[openorb-commits] CVS: OpenORB/src/main/org/openorb/orb/iiop CDRInputStream.java,1.19,1.20

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Update of /cvsroot/openorb/OpenORB/src/main/org/openorb/orb/iiop
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv30808/OpenORB/src/main/org/openorb/orb/iiop

Modified Files:
	CDRInputStream.java 
Log Message:
Wrap the readValue call in a PriviledgedAction

Index: CDRInputStream.java
===================================================================
RCS file: /cvsroot/openorb/OpenORB/src/main/org/openorb/orb/iiop/CDRInputStream.java,v
retrieving revision 1.19
retrieving revision 1.20
diff -u -d -r1.19 -r1.20

--- CDRInputStream.java	13 May 2004 04:09:26 -0000	1.19
+++ CDRInputStream.java	28 Jul 2004 12:07:51 -0000	1.20
@@ -2558,13 +2558,11 @@
     private java.io.Serializable read_value_withtype( String repo_id, String codeBase, Class clz )
     {
         org.omg.CORBA.portable.ValueFactory factory =
-                ( ( org.omg.CORBA_2_3.ORB ) m_orb ).lookup_value_factory( repo_id );
-
+              ( ( org.omg.CORBA_2_3.ORB ) m_orb ).lookup_value_factory( repo_id );
         if ( factory != null )
         {
             return factory.read_value( this );
         }
-        java.io.Serializable ret;
 
         // try extended unmarshal
         // _value_indirect will eventually be modified in the recursive call to
@@ -2572,10 +2570,10 @@
         // for later.
         int temp = m_value_indirect;
 
-        ret = value_extended_unmarshal( m_value_indirect, clz, repo_id, codeBase, null );
+        java.io.Serializable ret =
+              value_extended_unmarshal( m_value_indirect, clz, repo_id, codeBase, null );
         if ( ret != null )
         {
-
             // Use local variable to store current object in indirection table.
             m_value_cache.put( NumberCache.getInteger( temp ), ret );
             return ret;
@@ -2651,14 +2649,24 @@
      * calls to this function with an offset equal to a previous value must
      * not unmarshal from the stream.
      */
-    protected java.io.Serializable value_extended_unmarshal( int offset, Class clz,
-            String repo_id, String codeBase, RunTime sendingCtxt )
+    protected java.io.Serializable value_extended_unmarshal( final int offset, final Class clz,
+            final String repo_id, final String codeBase, final RunTime sendingCtxt )
     {
         java.io.Serializable result = null;
         if ( repo_id.startsWith( "RMI:" ) )
         {
             m_code_base = codeBase;
-            result = s_handler.readValue( this, offset, clz, repo_id, sendingCtxt );
+            final CDRInputStream thisStream = this;
+
+            result = (java.io.Serializable) java.security.AccessController.doPrivileged(
+                new java.security.PrivilegedAction ()
+                {
+                    public Object run ()
+                    {
+                        return s_handler.readValue( thisStream, offset, clz, repo_id,
+                              sendingCtxt );
+                    }
+                } );
         }
         return result;
     }



