HHH-15371 ByteBuddyProxyFactory call to proxyClass.getConstructor().newInstance() when used with Java Security Manager should run in a privileged action

Signed-off-by: Scott Marlow <smarlow@redhat.com>
2022-07-06 10:45:49 -04:00 · 2022-07-06 10:45:49 -04:00 · deb2c52ab4
parent fbd7fe000e
commit deb2c52ab4
1 changed files with 33 additions and 13 deletions
--- a/hibernate-core/src/main/java/org/hibernate/proxy/pojo/bytebuddy/ByteBuddyProxyFactory.java
+++ b/hibernate-core/src/main/java/org/hibernate/proxy/pojo/bytebuddy/ByteBuddyProxyFactory.java
@ -8,6 +8,8 @@ package org.hibernate.proxy.pojo.bytebuddy;

 import java.io.Serializable;
 import java.lang.reflect.Method;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
 import java.util.Set;

 import org.hibernate.HibernateException;
@ -85,21 +87,39 @@ public class ByteBuddyProxyFactory implements ProxyFactory, Serializable {
 				overridesEquals
 		);

-		try {
-			final HibernateProxy proxy = (HibernateProxy) proxyClass.getConstructor().newInstance();
+
+			final HibernateProxy proxy = getHibernateProxy();
 			( (ProxyConfiguration) proxy ).$$_hibernate_set_interceptor( interceptor );

 			return proxy;
-		}
-		catch (NoSuchMethodException e) {
-			String logMessage = LOG.bytecodeEnhancementFailedBecauseOfDefaultConstructor( entityName );
-			LOG.error( logMessage, e );
-			throw new HibernateException( logMessage, e );
-		}
-		catch (Throwable t) {
-			String logMessage = LOG.bytecodeEnhancementFailed( entityName );
-			LOG.error( logMessage, t );
-			throw new HibernateException( logMessage, t );
-		}
+
+	}
+
+	private HibernateProxy getHibernateProxy()
+			throws HibernateException {
+
+		final PrivilegedAction<HibernateProxy> action = new PrivilegedAction<HibernateProxy>() {
+
+			@Override
+			public HibernateProxy run() {
+
+				try {
+					return (HibernateProxy) proxyClass.getConstructor().newInstance();
+				}
+				catch (NoSuchMethodException e) {
+					String logMessage = LOG.bytecodeEnhancementFailedBecauseOfDefaultConstructor( entityName );
+					LOG.error( logMessage, e );
+					throw new HibernateException( logMessage, e );
+				}
+				catch (Throwable t) {
+					String logMessage = LOG.bytecodeEnhancementFailed( entityName );
+					LOG.error( logMessage, t );
+					throw new HibernateException( logMessage, t );
+				}
+
+			}
+		};
+		return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run();
+
 	}
 }