Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-5523

(7.0.z) Coverity reports possible need to use doPrivileged block for MapToBeanConverter

    Details

    • Target Release:
    • Sprint:
      EAP 7.0.2

      Description

      Coverity reports possible need to use doPrivileged block for org.jboss.wsf.stack.cxf.client.configuration.MapToBeanConverter
      Please investigate if the doPrivileged block is needed or not

      99   protected Object newInstance(String className) throws Exception {
      CID 17469 (#1 of 1): DP: Use doPrivileged (FB.DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED)1. defect: 
      org.jboss.wsf.stack.cxf.client.configuration.MapToBeanConverter.newInstance(String) 
      creates a org.jboss.ws.common.utils.DelegateClassLoader classloader, which should be performed within a doPrivileged block.
      100      ClassLoader loader = new DelegateClassLoader(ClassLoaderProvider.getDefaultProvider()
      101            .getServerIntegrationClassLoader(), SecurityActions.getContextClassLoader());
      102      Class<?> clazz = SecurityActions.loadClass(loader, className);
      103      return clazz.newInstance();
      104   }
      

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  jim.ma Jim Ma
                  Reporter:
                  baranowb Bartosz Baranowski
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  2 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: