From 496a6f67d640bda110ea13431a0136dad5bf98fe Mon Sep 17 00:00:00 2001 From: Brent Christian Date: Tue, 23 Aug 2016 10:49:15 -0700 Subject: [PATCH] 7180225: SecurityExceptions not defined in some class loader methods Reviewed-by: mchung, mullan --- .../share/classes/java/lang/Class.java | 28 +++++------- .../share/classes/java/lang/ClassLoader.java | 43 ++++++------------- .../share/classes/java/lang/Thread.java | 21 ++++----- 3 files changed, 32 insertions(+), 60 deletions(-) diff --git a/jdk/src/java.base/share/classes/java/lang/Class.java b/jdk/src/java.base/share/classes/java/lang/Class.java index 25d4a3b5b9f..8c9957274d6 100644 --- a/jdk/src/java.base/share/classes/java/lang/Class.java +++ b/jdk/src/java.base/share/classes/java/lang/Class.java @@ -331,12 +331,6 @@ public final class Class implements java.io.Serializable, * Note that this method does not check whether the requested class * is accessible to its caller. * - *

If the {@code loader} is {@code null}, and a security - * manager is present, and the caller's class loader is not null, then this - * method calls the security manager's {@code checkPermission} method - * with a {@code RuntimePermission("getClassLoader")} permission to - * ensure it's ok to access the bootstrap class loader. - * * @param name fully qualified name of the desired class * @param initialize if {@code true} the class will be initialized. * See Section 12.4 of The Java Language Specification. @@ -348,6 +342,11 @@ public final class Class implements java.io.Serializable, * by this method fails * @exception ClassNotFoundException if the class cannot be located by * the specified class loader + * @exception SecurityException + * if a security manager is present, and the {@code loader} is + * {@code null}, and the caller's class loader is not + * {@code null}, and the caller does not have the + * {@link RuntimePermission}{@code ("getClassLoader")} * * @see java.lang.Class#forName(String) * @see java.lang.ClassLoader @@ -782,22 +781,17 @@ public final class Class implements java.io.Serializable, * null in such implementations if this class was loaded by the bootstrap * class loader. * - *

If a security manager is present, and the caller's class loader is - * not null and the caller's class loader is not the same as or an ancestor of - * the class loader for the class whose class loader is requested, then - * this method calls the security manager's {@code checkPermission} - * method with a {@code RuntimePermission("getClassLoader")} - * permission to ensure it's ok to access the class loader for the class. - * *

If this object * represents a primitive type or void, null is returned. * * @return the class loader that loaded the class or interface * represented by this object. - * @throws SecurityException - * if a security manager exists and its - * {@code checkPermission} method denies - * access to the class loader for the class. + * @throws SecurityException + * if a security manager is present, and the caller's class loader + * is not {@code null} and is not the same as or an ancestor of the + * class loader for the class whose class loader is requested, + * and the caller does not have the + * {@link RuntimePermission}{@code ("getClassLoader")} * @see java.lang.ClassLoader * @see SecurityManager#checkPermission * @see java.lang.RuntimePermission diff --git a/jdk/src/java.base/share/classes/java/lang/ClassLoader.java b/jdk/src/java.base/share/classes/java/lang/ClassLoader.java index 013912384d8..d8b2dee337d 100644 --- a/jdk/src/java.base/share/classes/java/lang/ClassLoader.java +++ b/jdk/src/java.base/share/classes/java/lang/ClassLoader.java @@ -1537,22 +1537,13 @@ public abstract class ClassLoader { * will return null in such implementations if this class loader's * parent is the bootstrap class loader. * - *

If a security manager is present, and the invoker's class loader is - * not null and is not an ancestor of this class loader, then this - * method invokes the security manager's {@link - * SecurityManager#checkPermission(java.security.Permission) - * checkPermission} method with a {@link - * RuntimePermission#RuntimePermission(String) - * RuntimePermission("getClassLoader")} permission to verify - * access to the parent class loader is permitted. If not, a - * SecurityException will be thrown.

- * * @return The parent ClassLoader * * @throws SecurityException - * If a security manager exists and its checkPermission - * method doesn't allow access to this class loader's parent class - * loader. + * If a security manager is present, and the caller's class loader + * is not {@code null} and is not an ancestor of this class loader, + * and the caller does not have the + * {@link RuntimePermission}{@code ("getClassLoader")} * * @since 1.2 */ @@ -1590,12 +1581,11 @@ public abstract class ClassLoader { * @return The platform {@code ClassLoader}. * * @throws SecurityException - * If a security manager exists and the caller's class loader is - * not {@code null} and the caller's class loader is not the same + * If a security manager is present, and the caller's class loader is + * not {@code null}, and the caller's class loader is not the same * as or an ancestor of the platform class loader, - * and the {@link SecurityManager#checkPermission(java.security.Permission) - * checkPermission} method denies {@code RuntimePermission("getClassLoader")} - * to access the platform class loader. + * and the caller does not have the + * {@link RuntimePermission}{@code ("getClassLoader")} * * @since 9 */ @@ -1636,17 +1626,6 @@ public abstract class ClassLoader { * If circular initialization of the system class loader is detected then * an unspecified error or exception is thrown. * - *

If a security manager is present, and the invoker's class loader is - * not null and the invoker's class loader is not the same as or - * an ancestor of the system class loader, then this method invokes the - * security manager's {@link - * SecurityManager#checkPermission(java.security.Permission) - * checkPermission} method with a {@link - * RuntimePermission#RuntimePermission(String) - * RuntimePermission("getClassLoader")} permission to verify - * access to the system class loader. If not, a - * SecurityException will be thrown.

- * * @implNote The system property to override the system class loader is not * examined until the VM is almost fully initialized. Code that executes * this method during startup should take care not to cache the return @@ -1656,8 +1635,10 @@ public abstract class ClassLoader { * null if none * * @throws SecurityException - * If a security manager exists and its checkPermission - * method doesn't allow access to the system class loader. + * If a security manager is present, and the caller's class loader + * is not {@code null} and is not the same as or an ancestor of the + * system class loader, and the caller does not have the + * {@link RuntimePermission}{@code ("getClassLoader")} * * @throws IllegalStateException * If invoked recursively during the construction of the class diff --git a/jdk/src/java.base/share/classes/java/lang/Thread.java b/jdk/src/java.base/share/classes/java/lang/Thread.java index 310ada1b470..4fac9eddf07 100644 --- a/jdk/src/java.base/share/classes/java/lang/Thread.java +++ b/jdk/src/java.base/share/classes/java/lang/Thread.java @@ -1507,28 +1507,25 @@ class Thread implements Runnable { } /** - * Returns the context ClassLoader for this Thread. The context - * ClassLoader is provided by the creator of the thread for use + * Returns the context {@code ClassLoader} for this thread. The context + * {@code ClassLoader} is provided by the creator of the thread for use * by code running in this thread when loading classes and resources. * If not {@linkplain #setContextClassLoader set}, the default is the - * ClassLoader context of the parent Thread. The context ClassLoader of the + * {@code ClassLoader} context of the parent thread. The context + * {@code ClassLoader} of the * primordial thread is typically set to the class loader used to load the * application. * - *

If a security manager is present, and the invoker's class loader is not - * {@code null} and is not the same as or an ancestor of the context class - * loader, then this method invokes the security manager's {@link - * SecurityManager#checkPermission(java.security.Permission) checkPermission} - * method with a {@link RuntimePermission RuntimePermission}{@code - * ("getClassLoader")} permission to verify that retrieval of the context - * class loader is permitted. * - * @return the context ClassLoader for this Thread, or {@code null} + * @return the context {@code ClassLoader} for this thread, or {@code null} * indicating the system class loader (or, failing that, the * bootstrap class loader) * * @throws SecurityException - * if the current thread cannot get the context ClassLoader + * if a security manager is present, and the caller's class loader + * is not {@code null} and is not the same as or an ancestor of the + * context class loader, and the caller does not have the + * {@link RuntimePermission}{@code ("getClassLoader")} * * @since 1.2 */