Community
Products
Jira
Questions
Access Specifier Manipulation issue reported by Fortify in Struts 1.x

Access Specifier Manipulation issue reported by Fortify in Struts 1.x

Hello,

Need help to resolve A6 Security Misconfiguration issue reported by fortify tool.

Detail below:

ProductTypeDetails2.java, line 130 (Access Specifier Manipulation)

The call to method setAccessible() on line 130 changes an access specifier.

128 //
System.out.println("oSuperFields["+i+"].isAccessible()="+oSuperFields[i].isAccessible(
));
129 if(!oSuperFields[i].isAccessible())
130 oSuperFields[i].setAccessible(true);
131 oSuperFieldObj = oSuperFields[i].get(this);
132 } catch (IllegalAccessException e) {

The method holding above code snippet is "Private"

Please provide suitable solution if any. Thanks in advance. :)

2 answers

0 votes

If you use Spring, you can use ReflectionUtils.makeAccessible(field) to make that field accessible. Fortify does not complain about this

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

0 votes

Upgrade to a version of Jira that no longer uses struts (it has not for quite a while!)

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Forums

Product Q&A

Community resources

Support

Top groups

Community resources

Support

Learn

Community resources

Support

Events

Community resources

Support

Access Specifier Manipulation issue reported by Fortify in Struts 1.x

2 answers

Suggest an answer

Was this helpful?

Thanks!

TAGS

Community showcase

Atlassian Community Events