RE: [cp-patches] FYI: Patch java.lang.ClassLoader

classpath-patches

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cp-patches] FYI: Patch java.lang.ClassLoader

From:	Jeroen Frijters
Subject:	RE: [cp-patches] FYI: Patch java.lang.ClassLoader
Date:	Mon, 11 Oct 2004 16:58:56 +0200

Jeroen Frijters wrote:
> Archie Cobbs wrote:
> > Jeroen Frijters wrote:
> > > I committed the attached patch to implement the
> > > SecurityManager.checkPackageDefinition() security check.
> > 
> > Just checking.. can this be subverted by the same trick mentioned
> > before, i.e., using '/' instead of '.' in the class name?
> 
> Not if the VM does its job. VMClassLoader.defineClass() is supposed to
> check that the class file name matches the name in the class 
> definition.

Oops. That reminds me, the name can be null at this point, so the call
to checkPackageDefinition should be inside the VM :-(

I reverted my previous patch.

Regards,
Jeroen

2004-10-11  Jeroen Frijters  <address@hidden>

        * java/lang/ClassLoader.java
        (defineClass(String,byte[],int,int,ProtectionDomain)):
        Reverted previous commit.

UndoClassLoader.patch
Description: UndoClassLoader.patch

[Prev in Thread]

Current Thread

[Next in Thread]

[cp-patches] FYI: Patch java.lang.ClassLoader, Jeroen Frijters, 2004/10/11
- Re: [cp-patches] FYI: Patch java.lang.ClassLoader, Archie Cobbs, 2004/10/11
- RE: [cp-patches] FYI: Patch java.lang.ClassLoader, Jeroen Frijters, 2004/10/11
  - Re: [cp-patches] FYI: Patch java.lang.ClassLoader, Archie Cobbs, 2004/10/11
- RE: [cp-patches] FYI: Patch java.lang.ClassLoader, Jeroen Frijters <=

Prev by Date: Re: [cp-patches] FYI: Patch
Next by Date: RE: [cp-patches] FYI: Patch
Previous by thread: Re: [cp-patches] FYI: Patch java.lang.ClassLoader
Next by thread: [cp-patches] RFC: New system class loader implementation
Index(es):
- Date
- Thread