You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@karaf.apache.org by "Jean-Baptiste Onofré (JIRA)" <ji...@apache.org> on 2016/08/23 17:35:20 UTC
[jira] [Updated] (KARAF-4203) Access Specifier Manipulation
[ https://issues.apache.org/jira/browse/KARAF-4203?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jean-Baptiste Onofré updated KARAF-4203:
----------------------------------------
Fix Version/s: (was: 4.0.6)
4.0.7
> Access Specifier Manipulation
> -----------------------------
>
> Key: KARAF-4203
> URL: https://issues.apache.org/jira/browse/KARAF-4203
> Project: Karaf
> Issue Type: Bug
> Affects Versions: 4.0.3
> Reporter: Eduardo Aguinaga
> Fix For: 4.1.0, 4.0.7
>
>
> HP Fortify SCA and SciTools Understand were used to perform an application security of the karaf source code.
> The call to method setAccessible() on line 355 changes an access specifier. See the external issue link for more information on the subject.
> File: client/src/main/java/org/apache/karaf/client/Main.java
> Line: 355
> Main.java, lines 353-362:
> {code}
> 353 try {
> 354 Field field = terminal.getClass().getSuperclass().getDeclaredField("settings");
> 355 field.setAccessible(true);
> 356 Object settings = field.get(terminal);
> 357 field = settings.getClass().getDeclaredField("configLastFetched");
> 358 field.setAccessible(true);
> 359 field.setLong(settings, 0L);
> 360 } catch (Throwable t) {
> 361 // Ignore
> 362 }
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)