You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@aries.apache.org by ti...@apache.org on 2011/02/10 17:36:55 UTC
svn commit: r1069458 -
/aries/trunk/blueprint/blueprint-core/src/main/java/org/apache/aries/blueprint/utils/ReflectionUtils.java
Author: timothyjward
Date: Thu Feb 10 16:36:55 2011
New Revision: 1069458
URL: http://svn.apache.org/viewvc?rev=1069458&view=rev
Log:
ARIES-568: Fix up Java 2 Security problem for field injection introduced in #1067234
Modified:
aries/trunk/blueprint/blueprint-core/src/main/java/org/apache/aries/blueprint/utils/ReflectionUtils.java
Modified: aries/trunk/blueprint/blueprint-core/src/main/java/org/apache/aries/blueprint/utils/ReflectionUtils.java
URL: http://svn.apache.org/viewvc/aries/trunk/blueprint/blueprint-core/src/main/java/org/apache/aries/blueprint/utils/ReflectionUtils.java?rev=1069458&r1=1069457&r2=1069458&view=diff
==============================================================================
--- aries/trunk/blueprint/blueprint-core/src/main/java/org/apache/aries/blueprint/utils/ReflectionUtils.java (original)
+++ aries/trunk/blueprint/blueprint-core/src/main/java/org/apache/aries/blueprint/utils/ReflectionUtils.java Thu Feb 10 16:36:55 2011
@@ -414,19 +414,21 @@ public class ReflectionUtils {
}
protected void internalSet(final ExtendedBlueprintContainer container, final Object instance, final Object value) throws Exception {
- if (useContainersPermission(container)) {
- try {
- AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() {
- public Object run() throws Exception {
- doInternalSet(container, instance, value);
- return null;
- }
- });
- } catch (PrivilegedActionException pae) {
- throw pae.getException();
+ try {
+ Boolean wasSet = AccessController.doPrivileged(new PrivilegedExceptionAction<Boolean>() {
+ public Boolean run() throws Exception {
+ if (useContainersPermission(container)) {
+ doInternalSet(container, instance, value);
+ return Boolean.TRUE;
+ }
+ return Boolean.FALSE;
+ }
+ });
+ if(!!!wasSet) {
+ doInternalSet(container, instance, value);
}
- } else {
- doInternalSet(container, instance, value);
+ } catch (PrivilegedActionException pae) {
+ throw pae.getException();
}
}