From aecb8b6c6bd3c63ac3f609c2340edd57f7e3f8c8 Mon Sep 17 00:00:00 2001 From: Juergen Hoeller Date: Tue, 29 Dec 2015 21:39:43 +0100 Subject: [PATCH] Avoid sensitive Proxy.getInvocationHandler call in synthesizeAnnotation Issue: SPR-13829 --- .../core/annotation/AnnotationUtils.java | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/spring-core/src/main/java/org/springframework/core/annotation/AnnotationUtils.java b/spring-core/src/main/java/org/springframework/core/annotation/AnnotationUtils.java index 59a3e925de2..602fbe99a13 100644 --- a/spring-core/src/main/java/org/springframework/core/annotation/AnnotationUtils.java +++ b/spring-core/src/main/java/org/springframework/core/annotation/AnnotationUtils.java @@ -495,8 +495,8 @@ public abstract class AnnotationUtils { // Do NOT store result in the findAnnotationCache since doing so could break // findAnnotation(Class, Class) and findAnnotation(Method, Class). - return synthesizeAnnotation( - findAnnotation(annotatedElement, annotationType, new HashSet()), annotatedElement); + A ann = findAnnotation(annotatedElement, annotationType, new HashSet()); + return synthesizeAnnotation(ann, annotatedElement); } /** @@ -1360,8 +1360,7 @@ public abstract class AnnotationUtils { if (annotation == null) { return null; } - if (annotation instanceof SynthesizedAnnotation || (Proxy.isProxyClass(annotation.getClass()) && - Proxy.getInvocationHandler(annotation) instanceof SynthesizedAnnotationInvocationHandler)) { + if (annotation instanceof SynthesizedAnnotation) { return annotation; } @@ -1373,8 +1372,10 @@ public abstract class AnnotationUtils { DefaultAnnotationAttributeExtractor attributeExtractor = new DefaultAnnotationAttributeExtractor(annotation, annotatedElement); InvocationHandler handler = new SynthesizedAnnotationInvocationHandler(attributeExtractor); - Class[] exposedInterfaces = (canExposeSynthesizedMarker(annotationType) ? - new Class[] {annotationType, SynthesizedAnnotation.class} : new Class[] {annotationType}); + + // Can always expose Spring's SynthesizedAnnotation marker since we explicitly check for a + // synthesizable annotation before (which needs to declare @AliasFor from the same package) + Class[] exposedInterfaces = new Class[] {annotationType, SynthesizedAnnotation.class}; return (A) Proxy.newProxyInstance(annotation.getClass().getClassLoader(), exposedInterfaces, handler); }