Uploaded image for project: 'Hibernate ORM'
  1. HHH-12614

Protection domain ignored when enhancing+loading classes with ByteBuddy

    Details

    • Bug Testcase Reminder (view):

      Bug reports should generally be accompanied by a test case!

    • Last commented by a user?:
      true
    • Sprint:

      Description

      The issue was initially reported here: https://discourse.hibernate.org/t/securityexception-with-bytebuddy-and-signed-application-jars/816 .

      At the moment, we use a static field ByteBuddyState#loadingStrategy which is defined as new ClassLoadingStrategy.ForUnsafeInjection().

      See https://github.com/hibernate/hibernate-orm/blob/master/hibernate-core/src/main/java/org/hibernate/proxy/pojo/bytebuddy/ByteBuddyProxyFactory.java#L116 for an example of usage.

      This doesn't work correctly if there is a protection domain for the original class as it gets totally ignored, whereas ByteBuddy provides a way to have a protection domain for the ClassLoadingStrategy.

      For more details, Rafael provided us some hints about how to address it:

      https://twitter.com/rafaelcodes/status/999028811692937216

      https://twitter.com/rafaelcodes/status/999043409666019330

        Attachments

          Issue links

            Activity

              People

              • Assignee:
                gsmet Guillaume Smet
                Reporter:
                gsmet Guillaume Smet
                Participants:
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: