CN107194254A - Television terminal and Java reflection control methods and computer-readable recording medium - Google Patents
Television terminal and Java reflection control methods and computer-readable recording medium Download PDFInfo
- Publication number
- CN107194254A CN107194254A CN201710381694.1A CN201710381694A CN107194254A CN 107194254 A CN107194254 A CN 107194254A CN 201710381694 A CN201710381694 A CN 201710381694A CN 107194254 A CN107194254 A CN 107194254A
- Authority
- CN
- China
- Prior art keywords
- java
- reflection
- class
- reflections
- attribute
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/20—Software design
- G06F8/24—Object-oriented
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Virology (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Stored Programmes (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of Java reflection control methods, the Java reflection control methods comprise the following steps:When receiving Java reflection requests, the corresponding Java reflections of the Java reflections request are determined;Determine that the Java reflects self-defined static method allowRelect attribute;In the attribute to allow during reflection, the Java reflections are performed;When the attribute is refusal reflection, refuse the Java reflections, and report an error.The invention also discloses a kind of television terminal and computer-readable recording medium.The present invention avoids private data from being accessed, and improves the security of user data.
Description
Technical field
The present invention relates to technical field of electronic equipment, more particularly to television terminal and Java reflection control methods and computer
Readable storage medium storing program for executing.
Background technology
As Android products are more and more, its friendly operation interface, abundant expanded application, and property of increasing income,
All be android system at present in the occupancy of smart machine market the reason for holding a safe lead other systems.
Various apk (Android application programs) are emerged in an endless stream, and the ecosphere is thriving and prosperous.Because android system is to increase income
, understanding of the application vendor to Android source codes is also deep all the more, and many Apk all employ java reflection technology.It is so-called
Java reflects, and is exactly that in java runtime environment, for any one class, can know this class has which attribute and side
Method, for any one object, can call its any one method.The information of this dynamic access class and dynamic call
The function of the method for object comes from reflection (Reflection) mechanism of Java language.
Java is reflected into programmer and provides many convenient, the flexibility of raising program, such as abstract factory pattern, Spring
Framework.But Java packaging effects are also destroyed simultaneously, reflecting system api is even more the security for destroying android system, read
Private data of system etc. is taken, changes, data safety is poor.
The above is only used for auxiliary and understands technical scheme, does not represent and recognizes that the above is existing skill
Art.
The content of the invention
It is a primary object of the present invention to provide a kind of television terminal and Java reflection control methods and computer-readable deposit
Storage media, it is intended to solve the packaging effects that current Java reflections destroy Java, reflecting system api is even more to destroy Android systems
The security of system, the private data read, changed system etc., the technical problem of data safety difference.
To achieve the above object, the present invention provides a kind of Java reflection control methods, the Java reflection control methods bag
Include following steps:
When receiving Java reflection requests, the corresponding Java reflections of the Java reflections request are determined;
Determine that the Java reflects self-defined static method allowRelect attribute;
In the attribute to allow during reflection, the Java reflections are performed;
When the attribute is refusal reflection, refuse the Java reflections, and report an error.
Preferably, after the step of determination Java reflects self-defined static method allowRelect attribute,
Also include:
When the attribute is refusal reflection, the class of reflection required for determining the Java reflections;
Whether the class of reflection is in the class list for forbidding reflection required for judging the Java reflections;
If so, refusing the Java reflections, and report an error;
If it is not, performing the Java reflections.
Preferably, methods described, in addition to:
Self-defined static method allowRelect is set in the entrance class of reflection, and the class list for forbidding reflection is set
disableClasNameList;
Self-defined static method allowRelectFlag is added in the forName methods of Class modules and forbids reflection
Class list disableClasName judgement.
Preferably, it is described to add self-defined static method in the forName methods of Class modules
Before the step of allowRelectFlag and the class list disableClasName for forbidding reflection judgement, in addition to:
Determine the corresponding class of hiding data in system;
Identified class is built into the class list disableClasNameList for forbidding reflection.
Preferably, it is described judge Java reflection required for reflection class whether the step in the class list for forbidding reflection
After rapid, in addition to:
When the class of reflection required for the Java reflects is not in the class list for forbidding reflection, the Java reflections are judged
It is corresponding to access whether application sets authority;
If described access using authority is not provided with, the Java reflections are performed.
In addition, to achieve the above object, the present invention also provides a kind of television terminal, and the television terminal includes:Memory,
Processor and the Java reflex control programs that can be run on the memory and on the processor are stored in, the Java is anti-
Following steps are realized when penetrating control program by the computing device:
When receiving Java reflection requests, the corresponding Java reflections of the Java reflections request are determined;
Determine that the Java reflects self-defined static method allowRelect attribute;
In the attribute to allow during reflection, the Java reflections are performed;
When the attribute is refusal reflection, refuse the Java reflections, and report an error.
Preferably, after the step of determination Java reflects self-defined static method allowRelect attribute,
Following steps are realized when the Java reflex controls program is by the computing device:
When the attribute is refusal reflection, the class of reflection required for determining the Java reflections;
Whether the class of reflection is in the class list for forbidding reflection required for judging the Java reflections;
If so, refusing the Java reflections, and report an error;
If it is not, performing the Java reflections.
Preferably, the Java reflex controls program by the computing device when realize following steps:
Self-defined static method allowRelect is set in the entrance class of reflection, and the class list for forbidding reflection is set
disableClasNameList;
Self-defined static method allowRelectFlag is added in the forName methods of Class modules and forbids reflection
Class list disableClasName judgement.
Preferably, it is described to add self-defined static method in the forName methods of Class modules
Before the step of allowRelectFlag and the class list disableClasName for forbidding reflection judgement, the Java reflections
Following steps are realized when control program is by the computing device:
Determine the corresponding class of hiding data in system;
Identified class is built into the class list disableClasNameList for forbidding reflection.
Preferably, it is described judge Java reflection required for reflection class whether the step in the class list for forbidding reflection
After rapid, following steps are realized when the Java reflex controls program is by the computing device:
When the class of reflection required for the Java reflects is not in the class list for forbidding reflection, the Java reflections are judged
It is corresponding to access whether application sets authority;
If described access using authority is not provided with, the Java reflections are performed.
In addition, to achieve the above object, the present invention also provides a kind of computer-readable recording medium, described computer-readable
Be stored with Java reflex control programs on storage medium, and as above institute is realized when the Java reflex controls program is executed by processor
The step of Java reflection control methods stated.
The present invention increases static method to carry out the judgement of Java reflections by the entrance class of reflection, according to the judgement of setting
Prevent part from being related to the Java reflections for accessing private data, solve the packaging effects that current Java reflections destroy Java, reflection system
The api that unites is even more the security for destroying android system, private data read, changed system etc., the technology of data safety difference
Problem.Avoid private data from being accessed, improve the security of user data.
Brief description of the drawings
Fig. 1 be the hardware running environment that scheme of the embodiment of the present invention is related to terminal apparatus structure schematic diagram;
Fig. 2 is the schematic flow sheet of the embodiment of Java reflection control methods one of the present invention;
Fig. 3 is the schematic flow sheet of another embodiment of Java reflection control methods of the present invention;
Fig. 4 is the schematic flow sheet of the another embodiment of Java reflection control methods of the present invention;
Fig. 5 is the schematic flow sheet of Java reflections in one embodiment of the invention.
The realization, functional characteristics and advantage of the object of the invention will be described further referring to the drawings in conjunction with the embodiments.
Embodiment
It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not intended to limit the present invention.
The primary solutions of the embodiment of the present invention are:When receiving Java reflection requests, the Java reflections are determined
Corresponding Java is asked to reflect;Determine that the Java reflects self-defined static method allowRelect attribute;In the attribute
To allow during reflection, the Java reflections are performed;When the attribute is refusal reflection, refuse the Java reflections, and report an error.
Because current Java reflections destroy Java packaging effects, reflecting system api is even more to destroy android system
Security, the private data read, changed system etc., the technical problem present invention of data safety difference provides a solution,
Increase static method to carry out the judgement of Java reflections by the entrance class of reflection, prevent part from being related to visit according to the judgement of setting
The Java reflections of private data are asked, the packaging effects that current Java reflections destroy Java are solved, reflecting system api is even more to destroy
The security of android system, the private data read, changed system etc., the technical problem of data safety difference.Avoid privacy number
According to accessed, the security of user data is improved.
As shown in figure 1, Fig. 1 is the terminal structure schematic diagram for the hardware running environment that scheme of the embodiment of the present invention is related to.
Television terminal of the embodiment of the present invention is the safety for realizing private data in system, it is ensured that secure user data.
As shown in figure 1, the television terminal can include:Processor 1001, such as CPU, network interface 1004, user interface
1003, memory 1005, communication bus 1002.Wherein, communication bus 1002 is used to realize the connection communication between these components.
