From 3b3bef32210895d6b5d59a6a506d3237b1d6cba5 Mon Sep 17 00:00:00 2001 From: "Cloud.Liu" Date: Thu, 18 Nov 2021 16:02:35 +0800 Subject: [PATCH 1/2] =?UTF-8?q?DEC-21348=20fix:=20java=20security=E9=80=82?= =?UTF-8?q?=E9=85=8D?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../fr/third/net/bytebuddy/dynamic/NexusAccessor.java | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/fine-byte-buddy/src/main/java/com/fr/third/net/bytebuddy/dynamic/NexusAccessor.java b/fine-byte-buddy/src/main/java/com/fr/third/net/bytebuddy/dynamic/NexusAccessor.java index ef0ed37d8..fd724fc43 100644 --- a/fine-byte-buddy/src/main/java/com/fr/third/net/bytebuddy/dynamic/NexusAccessor.java +++ b/fine-byte-buddy/src/main/java/com/fr/third/net/bytebuddy/dynamic/NexusAccessor.java @@ -19,20 +19,19 @@ import com.fr.third.net.bytebuddy.build.HashCodeAndEqualsPlugin; import com.fr.third.net.bytebuddy.description.method.MethodDescription; import com.fr.third.net.bytebuddy.description.type.TypeDescription; import com.fr.third.net.bytebuddy.dynamic.loading.ClassInjector; -import com.fr.third.net.bytebuddy.dynamic.loading.ClassLoadingStrategy; import com.fr.third.net.bytebuddy.implementation.Implementation; import com.fr.third.net.bytebuddy.implementation.LoadedTypeInitializer; import com.fr.third.net.bytebuddy.implementation.bytecode.ByteCodeAppender; import com.fr.third.net.bytebuddy.implementation.bytecode.Removal; import com.fr.third.net.bytebuddy.implementation.bytecode.StackManipulation; -import com.fr.third.net.bytebuddy.implementation.bytecode.member.MethodInvocation; -import com.fr.third.research.annotations.SuppressFBWarnings; import com.fr.third.net.bytebuddy.implementation.bytecode.collection.ArrayFactory; import com.fr.third.net.bytebuddy.implementation.bytecode.constant.ClassConstant; import com.fr.third.net.bytebuddy.implementation.bytecode.constant.IntegerConstant; import com.fr.third.net.bytebuddy.implementation.bytecode.constant.NullConstant; import com.fr.third.net.bytebuddy.implementation.bytecode.constant.TextConstant; +import com.fr.third.net.bytebuddy.implementation.bytecode.member.MethodInvocation; import com.fr.third.org.objectweb.asm.MethodVisitor; +import com.fr.third.research.annotations.SuppressFBWarnings; import java.lang.ref.Reference; import java.lang.ref.ReferenceQueue; @@ -223,7 +222,11 @@ public class NexusAccessor { return new Unavailable("Nexus injection was explicitly disabled"); } else { try { - Class nexusType = new ClassInjector.UsingReflection(ClassLoader.getSystemClassLoader(), ClassLoadingStrategy.NO_PROTECTION_DOMAIN) + /* + * 实例化UsingReflection时要指定非null的ProtectionDomain,否则开启-security后经由这里调用具体方法时会校验权限失败 + * 这里指定为NexusAccessor的ProtectionDomain,即fine-third jar + */ + Class nexusType = new ClassInjector.UsingReflection(ClassLoader.getSystemClassLoader(), getClass().getProtectionDomain()) .inject(Collections.singletonMap(TypeDescription.ForLoadedType.of(Nexus.class), ClassFileLocator.ForClassLoader.read(Nexus.class))) .get(TypeDescription.ForLoadedType.of(Nexus.class)); return new Dispatcher.Available(nexusType.getMethod("register", String.class, ClassLoader.class, ReferenceQueue.class, int.class, Object.class), From 063e6e14ff53184001ec8a994a7c95bfd9491033 Mon Sep 17 00:00:00 2001 From: "Cloud.Liu" Date: Mon, 22 Nov 2021 09:36:59 +0800 Subject: [PATCH 2/2] =?UTF-8?q?Revert=20"DEC-21348=20fix:=20java=20securit?