From cbdb59e290a6d5b4ce8e92acb5f827f1a72a7e50 Mon Sep 17 00:00:00 2001 From: Matej Novotny Date: Wed, 15 May 2024 17:05:52 +0200 Subject: [PATCH] Use privileged action to instantiate LiteExtensionTranslator. Replace remaining usages of long deprecated Class#newInstance() with getDeclaredConstructor().newInstance(). --- .../discovery/jandex/SecurityActions.java | 9 +++-- .../environment/util/SecurityActions.java | 10 ++++-- .../weld/environment/se/SecurityActions.java | 33 +++++++++++++++++-- .../org/jboss/weld/environment/se/Weld.java | 3 +- .../environment/servlet/SecurityActions.java | 9 +++-- .../weld/bean/proxy/DecorationHelper.java | 3 +- .../bean/proxy/DefaultProxyInstantiator.java | 6 ++-- .../jboss/weld/bean/proxy/ProxyFactory.java | 3 +- .../weld/bean/proxy/ProxyInstantiator.java | 10 +++--- .../org/jboss/weld/injection/Exceptions.java | 5 +-- .../weld/security/NewInstanceAction.java | 19 +++++++---- .../tests/unit/security/ReflectionTest.java | 3 +- .../ejb/SessionBeanProxyInstantiator.java | 4 ++- .../extension/AbstractInterceptor.java | 2 +- .../interceptors/lhotse/fst/GenericDAO.java | 2 +- .../tests/interceptors/tb/GenericDAO.java | 2 +- 16 files changed, 89 insertions(+), 34 deletions(-) diff --git a/environments/common/src/main/java/org/jboss/weld/environment/deployment/discovery/jandex/SecurityActions.java b/environments/common/src/main/java/org/jboss/weld/environment/deployment/discovery/jandex/SecurityActions.java index 6022d7344e0..4d34ce8896c 100644 --- a/environments/common/src/main/java/org/jboss/weld/environment/deployment/discovery/jandex/SecurityActions.java +++ b/environments/common/src/main/java/org/jboss/weld/environment/deployment/discovery/jandex/SecurityActions.java @@ -22,6 +22,7 @@ import org.jboss.weld.exceptions.WeldException; import org.jboss.weld.security.ConstructorNewInstanceAction; +import org.jboss.weld.security.GetDeclaredConstructorAction; import org.jboss.weld.security.NewInstanceAction; /** @@ -38,15 +39,17 @@ private SecurityActions() { * @throws InstantiationException * @throws IllegalAccessException */ - static T newInstance(Class javaClass) throws InstantiationException, IllegalAccessException { + static T newInstance(Class javaClass) + throws InstantiationException, IllegalAccessException, NoSuchMethodException, InvocationTargetException { if (System.getSecurityManager() != null) { try { - return AccessController.doPrivileged(NewInstanceAction.of(javaClass)); + return AccessController.doPrivileged( + NewInstanceAction.of(AccessController.doPrivileged(GetDeclaredConstructorAction.of(javaClass)))); } catch (PrivilegedActionException e) { throw new WeldException(e.getCause()); } } else { - return javaClass.newInstance(); + return javaClass.getDeclaredConstructor().newInstance(); } } diff --git a/environments/common/src/main/java/org/jboss/weld/environment/util/SecurityActions.java b/environments/common/src/main/java/org/jboss/weld/environment/util/SecurityActions.java index 7c96dec414c..774ab5dbe48 100644 --- a/environments/common/src/main/java/org/jboss/weld/environment/util/SecurityActions.java +++ b/environments/common/src/main/java/org/jboss/weld/environment/util/SecurityActions.java @@ -16,10 +16,12 @@ */ package org.jboss.weld.environment.util; +import java.lang.reflect.InvocationTargetException; import java.security.AccessController; import java.security.PrivilegedActionException; import org.jboss.weld.exceptions.WeldException; +import org.jboss.weld.security.GetDeclaredConstructorAction; import org.jboss.weld.security.NewInstanceAction; /** @@ -38,15 +40,17 @@ private SecurityActions() { * @throws InstantiationException * @throws IllegalAccessException */ - static T newInstance(Class javaClass) throws InstantiationException, IllegalAccessException { + static T newInstance(Class javaClass) + throws InstantiationException, IllegalAccessException, NoSuchMethodException, InvocationTargetException { if (System.getSecurityManager() != null) { try { - return AccessController.doPrivileged(NewInstanceAction.of(javaClass)); + return AccessController.doPrivileged( + NewInstanceAction.of(AccessController.doPrivileged(GetDeclaredConstructorAction.of(javaClass)))); } catch (PrivilegedActionException e) { throw new WeldException(e.getCause()); } } else { - return javaClass.newInstance(); + return javaClass.getDeclaredConstructor().newInstance(); } } diff --git a/environments/se/core/src/main/java/org/jboss/weld/environment/se/SecurityActions.java b/environments/se/core/src/main/java/org/jboss/weld/environment/se/SecurityActions.java index 405a029a2f1..e37282a8408 100644 --- a/environments/se/core/src/main/java/org/jboss/weld/environment/se/SecurityActions.java +++ b/environments/se/core/src/main/java/org/jboss/weld/environment/se/SecurityActions.java @@ -16,11 +16,14 @@ */ package org.jboss.weld.environment.se; +import java.lang.reflect.Constructor; +import java.lang.reflect.InvocationTargetException; import java.security.AccessController; import java.security.PrivilegedAction; import java.security.PrivilegedActionException; import org.jboss.weld.exceptions.WeldException; +import org.jboss.weld.security.GetDeclaredConstructorAction; import org.jboss.weld.security.NewInstanceAction; /** @@ -39,15 +42,39 @@ private SecurityActions() { * @throws InstantiationException * @throws IllegalAccessException */ - static T newInstance(Class javaClass) throws InstantiationException, IllegalAccessException { + static T newInstance(Class javaClass) + throws InstantiationException, IllegalAccessException, NoSuchMethodException, InvocationTargetException { if (System.getSecurityManager() != null) { try { - return AccessController.doPrivileged(NewInstanceAction.of(javaClass)); + Constructor constructor = AccessController.doPrivileged(GetDeclaredConstructorAction.of(javaClass)); + return AccessController.doPrivileged(NewInstanceAction.of(constructor)); } catch (PrivilegedActionException e) { throw new WeldException(e.getCause()); } } else { - return javaClass.newInstance(); + return javaClass.getDeclaredConstructor().newInstance(); + } + } + + static Constructor getDeclaredConstructor(Class javaClass, Class... parameterTypes) + throws NoSuchMethodException, PrivilegedActionException { + if (System.getSecurityManager() != null) { + return AccessController.doPrivileged(GetDeclaredConstructorAction.of(javaClass, parameterTypes)); + } else { + return javaClass.getDeclaredConstructor(parameterTypes); + } + } + + static T newInstance(Constructor constructor, Object... params) + throws InstantiationException, IllegalAccessException, InvocationTargetException { + if (System.getSecurityManager() != null) { + try { + return AccessController.doPrivileged(NewInstanceAction.of(constructor, params)); + } catch (PrivilegedActionException e) { + throw new WeldException(e.getCause()); + } + } else { + return constructor.newInstance(params); } } diff --git a/environments/se/core/src/main/java/org/jboss/weld/environment/se/Weld.java b/environments/se/core/src/main/java/org/jboss/weld/environment/se/Weld.java index 73fb925c049..a24e15d858b 100644 --- a/environments/se/core/src/main/java/org/jboss/weld/environment/se/Weld.java +++ b/environments/se/core/src/main/java/org/jboss/weld/environment/se/Weld.java @@ -1181,7 +1181,8 @@ protected Iterable> getExtensions() { if (!allBce.isEmpty()) { try { result.add(new MetadataImpl( - new LiteExtensionTranslator(allBce, Thread.currentThread().getContextClassLoader()), + SecurityActions.newInstance(SecurityActions.getDeclaredConstructor(LiteExtensionTranslator.class, + Collection.class, ClassLoader.class), allBce, Thread.currentThread().getContextClassLoader()), SYNTHETIC_LOCATION_PREFIX + LiteExtensionTranslator.class.getName())); } catch (Exception e) { throw new RuntimeException(e); diff --git a/environments/servlet/core/src/main/java/org/jboss/weld/environment/servlet/SecurityActions.java b/environments/servlet/core/src/main/java/org/jboss/weld/environment/servlet/SecurityActions.java index 1b50929c346..fa3be19f14d 100644 --- a/environments/servlet/core/src/main/java/org/jboss/weld/environment/servlet/SecurityActions.java +++ b/environments/servlet/core/src/main/java/org/jboss/weld/environment/servlet/SecurityActions.java @@ -24,6 +24,7 @@ import org.jboss.weld.exceptions.WeldException; import org.jboss.weld.security.ConstructorNewInstanceAction; +import org.jboss.weld.security.GetDeclaredConstructorAction; import org.jboss.weld.security.MethodLookupAction; import org.jboss.weld.security.NewInstanceAction; @@ -41,15 +42,17 @@ private SecurityActions() { * @throws InstantiationException * @throws IllegalAccessException */ - static T newInstance(Class javaClass) throws InstantiationException, IllegalAccessException { + static T newInstance(Class javaClass) + throws InstantiationException, IllegalAccessException, NoSuchMethodException, InvocationTargetException { if (System.getSecurityManager() != null) { try { - return AccessController.doPrivileged(NewInstanceAction.of(javaClass)); + return AccessController.doPrivileged( + NewInstanceAction.of(AccessController.doPrivileged(GetDeclaredConstructorAction.of(javaClass)))); } catch (PrivilegedActionException e) { throw new WeldException(e.getCause()); } } else { - return javaClass.newInstance(); + return javaClass.getDeclaredConstructor().newInstance(); } } diff --git a/impl/src/main/java/org/jboss/weld/bean/proxy/DecorationHelper.java b/impl/src/main/java/org/jboss/weld/bean/proxy/DecorationHelper.java index 413cd49bcb6..76d5557fdf1 100644 --- a/impl/src/main/java/org/jboss/weld/bean/proxy/DecorationHelper.java +++ b/impl/src/main/java/org/jboss/weld/bean/proxy/DecorationHelper.java @@ -17,6 +17,7 @@ package org.jboss.weld.bean.proxy; +import java.lang.reflect.InvocationTargetException; import java.security.AccessController; import java.security.PrivilegedAction; import java.util.LinkedList; @@ -128,7 +129,7 @@ public DecoratorProxyMethodHandler createMethodHandler(InjectionPoint injectionP public T run() { try { return instantiator.newInstance(proxyClassForDecorator); - } catch (InstantiationException e) { + } catch (InstantiationException | NoSuchMethodException | InvocationTargetException e) { throw new DefinitionException(BeanLogger.LOG.proxyInstantiationFailed(this), e.getCause()); } catch (IllegalAccessException e) { throw new DefinitionException(BeanLogger.LOG.proxyInstantiationBeanAccessFailed(this), e.getCause()); diff --git a/impl/src/main/java/org/jboss/weld/bean/proxy/DefaultProxyInstantiator.java b/impl/src/main/java/org/jboss/weld/bean/proxy/DefaultProxyInstantiator.java index d0b568de789..e03b48da9ba 100644 --- a/impl/src/main/java/org/jboss/weld/bean/proxy/DefaultProxyInstantiator.java +++ b/impl/src/main/java/org/jboss/weld/bean/proxy/DefaultProxyInstantiator.java @@ -17,6 +17,7 @@ package org.jboss.weld.bean.proxy; import java.lang.reflect.Constructor; +import java.lang.reflect.InvocationTargetException; import java.lang.reflect.Modifier; import jakarta.enterprise.inject.spi.Bean; @@ -39,8 +40,9 @@ private DefaultProxyInstantiator() { } @Override - public T newInstance(Class clazz) throws InstantiationException, IllegalAccessException { - return clazz.newInstance(); + public T newInstance(Class clazz) + throws InstantiationException, IllegalAccessException, NoSuchMethodException, InvocationTargetException { + return clazz.getDeclaredConstructor().newInstance(); } @Override diff --git a/impl/src/main/java/org/jboss/weld/bean/proxy/ProxyFactory.java b/impl/src/main/java/org/jboss/weld/bean/proxy/ProxyFactory.java index 39393761ac6..1425517da3d 100644 --- a/impl/src/main/java/org/jboss/weld/bean/proxy/ProxyFactory.java +++ b/impl/src/main/java/org/jboss/weld/bean/proxy/ProxyFactory.java @@ -25,6 +25,7 @@ import java.io.IOException; import java.io.Serializable; import java.lang.reflect.Constructor; +import java.lang.reflect.InvocationTargetException; import java.lang.reflect.Method; import java.lang.reflect.Modifier; import java.lang.reflect.Type; @@ -386,7 +387,7 @@ public T run() { return newInstantiator.newInstance(proxyClass); } return proxyInstantiator.newInstance(proxyClass); - } catch (InstantiationException e) { + } catch (InstantiationException | NoSuchMethodException | InvocationTargetException e) { throw new DefinitionException(BeanLogger.LOG.proxyInstantiationFailed(this), e.getCause()); } catch (IllegalAccessException e) { throw new DefinitionException(BeanLogger.LOG.proxyInstantiationBeanAccessFailed(this), e.getCause()); diff --git a/impl/src/main/java/org/jboss/weld/bean/proxy/ProxyInstantiator.java b/impl/src/main/java/org/jboss/weld/bean/proxy/ProxyInstantiator.java index 09e698774a2..69509a3ab25 100644 --- a/impl/src/main/java/org/jboss/weld/bean/proxy/ProxyInstantiator.java +++ b/impl/src/main/java/org/jboss/weld/bean/proxy/ProxyInstantiator.java @@ -17,6 +17,7 @@ package org.jboss.weld.bean.proxy; import java.lang.reflect.Constructor; +import java.lang.reflect.InvocationTargetException; import java.util.List; import jakarta.enterprise.inject.spi.Bean; @@ -34,7 +35,7 @@ /** * Implementations of this interface are capable of creating instances of a given proxy class. This can either be done simply by * calling - * {@link Class#newInstance()} or using more advanced mechanism (e.g. sun.misc.Unsafe) + * {@code clazz.getDeclaredConstructor().newInstance()} or using more advanced mechanism (e.g. sun.misc.Unsafe) * * @author Jozef Hartinger * @@ -52,7 +53,8 @@ public interface ProxyInstantiator extends Service { * @param clazz the class * @return an instance of a proxy class */ - T newInstance(Class clazz) throws InstantiationException, IllegalAccessException; + T newInstance(Class clazz) + throws InstantiationException, IllegalAccessException, NoSuchMethodException, InvocationTargetException; /** * Validate, whether the given constructor is sufficient for a class to be proxyable. @@ -137,7 +139,7 @@ public static ProxyInstantiator create(WeldConfiguration configuration) { } private static ProxyInstantiator newInstance(String implementation) - throws InstantiationException, IllegalAccessException { + throws InstantiationException, IllegalAccessException, NoSuchMethodException, InvocationTargetException { if (DefaultProxyInstantiator.class.getName().equals(implementation)) { return DefaultProxyInstantiator.INSTANCE; } @@ -146,7 +148,7 @@ private static ProxyInstantiator newInstance(String implementation) if (clazz == null) { throw new WeldException("Unable to load ProxyInstantiator implementation: " + implementation); } - return clazz.newInstance(); + return clazz.getDeclaredConstructor().newInstance(); } } diff --git a/impl/src/main/java/org/jboss/weld/injection/Exceptions.java b/impl/src/main/java/org/jboss/weld/injection/Exceptions.java index dc7f6562f2b..d28c9d6cc46 100644 --- a/impl/src/main/java/org/jboss/weld/injection/Exceptions.java +++ b/impl/src/main/java/org/jboss/weld/injection/Exceptions.java @@ -23,6 +23,7 @@ import jakarta.enterprise.inject.CreationException; import org.jboss.weld.exceptions.WeldException; +import org.jboss.weld.security.GetDeclaredConstructorAction; import org.jboss.weld.security.NewInstanceAction; class Exceptions { @@ -36,8 +37,8 @@ private static void rethrowException(Throwable t, Class extends AbstractGenericReflectionAction implements PrivilegedExceptionAction { - public static NewInstanceAction of(Class javaClass) { - return new NewInstanceAction(javaClass); + public static NewInstanceAction of(Constructor constructor, Object... params) { + return new NewInstanceAction(constructor, params); } - public NewInstanceAction(Class javaClass) { - super(javaClass); + private final Constructor constructor; + private final Object[] params; + + public NewInstanceAction(Constructor constructor, Object... params) { + super(constructor.getDeclaringClass()); + this.constructor = constructor; + this.params = params; } @Override - public T run() throws InstantiationException, IllegalAccessException { - return javaClass.newInstance(); + public T run() throws InvocationTargetException, InstantiationException, IllegalAccessException { + return constructor.newInstance(params); } } diff --git