8334394: Race condition in Class::protectionDomain

Reviewed-by: liach, jpai, rriggs, alanb
2025-08-26 22:34:27 +02:00 · 2024-07-22 13:43:55 +00:00 · 2024-07-22 13:43:55 +00:00 · c3226aaeb8
commit c3226aaeb8
parent 92de2b2d5f
2 changed files with 101 additions and 19 deletions
--- a/src/java.base/share/classes/java/lang/Class.java
+++ b/src/java.base/share/classes/java/lang/Class.java
@ -55,7 +55,9 @@ import java.lang.reflect.TypeVariable;
 import java.lang.constant.Constable;
 import java.net.URL;
 import java.security.AccessController;
+import java.security.Permissions;
 import java.security.PrivilegedAction;
+import java.security.ProtectionDomain;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collection;
@ -3220,10 +3222,6 @@ public final class Class<T> implements java.io.Serializable,
        return true;
    }

-
-    /** protection domain returned when the internal domain is null */
-    private static java.security.ProtectionDomain allPermDomain;
-
    /**
     * Returns the {@code ProtectionDomain} of this class.  If there is a
     * security manager installed, this method first calls the security
@ -3244,7 +3242,7 @@ public final class Class<T> implements java.io.Serializable,
     * @see java.lang.RuntimePermission
     * @since 1.2
     */
-    public java.security.ProtectionDomain getProtectionDomain() {
+    public ProtectionDomain getProtectionDomain() {
        @SuppressWarnings("removal")
        SecurityManager sm = System.getSecurityManager();
        if (sm != null) {
@ -3253,26 +3251,30 @@ public final class Class<T> implements java.io.Serializable,
        return protectionDomain();
    }

-    // package-private
-    java.security.ProtectionDomain protectionDomain() {
-        java.security.ProtectionDomain pd = getProtectionDomain0();
-        if (pd == null) {
-            if (allPermDomain == null) {
-                java.security.Permissions perms =
-                    new java.security.Permissions();
-                perms.add(SecurityConstants.ALL_PERMISSION);
-                allPermDomain =
-                    new java.security.ProtectionDomain(null, perms);
-            }
-            pd = allPermDomain;
+    /** Holder for the protection domain returned when the internal domain is null */
+    private static class Holder {
+        private static final ProtectionDomain allPermDomain;
+        static {
+            Permissions perms = new Permissions();
+            perms.add(SecurityConstants.ALL_PERMISSION);
+            allPermDomain = new ProtectionDomain(null, perms);
+        }
+    }
+
+    // package-private
+    ProtectionDomain protectionDomain() {
+        ProtectionDomain pd = getProtectionDomain0();
+        if (pd == null) {
+            return Holder.allPermDomain;
+        } else {
+            return pd;
        }
-        return pd;
    }

    /**
     * Returns the ProtectionDomain of this class.
     */
-    private native java.security.ProtectionDomain getProtectionDomain0();
+    private native ProtectionDomain getProtectionDomain0();

    /*
     * Return the Virtual Machine's Class object for the named