You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@karaf.apache.org by "Jean-Baptiste Onofré (JIRA)" <ji...@apache.org> on 2015/12/15 16:49:46 UTC

[jira] [Updated] (KARAF-4203) Access Specifier Manipulation

     [ https://issues.apache.org/jira/browse/KARAF-4203?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jean-Baptiste Onofré updated KARAF-4203:
----------------------------------------
    Description: 
HP Fortify SCA and SciTools Understand were used to perform an application security of the karaf source code.

The call to method setAccessible() on line 355 changes an access specifier. See the external issue link for more information on the subject.

File: client/src/main/java/org/apache/karaf/client/Main.java
Line: 355

Main.java, lines 353-362:
{code}
353 try {
354     Field field = terminal.getClass().getSuperclass().getDeclaredField("settings");
355     field.setAccessible(true);
356     Object settings = field.get(terminal);
357     field = settings.getClass().getDeclaredField("configLastFetched");
358     field.setAccessible(true);
359     field.setLong(settings, 0L);
360 } catch (Throwable t) {
361     // Ignore
362 }
{code}

  was:
HP Fortify SCA and SciTools Understand were used to perform an application security of the karaf source code.

The call to method setAccessible() on line 355 changes an access specifier. See the external issue link for more information on the subject.

File: client/src/main/java/org/apache/karaf/client/Main.java
Line: 355

Main.java, lines 353-362:
353 try {
354     Field field = terminal.getClass().getSuperclass().getDeclaredField("settings");
355     field.setAccessible(true);
356     Object settings = field.get(terminal);
357     field = settings.getClass().getDeclaredField("configLastFetched");
358     field.setAccessible(true);
359     field.setLong(settings, 0L);
360 } catch (Throwable t) {
361     // Ignore
362 }



> Access Specifier Manipulation
> -----------------------------
>
>                 Key: KARAF-4203
>                 URL: https://issues.apache.org/jira/browse/KARAF-4203
>             Project: Karaf
>          Issue Type: Bug
>    Affects Versions: 4.0.3
>            Reporter: Eduardo Aguinaga
>
> HP Fortify SCA and SciTools Understand were used to perform an application security of the karaf source code.
> The call to method setAccessible() on line 355 changes an access specifier. See the external issue link for more information on the subject.
> File: client/src/main/java/org/apache/karaf/client/Main.java
> Line: 355
> Main.java, lines 353-362:
> {code}
> 353 try {
> 354     Field field = terminal.getClass().getSuperclass().getDeclaredField("settings");
> 355     field.setAccessible(true);
> 356     Object settings = field.get(terminal);
> 357     field = settings.getClass().getDeclaredField("configLastFetched");
> 358     field.setAccessible(true);
> 359     field.setLong(settings, 0L);
> 360 } catch (Throwable t) {
> 361     // Ignore
> 362 }
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)