You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@groovy.apache.org by su...@apache.org on 2021/09/08 07:39:34 UTC

[groovy] branch danielsun/avoid-unnecessary-security-checks updated (9b383ac -> 5393af7)

This is an automated email from the ASF dual-hosted git repository.

sunlan pushed a change to branch danielsun/avoid-unnecessary-security-checks
in repository https://gitbox.apache.org/repos/asf/groovy.git.


 discard 9b383ac  GROOVY-10216: Avoid unnecessary security checks for each invocation
     new 5393af7  GROOVY-10216: Avoid unnecessary security checks for each invocation

This update added new revisions after undoing existing revisions.
That is to say, some revisions that were in the old version of the
branch are not in the new version.  This situation occurs
when a user --force pushes a change and generates a repository
containing something like this:

 * -- * -- B -- O -- O -- O   (9b383ac)
            \
             N -- N -- N   refs/heads/danielsun/avoid-unnecessary-security-checks (5393af7)

You should already have received notification emails for all of the O
revisions, and so the following emails describe only the N revisions
from the common base, B.

Any revisions marked "omit" are not gone; other references still
refer to them.  Any revisions marked "discard" are gone forever.

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 .../java/org/codehaus/groovy/reflection/CachedConstructor.java | 10 ++++++++--
 src/main/java/org/codehaus/groovy/reflection/CachedField.java  | 10 ++++++++--
 src/main/java/org/codehaus/groovy/reflection/CachedMethod.java | 10 ++++++++--
 3 files changed, 24 insertions(+), 6 deletions(-)

[groovy] 01/01: GROOVY-10216: Avoid unnecessary security checks for each invocation

Posted by su...@apache.org.
This is an automated email from the ASF dual-hosted git repository.

sunlan pushed a commit to branch danielsun/avoid-unnecessary-security-checks
in repository https://gitbox.apache.org/repos/asf/groovy.git

commit 5393af7ad9d6ce2affc49036d6f9813ab4898eec
Author: Daniel Sun <su...@apache.org>
AuthorDate: Wed Sep 8 13:48:54 2021 +0800

    GROOVY-10216: Avoid unnecessary security checks for each invocation
---
 .../org/codehaus/groovy/reflection/CachedConstructor.java  | 14 +++++++++++++-
 .../java/org/codehaus/groovy/reflection/CachedField.java   | 14 +++++++++++++-
 .../java/org/codehaus/groovy/reflection/CachedMethod.java  | 14 +++++++++++++-
 3 files changed, 39 insertions(+), 3 deletions(-)

diff --git a/src/main/java/org/codehaus/groovy/reflection/CachedConstructor.java b/src/main/java/org/codehaus/groovy/reflection/CachedConstructor.java
index 1546bd4..28d0ced 100644
--- a/src/main/java/org/codehaus/groovy/reflection/CachedConstructor.java
+++ b/src/main/java/org/codehaus/groovy/reflection/CachedConstructor.java
@@ -25,6 +25,8 @@ import org.codehaus.groovy.runtime.InvokerInvocationException;
 import java.lang.reflect.Constructor;
 import java.lang.reflect.InvocationTargetException;
 import java.lang.reflect.Modifier;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
 
 import static org.codehaus.groovy.reflection.ReflectionUtils.makeAccessibleInPrivilegedAction;
 
@@ -125,7 +127,17 @@ public class CachedConstructor extends ParameterTypes {
     private boolean makeAccessibleDone = false;
     private void makeAccessibleIfNecessary() {
         if (!makeAccessibleDone) {
-            makeAccessibleInPrivilegedAction(cachedConstructor);
+            if (cachedConstructor.isAccessible()) {
+                try {
+                    AccessController.doPrivileged((PrivilegedAction<Object>) () -> {
+                        cachedConstructor.setAccessible(true);
+                        return null;
+                    });
+                } catch (Throwable ignored) {
+                }
+            } else {
+                makeAccessibleInPrivilegedAction(cachedConstructor);
+            }
             makeAccessibleDone = true;
         }
     }
diff --git a/src/main/java/org/codehaus/groovy/reflection/CachedField.java b/src/main/java/org/codehaus/groovy/reflection/CachedField.java
index 6c666aa..68e580c 100644
--- a/src/main/java/org/codehaus/groovy/reflection/CachedField.java
+++ b/src/main/java/org/codehaus/groovy/reflection/CachedField.java
@@ -24,6 +24,8 @@ import org.codehaus.groovy.runtime.typehandling.DefaultTypeTransformation;
 
 import java.lang.reflect.Field;
 import java.lang.reflect.Modifier;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
 
 import static org.codehaus.groovy.reflection.ReflectionUtils.makeAccessibleInPrivilegedAction;
 
@@ -95,7 +97,17 @@ public class CachedField extends MetaProperty {
     private transient boolean madeAccessible;
     private void makeAccessibleIfNecessary() {
         if (!madeAccessible) {
-            makeAccessibleInPrivilegedAction(field);
+            if (field.isAccessible()) {
+                try {
+                    AccessController.doPrivileged((PrivilegedAction<Object>) () -> {
+                        field.setAccessible(true);
+                        return null;
+                    });
+                } catch (Throwable ignored) {
+                }
+            } else {
+                makeAccessibleInPrivilegedAction(field);
+            }
             madeAccessible = true;
         }
         AccessPermissionChecker.checkAccessPermission(field);
diff --git a/src/main/java/org/codehaus/groovy/reflection/CachedMethod.java b/src/main/java/org/codehaus/groovy/reflection/CachedMethod.java
index 838db6a..1acbff3 100644
--- a/src/main/java/org/codehaus/groovy/reflection/CachedMethod.java
+++ b/src/main/java/org/codehaus/groovy/reflection/CachedMethod.java
@@ -36,6 +36,8 @@ import java.lang.ref.SoftReference;
 import java.lang.reflect.Constructor;
 import java.lang.reflect.InvocationTargetException;
 import java.lang.reflect.Method;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
 import java.util.Arrays;
 import java.util.Comparator;
 
@@ -394,7 +396,17 @@ public class CachedMethod extends MetaMethod implements Comparable {
     private boolean makeAccessibleDone = false;
     private void makeAccessibleIfNecessary() {
         if (!makeAccessibleDone) {
-            makeAccessibleInPrivilegedAction(cachedMethod);
+            if (cachedMethod.isAccessible()) {
+                try {
+                    AccessController.doPrivileged((PrivilegedAction<Object>) () -> {
+                        cachedMethod.setAccessible(true);
+                        return null;
+                    });
+                } catch (Throwable ignored) {
+                }
+            } else {
+                makeAccessibleInPrivilegedAction(cachedMethod);
+            }
             makeAccessibleDone = true;
         }
     }