Author: markt
Date: Fri Jan 25 11:43:17 2019
New Revision: 1852111
URL: http://svn.apache.org/viewvc?rev=1852111&view=rev
Log:
Avoid a swallowed (and therefore ignored) access failure during web application
class loading when running under a SecurityManager
Modified:
tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java
tomcat/trunk/webapps/docs/changelog.xml
Modified:
tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java?rev=1852111&r1=1852110&r2=1852111&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java
(original)
+++ tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java Fri
Jan 25 11:43:17 2019
@@ -172,6 +172,21 @@ public abstract class WebappClassLoaderB
}
+ protected final class PrivilegedJavaseGetResource implements
PrivilegedAction<URL> {
+
+ private final String name;
+
+ public PrivilegedJavaseGetResource(String name) {
+ this.name = name;
+ }
+
+ @Override
+ public URL run() {
+ return javaseClassLoader.getResource(name);
+ }
+ }
+
+
// ------------------------------------------------------- Static Variables
/**
@@ -1246,7 +1261,14 @@ public abstract class WebappClassLoaderB
// details of how this may trigger a StackOverflowError
// Given these reported errors, catch Throwable to ensure any
// other edge cases are also caught
- tryLoadingFromJavaseLoader =
(javaseLoader.getResource(resourceName) != null);
+ URL url;
+ if (securityManager != null) {
+ PrivilegedAction<URL> dp = new
PrivilegedJavaseGetResource(resourceName);
+ url = AccessController.doPrivileged(dp);
+ } else {
+ url = javaseLoader.getResource(resourceName);
+ }
+ tryLoadingFromJavaseLoader = (url != null);
} catch (Throwable t) {
// Swallow all exceptions apart from those that must be
re-thrown
ExceptionUtils.handleThrowable(t);
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1852111&r1=1852110&r2=1852111&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Fri Jan 25 11:43:17 2019
@@ -125,6 +125,11 @@
to be more tolerant of optional escaping when the <code>\nn</code> form
is used. (markt)
</add>
+ <fix>
+ Avoid a swallowed (and therefore ignored) access failure during web
+ application class loading when running under a
+ <code>SecurityManager</code>. (markt)
+ </fix>
</changelog>
</subsection>
<subsection name="Coyote">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
