Re: RFR: JDK-8146975 - NullPointerException in IIOPInputStream.inputClassFields

Thu, 09 Jun 2016 13:44:59 -0700 


OK .... I'll look into this again. I'll remove and re check everything.
The reason why is that during the execution of the tests there where various problems where 
there is attempt in java.base to access sun.corba.BridgePermission

at one stage there were failure such as

UnresolvedPermission: unable to instantiate getBridge
java.lang.IllegalAccessException: class java.security.UnresolvedPermission (in module java.base) cannot access class sun.corba.BridgePermission (in module java.corba) because module java.corba does not export sun.corba to module java.base 

There were also issues with  SharedSecrets
so adding the export got over that hump.
but as I amended the test's policy file to include a grant of all permission to java.corba, i'll check to see if the module-info export is now needed. Initially the test policy was specified with the misunderstanding that 
it was an addendum to the default policy, but that is not the case.

regards
Mark


On 09/06/2016 15:21, Chris Hegarty wrote:

Oh BTW, I assume the changes to the java.corba module-info are not
needed right? Maybe left over from some debugging?

-Chris.


On 9 Jun 2016, at 13:35, Chris Hegarty <chris.hega...@oracle.com> wrote:



On 8 Jun 2016, at 23:18, Mark Sheppard <mark.shepp...@oracle.com> wrote:


Hi
  please oblige and review the following changes
http://cr.openjdk.java.net/~msheppar/8146975/jdk9/webrev/

http://cr.openjdk.java.net/~msheppar/8146975/jdk9/test/webrev/

which address the issue raised in
https://bugs.openjdk.java.net/browse/JDK-8146975

the type checking in inputClassFields and other places failed to fully allowing 
for
the processing of return ValueTypes, and hence the getDeclaredField fails as
"application code" exist  on the call stack restricting access. This leads to a 
security exception,
which in turn leads to an IllegalArgumentExcetption, the processing of which 
failed to allow
for a null object value in the stream.
This has now been rectified, with the getDeclaredField wrapped in a 
doPrivileged call.

This works because the java.corba module is granted all permissions. If this
was to ever change then I assume it would require RuntimePermission(
"accessDeclaredMembers”).

The changes look ok to me.  Wow, that is some test! I assume it cannot easily
be reduced.

-Chris.


regards
Mark

Reply via email to