Page History

public static void main(String[] args) {
  int uid = Integer.parseInt(args[0]);

  UserLookupCallBackCallBack callBack = new UserLookupCallBack(uid);
  CallBackAction action = new CallBackAction(callBack);

  // ...
  action.perform(); // Looks up user name
  System.out.println("User " + uid + " is named " + callBack.getName());
}

class MaliciousCallBack implements CallBack {
  public void callMethod() {
    // Code here gets executed with elevated privileges
  }
}

// Client code
public static void main(String[] args) {
    CallBack callBack = new MaliciousCallBack();
    CallBackAction action = new CallBackAction(callBack);
    action.perform(); // Executes malicious code
  }
}