You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2018/06/06 10:40:18 UTC
svn commit: r1833001 - in /tomcat/trunk: java/javax/el/ELProcessor.java
java/javax/el/ExpressionFactory.java java/javax/el/ImportHandler.java
java/javax/el/Util.java java/org/apache/el/util/ReflectionUtil.java
webapps/docs/changelog.xml
Author: markt
Date: Wed Jun 6 10:40:18 2018
New Revision: 1833001
URL: http://svn.apache.org/viewvc?rev=1833001&view=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=62080
Ensure that all reads of the current thread's context class loader made by the UEL API and implementation are performed via a PrivilegedAction to ensure that a SecurityException is not triggered when running under a SecurityManager
Modified:
tomcat/trunk/java/javax/el/ELProcessor.java
tomcat/trunk/java/javax/el/ExpressionFactory.java
tomcat/trunk/java/javax/el/ImportHandler.java
tomcat/trunk/java/javax/el/Util.java
tomcat/trunk/java/org/apache/el/util/ReflectionUtil.java
tomcat/trunk/webapps/docs/changelog.xml
Modified: tomcat/trunk/java/javax/el/ELProcessor.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/javax/el/ELProcessor.java?rev=1833001&r1=1833000&r2=1833001&view=diff
==============================================================================
--- tomcat/trunk/java/javax/el/ELProcessor.java (original)
+++ tomcat/trunk/java/javax/el/ELProcessor.java Wed Jun 6 10:40:18 2018
@@ -94,8 +94,7 @@ public class ELProcessor {
Class<?> clazz = context.getImportHandler().resolveClass(className);
if (clazz == null) {
- clazz = Class.forName(className, true,
- Thread.currentThread().getContextClassLoader());
+ clazz = Class.forName(className, true, Util.getContextClassLoader());
}
if (!Modifier.isPublic(clazz.getModifiers())) {
Modified: tomcat/trunk/java/javax/el/ExpressionFactory.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/javax/el/ExpressionFactory.java?rev=1833001&r1=1833000&r2=1833001&view=diff
==============================================================================
--- tomcat/trunk/java/javax/el/ExpressionFactory.java (original)
+++ tomcat/trunk/java/javax/el/ExpressionFactory.java Wed Jun 6 10:40:18 2018
@@ -101,7 +101,7 @@ public abstract class ExpressionFactory
public static ExpressionFactory newInstance(Properties properties) {
ExpressionFactory result = null;
- ClassLoader tccl = Thread.currentThread().getContextClassLoader();
+ ClassLoader tccl = Util.getContextClassLoader();
CacheValue cacheValue;
Class<?> clazz;
Modified: tomcat/trunk/java/javax/el/ImportHandler.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/javax/el/ImportHandler.java?rev=1833001&r1=1833000&r2=1833001&view=diff
==============================================================================
--- tomcat/trunk/java/javax/el/ImportHandler.java (original)
+++ tomcat/trunk/java/javax/el/ImportHandler.java Wed Jun 6 10:40:18 2018
@@ -190,7 +190,7 @@ public class ImportHandler {
private Class<?> findClass(String name, boolean throwException) {
Class<?> clazz;
- ClassLoader cl = Thread.currentThread().getContextClassLoader();
+ ClassLoader cl = Util.getContextClassLoader();
String path = name.replace('.', '/') + ".class";
try {
/* Given that findClass() has to be called for every imported
Modified: tomcat/trunk/java/javax/el/Util.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/javax/el/Util.java?rev=1833001&r1=1833000&r2=1833001&view=diff
==============================================================================
--- tomcat/trunk/java/javax/el/Util.java (original)
+++ tomcat/trunk/java/javax/el/Util.java Wed Jun 6 10:40:18 2018
@@ -21,6 +21,8 @@ import java.lang.reflect.Array;
import java.lang.reflect.Constructor;
import java.lang.reflect.Method;
import java.lang.reflect.Modifier;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.HashMap;
@@ -90,7 +92,8 @@ class Util {
*/
static ExpressionFactory getExpressionFactory() {
- ClassLoader tccl = Thread.currentThread().getContextClassLoader();
+ ClassLoader tccl = getContextClassLoader();
+
CacheValue cacheValue = null;
ExpressionFactory factory = null;
@@ -656,6 +659,19 @@ class Util {
}
+ static ClassLoader getContextClassLoader() {
+ ClassLoader tccl;
+ if (System.getSecurityManager() != null) {
+ PrivilegedAction<ClassLoader> pa = new PrivilegedGetTccl();
+ tccl = AccessController.doPrivileged(pa);
+ } else {
+ tccl = Thread.currentThread().getContextClassLoader();
+ }
+
+ return tccl;
+ }
+
+
private abstract static class Wrapper {
public static List<Wrapper> wrap(Method[] methods, String name) {
@@ -816,4 +832,12 @@ class Util {
;
}
}
+
+
+ private static class PrivilegedGetTccl implements PrivilegedAction<ClassLoader> {
+ @Override
+ public ClassLoader run() {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ }
}
Modified: tomcat/trunk/java/org/apache/el/util/ReflectionUtil.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/el/util/ReflectionUtil.java?rev=1833001&r1=1833000&r2=1833001&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/el/util/ReflectionUtil.java (original)
+++ tomcat/trunk/java/org/apache/el/util/ReflectionUtil.java Wed Jun 6 10:40:18 2018
@@ -19,6 +19,8 @@ package org.apache.el.util;
import java.lang.reflect.Array;
import java.lang.reflect.Method;
import java.lang.reflect.Modifier;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
@@ -57,10 +59,10 @@ public class ReflectionUtil {
if (c == null) {
if (name.endsWith("[]")) {
String nc = name.substring(0, name.length() - 2);
- c = Class.forName(nc, true, Thread.currentThread().getContextClassLoader());
+ c = Class.forName(nc, true, getContextClassLoader());
c = Array.newInstance(c, 0).getClass();
} else {
- c = Class.forName(name, true, Thread.currentThread().getContextClassLoader());
+ c = Class.forName(name, true, getContextClassLoader());
}
}
return c;
@@ -476,6 +478,28 @@ public class ReflectionUtil {
return null;
}
+
+ private static ClassLoader getContextClassLoader() {
+ ClassLoader tccl;
+ if (System.getSecurityManager() != null) {
+ PrivilegedAction<ClassLoader> pa = new PrivilegedGetTccl();
+ tccl = AccessController.doPrivileged(pa);
+ } else {
+ tccl = Thread.currentThread().getContextClassLoader();
+ }
+
+ return tccl;
+ }
+
+
+ private static class PrivilegedGetTccl implements PrivilegedAction<ClassLoader> {
+ @Override
+ public ClassLoader run() {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ }
+
+
/*
* This class duplicates code in javax.el.Util. When making changes keep
* the code in sync.
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1833001&r1=1833000&r2=1833001&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Wed Jun 6 10:40:18 2018
@@ -210,6 +210,13 @@
to JspC. (markt)
</add>
<fix>
+ <bug>62080</bug>: Ensure that all reads of the current thread's context
+ class loader made by the UEL API and implementation are performed via a
+ <code>PrivilegedAction</code> to ensure that a
+ <code>SecurityException</code> is not triggered when running under a
+ <code>SecurityManager</code>. (mark)
+ </fix>
+ <fix>
<bug>62350</bug>: Refactor
<code>org.apache.jasper.runtime.BodyContentImpl</code> so a
<code>SecurityException</code> is not thrown when running under a
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org