db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kathey Marsden (JIRA)" <j...@apache.org>
Subject [jira] Commented: (DERBY-4292) creation of FileInputStream in org.apache.derby.impl.tools.ij.Main not wrapped in privilege block which can cause problems running under SecurityManager
Date Wed, 08 Jul 2009 23:49:15 GMT

    [ https://issues.apache.org/jira/browse/DERBY-4292?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12728965#action_12728965

Kathey Marsden commented on DERBY-4292:

Well it seems with your new patch we don't have a problem running under security manger when
we hit the Boolean.getBoolean() call so I guess it is ok.  The javadoc also indicates that
no checks are done. I don't know why.

I verified that ij.searchClassPath is working ok by running:

java  -Dderby.system.home=C:/kmarsden/repro/derby-4292 -Dij.searchClassPath=true -Djava.security.manager
-DderbyTesting.codejar=file:/C:/svn4/trunk/jars/sane/ -Djava.security.policy=C:/kmarsden/repro/derby-4292/derby_tests.policy
org.apache.derby.tools.ij /org/apache/derbyTesting/functionTests/tests/tools/IjSecurityManagerTest.sql

If I specify a resource that doesn't exist with ij.searchClassPath I get a pre-existing NPE:
Exception in thread "main" java.lang.NullPointerException
        at java.io.Reader.<init>(Reader.java:61)
        at java.io.InputStreamReader.<init>(InputStreamReader.java:55)
        at org.apache.derby.iapi.tools.i18n.LocalizedInput.<init>(LocalizedInput.java:32)
        at org.apache.derby.iapi.tools.i18n.LocalizedResource.getNewInput(LocalizedResource.java:241)
        at org.apache.derby.impl.tools.ij.Main.mainCore(Main.java:131)
        at org.apache.derby.impl.tools.ij.Main.main(Main.java:75)
        at org.apache.derby.tools.ij.main(ij.java:59)

I don't know if that needs  a bug since we don't seem to document this property.

As an aside, I don't like the way ij just prints the error to the output and returns instead
of throwing an exception. This means it won't exit with an error code if it can't find the
[C:/kmarsden/repro/derby-4292] java org.apache.derby.tools.ij notthere.sql
IJ ERROR: file not found: notthere.sql
[C:/kmarsden/repro/derby-4292] echo $?

That too is preexisting.  

So with regard to your patch I think the fix looks fine. For the test patch you should remove
the SecurityManager setup, and add a test if the file does not exist, and add the header to
the sql file.

> creation of FileInputStream in org.apache.derby.impl.tools.ij.Main not wrapped in privilege
 block which can cause problems running under SecurityManager
> ---------------------------------------------------------------------------------------------------------------------------------------------------------
>                 Key: DERBY-4292
>                 URL: https://issues.apache.org/jira/browse/DERBY-4292
>             Project: Derby
>          Issue Type: Bug
>          Components: Tools
>    Affects Versions:,,,,,
>            Reporter: Kathey Marsden
>            Assignee: Tiago R. Espinha
>         Attachments: DERBY-4292-Fix.patch, DERBY-4292-Fix.patch, DERBY-4292-Fix.patch,
DERBY-4292-ReproTest.patch, DERBY-4292-ReproTest.patch, derby4292.zip, run.out.debugall
> org.apache.derby.impl.tools.ij.Main has this code where the call to FileInputStream is
not wrapped in a privilege block:
>                    try {
>                         in1 = new FileInputStream(file);
>                         if (in1 != null) {
>                             in1 = new BufferedInputStream(in1, utilMain.BUFFEREDFILESIZE);
>                             in = langUtil.getNewInput(in1);
>                         }
>                     } catch (FileNotFoundException e) {
>                         if (Boolean.getBoolean("ij.searchClassPath")) {
>                             in = langUtil.getNewInput(util.getResourceAsStream(file));
>                         }
> This can cause issues when running under SecurityManager

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message