SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 7

changes.mady.by.user Dhruv Mohindra

Saved on

compared with

New Version 8

changes.mady.by.user Dhruv Mohindra

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
bgColor#FFcccc
private void privilegedMethod(final String filename) throws FileNotFoundException {
  try {
    FileInputStream fis = (FileInputStream) AccessController.doPrivileged(
      new PrivilegedExceptionAction() {
        public FileInputStream run() throws FileNotFoundException {
          return new FileInputStream(filename);            
        }
      }
    );
  // do something with the file and then close it
  } catch (PrivilegedActionException e) { /* forward to handler and log */ }
  // do something with the file and then close it
}

Compliant Solution

Explicitly hardcode the name of the file and confine the privileged variables to the same method. This ensures that no malicious file is loaded by exploiting the privileges of the corresponding code.

Code Block
bgColor#ccccff
private void privilegedMethod(final String filename) throws FileNotFoundException {
  try {
    FileInputStream fis = (FileInputStream) AccessController.doPrivileged(
      new PrivilegedExceptionAction() {
        public FileInputStream run() throws FileNotFoundException {
          return new FileInputStream("/usr/home/filename");            
        }
      }
    );
  // do something with the file and then close it
  } catch (PrivilegedActionException e) { /* forward to handler and log */ }
  // do something with the file and then close it
}

Risk Assessment

Allowing tainted inputs in privileged operations can lead to privilege escalation attacks.

...