a/impl/src/test/java/org/jboss/weld/tests/unit/security/ReflectionTest.java b/impl/src/test/java/org/jboss/weld/tests/unit/security/ReflectionTest.java index 42a795a1355..683b7e136ea 100644 --- a/impl/src/test/java/org/jboss/weld/tests/unit/security/ReflectionTest.java +++ b/impl/src/test/java/org/jboss/weld/tests/unit/security/ReflectionTest.java @@ -197,7 +197,8 @@ public void testConstructorAccess() { @Test public void testNewInstance() throws PrivilegedActionException { - Assert.assertNotNull(AccessController.doPrivileged(NewInstanceAction.of(TestObject.class))); + Assert.assertNotNull(AccessController.doPrivileged( + NewInstanceAction.of(AccessController.doPrivileged(GetDeclaredConstructorAction.of(TestObject.class))))); } @Test diff --git a/modules/ejb/src/main/java/org/jboss/weld/module/ejb/SessionBeanProxyInstantiator.java b/modules/ejb/src/main/java/org/jboss/weld/module/ejb/SessionBeanProxyInstantiator.java index 81153761103..02fed72eaae 100644 --- a/modules/ejb/src/main/java/org/jboss/weld/module/ejb/SessionBeanProxyInstantiator.java +++ b/modules/ejb/src/main/java/org/jboss/weld/module/ejb/SessionBeanProxyInstantiator.java @@ -31,6 +31,7 @@ import org.jboss.weld.injection.producer.Instantiator; import org.jboss.weld.logging.BeanLogger; import org.jboss.weld.manager.BeanManagerImpl; +import org.jboss.weld.security.GetDeclaredConstructorAction; import org.jboss.weld.security.NewInstanceAction; /** @@ -51,7 +52,8 @@ class SessionBeanProxyInstantiator implements Instantiator { @Override public T newInstance(CreationalContext ctx, BeanManagerImpl manager) { try { - T instance = AccessController.doPrivileged(NewInstanceAction.of(proxyClass)); + T instance = AccessController.doPrivileged( + NewInstanceAction.of(AccessController.doPrivileged(GetDeclaredConstructorAction.of(proxyClass)))); if (!bean.getScope().equals(Dependent.class)) { ctx.push(instance); } diff --git a/tests-arquillian/src/test/java/org/jboss/weld/tests/interceptors/extension/AbstractInterceptor.java b/tests-arquillian/src/test/java/org/jboss/weld/tests/interceptors/extension/AbstractInterceptor.java index 08402b8a0ef..20625f307d0 100644 --- a/tests-arquillian/src/test/java/org/jboss/weld/tests/interceptors/extension/AbstractInterceptor.java +++ b/tests-arquillian/src/test/java/org/jboss/weld/tests/interceptors/extension/AbstractInterceptor.java @@ -71,7 +71,7 @@ public Set getInjectionPoints() { @SuppressWarnings("unchecked") public T create(CreationalContext creationalContext) { try { - return (T) getBeanClass().newInstance(); + return (T) getBeanClass().getDeclaredConstructor().newInstance(); } catch (Exception e) { throw new RuntimeException("Error creating an instance of " + getBeanClass()); } diff --git a/tests-arquillian/src/test/java/org/jboss/weld/tests/interceptors/lhotse/fst/GenericDAO.java b/tests-arquillian/src/test/java/org/jboss/weld/tests/interceptors/lhotse/fst/GenericDAO.java index e778a04cb12..b9c48868992 100644 --- a/tests-arquillian/src/test/java/org/jboss/weld/tests/interceptors/lhotse/fst/GenericDAO.java +++ b/tests-arquillian/src/test/java/org/jboss/weld/tests/interceptors/lhotse/fst/GenericDAO.java @@ -45,7 +45,7 @@ public U find(Class clazz, Long id) { throw new IllegalArgumentException("Null id"); try { - return clazz.newInstance(); + return clazz.getDeclaredConstructor().newInstance(); } catch (Exception e) { throw new RuntimeException(e); } diff --git a/tests-arquillian/src/test/java/org/jboss/weld/tests/interceptors/tb/GenericDAO.java b/tests-arquillian/src/test/java/org/jboss/weld/tests/interceptors/tb/GenericDAO.java index 56df6f27c63..dc55bafbbb6 100644 --- a/tests-arquillian/src/test/java/org/jboss/weld/tests/interceptors/tb/GenericDAO.java +++ b/tests-arquillian/src/test/java/org/jboss/weld/tests/interceptors/tb/GenericDAO.java @@ -47,7 +47,7 @@ public U find(Class clazz, Long id) { throw new IllegalArgumentException("No Tx marker!"); try { - return clazz.newInstance(); + return clazz.getDeclaredConstructor().newInstance(); } catch (Exception e) { throw new RuntimeException(e); }