151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski/* 22c87ad3a45cecf9e344487cad1abfdebe79f2c7cNarayan Kamath * Copyright (C) 2014 The Android Open Source Project 351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Copyright (c) 2005, 2013 Oracle and/or its affiliates. All rights reserved. 451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This code is free software; you can redistribute it and/or modify it 751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * under the terms of the GNU General Public License version 2 only, as 851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * published by the Free Software Foundation. Oracle designates this 951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * particular file as subject to the "Classpath" exception as provided 1051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * by Oracle in the LICENSE file that accompanied this code. 1151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 1251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This code is distributed in the hope that it will be useful, but WITHOUT 1351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 1451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 1551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * version 2 for more details (a copy is included in the LICENSE file that 1651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * accompanied this code). 1751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 1851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * You should have received a copy of the GNU General Public License version 1951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 2 along with this work; if not, write to the Free Software Foundation, 2051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 2151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 2251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 2351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * or visit www.oracle.com if you need additional information or have any 2451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * questions. 2551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 2651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 2751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 2851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskipackage sun.reflect.misc; 2951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.lang.reflect.Proxy; 3051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 3151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskipublic final class ReflectUtil { 3251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 3351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski private ReflectUtil() { 3451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 3551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 3651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static Class forName(String name) 3751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throws ClassNotFoundException { 3851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski checkPackageAccess(name); 3951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return Class.forName(name); 4051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 4151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 4251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static Object newInstance(Class cls) 4351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throws InstantiationException, IllegalAccessException { 4451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski checkPackageAccess(cls); 4551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return cls.newInstance(); 4651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 4751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 4851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski private static boolean isSubclassOf(Class queryClass, 4951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski Class ofClass) 5051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski { 5151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski while (queryClass != null) { 5251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (queryClass == ofClass) { 5351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return true; 5451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 5551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski queryClass = queryClass.getSuperclass(); 5651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 5751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return false; 5851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 5951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 6051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 6151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Checks package access on the given class. 6251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 6351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * If it is a {@link Proxy#isProxyClass(java.lang.Class)} that implements 6451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * a non-public interface (i.e. may be in a non-restricted package), 6551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * also check the package access on the proxy interfaces. 6651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 6751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static void checkPackageAccess(Class<?> clazz) { 6851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski checkPackageAccess(clazz.getName()); 6951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (isNonPublicProxyClass(clazz)) { 7051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski checkProxyPackageAccess(clazz); 7151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 7251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 7351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 7451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 7551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Checks package access on the given classname. 7651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This method is typically called when the Class instance is not 7751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * available and the caller attempts to load a class on behalf 7851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * the true caller (application). 7951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 8051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static void checkPackageAccess(String name) { 8151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski SecurityManager s = System.getSecurityManager(); 8251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (s != null) { 8351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski String cname = name.replace('/', '.'); 8451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (cname.startsWith("[")) { 8551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski int b = cname.lastIndexOf('[') + 2; 8651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (b > 1 && b < cname.length()) { 8751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski cname = cname.substring(b); 8851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 8951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 9051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski int i = cname.lastIndexOf('.'); 9151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (i != -1) { 9251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski s.checkPackageAccess(cname.substring(0, i)); 9351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 9451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 9551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 9651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 9751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static boolean isPackageAccessible(Class clazz) { 9851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski try { 9951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski checkPackageAccess(clazz); 10051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } catch (SecurityException e) { 10151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return false; 10251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 10351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return true; 10451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 10551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 10651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski // Returns true if p is an ancestor of cl i.e. class loader 'p' can 10751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski // be found in the cl's delegation chain 10851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski private static boolean isAncestor(ClassLoader p, ClassLoader cl) { 10951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski ClassLoader acl = cl; 11051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski do { 11151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski acl = acl.getParent(); 11251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (p == acl) { 11351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return true; 11451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 11551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } while (acl != null); 11651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return false; 11751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 11851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 11951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 12051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Returns true if package access check is needed for reflective 12151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * access from a class loader 'from' to classes or members in 12251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * a class defined by class loader 'to'. This method returns true 12351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * if 'from' is not the same as or an ancestor of 'to'. All code 12451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * in a system domain are granted with all permission and so this 12551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * method returns false if 'from' class loader is a class loader 12651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * loading system classes. On the other hand, if a class loader 12751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * attempts to access system domain classes, it requires package 12851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * access check and this method will return true. 12951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 13051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static boolean needsPackageAccessCheck(ClassLoader from, ClassLoader to) { 13151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (from == null || from == to) 13251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return false; 13351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 13451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (to == null) 13551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return true; 13651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 13751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return !isAncestor(from, to); 13851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 13951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 14051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 14151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Check package access on the proxy interfaces that the given proxy class 14251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * implements. 14351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 14451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param clazz Proxy class object 14551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 14651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static void checkProxyPackageAccess(Class<?> clazz) { 14751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski SecurityManager s = System.getSecurityManager(); 14851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (s != null) { 14951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski // check proxy interfaces if the given class is a proxy class 15051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (Proxy.isProxyClass(clazz)) { 15151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski for (Class<?> intf : clazz.getInterfaces()) { 15251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski checkPackageAccess(intf); 15351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 15451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 15551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 15651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 15751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 15851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 15951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Access check on the interfaces that a proxy class implements and throw 16051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * {@code SecurityException} if it accesses a restricted package from 16151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * the caller's class loader. 16251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 16351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param ccl the caller's class loader 16451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param interfaces the list of interfaces that a proxy class implements 16551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 16651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static void checkProxyPackageAccess(ClassLoader ccl, 16751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski Class<?>... interfaces) 16851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski { 16951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski SecurityManager sm = System.getSecurityManager(); 17051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (sm != null) { 17151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski for (Class<?> intf : interfaces) { 17251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski ClassLoader cl = intf.getClassLoader(); 17351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (needsPackageAccessCheck(ccl, cl)) { 17451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski checkPackageAccess(intf); 17551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 17651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 17751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 17851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 17951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 18051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 18151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Test if the given class is a proxy class that implements 18251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * non-public interface. Such proxy class may be in a non-restricted 18351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * package that bypasses checkPackageAccess. 18451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 18551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static boolean isNonPublicProxyClass(Class<?> cls) { 18651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski String name = cls.getName(); 18751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski int i = name.lastIndexOf('.'); 18851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski String pkg = (i != -1) ? name.substring(0, i) : ""; 189499346040d83c7103a67e776ae59b8057ce38aaaNarayan Kamath 190499346040d83c7103a67e776ae59b8057ce38aaaNarayan Kamath // NOTE: Android creates proxies in the "default" package (and not com.sun.proxy), which 191499346040d83c7103a67e776ae59b8057ce38aaaNarayan Kamath // makes this check imprecise. However, this function is only ever called if there's 192499346040d83c7103a67e776ae59b8057ce38aaaNarayan Kamath // a security manager installed (which is the never case on android). 193499346040d83c7103a67e776ae59b8057ce38aaaNarayan Kamath return Proxy.isProxyClass(cls) && !pkg.isEmpty(); 19451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 19551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski} 196