You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@groovy.apache.org by su...@apache.org on 2017/12/04 07:57:41 UTC
groovy git commit: Create GroovyClassLoader inside doPrivileged block
Repository: groovy
Updated Branches:
refs/heads/master 45e76e7c6 -> 580cf3979
Create GroovyClassLoader inside doPrivileged block
Project: http://git-wip-us.apache.org/repos/asf/groovy/repo
Commit: http://git-wip-us.apache.org/repos/asf/groovy/commit/580cf397
Tree: http://git-wip-us.apache.org/repos/asf/groovy/tree/580cf397
Diff: http://git-wip-us.apache.org/repos/asf/groovy/diff/580cf397
Branch: refs/heads/master
Commit: 580cf39795882e3d132700ed64dcc6e63a903947
Parents: 45e76e7
Author: sunlan <su...@apache.org>
Authored: Mon Dec 4 15:57:33 2017 +0800
Committer: sunlan <su...@apache.org>
Committed: Mon Dec 4 15:57:33 2017 +0800
----------------------------------------------------------------------
src/main/org/codehaus/groovy/control/Phases.java | 2 +-
.../org/codehaus/groovy/control/ProcessingUnit.java | 16 +++++++++++++---
2 files changed, 14 insertions(+), 4 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/groovy/blob/580cf397/src/main/org/codehaus/groovy/control/Phases.java
----------------------------------------------------------------------
diff --git a/src/main/org/codehaus/groovy/control/Phases.java b/src/main/org/codehaus/groovy/control/Phases.java
index f43376d..47e421f 100644
--- a/src/main/org/codehaus/groovy/control/Phases.java
+++ b/src/main/org/codehaus/groovy/control/Phases.java
@@ -40,7 +40,7 @@ public class Phases
public static final int FINALIZATION = 9; // Cleanup
public static final int ALL = 9; // Synonym for full compilation
- public static String[] descriptions = {
+ public static final String[] descriptions = {
"startup"
, "initialization"
, "parsing"
http://git-wip-us.apache.org/repos/asf/groovy/blob/580cf397/src/main/org/codehaus/groovy/control/ProcessingUnit.java
----------------------------------------------------------------------
diff --git a/src/main/org/codehaus/groovy/control/ProcessingUnit.java b/src/main/org/codehaus/groovy/control/ProcessingUnit.java
index 2861479..adc252d 100644
--- a/src/main/org/codehaus/groovy/control/ProcessingUnit.java
+++ b/src/main/org/codehaus/groovy/control/ProcessingUnit.java
@@ -20,6 +20,9 @@ package org.codehaus.groovy.control;
import groovy.lang.GroovyClassLoader;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+
/**
* A base class for data structures that can collect messages and errors
* during processing.
@@ -99,9 +102,16 @@ public abstract class ProcessingUnit {
*/
public void setClassLoader(GroovyClassLoader loader) {
- ClassLoader parent = Thread.currentThread().getContextClassLoader();
- if (parent == null) parent = ProcessingUnit.class.getClassLoader();
- this.classLoader = (loader == null ? new GroovyClassLoader(parent, configuration) : loader);
+ // Classloaders should only be created inside doPrivileged block
+ // This code creates a classloader, which needs permission if a security manage is installed.
+ // If this code might be invoked by code that does not have security permissions, then the classloader creation needs to occur inside a doPrivileged block.
+ this.classLoader = (GroovyClassLoader) AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader parent = Thread.currentThread().getContextClassLoader();
+ if (parent == null) parent = ProcessingUnit.class.getClassLoader();
+ return loader == null ? new GroovyClassLoader(parent, configuration) : loader;
+ }
+ });
}