You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@poi.apache.org by us...@apache.org on 2015/11/11 12:36:44 UTC
svn commit: r1713813 - in /poi/trunk/src/ooxml/java/org/apache/poi:
openxml4j/util/ZipSecureFile.java util/OOXMLLite.java
Author: uschindler
Date: Wed Nov 11 11:36:44 2015
New Revision: 1713813
URL: http://svn.apache.org/viewvc?rev=1713813&view=rev
Log:
#58597: Add more AccessController.doPrivileged. We should fix them later!
Modified:
poi/trunk/src/ooxml/java/org/apache/poi/openxml4j/util/ZipSecureFile.java
poi/trunk/src/ooxml/java/org/apache/poi/util/OOXMLLite.java
Modified: poi/trunk/src/ooxml/java/org/apache/poi/openxml4j/util/ZipSecureFile.java
URL: http://svn.apache.org/viewvc/poi/trunk/src/ooxml/java/org/apache/poi/openxml4j/util/ZipSecureFile.java?rev=1713813&r1=1713812&r2=1713813&view=diff
==============================================================================
--- poi/trunk/src/ooxml/java/org/apache/poi/openxml4j/util/ZipSecureFile.java (original)
+++ poi/trunk/src/ooxml/java/org/apache/poi/openxml4j/util/ZipSecureFile.java Wed Nov 11 11:36:44 2015
@@ -23,6 +23,8 @@ import java.io.IOException;
import java.io.InputStream;
import java.io.PushbackInputStream;
import java.lang.reflect.Field;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
import java.util.zip.InflaterInputStream;
import java.util.zip.ZipEntry;
import java.util.zip.ZipException;
@@ -31,6 +33,7 @@ import java.util.zip.ZipInputStream;
import org.apache.poi.util.POILogFactory;
import org.apache.poi.util.POILogger;
+import org.apache.poi.util.SuppressForbidden;
/**
* This class wraps a {@link ZipFile} in order to check the
@@ -163,20 +166,27 @@ public class ZipSecureFile extends ZipFi
return addThreshold(zipIS);
}
- @SuppressWarnings("resource")
- public static ThresholdInputStream addThreshold(InputStream zipIS) throws IOException {
+ public static ThresholdInputStream addThreshold(final InputStream zipIS) throws IOException {
ThresholdInputStream newInner;
if (zipIS instanceof InflaterInputStream) {
- try {
- Field f = FilterInputStream.class.getDeclaredField("in");
- f.setAccessible(true);
- InputStream oldInner = (InputStream)f.get(zipIS);
- newInner = new ThresholdInputStream(oldInner, null);
- f.set(zipIS, newInner);
- } catch (Exception ex) {
- logger.log(POILogger.WARN, "SecurityManager doesn't allow manipulation via reflection for zipbomb detection - continue with original input stream", ex);
- newInner = null;
- }
+ newInner = AccessController.doPrivileged(new PrivilegedAction<ThresholdInputStream>() {
+ @SuppressForbidden("TODO: Fix this to not use reflection (it will break in Java 9)! " +
+ "Better would be to wrap *before* instead of tyring to insert wrapper afterwards.")
+ public ThresholdInputStream run() {
+ ThresholdInputStream newInner = null;
+ try {
+ Field f = FilterInputStream.class.getDeclaredField("in");
+ f.setAccessible(true);
+ InputStream oldInner = (InputStream)f.get(zipIS);
+ newInner = new ThresholdInputStream(oldInner, null);
+ f.set(zipIS, newInner);
+ } catch (Exception ex) {
+ logger.log(POILogger.WARN, "SecurityManager doesn't allow manipulation via reflection for zipbomb detection - continue with original input stream", ex);
+ newInner = null;
+ }
+ return newInner;
+ }
+ });
} else {
// the inner stream is a ZipFileInputStream, i.e. the data wasn't compressed
newInner = null;
Modified: poi/trunk/src/ooxml/java/org/apache/poi/util/OOXMLLite.java
URL: http://svn.apache.org/viewvc/poi/trunk/src/ooxml/java/org/apache/poi/util/OOXMLLite.java?rev=1713813&r1=1713812&r2=1713813&view=diff
==============================================================================
--- poi/trunk/src/ooxml/java/org/apache/poi/util/OOXMLLite.java (original)
+++ poi/trunk/src/ooxml/java/org/apache/poi/util/OOXMLLite.java Wed Nov 11 11:36:44 2015
@@ -25,7 +25,9 @@ import java.io.OutputStream;
import java.lang.reflect.Field;
import java.lang.reflect.Method;
import java.net.URL;
+import java.security.AccessController;
import java.security.CodeSource;
+import java.security.PrivilegedAction;
import java.security.ProtectionDomain;
import java.util.ArrayList;
import java.util.Enumeration;
@@ -49,7 +51,6 @@ import org.junit.runner.JUnitCore;import
* @author Yegor Kozlov
*/
public final class OOXMLLite {
- private static Field _classes;
/**
* Destination directory to copy filtered classes
@@ -214,12 +215,19 @@ public final class OOXMLLite {
// make the field accessible, we defer this from static initialization to here to
// allow JDKs which do not have this field (e.g. IBM JDK) to at least load the class
// without failing, see https://issues.apache.org/bugzilla/show_bug.cgi?id=56550
- try {
- _classes = ClassLoader.class.getDeclaredField("classes");
- _classes.setAccessible(true);
- } catch (Exception e) {
- throw new RuntimeException(e);
- }
+ final Field _classes = AccessController.doPrivileged(new PrivilegedAction<Field>() {
+ @SuppressForbidden("TODO: Reflection works until Java 8 on Oracle/Sun JDKs, but breaks afterwards (different classloader types, access checks)")
+ public Field run() {
+ try {
+ Field fld = ClassLoader.class.getDeclaredField("classes");
+ fld.setAccessible(true);
+ return fld;
+ } catch (Exception e) {
+ throw new RuntimeException(e);
+ }
+
+ }
+ });
ClassLoader appLoader = ClassLoader.getSystemClassLoader();
try {
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@poi.apache.org
For additional commands, e-mail: commits-help@poi.apache.org