JDBCDisplayUtil.java

Andrew McIntyre Tue, 06 Feb 2007 23:04:06 -0800

On 2/6/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:

Author: djd
Date: Tue Feb  6 20:15:59 2007
New Revision: 504430


URL: http://svn.apache.org/viewvc?view=rev&rev=504430
Log:
Fix security bug in JDBCDisplayUtil where system properties were accessed 
through
Boolean.getBoolean() without being wrapped in a privileged block.

</snip>

+
+    /**
+     * Get an ij boolean system property.
+     *
+     * @param name name of the property
+     */
+    private static boolean getSystemBoolean(final String name) {
+
+        return ((boolean) ((Boolean) AccessController
+                .doPrivileged(new java.security.PrivilegedAction() {
+
+                    public Object run() {
+                        return Boolean.valueOf(Boolean.getBoolean(name));
+
+                    }
+
+                })).booleanValue());
+    }
 }


I'm getting an error compiling JDBCDisplayUtil after this update:

[javac] 
/Users/andrewm/eclipse_ws/derby_trunk/java/tools/org/apache/derby/tools/JDBCDisplayUtil.java:1220:
valueOf(java.lang.String) in java.lang.Boolean cannot be applied to
(boolean)
[javac]                         return
Boolean.valueOf(Boolean.getBoolean(name));

andrew

Re: svn commit: r504430 - /db/derby/code/trunk/java/tools/org/apache/derby/tools/JDBCDisplayUtil.java

Reply via email to