ThreadSafeDoubleCheckLocking.java: Instantiating by Reflection call will be successful if you do that firstly #761
Comments
DovahYol
changed the title
|
Yes, that is true. But I think that is the way the code is supposed to work. It allows creating one and only one instance, right? |
|
Actually you can create another instance via |
|
Can someone verify this? |
|
@iluwatar Sure. I will have a look at it. |
|
I tried testing this and it is still possible to create multiple instances if only using reflection. I saw this solution on StackOverflow which will not allow reflection to access private methods and it worked for me. So I made this change: private ThreadSafeDoubleCheckLocking() { void checkPermission() { I would really appreciate feedback. |
|
I think we can create multiple instances of a singleton class only in case of lazy initialization as in the above example. |
|
Using sun.reflect.Reflection is not recommended and I don't really understand why it is able to create multiple instances inspite of what you have done in the constructor to try to avoid it, but this is something that can be done. Using reflection is not allowed on Google App Engine, I just saw, so maybe people are working around the security threat in that way. I found this solution here btw, forgot to mention in the previous comment: https://stackoverflow.com/questions/7566626/how-to-restrict-developers-to-use-reflection-to-access-private-methods-and-const |
|
@iluwatar May I pick this up? |
|
@Azureyjt please go ahead |
…ing by Reflection call will be successful if you do that firstly
|
PR created. Please kindly review it :) @iluwatar |
…eflection call will be successful if you do that firstly (#920)
* Fix issue #761: ThreadSafeDoubleCheckLocking.java: Instantiating by Reflection call will be successful if you do that firstly * Create leader election module * Create Interface of Instance and MessageManager * Create implementations with token ring algorithm * Change package structure. Create basic message system. * Implement heartbeat and heartbeat invoking message system * Implement election message handler * Add leader message handler * Add main entry point * Add comments * Update README.md * Fix checkstyle issue * Add Unit Tests * Add Unit Tests * Add bully leader selection * Change System.out to log print. Add MIT license in each file. * Add More java doc comments * Add unit test * Add unit tests
* Fix issue #761: ThreadSafeDoubleCheckLocking.java: Instantiating by Reflection call will be successful if you do that firstly * Create leader election module * Create Interface of Instance and MessageManager * Create implementations with token ring algorithm * Change package structure. Create basic message system. * Implement heartbeat and heartbeat invoking message system * Implement election message handler * Add leader message handler * Add main entry point * Add comments * Update README.md * Fix checkstyle issue * Add Unit Tests * Add Unit Tests * Add bully leader selection * Change System.out to log print. Add MIT license in each file. * Add More java doc comments * Add unit test * Add unit tests * Add subclass-sandbox * Add Unit Test * Add Unit Test * Fix Typo * Move dependency into parent pom.xml * Change local valuable reference to be var
java-design-patterns/singleton/src/main/java/com/iluwatar/singleton/ThreadSafeDoubleCheckLocking.java
Lines 43 to 45 in 987994f
Instance will be null, and you can create a singleton object by reflection without an exception.
The text was updated successfully, but these errors were encountered: