karaf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Eduardo Aguinaga (JIRA)" <j...@apache.org>
Subject [jira] [Created] (KARAF-4203) Access Specifier Manipulation
Date Tue, 15 Dec 2015 15:35:46 GMT
Eduardo Aguinaga created KARAF-4203:
---------------------------------------

             Summary: Access Specifier Manipulation
                 Key: KARAF-4203
                 URL: https://issues.apache.org/jira/browse/KARAF-4203
             Project: Karaf
          Issue Type: Bug
    Affects Versions: 4.0.3
            Reporter: Eduardo Aguinaga


HP Fortify SCA and SciTools Understand were used to perform an application security of the
karaf source code.

The call to method setAccessible() on line 355 changes an access specifier. See the external
issue link for more information on the subject.

File: client/src/main/java/org/apache/karaf/client/Main.java
Line: 355

Main.java, lines 353-362:
353 try {
354     Field field = terminal.getClass().getSuperclass().getDeclaredField("settings");
355     field.setAccessible(true);
356     Object settings = field.get(terminal);
357     field = settings.getClass().getDeclaredField("configLastFetched");
358     field.setAccessible(true);
359     field.setLong(settings, 0L);
360 } catch (Throwable t) {
361     // Ignore
362 }




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message