nickl- [Fri, 27 Oct 2017 06:10:22 +0000 (08:10 +0200)]
Even now Oracle still not happy.
Runtime still throws warnings illegal actions even after all that, there's
just no logic to it. We can use Unsafe but don't touch setAccessible. O well
might as well enjoy Unsafe while we still can.
Wrapped the Unsafe and added method cache with varargs method for invoke calls.
Can still do a lot with it but it does what it needs to for now.
nickl- [Fri, 27 Oct 2017 05:55:08 +0000 (07:55 +0200)]
Add caller class checking.
The only thing remotely inforceable is caller class checking. You cannot
bypass an exception with setAccesible. Oracle went and removed
Reflection.getCallerClass() completely in favour of StackWalker. At least
we can share the SecurityManage ClassContext, SecurityActions seems the
appropriate venue for our stack trace peek to support the older versions
nickl- [Fri, 27 Oct 2017 05:36:38 +0000 (07:36 +0200)]
MethodHandles for JDK7+.
Java 7 and 8 does support method handles so we can cater for them. When doing
repeated invokes to the same method, keeping a reference to the Method handle
is much faster than reflection. Also the API is cleaner not having to Object[]
args etc. Worth the effort...
nickl- [Fri, 27 Oct 2017 04:43:49 +0000 (06:43 +0200)]
Add getMethodHandle to SecurityActions.
The main advantage is that we can do the privileged setAccessible during creation and
then freely invoke via the authorized method handle.
As per the javadocs:
Access checks are applied in the factory methods of Lookup, when a method handle is created.
his is a key difference from the Core Reflection API, since java.lang.reflect.Method.invoke
performs access checking against every caller, on every call.
nickl- [Wed, 25 Oct 2017 18:40:04 +0000 (20:40 +0200)]
Make an effort to secure privileged use.
Oracle (or maybe it was still Sun) warns that we should prevent from exposing access we gain to
privileged functionality like the unsafe etc. Before Oracle decides to restrict us even more lets
make an effort at least.
nickl- [Mon, 30 Oct 2017 18:43:30 +0000 (20:43 +0200)]
Squash compiler warnings in tests.
With the unit tests warnings were squashed by suppressing them with SuppressWarnings annotations, instead of
reparing the issues as was done with the source. Reasons being...
* The tests might be relying on the types as they were defined.
* If the tests were written to test against the correct forms they would've/should've stipulated those.
* Even unused members might be important to tests so we attempt to change as little as possible.
The following were applied during multiple itterations through the source.
* Parameterize raw types.
* Mark unused members.
* Annotate override and deprecated methods.
* Convert loops to enhance for loop.
* Remove redundant else statements.
* Widening collection type references.
* Optimize code for improved readability.
* Squash compiler warnings.
* Identify smells.
nickl- [Wed, 25 Oct 2017 22:33:39 +0000 (00:33 +0200)]
Upgrade junit from ver 3 to 4.
There were minimal changes:
Some tests had their own runners these were discontinued as IDEs/maven run the tests anyway.
Removed the main methods for these.
2 tests were dependent on the running order so added the test sorter.
Andres Luuk [Mon, 10 Apr 2017 14:18:07 +0000 (17:18 +0300)]
Update ClassFile.java
A fix for older JDK8 versions: https://bugs.openjdk.java.net/browse/JDK-8041920
This caused random failures a little time after startup. Reported now so that when we upgrade javassist for JDK9 then we would not have to fork this class.
chibash [Tue, 20 Dec 2016 09:07:11 +0000 (18:07 +0900)]
updates the test code to run on Java 9 EA+149.
Due to the specification change of jigsaw, ClassLoader#defineClass()
cannot be invoked through reflection API. As a workaround,
--add-opens java.base/java.lang=ALL-UNNAMED
must be given to the JVM. The ant target "runtest9" adds this jvm
argument.