tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ma...@apache.org
Subject [tomcat] branch master updated: Fix BZ 64488. Correct ImportHandler failures under a security manager
Date Tue, 02 Jun 2020 22:55:18 GMT
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/master by this push:
     new d2e079f  Fix BZ 64488. Correct ImportHandler failures under a security manager
d2e079f is described below

commit d2e079ff75cba8c1936874e7f1a8244de08d67f2
Author: Mark Thomas <markt@apache.org>
AuthorDate: Tue Jun 2 23:54:49 2020 +0100

    Fix BZ 64488. Correct ImportHandler failures under a security manager
    
    https://bz.apache.org/bugzilla/show_bug.cgi?id=64488
    Patch provided by Volodymyr Siedleck
---
 java/jakarta/el/ImportHandler.java | 39 ++++++++++++++++++++++++++++++++++++--
 webapps/docs/changelog.xml         |  5 +++++
 2 files changed, 42 insertions(+), 2 deletions(-)

diff --git a/java/jakarta/el/ImportHandler.java b/java/jakarta/el/ImportHandler.java
index 1e7e9b9..c4d62d2 100644
--- a/java/jakarta/el/ImportHandler.java
+++ b/java/jakarta/el/ImportHandler.java
@@ -19,6 +19,8 @@ package jakarta.el;
 import java.lang.reflect.Field;
 import java.lang.reflect.Method;
 import java.lang.reflect.Modifier;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.HashSet;
@@ -31,6 +33,8 @@ import java.util.concurrent.ConcurrentHashMap;
  */
 public class ImportHandler {
 
+    private static final boolean IS_SECURITY_ENABLED = (System.getSecurityManager() != null);
+
     private static final Map<String,Set<String>> standardPackages = new HashMap<>();
 
     static {
@@ -452,8 +456,18 @@ public class ImportHandler {
              * for the case where the class does exist is a lot less than the
              * overhead we save by not calling loadClass().
              */
-            if (cl.getResource(path) == null) {
-                return null;
+            if (IS_SECURITY_ENABLED) {
+                // Webapps don't have read permission for JAVA_HOME (and
+                // possibly other sources of classes). Only need to know if the
+                // class exists at this point. Class loading occurs with
+                // standard SecurityManager policy next.
+                if (!AccessController.doPrivileged(new PrivilegedResourceExists(cl, path)).booleanValue())
{
+                    return null;
+                }
+            } else {
+                if (cl.getResource(path) == null) {
+                    return null;
+                }
             }
         } catch (ClassCircularityError cce) {
             // May happen under a security manager. Ignore it and try loading
@@ -489,4 +503,25 @@ public class ImportHandler {
      */
     private static class NotFound {
     }
+
+
+    private static class PrivilegedResourceExists implements PrivilegedAction<Boolean>
{
+
+        private final ClassLoader cl;
+        private final String name;
+
+        public PrivilegedResourceExists(ClassLoader cl, String name) {
+            this.cl = cl;
+            this.name = name;
+        }
+
+        @Override
+        public Boolean run() {
+            if (cl.getResource(name) == null) {
+                return Boolean.FALSE;
+            } else {
+                return Boolean.TRUE;
+            }
+        }
+    }
 }
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index b6d47ce..b3c1546 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -119,6 +119,11 @@
         endpoint path is specified and catch invalid endpoint paths earlier.
         (markt)
       </fix>
+      <fix>
+        <bug>64488</bug>: Ensure that the ImportHandler from the Expression
+        Language API is able to load classes from the Java runtime when running
+        under a SecurityManager. Based on a patch by Volodymyr Siedleck. (markt)
+      </fix>
     </changelog>
   </subsection>
   <subsection name="Other">


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message