= =?UTF-8?q?y=E9=80=82=E9=85=8D"?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This reverts commit 3b3bef32210895d6b5d59a6a506d3237b1d6cba5. --- .../fr/third/net/bytebuddy/dynamic/NexusAccessor.java | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/fine-byte-buddy/src/main/java/com/fr/third/net/bytebuddy/dynamic/NexusAccessor.java b/fine-byte-buddy/src/main/java/com/fr/third/net/bytebuddy/dynamic/NexusAccessor.java index fd724fc43..ef0ed37d8 100644 --- a/fine-byte-buddy/src/main/java/com/fr/third/net/bytebuddy/dynamic/NexusAccessor.java +++ b/fine-byte-buddy/src/main/java/com/fr/third/net/bytebuddy/dynamic/NexusAccessor.java @@ -19,19 +19,20 @@ import com.fr.third.net.bytebuddy.build.HashCodeAndEqualsPlugin; import com.fr.third.net.bytebuddy.description.method.MethodDescription; import com.fr.third.net.bytebuddy.description.type.TypeDescription; import com.fr.third.net.bytebuddy.dynamic.loading.ClassInjector; +import com.fr.third.net.bytebuddy.dynamic.loading.ClassLoadingStrategy; import com.fr.third.net.bytebuddy.implementation.Implementation; import com.fr.third.net.bytebuddy.implementation.LoadedTypeInitializer; import com.fr.third.net.bytebuddy.implementation.bytecode.ByteCodeAppender; import com.fr.third.net.bytebuddy.implementation.bytecode.Removal; import com.fr.third.net.bytebuddy.implementation.bytecode.StackManipulation; +import com.fr.third.net.bytebuddy.implementation.bytecode.member.MethodInvocation; +import com.fr.third.research.annotations.SuppressFBWarnings; import com.fr.third.net.bytebuddy.implementation.bytecode.collection.ArrayFactory; import com.fr.third.net.bytebuddy.implementation.bytecode.constant.ClassConstant; import com.fr.third.net.bytebuddy.implementation.bytecode.constant.IntegerConstant; import com.fr.third.net.bytebuddy.implementation.bytecode.constant.NullConstant; import com.fr.third.net.bytebuddy.implementation.bytecode.constant.TextConstant; -import com.fr.third.net.bytebuddy.implementation.bytecode.member.MethodInvocation; import com.fr.third.org.objectweb.asm.MethodVisitor; -import com.fr.third.research.annotations.SuppressFBWarnings; import java.lang.ref.Reference; import java.lang.ref.ReferenceQueue; @@ -222,11 +223,7 @@ public class NexusAccessor { return new Unavailable("Nexus injection was explicitly disabled"); } else { try { - /* - * 实例化UsingReflection时要指定非null的ProtectionDomain,否则开启-security后经由这里调用具体方法时会校验权限失败 - * 这里指定为NexusAccessor的ProtectionDomain,即fine-third jar - */ - Class nexusType = new ClassInjector.UsingReflection(ClassLoader.getSystemClassLoader(), getClass().getProtectionDomain()) + Class nexusType = new ClassInjector.UsingReflection(ClassLoader.getSystemClassLoader(), ClassLoadingStrategy.NO_PROTECTION_DOMAIN) .inject(Collections.singletonMap(TypeDescription.ForLoadedType.of(Nexus.class), ClassFileLocator.ForClassLoader.read(Nexus.class))) .get(TypeDescription.ForLoadedType.of(Nexus.class)); return new Dispatcher.Available(nexusType.getMethod("register", String.class, ClassLoader.class, ReferenceQueue.class, int.class, Object.class),