[SANTUARIO-228] KeyResolver.registerAtStart() leads to ClassCastException - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: Java 1.4.4
Component/s: Java
Security Level: Public (Public issues, viewable by everyone)
Labels:
None
Environment:
Operating System: Windows NT
Platform: PC

Bugzilla Id:
49483

Description

Created an attachment (id=25627)
source code patch

KeyResolver.registerAtStart() adds a String to KeyResolver._resolverVector.
In ResolverIterator.next(), we expect the items in _resolverVector to be KeyResolver instances and this causes a ClassCastException.

To reproduce, run this code:
KeyResolver.registerAtStart("org.apache.xml.security.test.encryption.BobKeyResolver");
KeyResolverSpi resolver = (KeyResolverSpi)KeyResolver.iterator().next();

The solution is to call new KeyResolver(className) just like KeyResolver.register().
Unfortunately, we cannot add the throws clauses. For backwards compatibility, we return an unchecked RuntimeException instead. We chose IllegalArgumentException.

We also modify ResolverIterator.remove() to throw an UnsupportedOperationException.

I did not add a junit for this bug because there is no way to remove a KeyResolver once it is registered. This would affect the subsequent tests.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

ASF.LICENSE.NOT.GRANTED--diff2.txt
21/Jun/10 22:17
5 kB
Clement Pellerin

Activity

People

Assignee:: Unassigned

Reporter:: Clement Pellerin

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 21/Jun/10 22:17

Updated:: 07/Dec/10 12:05

Resolved:: 07/Dec/10 12:05