src/jdk.scripting.nashorn/share/classes/jdk/nashorn/internal/runtime/AstDeserializer.java

Print this page

        

@@ -25,23 +25,31 @@
 package jdk.nashorn.internal.runtime;
 
 import java.io.ByteArrayInputStream;
 import java.io.IOException;
 import java.io.ObjectInputStream;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
 import java.util.zip.InflaterInputStream;
 import jdk.nashorn.internal.ir.FunctionNode;
 
 /**
  * This static utility class performs deserialization of FunctionNode ASTs from a byte array.
  * The format is a standard Java serialization stream, deflated.
  */
 final class AstDeserializer {
     static FunctionNode deserialize(final byte[] serializedAst) {
+        // FIXME: do we need this doPrivileged block at all?
+        return AccessController.doPrivileged(new PrivilegedAction<FunctionNode>() {
+            @Override
+            public FunctionNode run() {
         try {
-            return (FunctionNode)new ObjectInputStream(new InflaterInputStream(new ByteArrayInputStream(
-                    serializedAst))).readObject();
+                    return (FunctionNode)new ObjectInputStream(new InflaterInputStream(
+                        new ByteArrayInputStream(serializedAst))).readObject();
         } catch (final ClassNotFoundException | IOException e) {
             // This is internal, can't happen
             throw new AssertionError("Unexpected exception deserializing function", e);
         }
     }
+        });
+    }
 }