Apache
/
openjpa
mirror of https://github.com/apache/openjpa.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

OPENJPA-2672: ConfigurationImpl.loadGlobals() has java.util.ConcurrentModificationException vulnerability 

git-svn-id: https://svn.apache.org/repos/asf/openjpa/trunk@1764316 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Jody Grassel 2016-10-11 18:30:19 +00:00
parent a99daf8f47
commit be71987b9c
1 changed files with 8 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
openjpa-lib/src/main/java/org/apache/openjpa/lib/conf/ConfigurationImpl.java
View File

@ -187,9 +187,14 @@ public class ConfigurationImpl
// let system properties override other globals // let system properties override other globals
try { try {
fromProperties(new HashMap( Properties systemProperties = AccessController.doPrivileged(
AccessController.doPrivileged( J2DoPrivHelper.getPropertiesAction());
J2DoPrivHelper.getPropertiesAction()))); HashMap sysPropHM = null;
synchronized(systemProperties) {
// Prevent concurrent modification of systemProperties until HashMap ctor is completed.
sysPropHM = new HashMap(systemProperties);
}
fromProperties(sysPropHM);
} catch (SecurityException se) { } catch (SecurityException se) {
// security manager might disallow // security manager might disallow
} }