[jira] [Commented] (DERBY-5615) NPE in Store when running SELECT in a read-only database accessed via the classpath subprotocol when authentication, authorization, and Java security are turned on

Fri, 28 Mar 2014 07:17:44 -0700 

    [ 
https://issues.apache.org/jira/browse/DERBY-5615?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13950739#comment-13950739
 ] 

ASF subversion and git services commented on DERBY-5615:
--------------------------------------------------------

Commit 1582754 from [~knutanders] in branch 'code/trunk'
[ https://svn.apache.org/r1582754 ]

DERBY-5615: Permission problems with classpath subsubprotocol

Change the structure of CPFile.getInputStream() back to what it was
before the original fix for this issue (revision 1582655), but with
doPrivileged() calls around all operations that require privileges.

The restructuring in the original fix apparently prevented some
resources from being freed, so that DatabaseClassLoadingTest and
NativeAuthenticationServiceTest failed on Windows platforms because
they could not delete the jar file that contained the classpath
database.

> NPE in Store  when running SELECT in a read-only database accessed via the 
> classpath subprotocol when authentication, authorization, and Java security 
> are turned on
> --------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: DERBY-5615
>                 URL: https://issues.apache.org/jira/browse/DERBY-5615
>             Project: Derby
>          Issue Type: Bug
>          Components: SQL, Store
>    Affects Versions: 10.9.1.0
>            Reporter: Rick Hillegas
>            Assignee: Knut Anders Hatlen
>              Labels: derby_triage10_9
>             Fix For: 10.11.0.0
>
>         Attachments: 5615.policy, 5615_bug.sql, 5615_init.sql, 5615_script, 
> d5615-1a.diff, d5615-1b.diff, d5615-2a.diff, derby.log, derby.log
>
>
> I get an NPE trying to select from a table on which I don't have select 
> privilege. The database is stored in a jar file accessed via the classpath 
> protocol. BUILTIN authentication and sql authorization are turned on in the 
> database. Running under a Java security manager. I will attach a repro. Here 
> is the NPE:
> Failed Statement is: select * from KIWI.t
> java.lang.NullPointerException
>       at 
> org.apache.derby.impl.store.raw.data.BaseDataFileFactory.openContainer(BaseDataFileFactory.java:661)
>       at 
> org.apache.derby.impl.store.raw.data.BaseDataFileFactory.openContainer(BaseDataFileFactory.java:591)
>       at 
> org.apache.derby.impl.store.raw.xact.Xact.openContainer(Xact.java:1316)
>       at 
> org.apache.derby.impl.store.access.btree.OpenBTree.init(OpenBTree.java:380)
>       at 
> org.apache.derby.impl.store.access.btree.BTreeController.init(BTreeController.java:1250)
>       at 
> org.apache.derby.impl.store.access.btree.index.B2IController.init(B2IController.java:140)
>       at org.apache.derby.impl.store.access.btree.index.B2I.open(B2I.java:821)
>       at 
> org.apache.derby.impl.store.access.RAMTransaction.openConglomerate(RAMTransaction.java:476)
>       at 
> org.apache.derby.impl.store.access.RAMTransaction.openConglomerate(RAMTransaction.java:1308)
>       at 
> org.apache.derby.impl.sql.catalog.DataDictionaryImpl.debugGenerateInfo(DataDictionaryImpl.java:9584)
>       at 
> org.apache.derby.impl.sql.catalog.DataDictionaryImpl.getDescriptorViaIndexMinion(DataDictionaryImpl.java:9492)
>       at 
> org.apache.derby.impl.sql.catalog.DataDictionaryImpl.getDescriptorViaIndex(DataDictionaryImpl.java:9303)
>       at 
> org.apache.derby.impl.sql.catalog.DataDictionaryImpl.getColumnDescriptorsScan(DataDictionaryImpl.java:2887)
>       at 
> org.apache.derby.impl.sql.catalog.DataDictionaryImpl.getColumnDescriptorsScan(DataDictionaryImpl.java:2851)
>       at 
> org.apache.derby.impl.sql.catalog.DataDictionaryImpl.finishTableDescriptor(DataDictionaryImpl.java:2408)
>       at 
> org.apache.derby.impl.sql.catalog.DataDictionaryImpl.getTableDescriptorIndex1Scan(DataDictionaryImpl.java:2277)
>       at 
> org.apache.derby.impl.sql.catalog.DataDictionaryImpl.getUncachedTableDescriptor(DataDictionaryImpl.java:2293)
>       at 
> org.apache.derby.impl.sql.catalog.NameTDCacheable.setIdentity(NameTDCacheable.java:110)
>       at 
> org.apache.derby.impl.services.cache.ConcurrentCache.find(ConcurrentCache.java:295)
>       at 
> org.apache.derby.impl.sql.catalog.DataDictionaryImpl.getTableDescriptor(DataDictionaryImpl.java:2224)
>       at 
> org.apache.derby.impl.sql.catalog.DataDictionaryImpl.faultInTabInfo(DataDictionaryImpl.java:9905)
>       at 
> org.apache.derby.impl.sql.catalog.DataDictionaryImpl.getNonCoreTI(DataDictionaryImpl.java:9702)
>       at 
> org.apache.derby.impl.sql.catalog.DataDictionaryImpl.getUncachedPermissionsDescriptor(DataDictionaryImpl.java:13712)
>       at 
> org.apache.derby.impl.sql.catalog.DataDictionaryImpl.getUncachedTablePermsDescriptor(DataDictionaryImpl.java:13660)
>       at 
> org.apache.derby.impl.sql.catalog.PermissionsCacheable.setIdentity(PermissionsCacheable.java:71)
>       at 
> org.apache.derby.impl.services.cache.ConcurrentCache.find(ConcurrentCache.java:295)
>       at 
> org.apache.derby.impl.sql.catalog.DataDictionaryImpl.getPermissions(DataDictionaryImpl.java:13364)
>       at 
> org.apache.derby.impl.sql.catalog.DataDictionaryImpl.getTablePermissions(DataDictionaryImpl.java:13350)
>       at 
> org.apache.derby.iapi.sql.dictionary.StatementTablePermission.oneAuthHasPermissionOnTable(StatementTablePermission.java:239)
>       at 
> org.apache.derby.iapi.sql.dictionary.StatementTablePermission.hasPermissionOnTable(StatementTablePermission.java:160)
>       at 
> org.apache.derby.iapi.sql.dictionary.StatementColumnPermission.check(StatementColumnPermission.java:99)
>       at 
> org.apache.derby.impl.sql.conn.GenericAuthorizer.authorize(GenericAuthorizer.java:183)
>       at 
> org.apache.derby.exe.ac40348015x0135x7cc7x4621x0000040700000.fillResultSet(Unknown
>  Source)
>       at 
> org.apache.derby.exe.ac40348015x0135x7cc7x4621x0000040700000.execute(Unknown 
> Source)
>       at 
> org.apache.derby.impl.sql.GenericActivationHolder.execute(GenericActivationHolder.java:353)
>       at 
> org.apache.derby.impl.sql.GenericPreparedStatement.executeStmt(GenericPreparedStatement.java:441)
>       at 
> org.apache.derby.impl.sql.GenericPreparedStatement.execute(GenericPreparedStatement.java:324)
>       at 
> org.apache.derby.impl.jdbc.EmbedStatement.executeStatement(EmbedStatement.java:1242)
>       at 
> org.apache.derby.impl.jdbc.EmbedStatement.execute(EmbedStatement.java:630)
>       at 
> org.apache.derby.impl.jdbc.EmbedStatement.execute(EmbedStatement.java:559)
>       at org.apache.derby.impl.tools.ij.ij.executeImmediate(ij.java:367)
>       at org.apache.derby.impl.tools.ij.utilMain.doCatch(utilMain.java:527)
>       at 
> org.apache.derby.impl.tools.ij.utilMain.runScriptGuts(utilMain.java:372)
>       at org.apache.derby.impl.tools.ij.utilMain.go(utilMain.java:245)
>       at org.apache.derby.impl.tools.ij.Main.go(Main.java:229)
>       at org.apache.derby.impl.tools.ij.Main.mainCore(Main.java:184)
>       at org.apache.derby.impl.tools.ij.Main.main(Main.java:75)
>       at org.apache.derby.tools.ij.main(ij.java:59)
> Cleanup action completed



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Reply via email to