Details
-
Bug
-
Status: Closed
-
Minor
-
Resolution: Fixed
-
framework-4.2.0
Description
In method org.apache.felix.framework.ServiceRegistrationImpl.isClassAccessible(Class), there is an access to the registered ServiceFactory classloader (lines 163:169 in v4.2.1):
if ((m_factory != null)
&& (m_factory.getClass().getClassLoader() instanceof BundleReference)
&& !((BundleReference) m_factory.getClass()
.getClassLoader()).getBundle().equals(m_bundle))
If a bundle registers a service through a ServiceFactory and if there is an active ServiceListener matching this service, those lines are executed inside the registering bundle's protection domain.
If this bundle does not have the (java.util.RuntimePermission 'getClassloader') privilege, the getClassLoader invocation throws a SecurityException and the listener is always called because the exception is catched at line 526 (isAssignableTo) of the same class.
The comment inside the catch block does not seem to justify this case.
I think a simple privileged block around the bundle comparison is harmless and should fix this. It could be something like :
if (m_factory != null)
{
Bundle bundle = null;
if (System.getSecurityManager() == null)
{
if ((m_factory.getClass().getClassLoader() instanceof BundleReference)
}
else
{
bundle = AccessController.doPrivileged(new PrivilegedAction<Bundle>() {
public Bundle run() {
if ((m_factory.getClass().getClassLoader() instanceof BundleReference)
return null;
}
});
}
if (bundle != null && bundle.equals(m_bundle))
{ return true; }}