...
This noncompliant code example returns an instance of java.sql.Connection from trusted to untrusted code. Untrusted code that lacks the permissions required to create a an SQL connection can bypass these restrictions by using the acquired instance directly.
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
private Class GetClass(String paramString)
throws Throwable
{
Object arrayOfObject[] = new Object[1];
arrayOfObject[0] = paramString;
Expression localExpression = new Expression(Class.class, "forName", arrayOfObject);
localExpression.execute();
return (Class)localExpression.getValue();
}
|
The {[java.beans.Expression.execute()}} method delegates its work to the following method:
...