1 /* 2 * Copyright (c) 2001, 2019, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package jdk.internal.reflect; 27 28 import java.io.Externalizable; 29 import java.io.ObjectInputStream; 30 import java.io.ObjectOutputStream; 31 import java.io.ObjectStreamClass; 32 import java.io.OptionalDataException; 33 import java.io.Serializable; 34 import java.lang.invoke.MethodHandle; 35 import java.lang.invoke.MethodHandles; 36 import java.lang.reflect.Field; 37 import java.lang.reflect.Executable; 38 import java.lang.reflect.InvocationTargetException; 39 import java.lang.reflect.Method; 40 import java.lang.reflect.Constructor; 41 import java.lang.reflect.Modifier; 42 import java.security.PrivilegedAction; 43 import java.util.Objects; 44 import java.util.Properties; 45 46 import jdk.internal.access.JavaLangReflectAccess; 47 import jdk.internal.access.SharedSecrets; 48 import jdk.internal.misc.VM; 49 import sun.reflect.misc.ReflectUtil; 50 import sun.security.action.GetPropertyAction; 51 import sun.security.util.SecurityConstants; 52 53 /** <P> The master factory for all reflective objects, both those in 54 java.lang.reflect (Fields, Methods, Constructors) as well as their 55 delegates (FieldAccessors, MethodAccessors, ConstructorAccessors). 56 </P> 57 58 <P> The methods in this class are extremely unsafe and can cause 59 subversion of both the language and the verifier. For this reason, 60 they are all instance methods, and access to the constructor of 61 this factory is guarded by a security check, in similar style to 62 {@link jdk.internal.misc.Unsafe}. </P> 63 */ 64 65 public class ReflectionFactory { 66 67 private static boolean initted = false; 68 private static final ReflectionFactory soleInstance = new ReflectionFactory(); 69 70 71 /* Method for static class initializer <clinit>, or null */ 72 private static volatile Method hasStaticInitializerMethod; 73 74 // 75 // "Inflation" mechanism. Loading bytecodes to implement 76 // Method.invoke() and Constructor.newInstance() currently costs 77 // 3-4x more than an invocation via native code for the first 78 // invocation (though subsequent invocations have been benchmarked 79 // to be over 20x faster). Unfortunately this cost increases 80 // startup time for certain applications that use reflection 81 // intensively (but only once per class) to bootstrap themselves. 82 // To avoid this penalty we reuse the existing JVM entry points 83 // for the first few invocations of Methods and Constructors and 84 // then switch to the bytecode-based implementations. 85 // 86 // Package-private to be accessible to NativeMethodAccessorImpl 87 // and NativeConstructorAccessorImpl 88 private static boolean noInflation = false; 89 private static int inflationThreshold = 15; 90 91 // true if deserialization constructor checking is disabled 92 private static boolean disableSerialConstructorChecks = false; 93 94 private final JavaLangReflectAccess langReflectAccess; 95 private ReflectionFactory() { 96 this.langReflectAccess = SharedSecrets.getJavaLangReflectAccess(); 97 } 98 99 /** 100 * A convenience class for acquiring the capability to instantiate 101 * reflective objects. Use this instead of a raw call to {@link 102 * #getReflectionFactory} in order to avoid being limited by the 103 * permissions of your callers. 104 * 105 * <p>An instance of this class can be used as the argument of 106 * <code>AccessController.doPrivileged</code>. 107 */ 108 public static final class GetReflectionFactoryAction 109 implements PrivilegedAction<ReflectionFactory> { 110 public ReflectionFactory run() { 111 return getReflectionFactory(); 112 } 113 } 114 115 /** 116 * Provides the caller with the capability to instantiate reflective 117 * objects. 118 * 119 * <p> First, if there is a security manager, its 120 * <code>checkPermission</code> method is called with a {@link 121 * java.lang.RuntimePermission} with target 122 * <code>"reflectionFactoryAccess"</code>. This may result in a 123 * security exception. 124 * 125 * <p> The returned <code>ReflectionFactory</code> object should be 126 * carefully guarded by the caller, since it can be used to read and 127 * write private data and invoke private methods, as well as to load 128 * unverified bytecodes. It must never be passed to untrusted code. 129 * 130 * @exception SecurityException if a security manager exists and its 131 * <code>checkPermission</code> method doesn't allow 132 * access to the RuntimePermission "reflectionFactoryAccess". */ 133 public static ReflectionFactory getReflectionFactory() { 134 SecurityManager security = System.getSecurityManager(); 135 if (security != null) { 136 security.checkPermission( 137 SecurityConstants.REFLECTION_FACTORY_ACCESS_PERMISSION); 138 } 139 return soleInstance; 140 } 141 142 /** 143 * Returns an alternate reflective Method instance for the given method 144 * intended for reflection to invoke, if present. 145 * 146 * A trusted method can define an alternate implementation for a method `foo` 147 * by defining a method named "reflected$foo" that will be invoked 148 * reflectively. 149 */ 150 private static Method findMethodForReflection(Method method) { 151 String altName = "reflected$" + method.getName(); 152 try { 153 return method.getDeclaringClass() 154 .getDeclaredMethod(altName, method.getParameterTypes()); 155 } catch (NoSuchMethodException ex) { 156 return null; 157 } 158 } 159 160 //-------------------------------------------------------------------------- 161 // 162 // Routines used by java.lang.reflect 163 // 164 // 165 166 /* 167 * Note: this routine can cause the declaring class for the field 168 * be initialized and therefore must not be called until the 169 * first get/set of this field. 170 * @param field the field 171 * @param override true if caller has overridden accessibility 172 */ 173 public FieldAccessor newFieldAccessor(Field field, boolean override) { 174 checkInitted(); 175 176 Field root = langReflectAccess.getRoot(field); 177 if (root != null) { 178 // FieldAccessor will use the root unless the modifiers have 179 // been overrridden 180 if (root.getModifiers() == field.getModifiers() || !override) { 181 field = root; 182 } 183 } 184 return UnsafeFieldAccessorFactory.newFieldAccessor(field, override); 185 } 186 187 public MethodAccessor newMethodAccessor(Method method) { 188 checkInitted(); 189 190 if (Reflection.isCallerSensitive(method)) { 191 Method altMethod = findMethodForReflection(method); 192 if (altMethod != null) { 193 method = altMethod; 194 } 195 } 196 197 // use the root Method that will not cache caller class 198 Method root = langReflectAccess.getRoot(method); 199 if (root != null) { 200 method = root; 201 } 202 203 if (noInflation && !method.getDeclaringClass().isHiddenClass() 204 && !ReflectUtil.isVMAnonymousClass(method.getDeclaringClass())) { 205 return new MethodAccessorGenerator(). 206 generateMethod(method.getDeclaringClass(), 207 method.getName(), 208 method.getParameterTypes(), 209 method.getReturnType(), 210 method.getExceptionTypes(), 211 method.getModifiers()); 212 } else { 213 NativeMethodAccessorImpl acc = 214 new NativeMethodAccessorImpl(method); 215 DelegatingMethodAccessorImpl res = 216 new DelegatingMethodAccessorImpl(acc); 217 acc.setParent(res); 218 return res; 219 } 220 } 221 222 public ConstructorAccessor newConstructorAccessor(Constructor<?> c) { 223 checkInitted(); 224 225 Class<?> declaringClass = c.getDeclaringClass(); 226 if (Modifier.isAbstract(declaringClass.getModifiers())) { 227 return new InstantiationExceptionConstructorAccessorImpl(null); 228 } 229 if (declaringClass == Class.class) { 230 return new InstantiationExceptionConstructorAccessorImpl 231 ("Can not instantiate java.lang.Class"); 232 } 233 234 // use the root Constructor that will not cache caller class 235 Constructor<?