-
Bug
-
Resolution: Fixed
-
P3
-
1.2.2
-
1.2.2
-
sparc
-
solaris_2.6
Name: ksC84122 Date: 02/26/99
JDK 1.2.2 java.lang.SecurityManager.checkAccept(null, port) converts null to
String and creates SocketPermission object with "null" as a host name, which
does not make any sense.
A test example which demonstrates this problem.
===== test34.java ========
import java.security.*;
public class test34 {
public static void main (String argv[]) {
int some_port = 1;
MySecurityManager sm = new MySecurityManager();
try {
sm.checkAccept(null, some_port);
} catch (SecurityException se) {
System.out.println(se.getMessage());
} catch (NullPointerException npe) {
System.out.println("PASSED OKAY");
}
}
}
class MySecurityManager extends SecurityManager {
public void checkPermission(Permission perm) {
if (perm.equals(new java.net.SocketPermission("null:1", "accept"))) {
throw new SecurityException("Failed: null can not be a host name");
}
}
}
========= Sample run (JDK1.2.2) ==========
#>java test34
Failed: null can not be a host name
======================================================================