tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ma...@apache.org
Subject [tomcat] branch 8.5.x updated: Fix BZ 64488. Correct ImportHandler failures under a security manager
Date Tue, 02 Jun 2020 22:56:16 GMT
This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
     new 1350860  Fix BZ 64488. Correct ImportHandler failures under a security manager
1350860 is described below

commit 1350860d9a5be290edf0439a0ba6c120f2a78bce
Author: Mark Thomas <markt@apache.org>
AuthorDate: Tue Jun 2 23:54:49 2020 +0100

    Fix BZ 64488. Correct ImportHandler failures under a security manager
    
    https://bz.apache.org/bugzilla/show_bug.cgi?id=64488
    Patch provided by Volodymyr Siedleck
---
 java/javax/el/ImportHandler.java | 39 +++++++++++++++++++++++++++++++++++++--
 webapps/docs/changelog.xml       |  5 +++++
 2 files changed, 42 insertions(+), 2 deletions(-)

diff --git a/java/javax/el/ImportHandler.java b/java/javax/el/ImportHandler.java
index 151b3ab..636599b 100644
--- a/java/javax/el/ImportHandler.java
+++ b/java/javax/el/ImportHandler.java
@@ -19,6 +19,8 @@ package javax.el;
 import java.lang.reflect.Field;
 import java.lang.reflect.Method;
 import java.lang.reflect.Modifier;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.HashSet;
@@ -31,6 +33,8 @@ import java.util.concurrent.ConcurrentHashMap;
  */
 public class ImportHandler {
 
+    private static final boolean IS_SECURITY_ENABLED = (System.getSecurityManager() != null);
+
     private static final Map<String,Set<String>> standardPackages = new HashMap<>();
 
     static {
@@ -451,8 +455,18 @@ public class ImportHandler {
              * for the case where the class does exist is a lot less than the
              * overhead we save by not calling loadClass().
              */
-            if (cl.getResource(path) == null) {
-                return null;
+            if (IS_SECURITY_ENABLED) {
+                // Webapps don't have read permission for JAVA_HOME (and
+                // possibly other sources of classes). Only need to know if the
+                // class exists at this point. Class loading occurs with
+                // standard SecurityManager policy next.
+                if (!AccessController.doPrivileged(new PrivilegedResourceExists(cl, path)).booleanValue())
{
+                    return null;
+                }
+            } else {
+                if (cl.getResource(path) == null) {
+                    return null;
+                }
             }
         } catch (ClassCircularityError cce) {
             // May happen under a security manager. Ignore it and try loading
@@ -488,4 +502,25 @@ public class ImportHandler {
      */
     private static class NotFound {
     }
+
+
+    private static class PrivilegedResourceExists implements PrivilegedAction<Boolean>
{
+
+        private final ClassLoader cl;
+        private final String name;
+
+        public PrivilegedResourceExists(ClassLoader cl, String name) {
+            this.cl = cl;
+            this.name = name;
+        }
+
+        @Override
+        public Boolean run() {
+            if (cl.getResource(name) == null) {
+                return Boolean.FALSE;
+            } else {
+                return Boolean.TRUE;
+            }
+        }
+    }
 }
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 48ae17f..d8fb3c6 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -93,6 +93,11 @@
         endpoint path is specified and catch invalid endpoint paths earlier.
         (markt)
       </fix>
+      <fix>
+        <bug>64488</bug>: Ensure that the ImportHandler from the Expression
+        Language API is able to load classes from the Java runtime when running
+        under a SecurityManager. Based on a patch by Volodymyr Siedleck. (markt)
+      </fix>
     </changelog>
   </subsection>
   <subsection name="Other">


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message