-
Bug
-
Resolution: Fixed
-
P4
-
9
-
None
-
b89
-
generic
-
generic
Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
---|---|---|---|---|---|---|
JDK-8142843 | emb-9 | Attila Szegedi | P4 | Resolved | Fixed | team |
dynalink.beans.ClassMap and dynalink.beans.ClassString use getClassLoader() and invoke Guards.canReferenceDirectly() that can also invoke getClassLoader. They should do that in a doPrivileged block so they can perform the operation even if the caller doesn't have the necessary privilege and the inspected classes are orthogonal to Nashorn's class loader.
Additionally, OverloadedMethod – which is the only user of ClassString.isVisibleFrom that relies on the above behavior – was using the wrong class loader as the basis for deciding whether it can keep strongly referenced parameter types in its lookup cache; it should use its caller class' loader, not its calee's.
Additionally, OverloadedMethod – which is the only user of ClassString.isVisibleFrom that relies on the above behavior – was using the wrong class loader as the basis for deciding whether it can keep strongly referenced parameter types in its lookup cache; it should use its caller class' loader, not its calee's.
- backported by
-
JDK-8142843 Use privileged blocks when working with class loaders
-
- Resolved
-