User interface 1003 can include display screen (Display), input block such as keyboard (Keyboard), optional user interface
1003 can also include wireline interface, the wave point of standard.Network interface 1004 can optionally connect including the wired of standard
Mouth, wave point (such as WI-FI interfaces).Memory 1005 can be high-speed RAM memory or stable memory
(non-volatile memory), such as magnetic disk storage.Memory 1005 optionally can also be independently of aforementioned processor
1001 storage device.
Alternatively, television terminal can also include camera, RF (Radio Frequency, radio frequency) circuit, sensor,
Voicefrequency circuit, WiFi module etc..Wherein, sensor ratio such as optical sensor, motion sensor and other sensors.Specifically
Ground, optical sensor may include ambient light sensor and proximity transducer, wherein, ambient light sensor can be according to the bright of ambient light
The brightness of display screen secretly is adjusted, proximity transducer can close display screen and/or backlight when mobile terminal is moved in one's ear.
As one kind of motion sensor, gravity accelerometer can detect in all directions the big of (generally three axles) acceleration
It is small, size and the direction of gravity are can detect that when static, available for identification mobile terminal posture application (such as horizontal/vertical screen is cut
Change, dependent game, magnetometer pose calibrating), Vibration identification correlation function (such as pedometer, tap) etc.;Certainly, mobile terminal
Can also configure gyroscope, barometer, hygrometer, thermometer, infrared ray sensor, temperature sensor, Dorothy Holman sensor etc. its
His sensor, will not be repeated here.
It will be understood by those skilled in the art that the restriction of the terminal structure shown in Fig. 1 not structure paired terminal, can be wrapped
Include than illustrating more or less parts, either combine some parts or different parts arrangement.
As shown in figure 1, leading to as operating system, network can be included in a kind of memory 1005 of computer-readable storage medium
Believe module, Subscriber Interface Module SIM and Java reflex control application programs.
In the terminal shown in Fig. 1, network interface 1004 is mainly used in connecting background server, is carried out with background server
Data communication;User interface 1003 is mainly used in connection client (user terminal), and row data communication is entered with client;And processor
1001 can be used for calling the Java reflex control application programs stored in memory 1005, and perform following operate:
When receiving Java reflection requests, the corresponding Java reflections of the Java reflections request are determined;
Determine that the Java reflects self-defined static method allowRelect attribute;
In the attribute to allow during reflection, the Java reflections are performed;
When the attribute is refusal reflection, refuse the Java reflections, and report an error.
Further, it is described determine the step of Java reflects self-defined static method allowRelect attribute it
Afterwards, processor 1001 can call the Java reflex control application programs stored in memory 1005, also perform following operate:
When the attribute is refusal reflection, the class of reflection required for determining the Java reflections;
Whether the class of reflection is in the class list for forbidding reflection required for judging the Java reflections;
If so, refusing the Java reflections, and report an error;
If it is not, performing the Java reflections.
Further, processor 1001 can call the Java reflex control application programs stored in memory 1005, also
Perform following operate:
Self-defined static method allowRelect is set in the entrance class of reflection, and the class list for forbidding reflection is set
disableClasNameList;
Self-defined static method allowRelectFlag is added in the forName methods of Class modules and forbids reflection
Class list disableClasName judgement.
Further, it is described to add self-defined static method in the forName methods of Class modules
Before the step of allowRelectFlag and the class list disableClasName for forbidding reflection judgement, processor 1001 can
The Java reflex control application programs stored with calling in memory 1005, also perform following operate:
Determine the corresponding class of hiding data in system;
Identified class is built into the class list disableClasNameList for forbidding reflection.
Further, whether the class for judging to reflect required for the Java reflections is in the class list for forbidding reflection
After step, processor 1001 can call the Java reflex control application programs stored in memory 1005, also perform following
Operation:
When the class of reflection required for the Java reflects is not in the class list for forbidding reflection, the Java reflections are judged
It is corresponding to access whether application sets authority;
If described access using authority is not provided with, the Java reflections are performed.
Reference picture 2, the first embodiment of the present invention provides a kind of Java reflection control methods, the Java reflex control sides
Method includes:
Step S10, when receiving Java reflection requests, determines the corresponding Java reflections of the Java reflections request;
In one embodiment of this invention, it is automatic by system when needing to application program update or carrying out APK renewals
Send instruction or user clicks on virtual push button and initiates more new command, when being updated, it is necessary to which Java reflex mechanisms find phase
The interface access data answered, can send corresponding Java reflection request, television terminal or its system receive Java reflections please
When asking, the corresponding Java reflections of the Java reflections request are determined, for example, determining the system interface that the Java reflections are pointed to.
