Details

    • Bug behavior facts:
      Security

      Description

      There are quite a few instances of public static fields which appear to be intended to be constant, but which are not final.

      The code would be safer if all the constant fields were made final.

      Patch to follow for some of the problem fields.

      The following also ought to be fixed:

      org.apache.derby.iapi.services.property.PropertyUtil.servicePropertyList (e.g. use an accessor to lookup the values)
      org.apache.derby.iapi.types.JSQLType.primitiveNames (ditto)

      1. derbyfinal.patch
        4 kB
        Sebb
      2. derbyfinal2.patch
        11 kB
        Sebb

        Activity

        Sebb created issue -
        Sebb made changes -
        Field Original Value New Value
        Attachment derbyfinal.patch [ 12412002 ]
        Dag H. Wanvik made changes -
        Issue Type Bug [ 1 ] Improvement [ 4 ]
        Derby Categories [Data corruption, Security] [Security]
        Dag H. Wanvik made changes -
        Component/s Build tools [ 11405 ]
        Component/s Network Client [ 11690 ]
        Component/s SQL [ 11408 ]
        Component/s Store [ 11412 ]
        Dag H. Wanvik made changes -
        Affects Version/s 10.6.0.0 [ 12313727 ]
        Sebb made changes -
        Attachment derbyfinal2.patch [ 12412085 ]
        Kristian Waagan made changes -
        Issue & fix info [Patch Available]
        Bryan Pendleton made changes -
        Status Open [ 1 ] Resolved [ 5 ]
        Assignee Knut Anders Hatlen [ knutanders ]
        Fix Version/s 10.6.0.0 [ 12313727 ]
        Resolution Fixed [ 1 ]
        Kathey Marsden made changes -
        Status Resolved [ 5 ] Closed [ 6 ]
        Gavin made changes -
        Workflow jira [ 12467030 ] Default workflow, editable Closed status [ 12799768 ]

          People

          • Assignee:
            Knut Anders Hatlen
            Reporter:
            Sebb
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development