Fix use of AccessController in LoaderUtil

jvz · jvz · commit 8255ffad43d0 · 2023-12-29T14:55:15.000-06:00
This fixes issue #2129 where `AccessController::doPrivileged` is needlessly invoked when no `SecurityManager` is installed.
diff --git a/log4j-api/src/main/java/org/apache/logging/log4j/util/LoaderUtil.java b/log4j-api/src/main/java/org/apache/logging/log4j/util/LoaderUtil.java
@@ -65,13 +65,10 @@ public final class LoaderUtil {
             } catch (final SecurityException ignored) {
                 try {
                     // let's see if we can obtain that permission
-                    AccessController.doPrivileged(
-                            (PrivilegedAction<Void>) () -> {
-                                AccessController.checkPermission(GET_CLASS_LOADER);
-                                return null;
-                            },
-                            null,
-                            GET_CLASS_LOADER);
+                    runPrivilegedActionWithGetClassLoaderPermission((PrivilegedAction<Void>) () -> {
+                        AccessController.checkPermission(GET_CLASS_LOADER);
+                        return null;
+                    });
                     getClassLoaderDisabled = false;
                 } catch (final SecurityException ignore) {
                     // no chance
@@ -108,7 +105,7 @@ public static ClassLoader getClassLoader(final Class<?> class1, final Class<?> c
             }
             return isChild(loader1, loader2) ? loader1 : loader2;
         };
-        return AccessController.doPrivileged(action, null, GET_CLASS_LOADER);
+        return runActionInvolvingGetClassLoaderPermission(action);
     }
 
     /**
@@ -143,22 +140,29 @@ private static boolean isChild(final ClassLoader loader1, final ClassLoader load
      * @return the current thread's ClassLoader, a fallback loader, or null if no fallback can be determined
      */
     public static ClassLoader getThreadContextClassLoader() {
-        if (GET_CLASS_LOADER_DISABLED) {
-            // we can at least get this class's ClassLoader regardless of security context
-            // however, if this is null, there's really no option left at this point
-            try {
-                return getThisClassLoader();
-            } catch (final SecurityException ignored) {
-                return null;
-            }
+        try {
+            return GET_CLASS_LOADER_DISABLED
+                    ? getThisClassLoader()
+                    : runActionInvolvingGetClassLoaderPermission(TCCL_GETTER);
+        } catch (final SecurityException ignored) {
+            return null;
         }
-        return AccessController.doPrivileged(TCCL_GETTER, null, GET_CLASS_LOADER);
     }
 
     private static ClassLoader getThisClassLoader() {
         return LoaderUtil.class.getClassLoader();
     }
 
+    private static <T> T runActionInvolvingGetClassLoaderPermission(final PrivilegedAction<T> action) {
+        return System.getSecurityManager() != null
+                ? runPrivilegedActionWithGetClassLoaderPermission(action)
+                : action.run();
+    }
+
+    private static <T> T runPrivilegedActionWithGetClassLoaderPermission(final PrivilegedAction<T> action) {
+        return AccessController.doPrivileged(action, null, GET_CLASS_LOADER);
+    }
+
     private static class ThreadContextClassLoaderGetter implements PrivilegedAction<ClassLoader> {
         @Override
         public ClassLoader run() {
diff --git a/src/changelog/.2.x.x/fix_security_manager_use_in_LoaderUtil.xml b/src/changelog/.2.x.x/fix_security_manager_use_in_LoaderUtil.xml
@@ -0,0 +1,27 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  ~ Licensed to the Apache Software Foundation (ASF) under one or more
+  ~ contributor license agreements.  See the NOTICE file distributed with
+  ~ this work for additional information regarding copyright ownership.
+  ~ The ASF licenses this file to you under the Apache License, Version 2.0
+  ~ (the "License"); you may not use this file except in compliance with
+  ~ the License.  You may obtain a copy of the License at
+  ~
+  ~      http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing, software
+  ~ distributed under the License is distributed on an "AS IS" BASIS,
+  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  ~ See the License for the specific language governing permissions and
+  ~ limitations under the License.
+  -->
+<entry xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xmlns="http://logging.apache.org/log4j/changelog"
+       xsi:schemaLocation="http://logging.apache.org/log4j/changelog https://logging.apache.org/log4j/changelog-0.1.2.xsd"
+       type="fixed">
+  <issue id="2129" link="https://github.com/apache/logging-log4j2/issues/2129"/>
+  <description format="asciidoc">
+    Fixed use of `SecurityManager` in `LoaderUtil` where `AccessController::doPrivileged` should only be invoked when
+    a `SecurityManager` is installed. Some runtimes do not seem to have this method available.
+  </description>
+</entry>