The Java reflections request can also be that application program is sent.
Step S20, determines that the Java reflects self-defined static method allowRelect attribute;
Static variable is set in the entrance class of reflection in advance, whether the attribute of the static variable represents such Java reflections
Allow, in the attribute, i.e. allowRelectFlag=false of the allowRelect, expression does not allow Java to reflect;
During allowRelectFlag=ture, represent to allow Java to reflect.The class that being set does not allow to carry out Java reflections is related to privacy
The access of data, thus it is arranged to property value for false.Also can freely it be set according to user's request, by setting, blocking portion
The Java reflections divided so that be not that all reflection can run succeeded.
Step S30, in the attribute to allow during reflection, performs the Java reflections;
Step S40, when the attribute is refusal reflection, refuses the Java reflections, and report an error.
In the attribute to allow during reflection, i.e., in variable=ture, perform the Java reflections;Variable=
During false, refuse the Java reflections, and report an error, Java reflections can not be performed.
Specifically, the process for performing Java reflex controls by allowRelect attribute includes:
In the entrance class of reflection, libcore/libart/src/main/java/java/lang/Class.java is added
Static variable;Pravate static Boolean allowReflectFlag=false;Into static method public
Static void allowReflect (boolean flag) { allowReflectFlag=flag;};
AllowReflectFlag is set by allowReflect methods, and default value is false, and user can be right according to demand
Value is configured, for example, being changed to ture.
The present embodiment increases static method to carry out the judgement of Java reflections by the entrance class of reflection, according to sentencing for setting
It is disconnected to prevent part from being related to the Java reflections for accessing private data, solve the packaging effects that current Java reflections destroy Java, reflection
System api is even more the security for destroying android system, private data read, changed system etc., the skill of data safety difference
Art problem.Avoid private data from being accessed, improve the security of user data.
Further, reference picture 3, the second embodiment of the present invention provides a kind of Java reflection control methods, the determination
After the step of Java reflects self-defined static method allowRelect attribute, in addition to:
Step S50, when the attribute is refusal reflection, the class of reflection required for determining the Java reflections;
Step S60, whether the class of reflection is in the class list for forbidding reflection required for judging the Java reflections;
Step S70, if so, refusing the Java reflections, and reports an error;
Step S80, if it is not, performing the Java reflections.
In the present embodiment, by reflecting the entrance class of class, the class list for forbidding reflection is added, i.e. setting
On the basis of allowRelect attribute, then the class list for forbidding reflection is set, prevents the Java of some classes from reflecting.Add and prohibit
The class list (expansible) only reflected, the java class list builder includes:The class list for forbidding reflection is set
DisableClasNameList, determines the corresponding class of hiding data in system;Identified class is built into the class for forbidding reflection
List disableClasNameList.Included in the class list based on class name, also can also be other relevant classes
Information, for example, the mark of class, the information such as type of class carries out reflection according to Class Type and forbidden.
By taking android.app.ActivityManger as an example, rivate static final
String disableclassNameList []={ " android.app.ActivityManager " };With reference to figure
Following judgement is added in embodiment in 2, the forName methods in Class classes to prevent reflection:
If (allowReflectFlag=false)
for(string disableclassName:disableclassNameList){
if(className!=null&&className.equals (disableclassName))
throw new NosuchMethodException(“The reflection of this class is
disabled”);}
}
}
When allowRelect attribute is ture, proceeds the judgement of java class list, Java is reflected in Java
When in class list, prevent Java from reflecting, when or not in java reflection class lists, perform Java reflections.
The present embodiment is added by Class forName methods by the entrance class in reflection and forbids the class of reflection to arrange
Table, carries out the control of Java reflections with reference to allowRelect attribute, further improves the accuracy of Java reflex controls, lead to
The control of multilayer Java reflections is crossed, the security of user data is further increased.
Further, reference picture 4, the third embodiment of the present invention provides a kind of Java reflection control methods, the judgement
Whether the class of reflection required for Java reflection after the step in the class list for forbidding reflection, in addition to:
Step S90, when the class of reflection required for the Java reflects is not in the class list for forbidding reflection, judges described
Java reflections are corresponding to access whether application sets authority;
Step S100, if described access using authority is not provided with, performs the Java reflections.
In the present embodiment, under some scenes, to set allowReflect attributes and not forbidding the class row of reflection
Class in table may also user need to forbid reflection, authority can be set for it, when or not in the class list for forbidding reflection, judge
The Java reflections are corresponding to access whether application sets authority;If described access using authority is not provided with, perform described
Java reflects;If there is provided authority, forbids Java to reflect, reporting an error.The setting authority can be set mark or carry out
Classification etc..By way of authority is set, it is to avoid some users are not intended to the data that other people see and are accessed, and further improve
The reasonability of security and the Java reflection of user data.
In order to preferably describe the embodiment of the present invention, the process of Java reflections includes:
S101, application program;S102, is reflected using the forName methods of Class classes;S103,
Whether allowReflectFlag is equal to tureIf so, S104 is performed, if it is not, performing S105;S104, reflects successfully;S105,
Whether the class name of reflection allowsIf so, performing S104, if it is not, performing S106, S106, reflection is prohibited, throw exception.
AllowReflectFlag is set by allowReflect methods, and default value is false.System default can be intercepted
Class defined in disableClassNameList.Application program can not just reflect pre-defined class in lists.Android
The application of system manufacturer customization can bypass this limitation by allowReflect (true) method.
In one embodiment, the present invention also provides a kind of television terminal, and the television terminal includes:Memory, processor
And it is stored in the Java reflex control programs that can be run on the memory and on the processor, the Java reflex controls
Following steps are realized when program is by the computing device:
When receiving Java reflection requests, the corresponding Java reflections of the Java reflections request are determined;
In one embodiment of this invention, it is automatic by system when needing to application program update or carrying out APK renewals
Send instruction or user clicks on virtual push button and initiates more new command, when being updated, it is necessary to which Java reflex mechanisms find phase
The interface access data answered, can send corresponding Java reflection request, television terminal or its system receive Java reflections please
When asking, the corresponding Java reflections of the Java reflections request are determined, for example, determining the system interface that the Java reflections are pointed to.
The Java reflections request can also be that application program is sent.
Determine that the Java reflects self-defined static method allowRelect attribute;
Static variable is set in the entrance class of reflection in advance, whether the attribute of the static variable represents such Java reflections
Allow, in the attribute, i.e. allowRelectFlag=false of the allowRelect, expression does not allow Java to reflect;
During allowRelectFlag=ture, represent to allow Java to reflect.The class that being set does not allow to carry out Java reflections is related to privacy
The access of data, thus it is arranged to property value for false.Also can freely it be set according to user's request, by setting, blocking portion
The Java reflections divided so that be not that all reflection can run succeeded.
In the attribute to allow during reflection, the Java reflections are performed;
When the attribute is refusal reflection, refuse the Java reflections, and report an error.
In the attribute to allow during reflection, i.e., in variable=ture, perform the Java reflections;Variable=
During false, refuse the Java reflections, and report an error, Java reflections can not be performed.
Specifically, the process for performing Java reflex controls by allowRelect attribute includes:
In the entrance class of reflection, libcore/libart/src/main/java/java/lang/Class.java is added
Static variable;Pravate static Boolean allowReflectFlag=false;Into static method public
Static void allowReflect (boolean flag) { allowReflectFlag=flag;};
AllowReflectFlag is set by allowReflect methods, and default value is false, and user can be right according to demand
Value is configured, for example, being changed to ture.
The present embodiment increases static method to carry out the judgement of Java reflections by the entrance class of reflection, according to sentencing for setting
It is disconnected to prevent part from being related to the Java reflections for accessing private data, solve the packaging effects that current Java reflections destroy Java, reflection
System api is even more the security for destroying android system, private data read, changed system etc., the skill of data safety difference
Art problem.Avoid private data from being accessed, improve the security of user data.
Further, it is described determine the step of Java reflects self-defined static method allowRelect attribute it
Afterwards, the Java reflex controls program by the computing device when realize following steps:
When the attribute is refusal reflection, the class of reflection required for determining the Java reflections;
Whether the class of reflection is in the class list for forbidding reflection required for judging the Java reflections;
If so, refusing the Java reflections, and report an error;
If it is not, performing the Java reflections.
In the present embodiment, by reflecting the entrance class of class, the class list for forbidding reflection is added, i.e. setting
On the basis of allowRelect attribute, then the class list for forbidding reflection is set, prevents the Java of some classes from reflecting.Add and prohibit
The class list (expansible) only reflected, the java class list builder includes:The class list for forbidding reflection is set
DisableClasNameList, determines the corresponding class of hiding data in system;Identified class is built into the class for forbidding reflection
List disableClasNameList.Included in the class list based on class name, also can also be other relevant classes
Information, for example, the mark of class, the information such as type of class carries out reflection according to Class Type and forbidden.
