[jira] [Updated] (DERBY-5615) NPE in Store when running SELECT in a read-only database accessed via the classpath subprotocol when authentication, authorization, and Java security are turned on

Thu, 27 Mar 2014 05:47:27 -0700 

     [ 
https://issues.apache.org/jira/browse/DERBY-5615?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Knut Anders Hatlen updated DERBY-5615:
--------------------------------------

    Attachment: d5615-1a.diff

The CPFile class reads the database files through ClassLoader methods such as 
getResource() and getSystemResource(). Those methods don't throw a 
SecurityException when they don't have permission to read the files. Instead, 
they return null, which leads to various symptoms such as NPE, 
FileNotFoundException or conglomerate not found errors, as reported here.

The calls are not wrapped in calls to doPrivilege(), which means the entire 
call stack must have permission to access the files. The original repro failed 
because the generated code doesn't have any privileges, and this problem went 
away when the failing code no longer was called from generated code. The 
failures we still see in NativeAuthenticationServiceTest seem to happen because 
junit.jar doesn't have permission to read the files.

Attached is a patch (d5615-1a.diff) that wraps doPrivileged() calls around the 
operations that require privileges. It also turns on the security manager for 
all test cases in NativeAuthenticationServiceTest, and for some more test cases 
in DatabaseClassLoadingTest. Those tests now run cleanly. I've also started the 
full regression test suite.

> NPE in Store  when running SELECT in a read-only database accessed via the 
> classpath subprotocol when authentication, authorization, and Java security 
> are turned on
> --------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: DERBY-5615
>                 URL: https://issues.apache.org/jira/browse/DERBY-5615
>             Project: Derby
>          Issue Type: Bug
>          Components: SQL, Store
>    Affects Versions: 10.9.1.0
>            Reporter: Rick Hillegas
>            Assignee: Knut Anders Hatlen
>              Labels: derby_triage10_9
>         Attachments: 5615.policy, 5615_bug.sql, 5615_init.sql, 5615_script, 
> d5615-1a.diff, derby.log, derby.log
>
>
> I get an NPE trying to select from a table on which I don't have select 
> privilege. The database is stored in a jar file accessed via the classpath 
> protocol. BUILTIN authentication and sql authorization are turned on in the 
> database. Running under a Java security manager. I will attach a repro. Here 
> is the NPE:
> Failed Statement is: select * from KIWI.t
> java.lang.NullPointerException
>       at 
> org.apache.derby.impl.store.raw.data.BaseDataFileFactory.openContainer(BaseDataFileFactory.java:661)
>       at 
> org.apache.derby.impl.store.raw.data.BaseDataFileFactory.openContainer(BaseDataFileFactory.java:591)
>       at 
> org.apache.derby.impl.store.raw.xact.Xact.openContainer(Xact.java:1316)
>       at 
> org.apache.derby.impl.store.access.btree.OpenBTree.init(OpenBTree.java:380)
>       at 
> org.apache.derby.impl.store.access.btree.BTreeController.init(BTreeController.java:1250)
>       at 
> org.apache.derby.impl.store.access.btree.index.B2IController.init(B2IController.java:140)
>       at org.apache.derby.impl.store.access.btree.index.B2I.open(B2I.java:821)
>       at 
> org.apache.derby.impl.store.access.RAMTransaction.openConglomerate(RAMTransaction.java:476)
>       at 
> org.apache.derby.impl.store.access.RAMTransaction.openConglomerate(RAMTransaction.java:1308)
>       at 
> org.apache.derby.impl.sql.catalog.DataDictionaryImpl.debugGenerateInfo(DataDictionaryImpl.java:9584)
>       at 
> org.apache.derby.impl.sql.catalog.DataDictionaryImpl.getDescriptorViaIndexMinion(DataDictionaryImpl.java:9492)
>       at 
> org.apache.derby.impl.sql.catalog.DataDictionaryImpl.getDescriptorViaIndex(DataDictionaryImpl.java:9303)
>       at 
> org.apache.derby.impl.sql.catalog.DataDictionaryImpl.getColumnDescriptorsScan(DataDictionaryImpl.java:2887)
>       at 
> org.apache.derby.impl.sql.catalog.DataDictionaryImpl.getColumnDescriptorsScan(DataDictionaryImpl.java:2851)
>       at 
> org.apache.derby.impl.sql.catalog.DataDictionaryImpl.finishTableDescriptor(DataDictionaryImpl.java:2408)
>       at 
> org.apache.derby.impl.sql.catalog.DataDictionaryImpl.getTableDescriptorIndex1Scan(DataDictionaryImpl.java:2277)
>       at 
> org.apache.derby.impl.sql.catalog.DataDictionaryImpl.getUncachedTableDescriptor(DataDictionaryImpl.java:2293)
>       at 
> org.apache.derby.impl.sql.catalog.NameTDCacheable.setIdentity(NameTDCacheable.java:110)
>       at 
> org.apache.derby.impl.services.cache.ConcurrentCache.find(ConcurrentCache.java:295)
>       at 
> org.apache.derby.impl.sql.catalog.DataDictionaryImpl.getTableDescriptor(DataDictionaryImpl.java:2224)
>       at 
> org.apache.derby.impl.sql.catalog.DataDictionaryImpl.faultInTabInfo(DataDictionaryImpl.java:9905)
>       at 
> org.apache.derby.impl.sql.catalog.DataDictionaryImpl.getNonCoreTI(DataDictionaryImpl.java:9702)
>       at 
> org.apache.derby.impl.sql.catalog.DataDictionaryImpl.getUncachedPermissionsDescriptor(DataDictionaryImpl.java:13712)
>       at 
> org.apache.derby.impl.sql.catalog.DataDictionaryImpl.getUncachedTablePermsDescriptor(DataDictionaryImpl.java:13660)
>       at 
> org.apache.derby.impl.sql.catalog.PermissionsCacheable.setIdentity(PermissionsCacheable.java:71)
>       at 
> org.apache.derby.impl.services.cache.ConcurrentCache.find(ConcurrentCache.java:295)
>       at 
> org.apache.derby.impl.sql.catalog.DataDictionaryImpl.getPermissions(DataDictionaryImpl.java:13364)
>       at 
> org.apache.derby.impl.sql.catalog.DataDictionaryImpl.getTablePermissions(DataDictionaryImpl.java:13350)
>       at 
> org.apache.derby.iapi.sql.dictionary.StatementTablePermission.oneAuthHasPermissionOnTable(StatementTablePermission.java:239)
>       at 
> org.apache.derby.iapi.sql.dictionary.StatementTablePermission.hasPermissionOnTable(StatementTablePermission.java:160)
>       at 
> org.apache.derby.iapi.sql.dictionary.StatementColumnPermission.check(StatementColumnPermission.java:99)
>       at 
> org.apache.derby.impl.sql.conn.GenericAuthorizer.authorize(GenericAuthorizer.java:183)
>       at 
> org.apache.derby.exe.ac40348015x0135x7cc7x4621x0000040700000.fillResultSet(Unknown
>  Source)
>       at 
> org.apache.derby.exe.ac40348015x0135x7cc7x4621x0000040700000.execute(Unknown 
> Source)
>       at 
> org.apache.derby.impl.sql.GenericActivationHolder.execute(GenericActivationHolder.java:353)
>       at 
> org.apache.derby.impl.sql.GenericPreparedStatement.executeStmt(GenericPreparedStatement.java:441)
>       at 
> org.apache.derby.impl.sql.GenericPreparedStatement.execute(GenericPreparedStatement.java:324)
>       at 
> org.apache.derby.impl.jdbc.EmbedStatement.executeStatement(EmbedStatement.java:1242)
>       at 
> org.apache.derby.impl.jdbc.EmbedStatement.execute(EmbedStatement.java:630)
>       at 
> org.apache.derby.impl.jdbc.EmbedStatement.execute(EmbedStatement.java:559)
>       at org.apache.derby.impl.tools.ij.ij.executeImmediate(ij.java:367)
>       at org.apache.derby.impl.tools.ij.utilMain.doCatch(utilMain.java:527)
>       at 
> org.apache.derby.impl.tools.ij.utilMain.runScriptGuts(utilMain.java:372)
>       at org.apache.derby.impl.tools.ij.utilMain.go(utilMain.java:245)
>       at org.apache.derby.impl.tools.ij.Main.go(Main.java:229)
>       at org.apache.derby.impl.tools.ij.Main.mainCore(Main.java:184)
>       at org.apache.derby.impl.tools.ij.Main.main(Main.java:75)
>       at org.apache.derby.tools.ij.main(ij.java:59)
> Cleanup action completed



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Reply via email to