This is an automated email from the ASF dual-hosted git repository.
garydgregory pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/commons-bcel.git
The following commit(s) were added to refs/heads/master by this push:
new 9beec0d7 docs: clarify security model (#503)
9beec0d7 is described below
commit 9beec0d7d12f651412d17bc62b9d7ed8222d3f33
Author: Arnout Engelen <[email protected]>
AuthorDate: Wed Jun 17 13:45:41 2026 +0200
docs: clarify security model (#503)
This was previously discussed on the private security list and on
the commons-pmc slack, here it is now presented for public review.
---
src/site/xdoc/security.xml | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/src/site/xdoc/security.xml b/src/site/xdoc/security.xml
index d8f25888..2413ef6b 100644
--- a/src/site/xdoc/security.xml
+++ b/src/site/xdoc/security.xml
@@ -32,6 +32,19 @@
incomplete, please report them privately to the Apache Security Team.
Thank you.
</p>
</section>
+ <section name="Security Model">
+ <p>The <a
href="https://commons.apache.org/security.html#Security_Model";>Apache Commons
security model</a> specifies
+ that it is unsafe to pass possibly malicious input to Commons libraries
+ unless otherwise specified.
+ For Commons BCEL, processing untrusted class data is supported to the
extent that
+ this should never allow the supplier of the data to trigger arbitrary
code execution,
+ filesystem or network access. It may still trigger other crashes, such
as for example <code>StackOverflowError</code> or <code>OutOfMemoryError</code>:
+ if your code uses BCEL to process untrusted input
+ then it is up to you to compensate for that as necessary.
+ Loading or executing the generated classes is unsafe and may cause
unexpected behaviour,
+ including execute arbitrary code execution.
+ </p>
+ </section>
<section name="Security Vulnerabilities">
<subsection name="CVE-2022-42920">
<ul>
