You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@karaf.apache.org by "Jean-Baptiste Onofré (JIRA)" <ji...@apache.org> on 2016/08/23 17:35:20 UTC

[jira] [Updated] (KARAF-4203) Access Specifier Manipulation

     [ https://issues.apache.org/jira/browse/KARAF-4203?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jean-Baptiste Onofré updated KARAF-4203:
----------------------------------------
    Fix Version/s:     (was: 4.0.6)
                   4.0.7

> Access Specifier Manipulation
> -----------------------------
>
>                 Key: KARAF-4203
>                 URL: https://issues.apache.org/jira/browse/KARAF-4203
>             Project: Karaf
>          Issue Type: Bug
>    Affects Versions: 4.0.3
>            Reporter: Eduardo Aguinaga
>             Fix For: 4.1.0, 4.0.7
>
>
> HP Fortify SCA and SciTools Understand were used to perform an application security of the karaf source code.
> The call to method setAccessible() on line 355 changes an access specifier. See the external issue link for more information on the subject.
> File: client/src/main/java/org/apache/karaf/client/Main.java
> Line: 355
> Main.java, lines 353-362:
> {code}
> 353 try {
> 354     Field field = terminal.getClass().getSuperclass().getDeclaredField("settings");
> 355     field.setAccessible(true);
> 356     Object settings = field.get(terminal);
> 357     field = settings.getClass().getDeclaredField("configLastFetched");
> 358     field.setAccessible(true);
> 359     field.setLong(settings, 0L);
> 360 } catch (Throwable t) {
> 361     // Ignore
> 362 }
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)