OpenJDK / jdk / jdk
changeset 57696:bf6bb6ddbda3
8230967: Improve Registry support of clients
Reviewed-by: skoivu, smarks, rhalade
| author | rriggs |
|---|---|
| date | Tue, 15 Oct 2019 15:05:33 -0400 |
| parents | 7530f0e28000 |
| children | 9fe8a53124c2 |
| files | src/java.rmi/share/classes/java/rmi/server/RemoteObjectInvocationHandler.java src/java.rmi/share/classes/sun/rmi/transport/tcp/TCPEndpoint.java |
| diffstat | 2 files changed, 14 insertions(+), 2 deletions(-) [+] |
line wrap: on
line diff
--- a/src/java.rmi/share/classes/java/rmi/server/RemoteObjectInvocationHandler.java Tue Oct 15 09:52:44 2019 -0400 +++ b/src/java.rmi/share/classes/java/rmi/server/RemoteObjectInvocationHandler.java Tue Oct 15 15:05:33 2019 -0400 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -29,6 +29,7 @@ import java.lang.reflect.Method; import java.lang.reflect.Proxy; import java.rmi.Remote; +import java.rmi.RemoteException; import java.rmi.UnexpectedException; import java.rmi.activation.Activatable; import java.util.Map; @@ -206,6 +207,13 @@ throw new IllegalArgumentException( "proxy not Remote instance"); } + + // Verify that the method is declared on an interface that extends Remote + Class<?> decl = method.getDeclaringClass(); + if (!Remote.class.isAssignableFrom(decl)) { + throw new RemoteException("Method is not Remote: " + decl + "::" + method); + } + return ref.invoke((Remote) proxy, method, args, getMethodHash(method)); } catch (Exception e) {
--- a/src/java.rmi/share/classes/sun/rmi/transport/tcp/TCPEndpoint.java Tue Oct 15 09:52:44 2019 -0400 +++ b/src/java.rmi/share/classes/sun/rmi/transport/tcp/TCPEndpoint.java Tue Oct 15 15:05:33 2019 -0400 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2012, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -29,6 +29,7 @@ import java.io.IOException; import java.io.ObjectInput; import java.io.ObjectOutput; +import java.lang.reflect.Proxy; import java.net.InetAddress; import java.net.ServerSocket; import java.net.Socket; @@ -553,6 +554,9 @@ host = in.readUTF(); port = in.readInt(); csf = (RMIClientSocketFactory) in.readObject(); + if (Proxy.isProxyClass(csf.getClass())) { + throw new IOException("Invalid SocketFactory"); + } break; default: