1 /* 2 * Copyright (c) 1997, 2020, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package java.lang.reflect; 27 28 import java.lang.annotation.Annotation; 29 import java.lang.invoke.MethodHandle; 30 import java.lang.ref.WeakReference; 31 import java.security.AccessController; 32 33 import jdk.internal.access.SharedSecrets; 34 import jdk.internal.misc.VM; 35 import jdk.internal.module.IllegalAccessLogger; 36 import jdk.internal.reflect.CallerSensitive; 37 import jdk.internal.reflect.Reflection; 38 import jdk.internal.reflect.ReflectionFactory; 39 import sun.security.action.GetPropertyAction; 40 import sun.security.util.SecurityConstants; 41 42 /** 43 * The {@code AccessibleObject} class is the base class for {@code Field}, 44 * {@code Method}, and {@code Constructor} objects (known as <em>reflected 45 * objects</em>). It provides the ability to flag a reflected object as 46 * suppressing checks for Java language access control when it is used. This 47 * permits sophisticated applications with sufficient privilege, such as Java 48 * Object Serialization or other persistence mechanisms, to manipulate objects 49 * in a manner that would normally be prohibited. 50 * 51 * <p> Java language access control prevents use of private members outside 52 * their top-level class; package access members outside their package; protected members 53 * outside their package or subclasses; and public members outside their 54 * module unless they are declared in an {@link Module#isExported(String,Module) 55 * exported} package and the user {@link Module#canRead reads} their module. By 56 * default, Java language access control is enforced (with one variation) when 57 * {@code Field}s, {@code Method}s, or {@code Constructor}s are used to get or 58 * set fields, to invoke methods, or to create and initialize new instances of 59 * classes, respectively. Every reflected object checks that the code using it 60 * is in an appropriate class, package, or module. The check when invoked by 61 * <a href="{@docRoot}/../specs/jni/index.html">JNI code</a> with no Java 62 * class on the stack only succeeds if the member and the declaring class are 63 * public, and the class is in a package that is exported to all modules. </p> 64 * 65 * <p> The one variation from Java language access control is that the checks 66 * by reflected objects assume readability. That is, the module containing 67 * the use of a reflected object is assumed to read the module in which 68 * the underlying field, method, or constructor is declared. </p> 69 * 70 * <p> Whether the checks for Java language access control can be suppressed 71 * (and thus, whether access can be enabled) depends on whether the reflected 72 * object corresponds to a member in an exported or open package 73 * (see {@link #setAccessible(boolean)}). </p> 74 * 75 * @jls 6.6 Access Control 76 * @since 1.2 77 * @revised 9 78 * @spec JPMS 79 */ 80 public class AccessibleObject implements AnnotatedElement { 81 static { 82 // AccessibleObject is initialized early in initPhase1 83 SharedSecrets.setJavaLangReflectAccess(new ReflectAccess()); 84 } 85 86 static void checkPermission() { 87 SecurityManager sm = System.getSecurityManager(); 88 if (sm != null) { 89 // SecurityConstants.ACCESS_PERMISSION is used to check 90 // whether a client has sufficient privilege to defeat Java 91 // language access control checks. 92 sm.checkPermission(SecurityConstants.ACCESS_PERMISSION); 93 } 94 } 95 96 /** 97 * Convenience method to set the {@code accessible} flag for an 98 * array of reflected objects with a single security check (for efficiency). 99 * 100 * <p> This method may be used to enable access to all reflected objects in 101 * the array when access to each reflected object can be enabled as 102 * specified by {@link #setAccessible(boolean) setAccessible(boolean)}. </p> 103 * 104 * <p>If there is a security manager, its 105 * {@code checkPermission} method is first called with a 106 * {@code ReflectPermission("suppressAccessChecks")} permission. 107 * 108 * <p>A {@code SecurityException} is also thrown if any of the elements of 109 * the input {@code array} is a {@link java.lang.reflect.Constructor} 110 * object for the class {@code java.lang.Class} and {@code flag} is true. 111 * 112 * @param array the array of AccessibleObjects 113 * @param flag the new value for the {@code accessible} flag 114 * in each object 115 * @throws InaccessibleObjectException if access cannot be enabled for all 116 * objects in the array 117 * @throws SecurityException if the request is denied by the security manager 118 * or an element in the array is a constructor for {@code 119 * java.lang.Class} 120 * @see SecurityManager#checkPermission 121 * @see ReflectPermission 122 * @revised 9 123 * @spec JPMS 124 */ 125 @CallerSensitive 126 public static void setAccessible(AccessibleObject[] array, boolean flag) { 127 checkPermission(); 128 if (flag) { 129 Class<?> caller = Reflection.getCallerClass(); 130 array = array.clone(); 131 for (AccessibleObject ao : array) { 132 ao.checkCanSetAccessible(caller); 133 } 134 } 135 for (AccessibleObject ao : array) { 136 ao.setAccessible0(flag); 137 } 138 } 139 140 /** 141 * Set the {@code accessible} flag for this reflected object to 142 * the indicated boolean value. A value of {@code true} indicates that 143 * the reflected object should suppress checks for Java language access 144 * control when it is used. A value of {@code false} indicates that 145 * the reflected object should enforce checks for Java language access 146 * control when it is used, with the variation noted in the class description. 147 * 148 * <p> This method may be used by a caller in class {@code C} to enable 149 * access to a {@link Member member} of {@link Member#getDeclaringClass() 150 * declaring class} {@code D} if any of the following hold: </p> 151 * 152 * <ul> 153 * <li> {@code C} and {@code D} are in the same module. </li> 154 * 155 * <li> The member is {@code public} and {@code D} is {@code public} in 156 * a package that the module containing {@code D} {@link 157 * Module#isExported(String,Module) exports} to at least the module 158 * containing {@code C}. </li> 159 * 160 * <li> The member is {@code protected} {@code static}, {@code D} is 161 * {@code public} in a package that the module containing {@code D} 162 * exports to at least the module containing {@code C}, and {@code C} 163 * is a subclass of {@code D}. </li> 164 * 165 * <li> {@code D} is in a package that the module containing {@code D} 166 * {@link Module#isOpen(String,Module) opens} to at least the module 167 * containing {@code C}. 168 * All packages in unnamed and open modules are open to all modules and 169 * so this method always succeeds when {@code D} is in an unnamed or 170 * open module. </li> 171 * </ul> 172 * 173 * <p> This method cannot be used to enable access to private members, 174 * members with default (package) access, protected instance members, or 175 * protected constructors when the declaring class is in a different module 176 * to the caller and the package containing the declaring class is not open 177 * to the caller's module. </p> 178 * 179 * <p> This method cannot be used to enable {@linkplain Field#set <em>write</em>} 180 * access to a <em>non-modifiable</em> final field. The following fields 181 * are non-modifiable: 182 * <ul> 183 * <li>static final fields declared in any class or interface</li> 184 * <li>final fields declared in a {@linkplain Class#isHidden() hidden class}</li> 185 * <li>final fields declared in a {@linkplain Class#isRecord() record}</li> 186 * </ul> 187 * <p> The {@code accessible} flag when {@code true} suppresses Java language access 188 * control checks to only enable {@linkplain Field#get <em>read</em>} access to 189 * these non-modifiable final fields. 190 * 191 * <p> If there is a security manager, its 192 * {@code checkPermission} method is first called with a 193 * {@code ReflectPermission("suppressAccessChecks")} permission. 194 * 195 * @param flag the new value for the {@code accessible} flag 196 * @throws InaccessibleObjectException if access cannot be enabled 197 * @throws SecurityException if the request is denied by the security manager 198 * @see #trySetAccessible 199 * @see java.lang.invoke.MethodHandles#privateLookupIn 200 * @revised 9 201 * @spec JPMS 202 */ 203 @CallerSensitive // overrides in Method/Field/Constructor are @CS 204 public void setAccessible(boolean flag) { 205 AccessibleObject.checkPermission(); 206 setAccessible0(flag); 207 } 208 209 /** 210 * Sets the accessible flag and returns the new value 211 */ 212 boolean setAccessible0(boolean flag) { 213 this.override = flag; 214 return flag; 215 } 216 217 /** 218 * Set the {@code accessible} flag for this reflected object to {@code true} 219 * if possible. This method sets the {@code accessible} flag, as if by 220 * invoking {@link #setAccessible(boolean) setAccessible(true)}, and returns 221 * the possibly-updated value for the {@code accessible} flag. If access 222 * cannot be enabled, i.e. the checks or Java language access control cannot 223 * be suppressed, this method returns {@code false} (as opposed to {@code 224 * setAccessible(true)} throwing {@code InaccessibleObjectException} when 225 * it fails). 226 * 227 * <p> This method is a no-op if the {@code accessible} flag for 228 * this reflected object is {@code true}. 229 * 230 * <p> For example, a caller can invoke {@code trySetAccessible} 231 * on a {@code Method} object for a private instance method 232 * {@code p.T::privateMethod} to suppress the checks for Java language access 233 * control when the {@code Method} is invoked. 234 * If {@code p.T} class is in a different module to the caller and 235 * package {@code p} is open to at least the caller's module, 236 * the code below successfully sets the {@code accessible} flag 237 * to {@code true}. 238 * 239 * <pre> 240 * {@code 241 * p.T obj = ....; // instance of p.T 242 * : 243 * Method m = p.T.class.getDeclaredMethod("privateMethod"); 244 * if (m.trySetAccessible()) { 245 * m.invoke(obj); 246 * } else { 247 * // package p is not opened to the caller to access private member of T 248 * ... 249 * } 250 * }</pre> 251 * 252 * <p> If there is a security manager, its {@code checkPermission} method 253 * is first called with a {@code ReflectPermission("suppressAccessChecks")} 254 * permission. </p> 255 * 256 * @return {@code true} if the {@code accessible} flag is set to {@code true}; 257 * {@code false} if access cannot be enabled. 258 * @throws SecurityException if the request is denied by the security manager 259 * 260 * @since 9 261 * @spec JPMS 262 * @see java.lang.invoke.MethodHandles#privateLookupIn 263 */ 264 @CallerSensitive 265 public final boolean trySetAccessible() { 266 AccessibleObject.checkPermission(); 267 268 if (override == true) return true; 269 270 // if it's not a Constructor, Method, Field then no access check 271 if (!Member.class.isInstance(this)) { 272 return setAccessible0(true); 273 } 274 275 // does not allow to suppress access check for Class's constructor 276 Class<?> declaringClass = ((Member) this).getDeclaringClass(); 277 if (declaringClass == Class.class && this instanceof Constructor) { 278 return false; 279 } 280 281 if (checkCanSetAccessible(Reflection.getCallerClass(), 282 declaringClass, 283 false)) { 284 return setAccessible0(true); 285 } else { 286 return false; 287 } 288 } 289 290 291 /** 292 * If the given AccessibleObject is a {@code Constructor}, {@code Method} 293 * or {@code Field} then checks that its declaring class is in a package 294 * that can be accessed by the given caller of setAccessible. 295 */ 296 void checkCanSetAccessible(Class<?> caller) { 297 // do nothing, needs to be overridden by Constructor, Method, Field 298 } 299 300 final void checkCanSetAccessible(Class<?> caller, Class<?> declaringClass) { 301 checkCanSetAccessible(caller, declaringClass, true); 302 } 303 304 private boolean checkCanSetAccessible(Class<?> caller, 305 Class<?> declaringClass, 306 boolean throwExceptionIfDenied) { 307 if (caller == MethodHandle.class) { 308 throw new IllegalCallerException(); // should not happen 309 } 310 311 Module callerModule = caller.getModule(); 312 Module declaringModule = declaringClass.getModule(); 313 314 if (callerModule == declaringModule) return true; 315 if (callerModule == Object.class.getModule()) return true; 316 if (!declaringModule.isNamed()) return true; 317 318 String pn = declaringClass.getPackageName(); 319 int modifiers; 320 if (this instanceof Executable) { 321 modifiers = ((Executable) this).getModifiers(); 322 } else { 323 modifiers = ((Field) this).getModifiers(); 324 } 325 326 // class is public and package is exported to caller 327 boolean isClassPublic = Modifier.isPublic(declaringClass.getModifiers()); 328 if (isClassPublic && declaringModule.isExported(pn, callerModule)) { 329 // member is public 330 if (Modifier.isPublic(modifiers)) { 331 logIfExportedForIllegalAccess(caller, declaringClass); 332 return true; 333 } 334 335 // member is protected-static 336 if (Modifier.isProtected(modifiers) 337 && Modifier.isStatic(modifiers) 338 && isSubclassOf(caller, declaringClass)) { 339 logIfExportedForIllegalAccess(caller, declaringClass); 340 return true; 341 } 342 } 343 344 // package is open to caller 345 if (declaringModule.isOpen(pn, callerModule)) { 346 logIfOpenedForIllegalAccess(caller, declaringClass); 347 return true; 348 } 349 350 if (throwExceptionIfDenied) { 351 // not accessible 352 String msg = "Unable to make "; 353 if (this instanceof Field) 354 msg += "field "; 355 msg += this + " accessible: " + declaringModule + " does not \""; 356 if (isClassPublic && Modifier.isPublic(modifiers)) 357 msg += "exports"; 358 else 359 msg += "opens"; 360 msg += " " + pn + "\" to " + callerModule; 361 InaccessibleObjectException e = new InaccessibleObjectException(msg); 362 if (printStackTraceWhenAccessFails()) { 363 e.printStackTrace(System.err); 364 } 365 throw e; 366 } 367 return false; 368 } 369 370 private boolean isSubclassOf(Class<?> queryClass, Class<?> ofClass) { 371 while (queryClass != null) { 372 if (queryClass == ofClass) { 373 return true; 374 } 375 queryClass = queryClass.getSuperclass(); 376 } 377 return false; 378 } 379 380 private void logIfOpenedForIllegalAccess(Class<?> caller, Class<?> declaringClass) { 381 Module callerModule = caller.getModule(); 382 Module targetModule = declaringClass.getModule(); 383 // callerModule is null during early startup 384 if (callerModule != null && !callerModule.isNamed() && targetModule.isNamed()) { 385 IllegalAccessLogger logger = IllegalAccessLogger.illegalAccessLogger(); 386 if (logger != null) { 387 logger.logIfOpenedForIllegalAccess(caller, declaringClass, this::toShortString); 388 } 389 } 390 } 391 392 private void logIfExportedForIllegalAccess(Class<?> caller, Class<?> declaringClass) { 393 Module callerModule = caller.getModule(); 394 Module targetModule = declaringClass.getModule(); 395 // callerModule is null during early startup 396 if (callerModule != null && !callerModule.isNamed() && targetModule.isNamed()) { 397 IllegalAccessLogger logger = IllegalAccessLogger.illegalAccessLogger(); 398 if (logger != null) { 399 logger.logIfExportedForIllegalAccess(caller, declaringClass, this::toShortString); 400 } 401 } 402 } 403 404 /** 405 * Returns a short descriptive string to describe this object in log messages. 406 */ 407 String toShortString() { 408 return toString(); 409 } 410 411 /** 412 * Get the value of the {@code accessible} flag for this reflected object. 413 * 414 * @return the value of the object's {@code accessible} flag 415 * 416 * @deprecated 417 * This method is deprecated because its name hints that it checks 418 * if the reflected object is accessible when it actually indicates 419 * if the checks for Java language access control are suppressed. 420 * This method may return {@code false} on a reflected object that is 421 * accessible to the caller. To test if this reflected object is accessible, 422 * it should use {@link #canAccess(Object)}. 423 * 424 * @revised 9 425 * @spec JPMS 426 */ 427 @Deprecated(since="9") 428 public boolean isAccessible() { 429 return override; 430 } 431 432 /** 433 * Test if the caller can access this reflected object. If this reflected 434 * object corresponds to an instance method or field then this method tests 435 * if the caller can access the given {@code obj} with the reflected object. 436 * For instance methods or fields then the {@code obj} argument must be an 437 * instance of the {@link Member#getDeclaringClass() declaring class}. For 438 * static members and constructors then {@code obj} must be {@code null}. 439 * 440 * <p> This method returns {@code true} if the {@code accessible} flag 441 * is set to {@code true}, i.e. the checks for Java language access control 442 * are suppressed, or if the caller can access the member as 443 * specified in <cite>The Java Language Specification</cite>, 444 * with the variation noted in the class description. </p> 445 * 446 * @param obj an instance object of the declaring class of this reflected 447 * object if it is an instance method or field 448 * 449 * @return {@code true} if the caller can access this reflected object. 450 * 451 * @throws IllegalArgumentException 452 * <ul> 453 * <li> if this reflected object is a static member or constructor and 454 * the given {@code obj} is non-{@code null}, or </li> 455 * <li> if this reflected object is an instance method or field 456 * and the given {@code obj} is {@code null} or of type 457 * that is not a subclass of the {@link Member#getDeclaringClass() 458 * declaring class} of the member.</li> 459 * </ul> 460 * 461 * @since 9 462 * @spec JPMS 463 * @jls 6.6 Access Control 464 * @see #trySetAccessible 465 * @see #setAccessible(boolean) 466 */ 467 @CallerSensitive 468 public final boolean canAccess(Object obj) { 469 if (!Member.class.isInstance(this)) { 470 return override; 471 } 472 473 Class<?> declaringClass = ((Member) this).getDeclaringClass(); 474 int modifiers = ((Member) this).getModifiers(); 475 if (!Modifier.isStatic(modifiers) && 476 (this instanceof Method || this instanceof Field)) { 477 if (obj == null) { 478 throw new IllegalArgumentException("null object for " + this); 479 } 480 // if this object is an instance member, the given object 481 // must be a subclass of the declaring class of this reflected object 482 if (!declaringClass.isAssignableFrom(obj.getClass())) { 483 throw new IllegalArgumentException("object is not an instance of " 484 + declaringClass.getName()); 485 } 486 } else if (obj != null) { 487 throw new IllegalArgumentException("non-null object for " + this); 488 } 489 490 // access check is suppressed 491 if (override) return true; 492 493 Class<?> caller = Reflection.getCallerClass(); 494 Class<?> targetClass; 495 if (this instanceof Constructor) { 496 targetClass = declaringClass; 497 } else { 498 targetClass = Modifier.isStatic(modifiers) ? null : obj.getClass(); 499 } 500 return verifyAccess(caller, declaringClass, targetClass, modifiers); 501 } 502 503 /** 504 * Constructor: only used by the Java Virtual Machine. 505 */ 506 protected AccessibleObject() {} 507 508 // Indicates whether language-level access checks are overridden 509 // by this object. Initializes to "false". This field is used by 510 // Field, Method, and Constructor. 511 // 512 // NOTE: for security purposes, this field must not be visible 513 // outside this package. 514 boolean override; 515 516 // Reflection factory used by subclasses for creating field, 517 // method, and constructor accessors. Note that this is called 518 // very early in the bootstrapping process. 519 static final ReflectionFactory reflectionFactory = 520 AccessController.doPrivileged( 521 new ReflectionFactory.GetReflectionFactoryAction()); 522 523 /** 524 * {@inheritDoc} 525 * 526 * <p> Note that any annotation returned by this method is a 527 * declaration annotation. 528 * 529 * @throws NullPointerException {@inheritDoc} 530 * @since 1.5 531 */ 532 @Override 533 public <T extends Annotation> T getAnnotation(Class<T> annotationClass) { 534 throw new AssertionError("All subclasses should override this method"); 535 } 536 537 /** 538 * {@inheritDoc} 539 * 540 * @throws NullPointerException {@inheritDoc} 541 * @since 1.5 542 */ 543 @Override 544 public boolean isAnnotationPresent(Class<? extends Annotation> annotationClass) { 545 return AnnotatedElement.super.isAnnotationPresent(annotationClass); 546 } 547 548 /** 549 * {@inheritDoc} 550 * 551 * <p> Note that any annotations returned by this method are 552 * declaration annotations. 553 * 554 * @throws NullPointerException {@inheritDoc} 555 * @since 1.8 556 */ 557 @Override 558 public <T extends Annotation> T[] getAnnotationsByType(Class<T> annotationClass) { 559 throw new AssertionError("All subclasses should override this method"); 560 } 561 562 /** 563 * {@inheritDoc} 564 * 565 * <p> Note that any annotations returned by this method are 566 * declaration annotations. 567 * 568 * @since 1.5 569 */ 570 @Override 571 public Annotation[] getAnnotations() { 572 return getDeclaredAnnotations(); 573 } 574 575 /** 576 * {@inheritDoc} 577 * 578 * <p> Note that any annotation returned by this method is a 579 * declaration annotation. 580 * 581 * @throws NullPointerException {@inheritDoc} 582 * @since 1.8 583 */ 584 @Override 585 public <T extends Annotation> T getDeclaredAnnotation(Class<T> annotationClass) { 586 // Only annotations on classes are inherited, for all other 587 // objects getDeclaredAnnotation is the same as 588 // getAnnotation. 589 return getAnnotation(annotationClass); 590 } 591 592 /** 593 * {@inheritDoc} 594 * 595 * <p> Note that any annotations returned by this method are 596 * declaration annotations. 597 * 598 * @throws NullPointerException {@inheritDoc} 599 * @since 1.8 600 */ 601 @Override 602 public <T extends Annotation> T[] getDeclaredAnnotationsByType(Class<T> annotationClass) { 603 // Only annotations on classes are inherited, for all other 604 // objects getDeclaredAnnotationsByType is the same as 605 // getAnnotationsByType. 606 return getAnnotationsByType(annotationClass); 607 } 608 609 /** 610 * {@inheritDoc} 611 * 612 * <p> Note that any annotations returned by this method are 613 * declaration annotations. 614 * 615 * @since 1.5 616 */ 617 @Override 618 public Annotation[] getDeclaredAnnotations() { 619 throw new AssertionError("All subclasses should override this method"); 620 } 621 622 // Shared access checking logic. 623 624 // For non-public members or members in package-private classes, 625 // it is necessary to perform somewhat expensive access checks. 626 // If the access check succeeds for a given class, it will 627 // always succeed (it is not affected by the granting or revoking 628 // of permissions); we speed up the check in the common case by 629 // remembering the last Class for which the check succeeded. 630 // 631 // The simple access check for Constructor is to see if 632 // the caller has already been seen, verified, and cached. 633 // 634 // A more complicated access check cache is needed for Method and Field 635 // The cache can be either null (empty cache), {caller,targetClass} pair, 636 // or a caller (with targetClass implicitly equal to memberClass). 637 // In the {caller,targetClass} case, the targetClass is always different 638 // from the memberClass. 639 volatile Object accessCheckCache; 640 641 private static class Cache { 642 final WeakReference<Class<?>> callerRef; 643 final WeakReference<Class<?>> targetRef; 644 645 Cache(Class<?> caller, Class<?> target) { 646 this.callerRef = new WeakReference<>(caller); 647 this.targetRef = new WeakReference<>(target); 648 } 649 650 boolean isCacheFor(Class<?> caller, Class<?> refc) { 651 return callerRef.get() == caller && targetRef.get() == refc; 652 } 653 654 static Object protectedMemberCallerCache(Class<?> caller, Class<?> refc) { 655 return new Cache(caller, refc); 656 } 657 } 658 659 /* 660 * Returns true if the previous access check was verified for the 661 * given caller accessing a protected member with an instance of 662 * the given targetClass where the target class is different than 663 * the declaring member class. 664 */ 665 private boolean isAccessChecked(Class<?> caller, Class<?> targetClass) { 666 Object cache = accessCheckCache; // read volatile 667 if (cache instanceof Cache) { 668 return ((Cache) cache).isCacheFor(caller, targetClass); 669 } 670 return false; 671 } 672 673 /* 674 * Returns true if the previous access check was verified for the 675 * given caller accessing a static member or an instance member of 676 * the target class that is the same as the declaring member class. 677 */ 678 private boolean isAccessChecked(Class<?> caller) { 679 Object cache = accessCheckCache; // read volatile 680 if (cache instanceof WeakReference) { 681 @SuppressWarnings("unchecked") 682 WeakReference<Class<?>> ref = (WeakReference<Class<?>>) cache; 683 return ref.get() == caller; 684 } 685 return false; 686 } 687 688 final void checkAccess(Class<?> caller, Class<?> memberClass, 689 Class<?> targetClass, int modifiers) 690 throws IllegalAccessException 691 { 692 if (!verifyAccess(caller, memberClass, targetClass, modifiers)) { 693 IllegalAccessException e = Reflection.newIllegalAccessException( 694 caller, memberClass, targetClass, modifiers); 695 if (printStackTraceWhenAccessFails()) { 696 e.printStackTrace(System.err); 697 } 698 throw e; 699 } 700 } 701 702 final boolean verifyAccess(Class<?> caller, Class<?> memberClass, 703 Class<?> targetClass, int modifiers) 704 { 705 if (caller == memberClass) { // quick check 706 return true; // ACCESS IS OK 707 } 708 if (targetClass != null // instance member or constructor 709 && Modifier.isProtected(modifiers) 710 && targetClass != memberClass) { 711 if (isAccessChecked(caller, targetClass)) { 712 return true; // ACCESS IS OK 713 } 714 } else if (isAccessChecked(caller)) { 715 // Non-protected case (or targetClass == memberClass or static member). 716 return true; // ACCESS IS OK 717 } 718 719 // If no return, fall through to the slow path. 720 return slowVerifyAccess(caller, memberClass, targetClass, modifiers); 721 } 722 723 // Keep all this slow stuff out of line: 724 private boolean slowVerifyAccess(Class<?> caller, Class<?> memberClass, 725 Class<?> targetClass, int modifiers) 726 { 727 728 if (caller == null) { 729 // No caller frame when a native thread attaches to the VM 730 // only allow access to a public accessible member 731 return Reflection.verifyPublicMemberAccess(memberClass, modifiers); 732 } 733 734 if (!Reflection.verifyMemberAccess(caller, memberClass, targetClass, modifiers)) { 735 // access denied 736 return false; 737 } 738 739 // access okay 740 logIfExportedForIllegalAccess(caller, memberClass); 741 742 // Success: Update the cache. 743 Object cache = (targetClass != null 744 && Modifier.isProtected(modifiers) 745 && targetClass != memberClass) 746 ? Cache.protectedMemberCallerCache(caller, targetClass) 747 : new WeakReference<>(caller); 748 accessCheckCache = cache; // write volatile 749 return true; 750 } 751 752 // true to print a stack trace when access fails 753 private static volatile boolean printStackWhenAccessFails; 754 755 // true if printStack* values are initialized 756 private static volatile boolean printStackPropertiesSet; 757 758 /** 759 * Returns true if a stack trace should be printed when access fails. 760 */ 761 private static boolean printStackTraceWhenAccessFails() { 762 if (!printStackPropertiesSet && VM.initLevel() >= 1) { 763 String s = GetPropertyAction.privilegedGetProperty( 764 "sun.reflect.debugModuleAccessChecks"); 765 if (s != null) { 766 printStackWhenAccessFails = !s.equalsIgnoreCase("false"); 767 } 768 printStackPropertiesSet = true; 769 } 770 return printStackWhenAccessFails; 771 } 772 773 /** 774 * Returns the root AccessibleObject; or null if this object is the root. 775 * 776 * All subclasses override this method. 777 */ 778 AccessibleObject getRoot() { 779 throw new InternalError(); 780 } 781 }