Skip to content

fix: reduce thread blocking by double null check in invokeMethod() #523

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
lukaszlenart merged 1 commit into from
Dec 29, 2025
Merged

fix: reduce thread blocking by double null check in invokeMethod() #523

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
68 changes: 39 additions & 29 deletions src/main/java/ognl/OgnlRuntime.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -297,6 +297,7 @@ public class OgnlRuntime {
* Users that have their own Security Manager implementations and no intention to use the OGNL SecurityManager
* sandbox may choose to use the 'forceDisableOnInit' flag option for performance reasons (avoiding overhead
* involving the system property security checks - when that feature will not be used).
*
* @deprecated will removed in 3.5.x
*/
@Deprecated
Expand All @@ -307,6 +308,7 @@ public class OgnlRuntime {
* Hold environment flag state associated with OGNL_SECURITY_MANAGER. See
* {@link OgnlRuntime#OGNL_SECURITY_MANAGER} for more details.
* Default: false (if not set).
*
* @deprecated will be removed in 3.5.x
*/
@Deprecated
Expand Down Expand Up @@ -812,44 +814,53 @@ public static Object invokeMethod(Object target, Method method, Object[] argsArr
}

// only synchronize method invocation if it actually requires it
// double null check to avoid synchronizing on the method when cache is already populated

synchronized (method) {
methodAccessCacheValue = _methodAccessCache.get(method);
if (methodAccessCacheValue == null) {
if (!Modifier.isPublic(method.getModifiers()) || !Modifier.isPublic(method.getDeclaringClass().getModifiers())) {
if (!(method.isAccessible())) {
methodAccessCacheValue = Boolean.TRUE;
_methodAccessCache.put(method, methodAccessCacheValue);
methodAccessCacheValue = _methodAccessCache.get(method);
if (methodAccessCacheValue == null) {
synchronized (method) {
methodAccessCacheValue = _methodAccessCache.get(method);
if (methodAccessCacheValue == null) {
if (!Modifier.isPublic(method.getModifiers()) || !Modifier.isPublic(method.getDeclaringClass().getModifiers())) {
if (!(method.isAccessible())) {
methodAccessCacheValue = Boolean.TRUE;
_methodAccessCache.put(method, methodAccessCacheValue);
} else {
methodAccessCacheValue = Boolean.FALSE;
_methodAccessCache.put(method, methodAccessCacheValue);
}
} else {
methodAccessCacheValue = Boolean.FALSE;
_methodAccessCache.put(method, methodAccessCacheValue);
}
} else {
methodAccessCacheValue = Boolean.FALSE;
_methodAccessCache.put(method, methodAccessCacheValue);
}
}
syncInvoke = Boolean.TRUE.equals(methodAccessCacheValue);
}
syncInvoke = Boolean.TRUE.equals(methodAccessCacheValue);

methodPermCacheValue = _methodPermCache.get(method);
if (methodPermCacheValue == null) {
if (securityManager != null) {
try {
securityManager.checkPermission(getPermission(method));
methodPermCacheValue = _methodPermCache.get(method);
if (methodPermCacheValue == null) {
synchronized (method) {
methodPermCacheValue = _methodPermCache.get(method);
if (methodPermCacheValue == null) {
if (securityManager != null) {
try {
securityManager.checkPermission(getPermission(method));
methodPermCacheValue = Boolean.TRUE;
_methodPermCache.put(method, methodPermCacheValue);
} catch (SecurityException ex) {
methodPermCacheValue = Boolean.FALSE;
_methodPermCache.put(method, methodPermCacheValue);
throw new IllegalAccessException("Method [" + method + "] cannot be accessed.");
}
} else {
methodPermCacheValue = Boolean.TRUE;
_methodPermCache.put(method, methodPermCacheValue);
} catch (SecurityException ex) {
methodPermCacheValue = Boolean.FALSE;
_methodPermCache.put(method, methodPermCacheValue);
throw new IllegalAccessException("Method [" + method + "] cannot be accessed.");
}
} else {
methodPermCacheValue = Boolean.TRUE;
_methodPermCache.put(method, methodPermCacheValue);
}
}
checkPermission = Boolean.FALSE.equals(methodPermCacheValue);
}
checkPermission = Boolean.FALSE.equals(methodPermCacheValue);

Object result;

Expand Down Expand Up @@ -1969,8 +1980,7 @@ public static boolean setFieldValue(OgnlContext context, Object target, String p

public static boolean setFieldValue(OgnlContext context, Object target, String propertyName, Object value,
boolean checkAccessAndExistence)
throws OgnlException
{
throws OgnlException {
boolean result = false;

try {
Expand Down Expand Up @@ -3115,9 +3125,9 @@ public static boolean getUseFirstMatchGetSetLookupValue() {
* Returns true if the given member is accessible or can be made accessible
* by this object.
*
* @param context the current execution context.
* @param target the Object to test accessibility for.
* @param member the Member to test accessibility for.
* @param context the current execution context.
* @param target the Object to test accessibility for.
* @param member the Member to test accessibility for.
* @param propertyName the property to test accessibility for.
* @return true if the target/member/propertyName is accessible in the context, false otherwise.
*/
Expand Down