1 /* 2 * Copyright (c) 2001, 2016, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package jdk.internal.reflect; 27 28 import java.io.Externalizable; 29 import java.io.ObjectInputStream; 30 import java.io.ObjectOutputStream; 31 import java.io.ObjectStreamClass; 32 import java.io.OptionalDataException; 33 import java.io.Serializable; 34 import java.lang.invoke.MethodHandle; 35 import java.lang.invoke.MethodHandles; 36 import java.lang.reflect.Field; 37 import java.lang.reflect.Executable; 38 import java.lang.reflect.InvocationTargetException; 39 import java.lang.reflect.Method; 40 import java.lang.reflect.Constructor; 41 import java.lang.reflect.Modifier; 42 import java.security.Permission; 43 import java.security.PrivilegedAction; 44 import java.util.Objects; 45 import java.util.Properties; 46 47 import sun.reflect.misc.ReflectUtil; 48 import sun.security.action.GetPropertyAction; 49 50 /** <P> The master factory for all reflective objects, both those in 51 java.lang.reflect (Fields, Methods, Constructors) as well as their 52 delegates (FieldAccessors, MethodAccessors, ConstructorAccessors). 53 </P> 54 55 <P> The methods in this class are extremely unsafe and can cause 56 subversion of both the language and the verifier. For this reason, 57 they are all instance methods, and access to the constructor of 58 this factory is guarded by a security check, in similar style to 59 {@link jdk.internal.misc.Unsafe}. </P> 60 */ 61 62 public class ReflectionFactory { 63 64 private static boolean initted = false; 65 private static final Permission reflectionFactoryAccessPerm 66 = new RuntimePermission("reflectionFactoryAccess"); 67 private static final ReflectionFactory soleInstance = new ReflectionFactory(); 68 // Provides access to package-private mechanisms in java.lang.reflect 69 private static volatile LangReflectAccess langReflectAccess; 70 71 /* Method for static class initializer <clinit>, or null */ 72 private static volatile Method hasStaticInitializerMethod; 73 74 // 75 // "Inflation" mechanism. Loading bytecodes to implement 76 // Method.invoke() and Constructor.newInstance() currently costs 77 // 3-4x more than an invocation via native code for the first 78 // invocation (though subsequent invocations have been benchmarked 79 // to be over 20x faster). Unfortunately this cost increases 80 // startup time for certain applications that use reflection 81 // intensively (but only once per class) to bootstrap themselves. 82 // To avoid this penalty we reuse the existing JVM entry points 83 // for the first few invocations of Methods and Constructors and 84 // then switch to the bytecode-based implementations. 85 // 86 // Package-private to be accessible to NativeMethodAccessorImpl 87 // and NativeConstructorAccessorImpl 88 private static boolean noInflation = false; 89 private static int inflationThreshold = 15; 90 91 private ReflectionFactory() { 92 } 93 94 /** 95 * A convenience class for acquiring the capability to instantiate 96 * reflective objects. Use this instead of a raw call to {@link 97 * #getReflectionFactory} in order to avoid being limited by the 98 * permissions of your callers. 99 * 100 * <p>An instance of this class can be used as the argument of 101 * <code>AccessController.doPrivileged</code>. 102 */ 103 public static final class GetReflectionFactoryAction 104 implements PrivilegedAction<ReflectionFactory> { 105 public ReflectionFactory run() { 106 return getReflectionFactory(); 107 } 108 } 109 110 /** 111 * Provides the caller with the capability to instantiate reflective 112 * objects. 113 * 114 * <p> First, if there is a security manager, its 115 * <code>checkPermission</code> method is called with a {@link 116 * java.lang.RuntimePermission} with target 117 * <code>"reflectionFactoryAccess"</code>. This may result in a 118 * security exception. 119 * 120 * <p> The returned <code>ReflectionFactory</code> object should be 121 * carefully guarded by the caller, since it can be used to read and 122 * write private data and invoke private methods, as well as to load 123 * unverified bytecodes. It must never be passed to untrusted code. 124 * 125 * @exception SecurityException if a security manager exists and its 126 * <code>checkPermission</code> method doesn't allow 127 * access to the RuntimePermission "reflectionFactoryAccess". */ 128 public static ReflectionFactory getReflectionFactory() { 129 SecurityManager security = System.getSecurityManager(); 130 if (security != null) { 131 // TO DO: security.checkReflectionFactoryAccess(); 132 security.checkPermission(reflectionFactoryAccessPerm); 133 } 134 return soleInstance; 135 } 136 137 //-------------------------------------------------------------------------- 138 // 139 // Routines used by java.lang.reflect 140 // 141 // 142 143 /** Called only by java.lang.reflect.Modifier's static initializer */ 144 public void setLangReflectAccess(LangReflectAccess access) { 145 langReflectAccess = access; 146 } 147 148 /** 149 * Note: this routine can cause the declaring class for the field 150 * be initialized and therefore must not be called until the 151 * first get/set of this field. 152 * @param field the field 153 * @param override true if caller has overridden accessibility 154 */ 155 public FieldAccessor newFieldAccessor(Field field, boolean override) { 156 checkInitted(); 157 return UnsafeFieldAccessorFactory.newFieldAccessor(field, override); 158 } 159 160 public MethodAccessor newMethodAccessor(Method method) { 161 checkInitted(); 162 163 if (noInflation && !ReflectUtil.isVMAnonymousClass(method.getDeclaringClass())) { 164 return new MethodAccessorGenerator(). 165 generateMethod(method.getDeclaringClass(), 166 method.getName(), 167 method.getParameterTypes(), 168 method.getReturnType(), 169 method.getExceptionTypes(), 170 method.getModifiers()); 171 } else { 172 NativeMethodAccessorImpl acc = 173 new NativeMethodAccessorImpl(method); 174 DelegatingMethodAccessorImpl res = 175 new DelegatingMethodAccessorImpl(acc); 176 acc.setParent(res); 177 return res; 178 } 179 } 180 181 public ConstructorAccessor newConstructorAccessor(Constructor<?> c) { 182 checkInitted(); 183 184 Class<?> declaringClass = c.getDeclaringClass(); 185 if (Modifier.isAbstract(declaringClass.getModifiers())) { 186 return new InstantiationExceptionConstructorAccessorImpl(null); 187 } 188 if (declaringClass == Class.class) { 189 return new InstantiationExceptionConstructorAccessorImpl 190 ("Can not instantiate java.lang.Class"); 191 } 192 // Bootstrapping issue: since we use Class.newInstance() in 193 // the ConstructorAccessor generation process, we have to 194 // break the cycle here. 195 if (Reflection.isSubclassOf(declaringClass, 196 ConstructorAccessorImpl.class)) { 197 return new BootstrapConstructorAccessorImpl(c); 198 } 199 200 if (noInflation && !ReflectUtil.isVMAnonymousClass(c.getDeclaringClass())) { 201 return new MethodAccessorGenerator(). 202 generateConstructor(c.getDeclaringClass(), 203 c.getParameterTypes(), 204 c.getExceptionTypes(), 205 c.getModifiers()); 206 } else { 207 NativeConstructorAccessorImpl acc = 208 new NativeConstructorAccessorImpl(c); 209 DelegatingConstructorAccessorImpl res = 210 new DelegatingConstructorAccessorImpl(acc); 211 acc.setParent(res); 212 return res; 213 } 214 } 215 216 //-------------------------------------------------------------------------- 217 // 218 // Routines used by java.lang 219 // 220 // 221 222 /** Creates a new java.lang.reflect.Field. Access checks as per 223 java.lang.reflect.AccessibleObject are not overridden. */ 224 public Field newField(Class<?> declaringClass, 225 String name, 226 Class<?> type, 227 int modifiers, 228 int slot, 229 String signature, 230 byte[] annotations) 231 { 232 return langReflectAccess().newField(declaringClass, 233 name, 234 type, 235 modifiers, 236 slot, 237 signature, 238 annotations); 239 } 240 241 /** Creates a new java.lang.reflect.Method. Access checks as per 242 java.lang.reflect.AccessibleObject are not overridden. */ 243 public Method newMethod(Class<?> declaringClass, 244 String name, 245 Class<?>[] parameterTypes, 246 Class<?> returnType, 247 Class<?>[] checkedExceptions, 248 int modifiers, 249 int slot, 250 String signature, 251 byte[] annotations, 252 byte[] parameterAnnotations, 253 byte[] annotationDefault) 254 { 255 return langReflectAccess().newMethod(declaringClass, 256 name, 257 parameterTypes, 258 returnType, 259 checkedExceptions, 260 modifiers, 261 slot, 262 signature, 263 annotations, 264 parameterAnnotations, 265 annotationDefault); 266 } 267 268 /** Creates a new java.lang.reflect.Constructor. Access checks as 269 per java.lang.reflect.AccessibleObject are not overridden. */ 270 public Constructor<?> newConstructor(Class<?> declaringClass, 271 Class<?>[] parameterTypes, 272 Class<?>[] checkedExceptions, 273 int modifiers, 274 int slot, 275 String signature, 276 byte[] annotations, 277 byte[] parameterAnnotations) 278 { 279 return langReflectAccess().newConstructor(declaringClass, 280 parameterTypes, 281 checkedExceptions, 282 modifiers, 283 slot, 284 signature, 285 annotations, 286 parameterAnnotations); 287 } 288 289 /** Gets the MethodAccessor object for a java.lang.reflect.Method */ 290 public MethodAccessor getMethodAccessor(Method m) { 291 return langReflectAccess().getMethodAccessor(m); 292 } 293 294 /** Sets the MethodAccessor object for a java.lang.reflect.Method */ 295 public void setMethodAccessor(Method m, MethodAccessor accessor) { 296 langReflectAccess().setMethodAccessor(m, accessor); 297 } 298 299 /** Gets the ConstructorAccessor object for a 300 java.lang.reflect.Constructor */ 301 public ConstructorAccessor getConstructorAccessor(Constructor<?> c) { 302 return langReflectAccess().getConstructorAccessor(c); 303 } 304 305 /** Sets the ConstructorAccessor object for a 306 java.lang.reflect.Constructor */ 307 public void setConstructorAccessor(Constructor<?> c, 308 ConstructorAccessor accessor) 309 { 310 langReflectAccess().setConstructorAccessor(c, accessor); 311 } 312 313 /** Makes a copy of the passed method. The returned method is a 314 "child" of the passed one; see the comments in Method.java for 315 details. */ 316 public Method copyMethod(Method arg) { 317 return langReflectAccess().copyMethod(arg); 318 } 319 320 /** Makes a copy of the passed method. The returned method is NOT 321 * a "child" but a "sibling" of the Method in arg. Should only be 322 * used on non-root methods. */ 323 public Method leafCopyMethod(Method arg) { 324 return langReflectAccess().leafCopyMethod(arg); 325 } 326 327 328 /** Makes a copy of the passed field. The returned field is a 329 "child" of the passed one; see the comments in Field.java for 330 details. */ 331 public Field copyField(Field arg) { 332 return langReflectAccess().copyField(arg); 333 } 334 335 /** Makes a copy of the passed constructor. The returned 336 constructor is a "child" of the passed one; see the comments 337 in Constructor.java for details. */ 338 public <T> Constructor<T> copyConstructor(Constructor<T> arg) { 339 return langReflectAccess().copyConstructor(arg); 340 } 341 342 /** Gets the byte[] that encodes TypeAnnotations on an executable. 343 */ 344 public byte[] getExecutableTypeAnnotationBytes(Executable ex) { 345 return langReflectAccess().getExecutableTypeAnnotationBytes(ex); 346 } 347 348 //-------------------------------------------------------------------------- 349 // 350 // Routines used by serialization 351 // 352 // 353 354 public final Constructor<?> newConstructorForExternalization(Class<?> cl) { 355 if (!Externalizable.class.isAssignableFrom(cl)) { 356 return null; 357 } 358 try { 359 Constructor<?> cons = cl.getConstructor(); 360 cons.setAccessible(true); 361 return cons; 362 } catch (NoSuchMethodException ex) { 363 return null; 364 } 365 } 366 367 public final Constructor<?> newConstructorForSerialization(Class<?> cl, 368 Constructor<?> constructorToCall) 369 { 370 if (constructorToCall.getDeclaringClass() == cl) { 371 constructorToCall.setAccessible(true); 372 return constructorToCall; 373 } 374 return generateConstructor(cl, constructorToCall); 375 } 376 377 public final Constructor<?> newConstructorForSerialization(Class<?> cl) { 378 Class<?> initCl = cl; 379 while (Serializable.class.isAssignableFrom(initCl)) { 380 if ((initCl = initCl.getSuperclass()) == null) { 381 return null; 382 } 383 } 384 Constructor<?> constructorToCall; 385 try { 386 constructorToCall = initCl.getDeclaredConstructor(); 387 int mods = constructorToCall.getModifiers(); 388 if ((mods & Modifier.PRIVATE) != 0 || 389 ((mods & (Modifier.PUBLIC | Modifier.PROTECTED)) == 0 && 390 !packageEquals(cl, initCl))) { 391 return null; 392 } 393 } catch (NoSuchMethodException ex) { 394 return null; 395 } 396 return generateConstructor(cl, constructorToCall); 397 } 398 399 private final Constructor<?> generateConstructor(Class<?> cl, 400 Constructor<?> constructorToCall) { 401 402 403 ConstructorAccessor acc = new MethodAccessorGenerator(). 404 generateSerializationConstructor(cl, 405 constructorToCall.getParameterTypes(), 406 constructorToCall.getExceptionTypes(), 407 constructorToCall.getModifiers(), 408 constructorToCall.getDeclaringClass()); 409 Constructor<?> c = newConstructor(constructorToCall.getDeclaringClass(), 410 constructorToCall.getParameterTypes(), 411 constructorToCall.getExceptionTypes(), 412 constructorToCall.getModifiers(), 413 langReflectAccess(). 414 getConstructorSlot(constructorToCall), 415 langReflectAccess(). 416 getConstructorSignature(constructorToCall), 417 langReflectAccess(). 418 getConstructorAnnotations(constructorToCall), 419 langReflectAccess(). 420 getConstructorParameterAnnotations(constructorToCall)); 421 setConstructorAccessor(c, acc); 422 c.setAccessible(true); 423 return c; 424 } 425 426 public final MethodHandle readObjectForSerialization(Class<?> cl) { 427 return findReadWriteObjectForSerialization(cl, "readObject", ObjectInputStream.class); 428 } 429 430 public final MethodHandle readObjectNoDataForSerialization(Class<?> cl) { 431 return findReadWriteObjectForSerialization(cl, "readObjectNoData", ObjectInputStream.class); 432 } 433 434 public final MethodHandle writeObjectForSerialization(Class<?> cl) { 435 return findReadWriteObjectForSerialization(cl, "writeObject", ObjectOutputStream.class); 436 } 437 438 private final MethodHandle findReadWriteObjectForSerialization(Class<?> cl, 439 String methodName, 440 Class<?> streamClass) { 441 if (!Serializable.class.isAssignableFrom(cl)) { 442 return null; 443 } 444 445 try { 446 Method meth = cl.getDeclaredMethod(methodName, streamClass); 447 int mods = meth.getModifiers(); 448 if (meth.getReturnType() != Void.TYPE || 449 Modifier.isStatic(mods) || 450 !Modifier.isPrivate(mods)) { 451 return null; 452 } 453 meth.setAccessible(true); 454 return MethodHandles.lookup().unreflect(meth); 455 } catch (NoSuchMethodException ex) { 456 return null; 457 } catch (IllegalAccessException ex1) { 458 throw new InternalError("Error", ex1); 459 } 460 } 461 462 /** 463 * Returns a MethodHandle for {@code writeReplace} on the serializable class 464 * or null if no match found. 465 * @param cl a serializable class 466 * @returnss the {@code writeReplace} MethodHandle or {@code null} if not found 467 */ 468 public final MethodHandle writeReplaceForSerialization(Class<?> cl) { 469 return getReplaceResolveForSerialization(cl, "writeReplace"); 470 } 471 472 /** 473 * Returns a MethodHandle for {@code readResolve} on the serializable class 474 * or null if no match found. 475 * @param cl a serializable class 476 * @returns the {@code writeReplace} MethodHandle or {@code null} if not found 477 */ 478 public final MethodHandle readResolveForSerialization(Class<?> cl) { 479 return getReplaceResolveForSerialization(cl, "readResolve"); 480 } 481 482 /** 483 * Lookup readResolve or writeReplace on a class with specified 484 * signature constraints. 485 * @param cl a serializable class 486 * @param methodName the method name to find 487 * @returns a MethodHandle for the method or {@code null} if not found or 488 * has the wrong signature. 489 */ 490 private MethodHandle getReplaceResolveForSerialization(Class<?> cl, 491 String methodName) { 492 if (!Serializable.class.isAssignableFrom(cl)) { 493 return null; 494 } 495 496 Class<?> defCl = cl; 497 while (defCl != null) { 498 try { 499 Method m = defCl.getDeclaredMethod(methodName); 500 if (m.getReturnType() != Object.class) { 501 return null; 502 } 503 int mods = m.getModifiers(); 504 if (Modifier.isStatic(mods) | Modifier.isAbstract(mods)) { 505 return null; 506 } else if (Modifier.isPublic(mods) | Modifier.isProtected(mods)) { 507 // fall through 508 } else if (Modifier.isPrivate(mods) && (cl != defCl)) { 509 return null; 510 } else if (!packageEquals(cl, defCl)) { 511 return null; 512 } 513 try { 514 // Normal return 515 m.setAccessible(true); 516 return MethodHandles.lookup().unreflect(m); 517 } catch (IllegalAccessException ex0) { 518 // setAccessible should prevent IAE 519 throw new InternalError("Error", ex0); 520 } 521 } catch (NoSuchMethodException ex) { 522 defCl = defCl.getSuperclass(); 523 } 524 } 525 return null; 526 } 527 528 /** 529 * Returns true if the given class defines a static initializer method, 530 * false otherwise. 531 */ 532 public final boolean hasStaticInitializerForSerialization(Class<?> cl) { 533 Method m = hasStaticInitializerMethod; 534 if (m == null) { 535 try { 536 m = ObjectStreamClass.class.getDeclaredMethod("hasStaticInitializer", 537 new Class<?>[]{Class.class}); 538 m.setAccessible(true); 539 hasStaticInitializerMethod = m; 540 } catch (NoSuchMethodException ex) { 541 throw new InternalError("No such method hasStaticInitializer on " 542 + ObjectStreamClass.class, ex); 543 } 544 } 545 try { 546 return (Boolean) m.invoke(null, cl); 547 } catch (InvocationTargetException | IllegalAccessException ex) { 548 throw new InternalError("Exception invoking hasStaticInitializer", ex); 549 } 550 } 551 552 /** 553 * Return the accessible constructor for OptionalDataException signaling eof. 554 * @returns the eof constructor for OptionalDataException 555 */ 556 public final Constructor<OptionalDataException> newOptionalDataExceptionForSerialization() { 557 try { 558 Constructor<OptionalDataException> boolCtor = 559 OptionalDataException.class.getDeclaredConstructor(Boolean.TYPE); 560 boolCtor.setAccessible(true); 561 return boolCtor; 562 } catch (NoSuchMethodException ex) { 563 throw new InternalError("Constructor not found", ex); 564 } 565 } 566 567 //-------------------------------------------------------------------------- 568 // 569 // Internals only below this point 570 // 571 572 static int inflationThreshold() { 573 return inflationThreshold; 574 } 575 576 /** We have to defer full initialization of this class until after 577 the static initializer is run since java.lang.reflect.Method's 578 static initializer (more properly, that for 579 java.lang.reflect.AccessibleObject) causes this class's to be 580 run, before the system properties are set up. */ 581 private static void checkInitted() { 582 if (initted) return; 583 584 // Tests to ensure the system properties table is fully 585 // initialized. This is needed because reflection code is 586 // called very early in the initialization process (before 587 // command-line arguments have been parsed and therefore 588 // these user-settable properties installed.) We assume that 589 // if System.out is non-null then the System class has been 590 // fully initialized and that the bulk of the startup code 591 // has been run. 592 593 if (System.out == null) { 594 // java.lang.System not yet fully initialized 595 return; 596 } 597 598 Properties props = GetPropertyAction.privilegedGetProperties(); 599 String val = props.getProperty("sun.reflect.noInflation"); 600 if (val != null && val.equals("true")) { 601 noInflation = true; 602 } 603 604 val = props.getProperty("sun.reflect.inflationThreshold"); 605 if (val != null) { 606 try { 607 inflationThreshold = Integer.parseInt(val); 608 } catch (NumberFormatException e) { 609 throw new RuntimeException("Unable to parse property sun.reflect.inflationThreshold", e); 610 } 611 } 612 613 initted = true; 614 } 615 616 private static LangReflectAccess langReflectAccess() { 617 if (langReflectAccess == null) { 618 // Call a static method to get class java.lang.reflect.Modifier 619 // initialized. Its static initializer will cause 620 // setLangReflectAccess() to be called from the context of the 621 // java.lang.reflect package. 622 Modifier.isPublic(Modifier.PUBLIC); 623 } 624 return langReflectAccess; 625 } 626 627 /** 628 * Returns true if classes are defined in the classloader and same package, false 629 * otherwise. 630 * @param cl1 a class 631 * @param cl2 another class 632 * @returns true if the two classes are in the same classloader and package 633 */ 634 private static boolean packageEquals(Class<?> cl1, Class<?> cl2) { 635 return cl1.getClassLoader() == cl2.getClassLoader() && 636 Objects.equals(cl1.getPackage(), cl2.getPackage()); 637 } 638 639 }