From 99d10947b090364cd12d6e9e8bc9b68915409c1e Mon Sep 17 00:00:00 2001
From: mullan <unknown>
Date: Mon, 1 Nov 2010 11:32:50 -0400
Subject: [PATCH] 6994263: Untrusted code can replace JRE's XML DSig Transform
 or C14N algorithm implementations Reviewed-by: xuelei

---
 .../xml/internal/security/transforms/Transform.java      | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/Transform.java b/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/Transform.java
index 27fcaac0a..74713133a 100644
--- a/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/Transform.java
+++ b/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/Transform.java
@@ -210,6 +210,8 @@ public final class Transform extends SignatureElementProxy {
     public static void init() {
         if (!alreadyInitialized) {
             transformClassHash = new HashMap(10);
+            // make sure builtin algorithms are all registered first
+            com.sun.org.apache.xml.internal.security.Init.init();
             alreadyInitialized = true;
         }
     }
@@ -236,12 +238,7 @@ public final class Transform extends SignatureElementProxy {
                "algorithm.alreadyRegistered", exArgs);
         }
 
-        ClassLoader cl = (ClassLoader) AccessController.doPrivileged(
-            new PrivilegedAction() {
-                public Object run() {
-                    return Thread.currentThread().getContextClassLoader();
-                }
-            });
+        ClassLoader cl = Thread.currentThread().getContextClassLoader();
 
         try {
             transformClassHash.put
-- 
GitLab