Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Access Specifier Manipulation issue reported by Fortify in Struts 1.x

Ash
Ash April 2, 2019

Hello,

Need help to resolve A6 Security Misconfiguration issue reported by fortify tool.

Detail below:

ProductTypeDetails2.java, line 130 (Access Specifier Manipulation)

The call to method setAccessible() on line 130 changes an access specifier.

128 //
System.out.println("oSuperFields["+i+"].isAccessible()="+oSuperFields[i].isAccessible(
));
129 if(!oSuperFields[i].isAccessible())
130 oSuperFields[i].setAccessible(true);
131 oSuperFieldObj = oSuperFields[i].get(this);
132 } catch (IllegalAccessException e) {

The method holding above code snippet is "Private"

Please provide suitable solution if any. Thanks in advance. :) 

Answer
Watch
Like Be the first to like this
3145 views

2 answers

0 votes
Saoji Adhe
Saoji Adhe February 23, 2021

If you use Spring, you can use ReflectionUtils.makeAccessible(field) to make that field accessible. Fortify does not complain about this 

Reply
0 votes
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
April 5, 2019

Upgrade to a version of Jira that no longer uses struts (it has not for quite a while!)

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events