codehaus - janino
 » 
janino - dev

 « Return to Thread: [janino-dev] [jira] Created: (JANINO-113) Inner class access to inherited protected violates security

[janino-dev] [jira] Commented: (JANINO-113) Inner class access to inherited protected violates security

by JIRA jira@codehaus.org :: Rate this Message:

Reply to Author | View in Thread


    [ http://jira.codehaus.org/browse/JANINO-113?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=136074#action_136074 ]

Matt Fowles commented on JANINO-113:
------------------------------------

Damn, it looks like we need to do something similar to this for protected methods too.

Arno, do you plan on reimplementing this patch, or is it worth while for me to extend it to protected methods as well?

{code:title=EvaluatorTests.java}
public void testProtectedMethodsAcrossPackage() throws Exception {
        SimpleCompiler sc = new SimpleCompiler();
        sc.setParentClassLoader(SimpleCompiler.BOOT_CLASS_LOADER, new Class[] { for_sandbox_tests.ProtectedVariable.class });
        sc.cook("package for_sandbox_tests;\n" +
                "public class Top extends for_sandbox_tests.ProtectedVariable {\n" +
                "    public class Inner {\n" +
                "        public int get() {\n" +
                "            return getVar();\n" +
                "        }\n" +
                "        public int sget() {\n" +
                "            return sgetVar();\n" +
                "        }\n" +
                "    } \n" +
                "    public Inner createInner() {\n" +
                "        return new Inner();\n" +
                "    }\n" +
                "}"
        );
       
        Class topClass = sc.getClassLoader().loadClass("for_sandbox_tests.Top");
        Method createInner = topClass.getDeclaredMethod("createInner", null);
        Object top = topClass.newInstance();
        Object inner = createInner.invoke(top, null);
       
        Class innerClass = inner.getClass();
        Method[] m = new Method[] {
                innerClass.getDeclaredMethod("get", null),
                innerClass.getDeclaredMethod("sget", null),
        };
       
        for(int i = 0; i < m.length; ++i) {
            Object res = m[i].invoke(inner, null);
            assertEquals(Integer.valueOf(i+1), res);
       }
    }
{code}

> Inner class access to inherited protected violates security
> -----------------------------------------------------------
>
>                 Key: JANINO-113
>                 URL: http://jira.codehaus.org/browse/JANINO-113
>             Project: Janino
>          Issue Type: Bug
>            Reporter: Matt Fowles
>            Assignee: Arno Unkrig
>            Priority: Critical
>         Attachments: indirect.patch
>
>
> This is similar to but different then: http://jira.codehaus.org/browse/JANINO-112
> Consider the following classes:
> {code}
> public class Parent {
>     protected int var = 1;
> }
> public class Child extends Parent {
>     public class Inner {
>         public int get() {
>             return var;
>         }
>         public void set() {
>             var = 4;
>         }
>     }
> }
> public class Main {
>     public static void main(String[] args) {
>         Child.Inner i = new Child().new Inner();
>         System.out.println("before set: " + i.get());
>         i.set();
>         System.out.println("after set: " + i.get());
>     }
> }
> {code}
> If you run this using janinoc as your compiler and java from the command line this will print:
> before set: 1
> after set: 4
> as you would expect.
> however, if you do the equivalent thing using SimpleCompiler() the call to get will fail with an "IllegalAccessError".
> Janino is generating direct accesses to the protected variable from within the inner class, which violates the JVM's security policy.  The default class loader that runs apps is unsecured but any classes loaded through URLClassLoaders (like ones created by SimpleCompiler) run through secured class loaders.  As a result this will fail.
> If you look at the output of javac, you will discover that javac creates specialized accessor methods to handle this case:
> fowles@spiceweasel:~/sample/java$ javap test/Child
> Compiled from "Child.java"
> public class test.Child extends other.Parent{
>     public test.Child();
>     static int access$000(test.Child);
>     static int access$102(test.Child, int);
> }
> Clearly, janino needs to create these accessors too, but I do not yet have a good sense of how to do this in the code base.  Pointers or solutions would be most welcome as this is a blocker for my company's use of Janino until it is resolved.

--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

       

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email


 « Return to Thread: [janino-dev] [jira] Created: (JANINO-113) Inner class access to inherited protected violates security

Free embeddable forum powered by Nabble Forum Help