On Sun, 15 Sep 2024 12:59:21 GMT, Claes Redestad <redes...@openjdk.org> wrote:
>> Simple internal refactor to load a few classes less on startup. Arguably >> cleaner and avoids some iterator allocations. > > Claes Redestad has updated the pull request incrementally with one additional > commit since the last revision: > > Improve edge invariant checks Commit 62a88c0368512e993df09c14d1b98b28b20e3280 introduced a TOCTOU issue caused by double‑reading of a user‑supplied array, the fix is to convert the resulting Set back to an array, or to eagerly convert the options to a flags `int` while checking for duplicates. src/java.base/share/classes/java/lang/invoke/MethodHandles.java line 2140: > 2138: } > 2139: > 2140: return makeHiddenClassDefiner(bytes.clone(), false, > options).defineClassAsLookup(initialize); Suggestion: // Disallow null and duplicate options var opts = Set.of(options); ensureDefineClassPermission(); if (!hasFullPrivilegeAccess()) { throw new IllegalAccessException(this + " does not have full privilege access"); } return makeHiddenClassDefiner(bytes.clone(), false, opts.toArray(ClassOption.NO_OPTIONS)) .defineClassAsLookup(initialize); src/java.base/share/classes/java/lang/invoke/MethodHandles.java line 2230: > 2228: > 2229: return makeHiddenClassDefiner(bytes.clone(), false, options) > 2230: .defineClassAsLookup(initialize, classData); Suggestion: // Disallow null and duplicate options var opts = Set.of(options); ensureDefineClassPermission(); if (!hasFullPrivilegeAccess()) { throw new IllegalAccessException(this + " does not have full privilege access"); } return makeHiddenClassDefiner(bytes.clone(), false, opts.toArray(ClassOption.NO_OPTIONS)) .defineClassAsLookup(initialize, classData); ------------- PR Review: https://git.openjdk.org/jdk/pull/21002#pullrequestreview-2305560599 PR Review Comment: https://git.openjdk.org/jdk/pull/21002#discussion_r1760276387 PR Review Comment: https://git.openjdk.org/jdk/pull/21002#discussion_r1760276870