jeudi 29 juin 2017

Fix PrivilegeEscalation in java code

I am scanning my project using IBM AppScan tool. It returning PrivilegeEscalation error. I am not able to find the solution.

The error showing the below two lines

String value1 = method.invoke(class.cast(object1)).toString(); String value2 = method.invoke(class.cast(object2)).toString();

Java Code:

import java.util.Comparator;
import java.lang.reflect.Method
public class TestComparator implements Comparator {

private Class class;
 public TestComparator(Class class,String methodName){
    this.class = class;
    this.methodName = methodName;
}

public int compare(Object object1, Object object2) {
    try{
        Method method =class.getMethod(("get"+methodName));
        String value1 = method.invoke(class.cast(object1)).toString();
        String value2 = method.invoke(class.cast(object2)).toString();
        return value2.compareTo(value1);
    }catch(Exception ex){
        //  ex.printStackTrace();
    }
    return 0;
}}





Aucun commentaire:

Enregistrer un commentaire