> root = langReflectAccess.getRoot(c); 236 if (root != null) { 237 c = root; 238 } 239 240 // Bootstrapping issue: since we use Class.newInstance() in 241 // the ConstructorAccessor generation process, we have to 242 // break the cycle here. 243 if (Reflection.isSubclassOf(declaringClass, 244 ConstructorAccessorImpl.class)) { 245 return new BootstrapConstructorAccessorImpl(c); 246 } 247 248 if (noInflation && !c.getDeclaringClass().isHiddenClass()) { 249 return new MethodAccessorGenerator(). 250 generateConstructor(c.getDeclaringClass(), 251 c.getParameterTypes(), 252 c.getExceptionTypes(), 253 c.getModifiers()); 254 } else { 255 NativeConstructorAccessorImpl acc = 256 new NativeConstructorAccessorImpl(c); 257 DelegatingConstructorAccessorImpl res = 258 new DelegatingConstructorAccessorImpl(acc); 259 acc.setParent(res); 260 return res; 261 } 262 } 263 264 //-------------------------------------------------------------------------- 265 // 266 // Routines used by java.lang 267 // 268 // 269 270 /** Creates a new java.lang.reflect.Constructor. Access checks as 271 per java.lang.reflect.AccessibleObject are not overridden. */ 272 public Constructor<?> newConstructor(Class<?> declaringClass, 273 Class<?>[] parameterTypes, 274 Class<?>[] checkedExceptions, 275 int modifiers, 276 int slot, 277 String signature, 278 byte[] annotations, 279 byte[] parameterAnnotations) 280 { 281 return langReflectAccess.newConstructor(declaringClass, 282 parameterTypes, 283 checkedExceptions, 284 modifiers, 285 slot, 286 signature, 287 annotations, 288 parameterAnnotations); 289 } 290 291 /** Gets the ConstructorAccessor object for a 292 java.lang.reflect.Constructor */ 293 public ConstructorAccessor getConstructorAccessor(Constructor<?> c) { 294 return langReflectAccess.getConstructorAccessor(c); 295 } 296 297 /** Sets the ConstructorAccessor object for a 298 java.lang.reflect.Constructor */ 299 public void setConstructorAccessor(Constructor<?> c, 300 ConstructorAccessor accessor) 301 { 302 langReflectAccess.setConstructorAccessor(c, accessor); 303 } 304 305 /** Makes a copy of the passed method. The returned method is a 306 "child" of the passed one; see the comments in Method.java for 307 details. */ 308 public Method copyMethod(Method arg) { 309 return langReflectAccess.copyMethod(arg); 310 } 311 312 /** Makes a copy of the passed method. The returned method is NOT 313 * a "child" but a "sibling" of the Method in arg. Should only be 314 * used on non-root methods. */ 315 public Method leafCopyMethod(Method arg) { 316 return langReflectAccess.leafCopyMethod(arg); 317 } 318 319 320 /** Makes a copy of the passed field. The returned field is a 321 "child" of the passed one; see the comments in Field.java for 322 details. */ 323 public Field copyField(Field arg) { 324 return langReflectAccess.copyField(arg); 325 } 326 327 /** Makes a copy of the passed constructor. The returned 328 constructor is a "child" of the passed one; see the comments 329 in Constructor.java for details. */ 330 public <T> Constructor<T> copyConstructor(Constructor<T> arg) { 331 return langReflectAccess.copyConstructor(arg); 332 } 333 334 /** Gets the byte[] that encodes TypeAnnotations on an executable. 335 */ 336 public byte[] getExecutableTypeAnnotationBytes(Executable ex) { 337 return langReflectAccess.getExecutableTypeAnnotationBytes(ex); 338 } 339 340 public Class<?>[] getExecutableSharedParameterTypes(Executable ex) { 341 return langReflectAccess.getExecutableSharedParameterTypes(ex); 342 } 343 344 public <T> T newInstance(Constructor<T> ctor, Object[] args, Class<?> caller) 345 throws IllegalAccessException, InstantiationException, InvocationTargetException 346 { 347 return langReflectAccess.newInstance(ctor, args, caller); 348 } 349 350 //-------------------------------------------------------------------------- 351 // 352 // Routines used by serialization 353 // 354 // 355 356 public final Constructor<?> newConstructorForExternalization(Class<?> cl) { 357 if (!Externalizable.class.isAssignableFrom(cl)) { 358 return null; 359 } 360 try { 361 Constructor<?> cons = cl.getConstructor(); 362 cons.setAccessible(true); 363 return cons; 364 } catch (NoSuchMethodException ex) { 365 return null; 366 } 367 } 368 369 public final Constructor<?> newConstructorForSerialization(Class<?> cl, 370 Constructor<?> constructorToCall) 371 { 372 if (constructorToCall.getDeclaringClass() == cl) { 373 constructorToCall.setAccessible(true); 374 return constructorToCall; 375 } 376 return generateConstructor(cl, constructorToCall); 377 } 378 379 /** 380 * Given a class, determines whether its superclass has 381 * any constructors that are accessible from the class. 382 * This is a special purpose method intended to do access 383 * checking for a serializable class and its superclasses 384 * up to, but not including, the first non-serializable 385 * superclass. This also implies that the superclass is 386 * always non-null, because a serializable class must be a 387 * class (not an interface) and Object is not serializable. 388 * 389 * @param cl the class from which access is checked 390 * @return whether the superclass has a constructor accessible from cl 391 */ 392 private boolean superHasAccessibleConstructor(Class<?> cl) { 393 Class<?> superCl = cl.getSuperclass(); 394 assert Serializable.class.isAssignableFrom(cl); 395 assert superCl != null; 396 if (packageEquals(cl, superCl)) { 397 // accessible if any non-private constructor is found 398 for (Constructor<?> ctor : superCl.getDeclaredConstructors()) { 399 if ((ctor.getModifiers() & Modifier.PRIVATE) == 0) { 400 return true; 401 } 402 } 403 if (Reflection.areNestMates(cl, superCl)) { 404 return true; 405 } 406 return false; 407 } else { 408 // sanity check to ensure the parent is protected or public 409 if ((superCl.getModifiers() & (Modifier.PROTECTED | Modifier.PUBLIC)) == 0) { 410 return false; 411 } 412 // accessible if any constructor is protected or public 413 for (Constructor<?> ctor : superCl.getDeclaredConstructors()) { 414 if ((ctor.getModifiers() & (Modifier.PROTECTED | Modifier.PUBLIC)) != 0) { 415 return true; 416 } 417 } 418 return false; 419 } 420 } 421 422 /** 423 * Returns a constructor that allocates an instance of cl and that then initializes 424 * the instance by calling the no-arg constructor of its first non-serializable 425 * superclass. This is specified in the Serialization Specification, section 3.1, 426 * in step 11 of the deserialization process. If cl is not serializable, returns 427 * cl's no-arg constructor. If no accessible constructor is found, or if the 428 * class hierarchy is somehow malformed (e.g., a serializable class has no 429 * superclass), null is returned. 430 * 431 * @param cl the class for which a constructor is to be found 432 * @return the generated constructor, or null if none is available 433 */ 434 public final Constructor<?> newConstructorForSerialization(Class<?> cl) { 435 Class<?> initCl = cl; 436 while (Serializable.class.isAssignableFrom(initCl)) { 437 Class<?> prev = initCl; 438 if ((initCl = initCl.getSuperclass()) == null || 439 (!disableSerialConstructorChecks && !superHasAccessibleConstructor(prev))) { 440 return null; 441 } 442 } 443 Constructor<?> constructorToCall; 444 try { 445 constructorToCall = initCl.getDeclaredConstructor(); 446 int mods = constructorToCall.getModifiers(); 447 if ((mods & Modifier.PRIVATE) != 0 || 448 ((mods & (Modifier.PUBLIC | Modifier.PROTECTED)) == 0 && 449 !packageEquals(cl, initCl))) { 450 return null; 451 } 452 } catch (NoSuchMethodException ex) { 453 return null; 454 } 455 return generateConstructor(cl, constructorToCall); 456 } 457 458 private final Constructor<?