1 /*
2 * Copyright (c) 2001, 2020, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package jdk.internal.reflect;
27
28 import java.io.Externalizable;
29 import java.io.ObjectInputStream;
30 import java.io.ObjectOutputStream;
31 import java.io.ObjectStreamClass;
32 import java.io.OptionalDataException;
33 import java.io.Serializable;
34 import java.lang.invoke.MethodHandle;
35 import java.lang.invoke.MethodHandles;
36 import java.lang.reflect.Field;
37 import java.lang.reflect.Executable;
38 import java.lang.reflect.InvocationTargetException;
39 import java.lang.reflect.Method;
40 import java.lang.reflect.Constructor;
41 import java.lang.reflect.Modifier;
42 import java.security.PrivilegedAction;
43 import java.util.Objects;
44 import java.util.Properties;
45
46 import jdk.internal.access.JavaLangReflectAccess;
47 import jdk.internal.access.SharedSecrets;
48 import jdk.internal.misc.VM;
49 import sun.reflect.misc.ReflectUtil;
50 import sun.security.action.GetPropertyAction;
51 import sun.security.util.SecurityConstants;
52
53 /** <P> The master factory for all reflective objects, both those in
54 java.lang.reflect (Fields, Methods, Constructors) as well as their
55 delegates (FieldAccessors, MethodAccessors, ConstructorAccessors).
56 </P>
57
58 <P> The methods in this class are extremely unsafe and can cause
59 subversion of both the language and the verifier. For this reason,
60 they are all instance methods, and access to the constructor of
61 this factory is guarded by a security check, in similar style to
62 {@link jdk.internal.misc.Unsafe}. </P>
63 */
64
65 public class ReflectionFactory {
66
67 private static boolean initted = false;
68 private static final ReflectionFactory soleInstance = new ReflectionFactory();
69
70
71 /* Method for static class initializer <clinit>, or null */
72 private static volatile Method hasStaticInitializerMethod;
73
74 //
75 // "Inflation" mechanism. Loading bytecodes to implement
76 // Method.invoke() and Constructor.newInstance() currently costs
77 // 3-4x more than an invocation via native code for the first
78 // invocation (though subsequent invocations have been benchmarked
79 // to be over 20x faster). Unfortunately this cost increases
80 // startup time for certain applications that use reflection
81 // intensively (but only once per class) to bootstrap themselves.
82 // To avoid this penalty we reuse the existing JVM entry points
83 // for the first few invocations of Methods and Constructors and
84 // then switch to the bytecode-based implementations.
85 //
86 // Package-private to be accessible to NativeMethodAccessorImpl
87 // and NativeConstructorAccessorImpl
88 private static boolean noInflation = false;
89 private static int inflationThreshold = 15;
90
91 // true if deserialization constructor checking is disabled
92 private static boolean disableSerialConstructorChecks = false;
93
94 private final JavaLangReflectAccess langReflectAccess;
95 private ReflectionFactory() {
96 this.langReflectAccess = SharedSecrets.getJavaLangReflectAccess();
97 }
98
99 /**
100 * A convenience class for acquiring the capability to instantiate
101 * reflective objects. Use this instead of a raw call to {@link
102 * #getReflectionFactory} in order to avoid being limited by the
103 * permissions of your callers.
104 *
105 * <p>An instance of this class can be used as the argument of
106 * <code>AccessController.doPrivileged</code>.
107 */
108 public static final class GetReflectionFactoryAction
109 implements PrivilegedAction<ReflectionFactory> {
110 public ReflectionFactory run() {
111 return getReflectionFactory();
112 }
113 }
114
115 /**
116 * Provides the caller with the capability to instantiate reflective
117 * objects.
118 *
119 * <p> First, if there is a security manager, its
120 * <code>checkPermission</code> method is called with a {@link
121 * java.lang.RuntimePermission} with target
122 * <code>"reflectionFactoryAccess"</code>. This may result in a
123 * security exception.
124 *
125 * <p> The returned <code>ReflectionFactory</code> object should be
126 * carefully guarded by the caller, since it can be used to read and
127 * write private data and invoke private methods, as well as to load
128 * unverified bytecodes. It must never be passed to untrusted code.
129 *
130 * @exception SecurityException if a security manager exists and its
131 * <code>checkPermission</code> method doesn't allow
132 * access to the RuntimePermission "reflectionFactoryAccess". */
133 public static ReflectionFactory getReflectionFactory() {
134 SecurityManager security = System.getSecurityManager();
135 if (security != null) {
136 security.checkPermission(
137 SecurityConstants.REFLECTION_FACTORY_ACCESS_PERMISSION);
138 }
139 return soleInstance;
140 }
141
142 /**
143 * Returns an alternate reflective Method instance for the given method
144 * intended for reflection to invoke, if present.
145 *
146 * A trusted method can define an alternate implementation for a method `foo`
147 * by defining a method named "reflected$foo" that will be invoked
148 * reflectively.
149 */
150 private static Method findMethodForReflection(Method method) {
151 String altName = "reflected$" + method.getName();
152 try {
153 return method.getDeclaringClass()
154 .getDeclaredMethod(altName, method.getParameterTypes());
155 } catch (NoSuchMethodException ex) {
156 return null;
157 }
158 }
159
160 //--------------------------------------------------------------------------
161 //
162 // Routines used by java.lang.reflect
163 //
164 //
165
166 /*
167 * Note: this routine can cause the declaring class for the field
168 * be initialized and therefore must not be called until the
169 * first get/set of this field.
170 * @param field the field
171 * @param override true if caller has overridden accessibility
172 */
173 public FieldAccessor newFieldAccessor(Field field, boolean override) {
174 checkInitted();
175
176 Field root = langReflectAccess.getRoot(field);
177 if (root != null) {
178 // FieldAccessor will use the root unless the modifiers have
179 // been overridden
180 if (root.getModifiers() == field.getModifiers() || !override) {
181 field = root;
182 }
183 }
184 return UnsafeFieldAccessorFactory.newFieldAccessor(field, override);
185 }
186
187 public MethodAccessor newMethodAccessor(Method method) {
188 checkInitted();
189
190 if (Reflection.isCallerSensitive(method)) {
191 Method altMethod = findMethodForReflection(method);
192 if (altMethod != null) {
193 method = altMethod;
194 }
195 }
196
197 // use the root Method that will not cache caller class
198 Method root = langReflectAccess.getRoot(method);
199 if (root != null) {
200 method = root;
201 }
202
203 if (noInflation && !method.getDeclaringClass().isHidden()
204 && !ReflectUtil.isVMAnonymousClass(method.getDeclaringClass())) {
205 return new MethodAccessorGenerator().
206 generateMethod(method.getDeclaringClass(),
207 method.getName(),
208 method.getParameterTypes(),
209 method.getReturnType(),
210 method.getExceptionTypes(),
211 method.getModifiers());
212 } else {
213 NativeMethodAccessorImpl acc =
214 new NativeMethodAccessorImpl(method);
215 DelegatingMethodAccessorImpl res =
216 new DelegatingMethodAccessorImpl(acc);
217 acc.setParent(res);
218 return res;
219 }
220 }
221
222 public ConstructorAccessor newConstructorAccessor(Constructor<?> c) {
223 checkInitted();
224
225 Class<?> declaringClass = c.getDeclaringClass();
226 if (Modifier.isAbstract(declaringClass.getModifiers())) {
227 return new InstantiationExceptionConstructorAccessorImpl(null);
228 }
229 if (declaringClass == Class.class) {
230 return new InstantiationExceptionConstructorAccessorImpl
231 ("Can not instantiate java.lang.Class");
232 }
233
234 // use the root Constructor that will not cache caller class
235 Constructor<?> root = langReflectAccess.getRoot(c);
236 if (root != null) {
237 c = root;
238 }
239
240 // Bootstrapping issue: since we use Class.newInstance() in
241 // the ConstructorAccessor generation process, we have to
242 // break the cycle here.
243 if (Reflection.isSubclassOf(declaringClass,
244 ConstructorAccessorImpl.class)) {
245 return new BootstrapConstructorAccessorImpl(c);
246 }
247
248 if (noInflation && !c.getDeclaringClass().isHidden()
249 && !ReflectUtil.isVMAnonymousClass(c.getDeclaringClass())) {
250 return new MethodAccessorGenerator().
251 generateConstructor(c.getDeclaringClass(),
252 c.getParameterTypes(),
253 c.getExceptionTypes(),
254 c.getModifiers());
255 } else {
256 NativeConstructorAccessorImpl acc =
257 new NativeConstructorAccessorImpl(c);
258 DelegatingConstructorAccessorImpl res =
259 new DelegatingConstructorAccessorImpl(acc);
260 acc.setParent(res);
261 return res;
262 }
263 }
264
265 //--------------------------------------------------------------------------
266 //
267 // Routines used by java.lang
268 //
269 //
270
271 /** Creates a new java.lang.reflect.Constructor. Access checks as
272 per java.lang.reflect.AccessibleObject are not overridden. */
273 public Constructor<?> newConstructor(Class<?> declaringClass,
274 Class<?>[] parameterTypes,
275 Class<?>[] checkedExceptions,
276 int modifiers,
277 int slot,
278 String signature,
279 byte[] annotations,
280 byte[] parameterAnnotations)
281 {
282 return langReflectAccess.newConstructor(declaringClass,
283 parameterTypes,
284 checkedExceptions,
285 modifiers,
286 slot,
287 signature,
288 annotations,
289 parameterAnnotations);
290 }
291
292 /** Gets the ConstructorAccessor object for a
293 java.lang.reflect.Constructor */
294 public ConstructorAccessor getConstructorAccessor(Constructor<?> c) {
295 return langReflectAccess.getConstructorAccessor(c);
296 }
297
298 /** Sets the ConstructorAccessor object for a
299 java.lang.reflect.Constructor */
300 public void setConstructorAccessor(Constructor<?> c,
301 ConstructorAccessor accessor)
302 {
303 langReflectAccess.setConstructorAccessor(c, accessor);
304 }
305
306 /** Makes a copy of the passed method. The returned method is a
307 "child" of the passed one; see the comments in Method.java for
308 details. */
309 public Method copyMethod(Method arg) {
310 return langReflectAccess.copyMethod(arg);
311 }
312
313 /** Makes a copy of the passed method. The returned method is NOT
314 * a "child" but a "sibling" of the Method in arg. Should only be
315 * used on non-root methods. */
316 public Method leafCopyMethod(Method arg) {
317 return langReflectAccess.leafCopyMethod(arg);
318 }
319
320
321 /** Makes a copy of the passed field. The returned field is a
322 "child" of the passed one; see the comments in Field.java for
323 details. */
324 public Field copyField(Field arg) {
325 return langReflectAccess.copyField(arg);
326 }
327
328 /** Makes a copy of the passed constructor. The returned
329 constructor is a "child" of the passed one; see the comments
330 in Constructor.java for details. */
331 public <T> Constructor<T> copyConstructor(Constructor<T> arg) {
332 return langReflectAccess.copyConstructor(arg);
333 }
334
335 /** Gets the byte[] that encodes TypeAnnotations on an executable.
336 */
337 public byte[] getExecutableTypeAnnotationBytes(Executable ex) {
338 return langReflectAccess.getExecutableTypeAnnotationBytes(ex);
339 }
340
341 public Class<?>[] getExecutableSharedParameterTypes(Executable ex) {
342 return langReflectAccess.getExecutableSharedParameterTypes(ex);
343 }
344
345 public <T> T newInstance(Constructor<T> ctor, Object[] args, Class<?> caller)
346 throws IllegalAccessException, InstantiationException, InvocationTargetException
347 {
348 return langReflectAccess.newInstance(ctor, args, caller);
349 }
350
351 //--------------------------------------------------------------------------
352 //
353 // Routines used by serialization
354 //
355 //
356
357 public final Constructor<?> newConstructorForExternalization(Class<?> cl) {
358 if (!Externalizable.class.isAssignableFrom(cl)) {
359 return null;
360 }
361 try {
362 Constructor<?> cons = cl.getConstructor();
363 cons.setAccessible(true);
364 return cons;
365 } catch (NoSuchMethodException ex) {
366 return null;
367 }
368 }
369
370 public final Constructor<?> newConstructorForSerialization(Class<?> cl,
371 Constructor<?> constructorToCall)
372 {
373 if (constructorToCall.getDeclaringClass() == cl) {
374 constructorToCall.setAccessible(true);
375 return constructorToCall;
376 }
377 return generateConstructor(cl, constructorToCall);
378 }
379
380 /**
381 * Given a class, determines whether its superclass has
382 * any constructors that are accessible from the class.
383 * This is a special purpose method intended to do access
384 * checking for a serializable class and its superclasses
385 * up to, but not including, the first non-serializable
386 * superclass. This also implies that the superclass is
387 * always non-null, because a serializable class must be a
388 * class (not an interface) and Object is not serializable.
389 *
390 * @param cl the class from which access is checked
391 * @return whether the superclass has a constructor accessible from cl
392 */
393 private boolean superHasAccessibleConstructor(Class<?> cl) {
394 Class<?> superCl = cl.getSuperclass();
395 assert Serializable.class.isAssignableFrom(cl);
396 assert superCl != null;
397 if (packageEquals(cl, superCl)) {
398 // accessible if any non-private constructor is found
399 for (Constructor<?> ctor : superCl.getDeclaredConstructors()) {
400 if ((ctor.getModifiers() & Modifier.PRIVATE) == 0) {
401 return true;
402 }
403 }
404 if (Reflection.areNestMates(cl, superCl)) {
405 return true;
406 }
407 return false;
408 } else {
409 // sanity check to ensure the parent is protected or public
410 if ((superCl.getModifiers() & (Modifier.PROTECTED | Modifier.PUBLIC)) == 0) {
411 return false;
412 }
413 // accessible if any constructor is protected or public
414 for (Constructor<?> ctor : superCl.getDeclaredConstructors()) {
415 if ((ctor.getModifiers() & (Modifier.PROTECTED | Modifier.PUBLIC)) != 0) {
416 return true;
417 }
418 }
419 return false;
420 }
421 }
422
423 /**
424 * Returns a constructor that allocates an instance of cl and that then initializes
425 * the instance by calling the no-arg constructor of its first non-serializable
426 * superclass. This is specified in the Serialization Specification, section 3.1,
427 * in step 11 of the deserialization process. If cl is not serializable, returns
428 * cl's no-arg constructor. If no accessible constructor is found, or if the
429 * class hierarchy is somehow malformed (e.g., a serializable class has no
430 * superclass), null is returned.
431 *
432 * @param cl the class for which a constructor is to be found
433 * @return the generated constructor, or null if none is available
434 */
435 public final Constructor<?> newConstructorForSerialization(Class<?> cl) {
436 Class<?> initCl = cl;
437 while (Serializable.class.isAssignableFrom(initCl)) {
438 Class<?> prev = initCl;
439 if ((initCl = initCl.getSuperclass()) == null ||
440 (!disableSerialConstructorChecks && !superHasAccessibleConstructor(prev))) {
441 return null;
442 }
443 }
444 Constructor<?> constructorToCall;
445 try {
446 constructorToCall = initCl.getDeclaredConstructor();
447 int mods = constructorToCall.getModifiers();
448 if ((mods & Modifier.PRIVATE) != 0 ||
449 ((mods & (Modifier.PUBLIC | Modifier.PROTECTED)) == 0 &&
450 !packageEquals(cl, initCl))) {
451 return null;
452 }
453 } catch (NoSuchMethodException ex) {
454 return null;
455 }
456 return generateConstructor(cl, constructorToCall);
457 }
458
459 private final Constructor<?> generateConstructor(Class<?> cl,
460 Constructor<?> constructorToCall) {
461
462
463 ConstructorAccessor acc = new MethodAccessorGenerator().
464 generateSerializationConstructor(cl,
465 constructorToCall.getParameterTypes(),
466 constructorToCall.getExceptionTypes(),
467 constructorToCall.getModifiers(),
468 constructorToCall.getDeclaringClass());
469 Constructor<?> c = newConstructor(constructorToCall.getDeclaringClass(),
470 constructorToCall.getParameterTypes(),
471 constructorToCall.getExceptionTypes(),
472 constructorToCall.getModifiers(),
473 langReflectAccess.
474 getConstructorSlot(constructorToCall),
475 langReflectAccess.
476 getConstructorSignature(constructorToCall),
477 langReflectAccess.
478 getConstructorAnnotations(constructorToCall),
479 langReflectAccess.
480 getConstructorParameterAnnotations(constructorToCall));
481 setConstructorAccessor(c, acc);
482 c.setAccessible(true);
483 return c;
484 }
485
486 public final MethodHandle readObjectForSerialization(Class<?> cl) {
487 return findReadWriteObjectForSerialization(cl, "readObject", ObjectInputStream.class);
488 }
489
490 public final MethodHandle readObjectNoDataForSerialization(Class<?> cl) {
491 return findReadWriteObjectForSerialization(cl, "readObjectNoData", ObjectInputStream.class);
492 }
493
494 public final MethodHandle writeObjectForSerialization(Class<?> cl) {
495 return findReadWriteObjectForSerialization(cl, "writeObject", ObjectOutputStream.class);
496 }
497
498 private final MethodHandle findReadWriteObjectForSerialization(Class<?> cl,
499 String methodName,
500 Class<?> streamClass) {
501 if (!Serializable.class.isAssignableFrom(cl)) {
502 return null;
503 }
504
505 try {
506 Method meth = cl.getDeclaredMethod(methodName, streamClass);
507 int mods = meth.getModifiers();
508 if (meth.getReturnType() != Void.TYPE ||
509 Modifier.isStatic(mods) ||
510 !Modifier.isPrivate(mods)) {
511 return null;
512 }
513 meth.setAccessible(true);
514 return MethodHandles.lookup().unreflect(meth);
515 } catch (NoSuchMethodException ex) {
516 return null;
517 } catch (IllegalAccessException ex1) {
518 throw new InternalError("Error", ex1);
519 }
520 }
521
522 /**
523 * Returns a MethodHandle for {@code writeReplace} on the serializable class
524 * or null if no match found.
525 * @param cl a serializable class
526 * @returnss the {@code writeReplace} MethodHandle or {@code null} if not found
527 */
528 public final MethodHandle writeReplaceForSerialization(Class<?> cl) {
529 return getReplaceResolveForSerialization(cl, "writeReplace");
530 }
531
532 /**
533 * Returns a MethodHandle for {@code readResolve} on the serializable class
534 * or null if no match found.
535 * @param cl a serializable class
536 * @returns the {@code writeReplace} MethodHandle or {@code null} if not found
537 */
538 public final MethodHandle readResolveForSerialization(Class<?> cl) {
539 return getReplaceResolveForSerialization(cl, "readResolve");
540 }
541
542 /**
543 * Lookup readResolve or writeReplace on a class with specified
544 * signature constraints.
545 * @param cl a serializable class
546 * @param methodName the method name to find
547 * @returns a MethodHandle for the method or {@code null} if not found or
548 * has the wrong signature.
549 */
550 private MethodHandle getReplaceResolveForSerialization(Class<?> cl,
551 String methodName) {
552 if (!Serializable.class.isAssignableFrom(cl)) {
553 return null;
554 }
555
556 Class<?> defCl = cl;
557 while (defCl != null) {
558 try {
559 Method m = defCl.getDeclaredMethod(methodName);
560 if (m.getReturnType() != Object.class) {
561 return null;
562 }
563 int mods = m.getModifiers();
564 if (Modifier.isStatic(mods) | Modifier.isAbstract(mods)) {
565 return null;
566 } else if (Modifier.isPublic(mods) | Modifier.isProtected(mods)) {
567 // fall through
568 } else if (Modifier.isPrivate(mods) && (cl != defCl)) {
569 return null;
570 } else if (!packageEquals(cl, defCl)) {
571 return null;
572 }
573 try {
574 // Normal return
575 m.setAccessible(true);
576 return MethodHandles.lookup().unreflect(m);
577 } catch (IllegalAccessException ex0) {
578 // setAccessible should prevent IAE
579 throw new InternalError("Error", ex0);
580 }
581 } catch (NoSuchMethodException ex) {
582 defCl = defCl.getSuperclass();
583 }
584 }
585 return null;
586 }
587
588 /**
589 * Returns true if the given class defines a static initializer method,
590 * false otherwise.
591 */
592 public final boolean hasStaticInitializerForSerialization(Class<?> cl) {
593 Method m = hasStaticInitializerMethod;
594 if (m == null) {
595 try {
596 m = ObjectStreamClass.class.getDeclaredMethod("hasStaticInitializer",
597 new Class<?>[]{Class.class});
598 m.setAccessible(true);
599 hasStaticInitializerMethod = m;
600 } catch (NoSuchMethodException ex) {
601 throw new InternalError("No such method hasStaticInitializer on "
602 + ObjectStreamClass.class, ex);
603 }
604 }
605 try {
606 return (Boolean) m.invoke(null, cl);
607 } catch (InvocationTargetException | IllegalAccessException ex) {
608 throw new InternalError("Exception invoking hasStaticInitializer", ex);
609 }
610 }
611
612 /**
613 * Return the accessible constructor for OptionalDataException signaling eof.
614 * @returns the eof constructor for OptionalDataException
615 */
616 public final Constructor<OptionalDataException> newOptionalDataExceptionForSerialization() {
617 try {
618 Constructor<OptionalDataException> boolCtor =
619 OptionalDataException.class.getDeclaredConstructor(Boolean.TYPE);
620 boolCtor.setAccessible(true);
621 return boolCtor;
622 } catch (NoSuchMethodException ex) {
623 throw new InternalError("Constructor not found", ex);
624 }
625 }
626
627 //--------------------------------------------------------------------------
628 //
629 // Internals only below this point
630 //
631
632 static int inflationThreshold() {
633 return inflationThreshold;
634 }
635
636 /** We have to defer full initialization of this class until after
637 the static initializer is run since java.lang.reflect.Method's
638 static initializer (more properly, that for
639 java.lang.reflect.AccessibleObject) causes this class's to be
640 run, before the system properties are set up. */
641 private static void checkInitted() {
642 if (initted) return;
643
644 // Defer initialization until module system is initialized so as
645 // to avoid inflation and spinning bytecode in unnamed modules
646 // during early startup.
647 if (!VM.isModuleSystemInited()) {
648 return;
649 }
650
651 Properties props = GetPropertyAction.privilegedGetProperties();
652 String val = props.getProperty("sun.reflect.noInflation");
653 if (val != null && val.equals("true")) {
654 noInflation = true;
655 }
656
657 val = props.getProperty("sun.reflect.inflationThreshold");
658 if (val != null) {
659 try {
660 inflationThreshold = Integer.parseInt(val);
661 } catch (NumberFormatException e) {
662 throw new RuntimeException("Unable to parse property sun.reflect.inflationThreshold", e);
663 }
664 }
665
666 disableSerialConstructorChecks =
667 "true".equals(props.getProperty("jdk.disableSerialConstructorChecks"));
668
669 initted = true;
670 }
671
672 /**
673 * Returns true if classes are defined in the classloader and same package, false
674 * otherwise.
675 * @param cl1 a class
676 * @param cl2 another class
677 * @returns true if the two classes are in the same classloader and package
678 */
679 private static boolean packageEquals(Class<?> cl1, Class<?> cl2) {
680 assert !cl1.isArray() && !cl2.isArray();
681
682 if (cl1 == cl2) {
683 return true;
684 }
685
686 return cl1.getClassLoader() == cl2.getClassLoader() &&
687 Objects.equals(cl1.getPackageName(), cl2.getPackageName());
688 }
689
690 }