--- java/javax/el/BeanELResolver.java.orig 2016-06-02 09:46:15.019196027 -0400 +++ java/javax/el/BeanELResolver.java 2016-06-02 09:46:15.025196055 -0400 @@ -251,15 +251,39 @@ try { BeanInfo info = Introspector.getBeanInfo(this.type); PropertyDescriptor[] pds = info.getPropertyDescriptors(); - for (int i = 0; i < pds.length; i++) { - this.properties.put(pds[i].getName(), new BeanProperty( - type, pds[i])); + for (PropertyDescriptor pd: pds) { + this.properties.put(pd.getName(), new BeanProperty(type, pd)); + } + if (System.getSecurityManager() != null) { + // When running with SecurityManager, some classes may be + // not accessible, but have accessible interfaces. + populateFromInterfaces(type); } } catch (IntrospectionException ie) { throw new ELException(ie); } } + private void populateFromInterfaces(Class aClass) throws IntrospectionException { + Class interfaces[] = aClass.getInterfaces(); + if (interfaces.length > 0) { + for (Class ifs : interfaces) { + BeanInfo info = Introspector.getBeanInfo(ifs); + PropertyDescriptor[] pds = info.getPropertyDescriptors(); + for (PropertyDescriptor pd : pds) { + if (!this.properties.containsKey(pd.getName())) { + this.properties.put(pd.getName(), new BeanProperty( + this.type, pd)); + } + } + } + } + Class superclass = aClass.getSuperclass(); + if (superclass != null) { + populateFromInterfaces(superclass); + } + } + private BeanProperty get(ELContext ctx, String name) { BeanProperty property = this.properties.get(name); if (property == null) { --- java/org/apache/jasper/runtime/PageContextImpl.java.orig 2016-06-02 09:46:15.020196032 -0400 +++ java/org/apache/jasper/runtime/PageContextImpl.java 2016-06-02 09:46:15.026196060 -0400 @@ -937,37 +937,11 @@ final Class expectedType, final PageContext pageContext, final ProtectedFunctionMapper functionMap, final boolean escape) throws ELException { - Object retValue; final ExpressionFactory exprFactory = jspf.getJspApplicationContext(pageContext.getServletContext()).getExpressionFactory(); - if (SecurityUtil.isPackageProtectionEnabled()) { - try { - retValue = AccessController - .doPrivileged(new PrivilegedExceptionAction() { - - @Override - public Object run() throws Exception { - ELContextImpl ctx = (ELContextImpl) pageContext.getELContext(); - ctx.setFunctionMapper(new FunctionMapperImpl(functionMap)); - ValueExpression ve = exprFactory.createValueExpression(ctx, expression, expectedType); - return ve.getValue(ctx); - } - }); - } catch (PrivilegedActionException ex) { - Exception realEx = ex.getException(); - if (realEx instanceof ELException) { - throw (ELException) realEx; - } else { - throw new ELException(realEx); - } - } - } else { - ELContextImpl ctx = (ELContextImpl) pageContext.getELContext(); - ctx.setFunctionMapper(new FunctionMapperImpl(functionMap)); - ValueExpression ve = exprFactory.createValueExpression(ctx, expression, expectedType); - retValue = ve.getValue(ctx); - } - - return retValue; + ELContextImpl ctx = (ELContextImpl) pageContext.getELContext(); + ctx.setFunctionMapper(new FunctionMapperImpl(functionMap)); + ValueExpression ve = exprFactory.createValueExpression(ctx, expression, expectedType); + return ve.getValue(ctx); } @Override --- java/org/apache/jasper/security/SecurityClassLoad.java.orig 2016-06-02 09:46:15.020196032 -0400 +++ java/org/apache/jasper/security/SecurityClassLoad.java 2016-06-02 09:46:15.027196065 -0400 @@ -93,8 +93,6 @@ "runtime.PageContextImpl$11"); loader.loadClass( basePackage + "runtime.PageContextImpl$12"); - loader.loadClass( basePackage + - "runtime.PageContextImpl$13"); loader.loadClass( basePackage + "runtime.JspContextWrapper"); --- webapps/docs/changelog.xml.orig 2016-06-02 09:46:15.022196041 -0400 +++ webapps/docs/changelog.xml 2016-06-02 09:48:48.443915711 -0400 @@ -55,6 +55,17 @@ They eventually become mixed with the numbered issues. (I.e., numbered issues to not "pop up" wrt. others). --> +
+ + + + Fix potential issue with BeanELresolver when running under a security + manager. Some classes may not be accessible but may have accessible + interfaces. (markt) + + + +