...
Replacing the function table gives the attacker access to the XPathContext used to evaluate XPath expression. Static variables are global across a Java runtime environment. They can be used as a communication channel between different application domains (e.g. by code loaded into different class loaders) .
Compliant Solution
There are several strategies one can adopt to tackle a few ways this problem can be avoided.
Compliant Solution
1. Treat public static fields as constants and declare them as final. Consider the use of enum types.
| Code Block | ||
|---|---|---|
| ||
package org.apache.xpath.compiler; public class MyClassFunctionTable { public static final int LEFT = 1; public static final int RIGHT = 2FuncLoader m_functions; } |
2. Reduce the scope of static fields. This ensures access only by legitimate public member functions which can then use SecurityManager to validate access to the static field.
| Code Block | ||
|---|---|---|
| ||
package org.apache.xpath.compiler; public classstatic FunctionTable { private static final FuncLoader m_functions; }... |
3. Define assessor methods Additionally for mutable static state . Add one can define assessor methods and add appropriate security checks.
...