[
https://issues.apache.org/jira/browse/DERBY-6626?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Knut Anders Hatlen updated DERBY-6626:
--------------------------------------
Attachment: d6626-1a-encryptionProvider.diff
Attached is a patch ([^d6626-1a-encryptionProvider.diff]) which makes
JCECipherFactory check that the class specified in the encryptionProvider
connection attribute implements java.security.Provider before it attempts to
create an instance of it. It also adds a test case that verifies that you get a
StandardException instead of a ClassCastException if a class of the wrong type
is specified.
All regression tests ran cleanly with the patch.
> Check type of user-supplied modules before creating instances
> -------------------------------------------------------------
>
> Key: DERBY-6626
> URL: https://issues.apache.org/jira/browse/DERBY-6626
> Project: Derby
> Issue Type: Improvement
> Components: Miscellaneous
> Affects Versions: 10.11.0.0
> Reporter: Knut Anders Hatlen
> Attachments: d6626-1a-encryptionProvider.diff
>
>
> Derby allows users to specify names of classes to use for various pluggable
> modules.
> In some cases, it verifies that the class implements the expected interface
> before it creates an instance of the class. For example in
> SpecificAuthenticactionServiceImpl:
> {code}
> Class sasClass =
> Class.forName(specificAuthenticationScheme);
> if
> (!UserAuthenticator.class.isAssignableFrom(sasClass)) {
> throw
> StandardException.newException(SQLState.AUTHENTICATION_NOT_IMPLEMENTED,
> specificAuthenticationScheme,
> "org.apache.derby.authentication.UserAuthenticator");
> }
> UserAuthenticator aScheme = (UserAuthenticator)
> sasClass.newInstance();
> {code}
> In other cases, it creates an instance without checking, and instead fails
> with a ClassCastException or some other exception when trying to use the
> instance of the incorrect type. Examples: Java5SystemProcedures
> SYSCS_REGISTER_TOOL(), JCECipherFactory, SequenceUpdater.makePreallocator().
> I think it would be good to have similar checks in these other cases too.
> That'll give clearer error messages which explain what the problem is, and it
> will be safer because it limits which constructors the users can force the
> Derby engine to invoke.
--
This message was sent by Atlassian JIRA
(v6.2#6252)