By taking android.app.ActivityManger as an example, rivate static final
String disableclassNameList []={ " android.app.ActivityManager " };With reference to figure
Following judgement is added in embodiment in 2, the forName methods in Class classes to prevent reflection:
If (allowReflectFlag=false)
for(string disableclassName:disableclassNameList){
if(className!=null&&className.equals (disableclassName))
throw new NosuchMethodException(“The reflection of this class is
disabled”);}
}
}
When allowRelect attribute is ture, proceeds the judgement of java class list, Java is reflected in Java
When in class list, prevent Java from reflecting, when or not in java reflection class lists, perform Java reflections.
The present embodiment is added by Class forName methods by the entrance class in reflection and forbids the class of reflection to arrange
Table, carries out the control of Java reflections with reference to allowRelect attribute, further improves the accuracy of Java reflex controls, lead to
The control of multilayer Java reflections is crossed, the security of user data is further increased.
Further, whether the class for judging to reflect required for the Java reflections is in the class list for forbidding reflection
After step, following steps are realized when the Java reflex controls program is by the computing device:
When the class of reflection required for the Java reflects is not in the class list for forbidding reflection, the Java reflections are judged
It is corresponding to access whether application sets authority;
If described access using authority is not provided with, the Java reflections are performed.
In the present embodiment, under some scenes, to set allowReflect attributes and not forbidding the class row of reflection
Class in table may also user need to forbid reflection, authority can be set for it, when or not in the class list for forbidding reflection, judge
The Java reflections are corresponding to access whether application sets authority;If described access using authority is not provided with, perform described
Java reflects;If there is provided authority, forbids Java to reflect, reporting an error.The setting authority can be set mark or carry out
Classification etc..By way of authority is set, it is to avoid some users are not intended to the data that other people see and are accessed, and further improve
The reasonability of security and the Java reflection of user data.
In addition, the embodiment of the present invention also proposes a kind of computer-readable recording medium, the computer-readable recording medium
On be stored with Java reflex control programs, following operation is realized when the Java reflex controls program is executed by processor:
When receiving Java reflection requests, the corresponding Java reflections of the Java reflections request are determined;
Determine that the Java reflects self-defined static method allowRelect attribute;
In the attribute to allow during reflection, the Java reflections are performed;
When the attribute is refusal reflection, refuse the Java reflections, and report an error.
Further, it is described determine the step of Java reflects self-defined static method allowRelect attribute it
Afterwards, following operation is realized when the Java reflex controls program is executed by processor:
When the attribute is refusal reflection, the class of reflection required for determining the Java reflections;
Whether the class of reflection is in the class list for forbidding reflection required for judging the Java reflections;
If so, refusing the Java reflections, and report an error;
If it is not, performing the Java reflections.
Further, following operation is realized when the Java reflex controls program is executed by processor:
Self-defined static method allowRelect is set in the entrance class of reflection, and the class list for forbidding reflection is set
disableClasNameList;
Self-defined static method allowRelectFlag is added in the forName methods of Class modules and forbids reflection
Class list disableClasName judgement.
Further, it is described to add self-defined static method in the forName methods of Class modules
Before the step of allowRelectFlag and the class list disableClasName for forbidding reflection judgement, the Java reflections
Following operation is realized when control program is executed by processor:
Determine the corresponding class of hiding data in system;
Identified class is built into the class list disableClasNameList for forbidding reflection.
Further, whether the class for judging to reflect required for the Java reflections is in the class list for forbidding reflection
Following operation is realized after step, when the Java reflex controls program is executed by processor:
When the class of reflection required for the Java reflects is not in the class list for forbidding reflection, the Java reflections are judged
It is corresponding to access whether application sets authority;
If described access using authority is not provided with, the Java reflections are performed.
It should be noted that herein, term " comprising ", "comprising" or its any other variant are intended to non-row
His property is included, so that process, method, article or system including a series of key elements not only include those key elements, and
And also including other key elements being not expressly set out, or also include for this process, method, article or system institute inherently
Key element.In the absence of more restrictions, the key element limited by sentence "including a ...", it is not excluded that including this
Also there is other identical element in process, method, article or the system of key element.
The embodiments of the present invention are for illustration only, and the quality of embodiment is not represented.
Through the above description of the embodiments, those skilled in the art can be understood that above-described embodiment side
Method can add the mode of required general hardware platform to realize by software, naturally it is also possible to by hardware, but in many cases
The former is more preferably embodiment.Understood based on such, technical scheme is substantially done to prior art in other words
Going out the part of contribution can be embodied in the form of software product, and the computer software product is stored in one as described above
In storage medium (such as ROM/RAM, magnetic disc, CD), including some instructions to cause a station terminal equipment (can be mobile phone,
Computer, server, TV, or network equipment etc.) perform method described in each of the invention embodiment.
The preferred embodiments of the present invention are these are only, are not intended to limit the scope of the invention, it is every to utilize this hair
Equivalent structure or equivalent flow conversion that bright specification and accompanying drawing content are made, or directly or indirectly it is used in other related skills
Art field, is included within the scope of the present invention.
Claims (11)
1. a kind of Java reflection control methods, it is characterised in that the Java reflection control methods comprise the following steps:
When receiving Java reflection requests, the corresponding Java reflections of the Java reflections request are determined;
Determine that the Java reflects self-defined static method allowRelect attribute;
In the attribute to allow during reflection, the Java reflections are performed;
When the attribute is refusal reflection, refuse the Java reflections, and report an error.
2. Java reflection control methods as claimed in claim 1, it is characterised in that the determination Java reflections are self-defined
After the step of static method allowRelect attribute, in addition to:
When the attribute is refusal reflection, the class of reflection required for determining the Java reflections;
Whether the class of reflection is in the class list for forbidding reflection required for judging the Java reflections;
If so, refusing the Java reflections, and report an error;
If it is not, performing the Java reflections.
3. Java reflection control methods as claimed in claim 2, it is characterised in that methods described, in addition to:
Self-defined static method allowRelect is set in the entrance class of reflection, and the class list for forbidding reflection is set
disableClasNameList;
Self-defined static method allowRelectFlag is added in the forName methods of Class modules and forbids the class of reflection
List disableClasName judgement.
4. Java reflection control methods as claimed in claim 3, it is characterised in that the forName side in Class modules
Self-defined static method allowRelectFlag is added in method and forbids the class list disableClasName of reflection judgement
The step of before, in addition to:
Determine the corresponding class of hiding data in system;
Identified class is built into the class list disableClasNameList for forbidding reflection.
5. Java reflection control methods as claimed in claim 2, it is characterised in that required for the judgement Java reflections
The class of reflection whether forbid reflection class list in step after, in addition to:
When the class of reflection required for the Java reflects is not in the class list for forbidding reflection, the Java reflections correspondence is judged
Access application whether authority is set;
If described access using authority is not provided with, the Java reflections are performed.
6. a kind of television terminal, it is characterised in that the television terminal includes:Memory, processor and it is stored in the storage
On device and the Java reflex control programs that can run on the processor, the Java reflex controls program is by the processor
Following steps are realized during execution:
When receiving Java reflection requests, the corresponding Java reflections of the Java reflections request are determined;
Determine that the Java reflects self-defined static method allowRelect attribute;
In the attribute to allow during reflection, the Java reflections are performed;
When the attribute is refusal reflection, refuse the Java reflections, and report an error.
7. television terminal as claimed in claim 6, it is characterised in that the determination Java reflects self-defined static method
After the step of allowRelect attribute, the Java reflex controls program is realized following step during the computing device
Suddenly:
When the attribute is refusal reflection, the class of reflection required for determining the Java reflections;
Whether the class of reflection is in the class list for forbidding reflection required for judging the Java reflections;
If so, refusing the Java reflections, and report an error;
If it is not, performing the Java reflections.
8. television terminal as claimed in claim 7, it is characterised in that the Java reflex controls program is held by the processor
Following steps are realized during row:
Self-defined static method allowRelect is set in the entrance class of reflection, and the class list for forbidding reflection is set
disableClasNameList;
Self-defined static method allowRelectFlag is added in the forName methods of Class modules and forbids the class of reflection
List disableClasName judgement.
9. television terminal as claimed in claim 8, it is characterised in that described to be added in the forName methods of Class modules
Self-defined static method allowRelectFlag and forbid reflection class list disableClasName judgement the step of it
Before, realize following steps when the Java reflex controls program is by the computing device:
Determine the corresponding class of hiding data in system;
Identified class is built into the class list disableClasNameList for forbidding reflection.
10. television terminal as claimed in claim 7, it is characterised in that reflection required for the judgement Java reflections
Whether class is after the step in the class list for forbidding reflection, and the Java reflex controls program is by real during the computing device
Existing following steps:
When the class of reflection required for the Java reflects is not in the class list for forbidding reflection, the Java reflections correspondence is judged
Access application whether authority is set;
If described access using authority is not provided with, the Java reflections are performed.
