src/jdk.scripting.nashorn/share/classes/jdk/nashorn/internal/runtime/AstDeserializer.java

Print this page

        

*** 25,47 **** package jdk.nashorn.internal.runtime; import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.ObjectInputStream; import java.util.zip.InflaterInputStream; import jdk.nashorn.internal.ir.FunctionNode; /** * This static utility class performs deserialization of FunctionNode ASTs from a byte array. * The format is a standard Java serialization stream, deflated. */ final class AstDeserializer { static FunctionNode deserialize(final byte[] serializedAst) { try { ! return (FunctionNode)new ObjectInputStream(new InflaterInputStream(new ByteArrayInputStream( ! serializedAst))).readObject(); } catch (final ClassNotFoundException | IOException e) { // This is internal, can't happen throw new AssertionError("Unexpected exception deserializing function", e); } } } --- 25,55 ---- package jdk.nashorn.internal.runtime; import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.ObjectInputStream; + import java.security.AccessController; + import java.security.PrivilegedAction; import java.util.zip.InflaterInputStream; import jdk.nashorn.internal.ir.FunctionNode; /** * This static utility class performs deserialization of FunctionNode ASTs from a byte array. * The format is a standard Java serialization stream, deflated. */ final class AstDeserializer { static FunctionNode deserialize(final byte[] serializedAst) { + // FIXME: do we need this doPrivileged block at all? + return AccessController.doPrivileged(new PrivilegedAction<FunctionNode>() { + @Override + public FunctionNode run() { try { ! return (FunctionNode)new ObjectInputStream(new InflaterInputStream( ! new ByteArrayInputStream(serializedAst))).readObject(); } catch (final ClassNotFoundException | IOException e) { // This is internal, can't happen throw new AssertionError("Unexpected exception deserializing function", e); } } + }); + } }