--- old/src/java.base/share/classes/java/security/AccessController.java 2018-11-01 12:02:42.345126841 -0700 +++ new/src/java.base/share/classes/java/security/AccessController.java 2018-11-01 12:02:41.927108129 -0700 @@ -613,10 +613,10 @@ AccessControlContext parent, AccessControlContext context, Permission[] perms) { - ProtectionDomain callerPD = getCallerPD(caller); + ProtectionDomain callerPD = getProtectionDomain(caller); // check if caller is authorized to create context - if (context != null && !context.isAuthorized() && - System.getSecurityManager() != null && + if (System.getSecurityManager() != null && + context != null && !context.isAuthorized() && !callerPD.impliesCreateAccessControlContext()) { return getInnocuousAcc(); @@ -639,17 +639,6 @@ private static native ProtectionDomain getProtectionDomain(final Class caller); - private static ProtectionDomain getCallerPD(final Class caller) { - ProtectionDomain callerPd = doPrivileged - (new PrivilegedAction<>() { - public ProtectionDomain run() { - return caller.getProtectionDomain(); - } - }); - - return callerPd; - } - /** * Performs the specified {@code PrivilegedExceptionAction} with * privileges enabled and restricted by the specified @@ -707,9 +696,9 @@ Class caller) { // check if caller is authorized to create context - if (context != null && !context.isAuthorized() && - context != getInnocuousAcc() && - System.getSecurityManager() != null) + if (System.getSecurityManager() != null && + context != null && !context.isAuthorized() && + context != getInnocuousAcc()) { ProtectionDomain callerPD = getProtectionDomain(caller); if (callerPD != null && !callerPD.impliesCreateAccessControlContext()) {