[
https://issues.apache.org/jira/browse/LOG4J2-1820?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15891116#comment-15891116
]
Jason Tedor commented on LOG4J2-1820:
-------------------------------------
The metadata is applied properly with {{git am}}:
{code}
16:44:00 [jason:~/src/apache/logging-log4j2] master(-1)+* ± git log
--pretty=oneline | head -1
9ec88e21312c892c25c01caab42d936d3a299736 [LOG4J2-1831] NullPointerException in
HtmlLayout. Add due-to.
16:44:06 [jason:~/src/apache/logging-log4j2] master(-1)+* ± git am
~/0002-Handle-security-exception-on-getting-class-loader.patch
Applying: Handle security exception on getting class loader
16:44:09 [jason:~/src/apache/logging-log4j2] master(+1/-1)+* ± git log
master^..master
commit b518205ff661941d59f554a71744b6bd15e41c0b
Author: Jason Tedor <[email protected]>
Date: Fri Feb 17 16:12:27 2017 -0500
Handle security exception on getting class loader
When logging a stack trace, Log4j attempts to get the class loader for
the caller class. If it does not have permissions to get this class
loader, a security exception will be thrown. Log4j does not handle this
exception and this exception unwinds to the caller. This causes the
original exception to be lost, and can even unwind the JVM. This commit
fixes this by treating the class loader as unavailable in this
case. This preserves the original exception.
{code}
{quote}
It's easier to apply that properly as a pull request.
{quote}
I don't think this project accepts pull requests, is that correct?
> Log4j 2.8 can lose exceptions when a security manager is present
> ----------------------------------------------------------------
>
> Key: LOG4J2-1820
> URL: https://issues.apache.org/jira/browse/LOG4J2-1820
> Project: Log4j 2
> Issue Type: Bug
> Affects Versions: 2.8
> Reporter: Jason Tedor
> Assignee: Gary Gregory
> Fix For: 2.8.2
>
> Attachments:
> 0001-Handle-security-exception-on-getting-class-loader.patch,
> 0002-Handle-security-exception-on-getting-class-loader.patch
>
>
> When Log4j is rendering an exception, it can attempt to access a class loader
> that it does not have permissions to access when a security manager is
> present.
> I have a patch and a failing test case for this; I will submit it shortly.
> This is similar to LOG4J2-1560.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
