----- Original Message ----- > Proposed fix for: https://bugs.openjdk.java.net/browse/JDK-8142882 >
FWIW, the bug isn't visible. > http://cr.openjdk.java.net/~rasbold/8142882/webrev.00/ > > Don't pre-dispatch the receiver of a DirectMethodHandle, as it may allow a > protected method to be accessed. > > This fix is a subset of the change for JDK-8050166 > <https://bugs.openjdk.java.net/browse/JDK-8050166>, which is already in > jdk8 and jdk9. > This looks good to me too. I've pushed the change with John and I listed as reviewers. I've also tagged the result as jdk7u91-b02 and uploaded a tarball release for this version: 4cb174c87289a020f2280570560240e38fc18529f951c72f9512a1ebc6962672 openjdk7u91-b02.tar.xz https://java.net/projects/openjdk7/downloads/download/openjdk7u91-b02.tar.xz > The change causes the an NPE to be thrown when a protected MethodHandle is > called via invoke(). > An additional backport of JDK-8016839 > <https://bugs.openjdk.java.net/browse/JDK-8016839> is needed, if it is > desired to that a proper IllegalAccessError is thrown instead of an NPE, as > happens with jdk8 / jdk9. > This potentially seems like a good idea, but I'm wary of it causing compatibility issues. I'll look into a backport in time for the next release in January (u95?) Thanks, -- Andrew :) Senior Free Java Software Engineer Red Hat, Inc. (http://www.redhat.com) PGP Key: ed25519/35964222 (hkp://keys.gnupg.net) Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222 PGP Key: rsa4096/248BDC07 (hkp://keys.gnupg.net) Fingerprint = EC5A 1F5E C0AD 1D15 8F1F 8F91 3B96 A578 248B DC07