11. a kind of computer-readable recording medium, it is characterised in that the Java that is stored with the computer-readable recording medium is anti-
Control program is penetrated, is realized when the Java reflex controls program is executed by processor as any one of claim 1 to 5
The step of Java reflection control methods.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710381694.1A CN107194254B (en) | 2017-05-25 | 2017-05-25 | Television terminal, Java reflection control method and computer-readable storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710381694.1A CN107194254B (en) | 2017-05-25 | 2017-05-25 | Television terminal, Java reflection control method and computer-readable storage medium |
Publications (2)
Publication Number | Publication Date |
---|---|
CN107194254A true CN107194254A (en) | 2017-09-22 |
CN107194254B CN107194254B (en) | 2021-06-15 |
Family
ID=59875169
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710381694.1A Active CN107194254B (en) | 2017-05-25 | 2017-05-25 | Television terminal, Java reflection control method and computer-readable storage medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107194254B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20230103992A1 (en) * | 2021-10-06 | 2023-04-06 | Cisco Technology, Inc. | Reflection runtime protection and auditing system |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103544016A (en) * | 2013-10-28 | 2014-01-29 | 珠海许继芝电网自动化有限公司 | Service registering configuration method and system based on JAVA reflection technology |
US20140052997A1 (en) * | 2012-08-17 | 2014-02-20 | International Business Machines Corporation | Security model for actor-based languages and apparatus, methods, and computer programming products using same |
CN106547564A (en) * | 2016-11-15 | 2017-03-29 | 武汉斗鱼网络科技有限公司 | A kind of Android applications automatic update method and system based on reflex mechanism |
-
2017
- 2017-05-25 CN CN201710381694.1A patent/CN107194254B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140052997A1 (en) * | 2012-08-17 | 2014-02-20 | International Business Machines Corporation | Security model for actor-based languages and apparatus, methods, and computer programming products using same |
CN103544016A (en) * | 2013-10-28 | 2014-01-29 | 珠海许继芝电网自动化有限公司 | Service registering configuration method and system based on JAVA reflection technology |
CN106547564A (en) * | 2016-11-15 | 2017-03-29 | 武汉斗鱼网络科技有限公司 | A kind of Android applications automatic update method and system based on reflex mechanism |
Non-Patent Citations (2)
Title |
---|
侯捷: "Java反射机制", 《程序员》 * |
尹松强等: "Java反射机制探究", 《软件导刊》 * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20230103992A1 (en) * | 2021-10-06 | 2023-04-06 | Cisco Technology, Inc. | Reflection runtime protection and auditing system |
Also Published As
Publication number | Publication date |
---|---|
CN107194254B (en) | 2021-06-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9703971B2 (en) | Sensitive operation verification method, terminal device, server, and verification system | |
CN110532764B (en) | Authority processing method, mobile terminal and readable storage medium | |
US10354077B2 (en) | Permission control method and electronic device operating the same | |
KR20210113280A (en) | Dynamic application configuration | |
US20140096236A1 (en) | Apparatus and method for securing mobile terminal | |
KR20180106231A (en) | Electronic device for controlling audio output and operating mehtod thereof | |
KR20190117485A (en) | Service data processing method and device, and Service processing method and device | |
EP3089068A1 (en) | Application program management method, device, terminal, and computer storage medium | |
CN109543400B (en) | Method and equipment for dynamically managing kernel nodes | |
CN110753928A (en) | Method and electronic device for controlling permission of application program | |
KR102118294B1 (en) | Method and apparatus for detecting wireless network type, and electronic device | |
KR102558349B1 (en) | Method for sharing information on conditional action and an electronic device thereof | |
WO2006011343A1 (en) | Competition solving device | |
CN112130866A (en) | Application deployment method and related device | |
KR20190032861A (en) | Electronic device and control method thereof | |
CN110308949A (en) | Implementation method, device and the computer readable storage medium of plug-in unit frame | |
KR102333425B1 (en) | Method and apparatus to sandbox run-time android applications with lightweight container | |
CN113836540B (en) | Method, apparatus, storage medium and program product for managing application rights | |
CN110502263A (en) | Upgrade package production method, system and computer readable storage medium | |
CN107194254A (en) | Television terminal and Java reflection control methods and computer-readable recording medium | |
KR20160100746A (en) | Electronic devcie for executing application and method for cotrolling thereof | |
US20060143715A1 (en) | Method and apparatus for providing security policy enforcement | |
CN111552537B (en) | Theme switching method and device, computer equipment and storage medium | |
US10620977B2 (en) | Method and system for providing security features in a smart phone | |
CN114489419A (en) | Authority control method and electronic equipment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |