1/* 2 * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24import java.lang.reflect.Field; 25import java.lang.reflect.ReflectPermission; 26import java.security.CodeSource; 27import java.security.Permission; 28import java.security.PermissionCollection; 29import java.security.Permissions; 30import java.security.Policy; 31import java.security.ProtectionDomain; 32import java.util.Arrays; 33import java.util.Enumeration; 34import java.util.concurrent.atomic.AtomicBoolean; 35 36/** 37 * @test 38 * @bug 8065552 39 * @summary test that all fields returned by getDeclaredFields() can be 40 * set accessible if the right permission is granted; this test 41 * also verifies that Class.classLoader final private field is 42 * hidden from reflection access. 43 * @modules java.base/java.lang:open 44 * @run main/othervm ClassDeclaredFieldsTest UNSECURE 45 * @run main/othervm ClassDeclaredFieldsTest SECURE 46 * 47 * @author danielfuchs 48 */ 49public class ClassDeclaredFieldsTest { 50 51 // Test with or without a security manager 52 public static enum TestCase { 53 UNSECURE, SECURE; 54 public void run() throws Exception { 55 System.out.println("Running test case: " + name()); 56 Configure.setUp(this); 57 test(this); 58 } 59 } 60 /** 61 * @param args the command line arguments 62 */ 63 public static void main(String[] args) throws Exception { 64 System.out.println(System.getProperty("java.version")); 65 if (args == null || args.length == 0) { 66 args = new String[] { "SECURE" }; 67 } else if (args.length != 1) { 68 throw new IllegalArgumentException("Only one arg expected: " 69 + Arrays.asList(args)); 70 } 71 TestCase.valueOf(args[0]).run(); 72 } 73 74 static void test(TestCase test) { 75 for (Field f : Class.class.getDeclaredFields()) { 76 f.setAccessible(true); 77 System.out.println("Field "+f.getName()+" is now accessible."); 78 if (f.getName().equals("classLoader")) { 79 throw new RuntimeException("Found "+f.getName()+" field!"); 80 } 81 } 82 try { 83 Class.class.getDeclaredField("classLoader"); 84 throw new RuntimeException("Expected NoSuchFieldException for" 85 + " 'classLoader' field not raised"); 86 } catch(NoSuchFieldException x) { 87 System.out.println("Got expected exception: " + x); 88 } 89 System.out.println("Passed "+test); 90 } 91 92 // A helper class to configure the security manager for the test, 93 // and bypass it when needed. 94 static class Configure { 95 static Policy policy = null; 96 static final ThreadLocal<AtomicBoolean> allowAll = new ThreadLocal<AtomicBoolean>() { 97 @Override 98 protected AtomicBoolean initialValue() { 99 return new AtomicBoolean(false); 100 } 101 }; 102 static void setUp(TestCase test) { 103 switch (test) { 104 case SECURE: 105 if (policy == null && System.getSecurityManager() != null) { 106 throw new IllegalStateException("SecurityManager already set"); 107 } else if (policy == null) { 108 policy = new SimplePolicy(TestCase.SECURE, allowAll); 109 Policy.setPolicy(policy); 110 System.setSecurityManager(new SecurityManager()); 111 } 112 if (System.getSecurityManager() == null) { 113 throw new IllegalStateException("No SecurityManager."); 114 } 115 if (policy == null) { 116 throw new IllegalStateException("policy not configured"); 117 } 118 break; 119 case UNSECURE: 120 if (System.getSecurityManager() != null) { 121 throw new IllegalStateException("SecurityManager already set"); 122 } 123 break; 124 default: 125 throw new InternalError("No such testcase: " + test); 126 } 127 } 128 static void doPrivileged(Runnable run) { 129 allowAll.get().set(true); 130 try { 131 run.run(); 132 } finally { 133 allowAll.get().set(false); 134 } 135 } 136 } 137 138 // A Helper class to build a set of permissions. 139 static final class PermissionsBuilder { 140 final Permissions perms; 141 public PermissionsBuilder() { 142 this(new Permissions()); 143 } 144 public PermissionsBuilder(Permissions perms) { 145 this.perms = perms; 146 } 147 public PermissionsBuilder add(Permission p) { 148 perms.add(p); 149 return this; 150 } 151 public PermissionsBuilder addAll(PermissionCollection col) { 152 if (col != null) { 153 for (Enumeration<Permission> e = col.elements(); e.hasMoreElements(); ) { 154 perms.add(e.nextElement()); 155 } 156 } 157 return this; 158 } 159 public Permissions toPermissions() { 160 final PermissionsBuilder builder = new PermissionsBuilder(); 161 builder.addAll(perms); 162 return builder.perms; 163 } 164 } 165 166 // Policy for the test... 167 public static class SimplePolicy extends Policy { 168 169 final Permissions permissions; 170 final Permissions allPermissions; 171 final ThreadLocal<AtomicBoolean> allowAll; // actually: this should be in a thread locale 172 public SimplePolicy(TestCase test, ThreadLocal<AtomicBoolean> allowAll) { 173 this.allowAll = allowAll; 174 // we don't actually need any permission to create our 175 // FileHandlers because we're passing invalid parameters 176 // which will make the creation fail... 177 permissions = new Permissions(); 178 permissions.add(new RuntimePermission("accessDeclaredMembers")); 179 permissions.add(new ReflectPermission("suppressAccessChecks")); 180 181 // these are used for configuring the test itself... 182 allPermissions = new Permissions(); 183 allPermissions.add(new java.security.AllPermission()); 184 185 } 186 187 @Override 188 public boolean implies(ProtectionDomain domain, Permission permission) { 189 if (allowAll.get().get()) return allPermissions.implies(permission); 190 return permissions.implies(permission); 191 } 192 193 @Override 194 public PermissionCollection getPermissions(CodeSource codesource) { 195 return new PermissionsBuilder().addAll(allowAll.get().get() 196 ? allPermissions : permissions).toPermissions(); 197 } 198 199 @Override 200 public PermissionCollection getPermissions(ProtectionDomain domain) { 201 return new PermissionsBuilder().addAll(allowAll.get().get() 202 ? allPermissions : permissions).toPermissions(); 203 } 204 } 205 206} 207