On 03/28/2013 10:19 AM, Laurent Bourgès wrote:

    the following method in JavaLoggerProxy also caught my eye:

            void doLog(Level level, String msg, Object... params) {
                if (!isLoggable(level)) {
                    return;
                }
                // only pass String objects to the j.u.l.Logger which may
                // be created by untrusted code
                int len = (params != null) ? params.length : 0;
                Object[] sparams = new String[len];
                for (int i = 0; i < len; i++) {
                    sparams [i] = String.valueOf(params[i]);
                }
                LoggingSupport.log(javaLogger, level.javaLevel, msg,
    sparams);
            }

    I think this could be improved if the
    DefaultLoggerProxy.formatMessage() is used instead of turning
    each parameter into a String. The method could be moved up to
    abstract LoggerProxy and used in both implementations so that
    common formatting is applied regardless of back-end used.


    Let's do this in a separate clean up as it's better to keep
    8010309 focus on performance improvement (although we have mixed
    this bag with some renaming).


I disagree Peter: JUL has its own formatting code: patterns ... and more efficient than DefaultLoggerProxy.formatMessage().

The good question relies in the comment: why convert object args into String early as JUL can do formatting / conversion?
What does mean:
            // only pass String objects to the j.u.l.Logger which may
            // be created by untrusted code
?
to avoid security issues ?

I think so. j.u.logging has a pluggable API and a reference to a security-sensitive information could get passed to untrusted code via a carelessly written logging statement. The fact that PlatformLogger is platform-internal API might give an impression that it is secure. So it should be.

I don't know how this formatting actually works in current implementation of PlatformLogger delegating to j.u.l.Logger and pre-converting the arguments into strings. Isn't formatting in j.u.logging type sensitive?

Regards, Peter


Laurent

Reply via email to