> generateConstructor(Class<?> cl, 459 Constructor<?> constructorToCall) { 460 461 462 ConstructorAccessor acc = new MethodAccessorGenerator(). 463 generateSerializationConstructor(cl, 464 constructorToCall.getParameterTypes(), 465 constructorToCall.getExceptionTypes(), 466 constructorToCall.getModifiers(), 467 constructorToCall.getDeclaringClass()); 468 Constructor<?> c = newConstructor(constructorToCall.getDeclaringClass(), 469 constructorToCall.getParameterTypes(), 470 constructorToCall.getExceptionTypes(), 471 constructorToCall.getModifiers(), 472 langReflectAccess. 473 getConstructorSlot(constructorToCall), 474 langReflectAccess. 475 getConstructorSignature(constructorToCall), 476 langReflectAccess. 477 getConstructorAnnotations(constructorToCall), 478 langReflectAccess. 479 getConstructorParameterAnnotations(constructorToCall)); 480 setConstructorAccessor(c, acc); 481 c.setAccessible(true); 482 return c; 483 } 484 485 public final MethodHandle readObjectForSerialization(Class<?> cl) { 486 return findReadWriteObjectForSerialization(cl, "readObject", ObjectInputStream.class); 487 } 488 489 public final MethodHandle readObjectNoDataForSerialization(Class<?> cl) { 490 return findReadWriteObjectForSerialization(cl, "readObjectNoData", ObjectInputStream.class); 491 } 492 493 public final MethodHandle writeObjectForSerialization(Class<?> cl) { 494 return findReadWriteObjectForSerialization(cl, "writeObject", ObjectOutputStream.class); 495 } 496 497 private final MethodHandle findReadWriteObjectForSerialization(Class<?> cl, 498 String methodName, 499 Class<?> streamClass) { 500 if (!Serializable.class.isAssignableFrom(cl)) { 501 return null; 502 } 503 504 try { 505 Method meth = cl.getDeclaredMethod(methodName, streamClass); 506 int mods = meth.getModifiers(); 507 if (meth.getReturnType() != Void.TYPE || 508 Modifier.isStatic(mods) || 509 !Modifier.isPrivate(mods)) { 510 return null; 511 } 512 meth.setAccessible(true); 513 return MethodHandles.lookup().unreflect(meth); 514 } catch (NoSuchMethodException ex) { 515 return null; 516 } catch (IllegalAccessException ex1) { 517 throw new InternalError("Error", ex1); 518 } 519 } 520 521 /** 522 * Returns a MethodHandle for {@code writeReplace} on the serializable class 523 * or null if no match found. 524 * @param cl a serializable class 525 * @returnss the {@code writeReplace} MethodHandle or {@code null} if not found 526 */ 527 public final MethodHandle writeReplaceForSerialization(Class<?> cl) { 528 return getReplaceResolveForSerialization(cl, "writeReplace"); 529 } 530 531 /** 532 * Returns a MethodHandle for {@code readResolve} on the serializable class 533 * or null if no match found. 534 * @param cl a serializable class 535 * @returns the {@code writeReplace} MethodHandle or {@code null} if not found 536 */ 537 public final MethodHandle readResolveForSerialization(Class<?> cl) { 538 return getReplaceResolveForSerialization(cl, "readResolve"); 539 } 540 541 /** 542 * Lookup readResolve or writeReplace on a class with specified 543 * signature constraints. 544 * @param cl a serializable class 545 * @param methodName the method name to find 546 * @returns a MethodHandle for the method or {@code null} if not found or 547 * has the wrong signature. 548 */ 549 private MethodHandle getReplaceResolveForSerialization(Class<?> cl, 550 String methodName) { 551 if (!Serializable.class.isAssignableFrom(cl)) { 552 return null; 553 } 554 555 Class<?> defCl = cl; 556 while (defCl != null) { 557 try { 558 Method m = defCl.getDeclaredMethod(methodName); 559 if (m.getReturnType() != Object.class) { 560 return null; 561 } 562 int mods = m.getModifiers(); 563 if (Modifier.isStatic(mods) | Modifier.isAbstract(mods)) { 564 return null; 565 } else if (Modifier.isPublic(mods) | Modifier.isProtected(mods)) { 566 // fall through 567 } else if (Modifier.isPrivate(mods) && (cl != defCl)) { 568 return null; 569 } else if (!packageEquals(cl, defCl)) { 570 return null; 571 } 572 try { 573 // Normal return 574 m.setAccessible(true); 575 return MethodHandles.lookup().unreflect(m); 576 } catch (IllegalAccessException ex0) { 577 // setAccessible should prevent IAE 578 throw new InternalError("Error", ex0); 579 } 580 } catch (NoSuchMethodException ex) { 581 defCl = defCl.getSuperclass(); 582 } 583 } 584 return null; 585 } 586 587 /** 588 * Returns true if the given class defines a static initializer method, 589 * false otherwise. 590 */ 591 public final boolean hasStaticInitializerForSerialization(Class<?> cl) { 592 Method m = hasStaticInitializerMethod; 593 if (m == null) { 594 try { 595 m = ObjectStreamClass.class.getDeclaredMethod("hasStaticInitializer", 596 new Class<?>[]{Class.class}); 597 m.setAccessible(true); 598 hasStaticInitializerMethod = m; 599 } catch (NoSuchMethodException ex) { 600 throw new InternalError("No such method hasStaticInitializer on " 601 + ObjectStreamClass.class, ex); 602 } 603 } 604 try { 605 return (Boolean) m.invoke(null, cl); 606 } catch (InvocationTargetException | IllegalAccessException ex) { 607 throw new InternalError("Exception invoking hasStaticInitializer", ex); 608 } 609 } 610 611 /** 612 * Return the accessible constructor for OptionalDataException signaling eof. 613 * @returns the eof constructor for OptionalDataException 614 */ 615 public final Constructor<OptionalDataException> newOptionalDataExceptionForSerialization() { 616 try { 617 Constructor<OptionalDataException> boolCtor = 618 OptionalDataException.class.getDeclaredConstructor(Boolean.TYPE); 619 boolCtor.setAccessible(true); 620 return boolCtor; 621 } catch (NoSuchMethodException ex) { 622 throw new InternalError("Constructor not found", ex); 623 } 624 } 625 626 //-------------------------------------------------------------------------- 627 // 628 // Internals only below this point 629 // 630 631 static int inflationThreshold() { 632 return inflationThreshold; 633 } 634 635 /** We have to defer full initialization of this class until after 636 the static initializer is run since java.lang.reflect.Method's 637 static initializer (more properly, that for 638 java.lang.reflect.AccessibleObject) causes this class's to be 639 run, before the system properties are set up. */ 640 private static void checkInitted() { 641 if (initted) return; 642 643 // Defer initialization until module system is initialized so as 644 // to avoid inflation and spinning bytecode in unnamed modules 645 // during early startup. 646 if (!VM.isModuleSystemInited()) { 647 return; 648 } 649 650 Properties props = GetPropertyAction.privilegedGetProperties(); 651 String val = props.getProperty("sun.reflect.noInflation"); 652 if (val != null && val.equals("true")) { 653 noInflation = true; 654 } 655 656 val = props.getProperty("sun.reflect.inflationThreshold"); 657 if (val != null) { 658 try { 659 inflationThreshold = Integer.parseInt(val); 660 } catch (NumberFormatException e) { 661 throw new RuntimeException("Unable to parse property sun.reflect.inflationThreshold", e); 662 } 663 } 664 665 disableSerialConstructorChecks = 666 "true".equals(props.getProperty("jdk.disableSerialConstructorChecks")); 667 668 initted = true; 669 } 670 671 /** 672 * Returns true if classes are defined in the classloader and same package, false 673 * otherwise. 674 * @param cl1 a class 675 * @param cl2 another class 676 * @returns true if the two classes are in the same classloader and package 677 */ 678 private static boolean packageEquals(Class<?> cl1, Class<?> cl2) { 679 assert !cl1.isArray() && !cl2.isArray(); 680 681 if (cl1 == cl2) { 682 return true; 683 } 684 685 return cl1.getClassLoader() == cl2.getClassLoader() && 686 Objects.equals(cl1.getPackageName(), cl2.getPackageName()); 687 } 688 689 }