You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@harmony.apache.org by "Jesse Wilson (JIRA)" <ji...@apache.org> on 2009/07/08 23:59:15 UTC

[jira] Updated: (HARMONY-6264) Need a new native method: VM.getStackClass()

     [ https://issues.apache.org/jira/browse/HARMONY-6264?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jesse Wilson updated HARMONY-6264:
----------------------------------

    Attachment: getStackClass.patch

This only patches the classlib. Alongside this patch it is necessary to fix the DRLVM (and any other Harmony VMs)

> Need a new native method: VM.getStackClass()
> --------------------------------------------
>
>                 Key: HARMONY-6264
>                 URL: https://issues.apache.org/jira/browse/HARMONY-6264
>             Project: Harmony
>          Issue Type: Bug
>          Components: Classlib
>    Affects Versions: 5.0M10
>         Environment: SVN Revision: 785439
>            Reporter: Jesse Wilson
>            Priority: Minor
>         Attachments: getStackClass.patch
>
>   Original Estimate: 2h
>  Remaining Estimate: 2h
>
> We need a new native method, VM.getStackClass(int) to compliment VM.getStackClassLoader() and Class.getStackClasses(). It needs to be implemented in the VM vendors. I can fix Android's Dalvik VM, but I'll need a Harmony volunteer to fix DRLVM.
> Background:
> To implement AtomicReferenceFieldUpdater securely, it's necessary to capture the class of the caller, not just the class loader of the caller. Otherwise a rogue class (say, EvilBufferedInputStream) could use an AtomicReferenceFieldUpdater to modify protected fields of arbitrary instances (such as the buffer field of somebody else's BufferedInputStream).
> This blocks HARMONY-6262, which updates of our copy of java.util.concurrent to Doug Lea's latest. The getStackClass() call is needed for line 181 and its result is used on line 262:
>   http://gee.cs.oswego.edu/cgi-bin/viewcvs.cgi/jsr166/src/main/java/util/concurrent/atomic/AtomicReferenceFieldUpdater.java?annotate=1.41

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.