* - R is protected and is declared in a class C, and D is either
- * a subclass of C or C itself. Furthermore, if R is not
- * static, then the symbolic reference to R must contain a
- * symbolic reference to a class T, such that T is either a
- * subclass of D, a superclass of D or D itself.
- *
- R is either protected or has default access (that is,
- * neither public nor protected nor private), and is declared
- * by a class in the same runtime package as D.
- *
- R is private and is declared in D.
+ * a subclass of C or C itself. Furthermore, if R is not static,
+ * then the symbolic reference to R must contain a symbolic
+ * reference to a class T, such that T is either a subclass of D,
+ * a superclass of D, or D itself.
+ *
During verification, it was also required that, even if T is
+ * a superclass of D, the target reference of a protected instance
+ * field access or method invocation must be an instance of D or a
+ * subclass of D (4.10.1.8).
+ * - R is either protected or has default access (that is, neither
+ * public nor protected nor private), and is declared by a class
+ * in the same run-time package as D.
+ * - R is private and is declared in D by a class or interface
+ * belonging to the same nest as D.
*
- * This discussion of access control omits a related restriction
- * on the target of a protected field access or method invocation
- * (the target must be of class D or a subtype of D). That
- * requirement is checked as part of the verification process
- * (5.4.1); it is not part of link-time access control.
+ * If a referenced field or method is not accessible, access checking
+ * throws an IllegalAccessError. If an exception is thrown while
+ * attempting to determine the nest host of a class or interface,
+ * access checking fails for the same reason.
+ *
* @param refc the class used in the symbolic reference to the proposed member
* @param defc the class in which the proposed member is actually defined
* @param mods modifier flags for the proposed member
@@ -98,9 +103,10 @@
return false;
}
// Usually refc and defc are the same, but verify defc also in case they differ.
- if (defc == lookupClass &&
+ if (defc == lookupClass &&
(allowedModes & PRIVATE) != 0)
- return true; // easy check; all self-access is OK
+ return true; // easy check; all self-access is OK with a private lookup
+
switch (mods & ALL_ACCESS_MODES) {
case PUBLIC:
return true; // already checked above
@@ -126,14 +132,20 @@
return ((allowedModes & PACKAGE_ALLOWED) != 0 &&
isSamePackage(defc, lookupClass));
case PRIVATE:
- // Loosened rules for privates follows access rules for inner classes.
- return (ALLOW_NESTMATE_ACCESS &&
- (allowedModes & PRIVATE) != 0 &&
- isSamePackageMember(defc, lookupClass));
+ // Rules for privates follows access rules for nestmates.
+ boolean canAccess = ((allowedModes & PRIVATE) != 0 &&
+ Reflection.areNestMates(defc, lookupClass));
+ // FIX ME: Sanity check refc == defc. Either remove or convert to
+ // plain assert before integration.
+ myassert((canAccess && refc == defc) || !canAccess);
+ return canAccess;
default:
throw new IllegalArgumentException("bad modifiers: "+Modifier.toString(mods));
}
}
+ static void myassert(boolean cond) {
+ if (!cond) throw new Error("Assertion failed");
+ }
static boolean isRelatedClass(Class> refc, Class> lookupClass) {
return (refc == lookupClass ||