[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Implementation details of VMStackWalker

From: Archie Cobbs
Subject: Re: Implementation details of VMStackWalker
Date: Sat, 23 Jul 2005 10:00:06 -0500
User-agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.3) Gecko/20041129

address@hidden wrote:
The next thing I would like to have is a method to get the calling
method name. This would be good for logging.

You could create a Throwable() object and then get the StackFrame[].

That is what the logging API currently does. But that's terrribly
inefficient. We could add a new method to VMStackWalker that returns the
calling method name and in the reference implementation it will just do
the Throwable thing. Then every VM can decide if they want do add a native

Sounds reasonable. We take this same approach with getCallingClass()
and getCallingClassLoader(), which can be implemented more efficiently
in native code, but are also have the "fallback" Java implementation.

For the security part: Is it enough to check if the class loader of
context[0] is the boot classloader?

Not sure what the question is here.

In the VMStackWalker source it says only code loaded from the boot
classloader may call the methods of this class. But how should we make
sure? My question was if it is enough to check if the class in
getClassContext()[0] (i.e. the class that actually invoked a method on
VMstackWalker directly or through reflection) was loaded by the boot

I didn't write that comment so I'm not sure how (if at all) it
is enforced. Not sure what the real security problem is though,
even if we did allow random code to call these methods. Maybe
someone else can shed some light?


Archie Cobbs      *        CTO, Awarix        *

reply via email to

[Prev in Thread] Current Thread [Next in Thread]