Author: kkolinko Date: Mon Jan 8 10:42:12 2018 New Revision: 1820546 URL: http://svn.apache.org/viewvc?rev=1820546&view=rev Log: Use a loop to preload anonymous inner classes, to be safe for future changes in the code or using a different compiler.. https://bz.apache.org/bugzilla/show_bug.cgi?id=47214
Modified: tomcat/tc8.5.x/trunk/java/org/apache/catalina/security/SecurityClassLoad.java tomcat/tc8.5.x/trunk/java/org/apache/jasper/security/SecurityClassLoad.java tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml Modified: tomcat/tc8.5.x/trunk/java/org/apache/catalina/security/SecurityClassLoad.java URL: http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/java/org/apache/catalina/security/SecurityClassLoad.java?rev=1820546&r1=1820545&r2=1820546&view=diff ============================================================================== --- tomcat/tc8.5.x/trunk/java/org/apache/catalina/security/SecurityClassLoad.java (original) +++ tomcat/tc8.5.x/trunk/java/org/apache/catalina/security/SecurityClassLoad.java Mon Jan 8 10:42:12 2018 @@ -61,9 +61,7 @@ public final class SecurityClassLoad { loader.loadClass(basePackage + "AsyncContextImpl$DebugException"); loader.loadClass(basePackage + "AsyncListenerWrapper"); loader.loadClass(basePackage + "ContainerBase$PrivilegedAddChild"); - loader.loadClass(basePackage + "DefaultInstanceManager$1"); - loader.loadClass(basePackage + "DefaultInstanceManager$2"); - loader.loadClass(basePackage + "DefaultInstanceManager$3"); + loadAnonymousInnerClasses(loader, basePackage + "DefaultInstanceManager"); loader.loadClass(basePackage + "DefaultInstanceManager$AnnotationCacheEntry"); loader.loadClass(basePackage + "DefaultInstanceManager$AnnotationCacheEntryType"); loader.loadClass(basePackage + "ApplicationHttpRequest$AttributeNamesEnumerator"); @@ -93,7 +91,7 @@ public final class SecurityClassLoad { private static final void loadSessionPackage(ClassLoader loader) throws Exception { final String basePackage = "org.apache.catalina.session."; loader.loadClass(basePackage + "StandardSession"); - loader.loadClass(basePackage + "StandardSession$1"); + loadAnonymousInnerClasses(loader, basePackage + "StandardSession"); loader.loadClass(basePackage + "StandardManager$PrivilegedDoUnload"); } @@ -106,7 +104,7 @@ public final class SecurityClassLoad { private static final void loadValvesPackage(ClassLoader loader) throws Exception { final String basePackage = "org.apache.catalina.valves."; - loader.loadClass(basePackage + "AbstractAccessLogValve$3"); + loadAnonymousInnerClasses(loader, basePackage + "AbstractAccessLogValve"); } private static final void loadCoyotePackage(ClassLoader loader) throws Exception { @@ -139,18 +137,11 @@ public final class SecurityClassLoad { loader.loadClass(basePackage + "ResponseFacade$SetContentTypePrivilegedAction"); loader.loadClass(basePackage + "ResponseFacade$DateHeaderPrivilegedAction"); loader.loadClass(basePackage + "RequestFacade$GetSessionPrivilegedAction"); - loader.loadClass(basePackage + "ResponseFacade$1"); - loader.loadClass(basePackage + "OutputBuffer$1"); - loader.loadClass(basePackage + "OutputBuffer$2"); - loader.loadClass(basePackage + "CoyoteInputStream$1"); - loader.loadClass(basePackage + "CoyoteInputStream$2"); - loader.loadClass(basePackage + "CoyoteInputStream$3"); - loader.loadClass(basePackage + "CoyoteInputStream$4"); - loader.loadClass(basePackage + "CoyoteInputStream$5"); - loader.loadClass(basePackage + "InputBuffer$1"); - loader.loadClass(basePackage + "Response$1"); - loader.loadClass(basePackage + "Response$2"); - loader.loadClass(basePackage + "Response$3"); + loadAnonymousInnerClasses(loader, basePackage + "ResponseFacade"); + loadAnonymousInnerClasses(loader, basePackage + "OutputBuffer"); + loadAnonymousInnerClasses(loader, basePackage + "CoyoteInputStream"); + loadAnonymousInnerClasses(loader, basePackage + "InputBuffer"); + loadAnonymousInnerClasses(loader, basePackage + "Response"); } private static final void loadTomcatPackage(ClassLoader loader) throws Exception { @@ -192,4 +183,14 @@ public final class SecurityClassLoad { loader.loadClass(basePackage + "util.security.PrivilegedGetTccl"); loader.loadClass(basePackage + "util.security.PrivilegedSetTccl"); } + + private static final void loadAnonymousInnerClasses(ClassLoader loader, String enclosingClass) { + try { + for (int i = 1;; i++) { + loader.loadClass(enclosingClass + '$' + i); + } + } catch (ClassNotFoundException ignored) { + // + } + } } Modified: tomcat/tc8.5.x/trunk/java/org/apache/jasper/security/SecurityClassLoad.java URL: http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/java/org/apache/jasper/security/SecurityClassLoad.java?rev=1820546&r1=1820545&r2=1820546&view=diff ============================================================================== --- tomcat/tc8.5.x/trunk/java/org/apache/jasper/security/SecurityClassLoad.java (original) +++ tomcat/tc8.5.x/trunk/java/org/apache/jasper/security/SecurityClassLoad.java Mon Jan 8 10:42:12 2018 @@ -53,18 +53,7 @@ public final class SecurityClassLoad { loader.loadClass(basePackage + "runtime.ProtectedFunctionMapper"); loader.loadClass(basePackage + "runtime.PageContextImpl"); - loader.loadClass(basePackage + "runtime.PageContextImpl$1"); - loader.loadClass(basePackage + "runtime.PageContextImpl$2"); - loader.loadClass(basePackage + "runtime.PageContextImpl$3"); - loader.loadClass(basePackage + "runtime.PageContextImpl$4"); - loader.loadClass(basePackage + "runtime.PageContextImpl$5"); - loader.loadClass(basePackage + "runtime.PageContextImpl$6"); - loader.loadClass(basePackage + "runtime.PageContextImpl$7"); - loader.loadClass(basePackage + "runtime.PageContextImpl$8"); - loader.loadClass(basePackage + "runtime.PageContextImpl$9"); - loader.loadClass(basePackage + "runtime.PageContextImpl$10"); - loader.loadClass(basePackage + "runtime.PageContextImpl$11"); - loader.loadClass(basePackage + "runtime.PageContextImpl$12"); + loadAnonymousInnerClasses(loader, basePackage + "runtime.PageContextImpl"); loader.loadClass(basePackage + "runtime.JspContextWrapper"); @@ -73,9 +62,19 @@ public final class SecurityClassLoad { loader.loadClass(basePackage + "servlet.JspServletWrapper"); - loader.loadClass(basePackage + "runtime.JspWriterImpl$1"); + loadAnonymousInnerClasses(loader, "runtime.JspWriterImpl"); } catch (ClassNotFoundException ex) { log.error("SecurityClassLoad", ex); } } + + private static final void loadAnonymousInnerClasses(ClassLoader loader, String enclosingClass) { + try { + for (int i = 1;; i++) { + loader.loadClass(enclosingClass + '$' + i); + } + } catch (ClassNotFoundException ignored) { + // + } + } } Modified: tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml?rev=1820546&r1=1820545&r2=1820546&view=diff ============================================================================== --- tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml Mon Jan 8 10:42:12 2018 @@ -47,6 +47,11 @@ <section name="Tomcat 8.5.25 (markt)" rtext="in development"> <subsection name="Catalina"> <changelog> + <fix> + <bug>47214</bug>: Use a loop to preload anonymous inner classes + when running under a <code>SecurityManager</code>, to be safe for + future changes in the code or using a different compiler. (kkolinko) + </fix> <add> <bug>57619</bug>: Implement a small optimisation to how JAR URLs are processed to reduce the storage of duplicate String objects in memory. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org