End of an ERA!!!!!

The crowd @ Arthur Ashe Stadium came to an standstill yesterday when the legendary Agassi was knocked out of the US open by very little known Becker(this case the firstname is Benjamin and not Boris ;)).

  

It was an emotional and tearful exit for Agassi, who has been in the circuit for the last 21 years. The 36-year-old tennis legend is one of the only five men to have won all four Grand Slam tournaments. He also shares the record of winning the Davis Cup, Olympics and the Masters along with his wife Steffi.

Personally I felt really sad for Andre and would have been great atleast if had reached the semis. He was one of the reason for me to closely follow this game. He was not only fashionable but also brings so much energy which I will always miss from now on.

The following is a excerpt from his farewell speech :

“The scoreboard said I lost today, but what the scoreboard doesn’t say is what it is I’ve found,” Agassi told the crowd, tears streaming down his cheeks, his voice cracking with emotion. “Over the last 21 years, I’ve found loyalty. You have pulled for me on the court and also in life. I have found inspiration. You have willed me to succeed sometimes even in my lowest moments.”

Surely the world will miss one of the greatest legend to have ever played the game.


- Gannu.

The clay master downs the emperor!!!!

This week again saw one of the astonishing tennis display between none other than the tennis new sensation Rafael Nadal and Roger Federer. Federer again couldnt break his clay jinx and went down to Nadal in four sets 6-2, 6-7(2), 6-3, 7-6(5) in a 3 hour-49 minute thriller. Nadal has won the championship for the second consecutive year.




Nadal took advantage of Federer's slow start in the first to win the set and used the momentum to break the Swiss' serve early in the second. Serving for the set at 5-4, Nadal couldn't overcome the aggressive game of Federer, who later claimed the set with a comfortable 7-2 score in the tie-break.

Nadal continued to move Federer with his powerful baseline game and claimed the third set 6-3. In the fourth set, Federer couldn't match the Spaniard's intensity and was down two breaks. He fought back to take the set to an exciting tie-break. Federer got off to a great start taking a 3-0 lead but Nadal claimed the next four points and clinched the match on his first opportunity serving at 6-5 with a forehand winner.

Sachin.. Sachin... Sachin!!!!!!!

Check out this video showing the heroics of the master blaster in the last worldcup.

Hack Any Java Class using Reflection!!!!

Ever wondered what evil power can be unleashed when using reflection? Do you think private methods are really only accessible from within the declaring class? Do you think that a private field can only be modified from within the declaring class? No? That's what I thought!! In this blog, I will try to demonstrate that it is always important to correctly set the security properties of your applications. For instance, let's look at the following example where we successfully retrieve a private password from another class:


1. class A {
2. private static String getPassword() {
3. return "someHighlyPreciousPassword";
4. }
5. }
6.
7. public class Test {
8. public static void main(String[] args) throws Exception {
9. Class cl = Class.forName("A");
10. java.lang.reflect.Method[] m = cl.getDeclaredMethods();
11. m[0].setAccessible(true);
12. String password = (String) m[0].invoke(null, null);
13. System.out.println("I got it:" + password);
14. }
15.}




Output:
I got it: someHighlyPreciousPassword



Ok, the example is not really sexy. Let's mess up a class that implements the Singleton pattern. In the normal case, a singleton object is supposed to be the only instance of a given class. To achieve this, we usually declare the class constructor private, so that no one can invoke it. Well, as demonstrated below, with reflection we can bypass this restriction and create a second "singleton object".



1. class A {
2. public static final A singleton = new A("I'm the only instance of class A");
3. private String name;
4. private A(String name) {
5. this.name = name;
6. }
7. public String toString() {
8. return this.name;
9. }
10. }
11.
12. public class Test {
13. public static void main(String[] args) throws Exception {
14. Class cl = Class.forName("A");
15. java.lang.reflect.Constructor[] c = cl.getDeclaredConstructors();
16. c[0].setAccessible(true);
17. A anotherA = (A) c[0].newInstance(new Object[]{"Not anymore!!"});
18. System.out.println(A.singleton);
19. System.out.println(anotherA);
20. }
21. }






Output:
I'm the only instance of class A
Not anymore!!



Using this technique, you can create an instance of any non-abstract class, even if all its constructors are declared private. For instance, below we create an instance of the Math class even though it is useless since the Math class has no instance method. Still, it is possible to do it.



1. public class Test {
2. public static void main(String[] args) throws Exception {
3. Class cl = Class.forName("java.lang.Math");
4. java.lang.reflect.Constructor[] c = cl.getDeclaredConstructors();
5. c[0].setAccessible(true);
6. Math mathInstance = (Math) c[0].newInstance(null);
7. System.out.println(mathInstance);
8. }
9. }




Output:
java.lang.Math@1cde100


Finally, let's mess with the Runtime class which has one private static field for storing the current Runtime instance. This is another example of a badly implemented singleton class. Let's look at the code below. We first retrieve the current runtime object and display it (3-4). Then, we set the Runtime.currentRuntime static field to null, which means that all successive calls to Runtime.getRuntime() will yield null (6-9) since currentRuntime is initialized at class loading time. We then get the currentRuntime field again and display its value (11-12). And finally, we try to use the current runtime to execute a command for displaying the content of the current directory (14). The output talks for itself.


1. public class Test {
2. public static void main(String[] args) throws Exception {
3. Runtime r = Runtime.getRuntime();
4. System.out.println("Before: Runtime.getRuntime() yields " + r);
5.
6. Class cl = Class.forName("java.lang.Runtime");
7. java.lang.reflect.Field f = cl.getDeclaredField("currentRuntime");
8. f.setAccessible(true);
9. f.set(null, null);
10.
11. r = Runtime.getRuntime();
12. System.out.println("After: Runtime.getRuntime() yields " + r);
13.
14. r.exec("dir"); //raises NullPointerException!!

15. }
16. }




Output:
Before: Runtime.getRuntime() yields java.lang.Runtime@cac268
After: Runtime.getRuntime() yields null
Exception in thread "main" java.lang.NullPointerException
at Test.main(Test.java:59)


All this could have been avoided if the currentRuntime field had been declared final. Nothing prevents setAccessible(true) to be called on the field (8) but when the set(null, null) method is called, IllegalAccessException is thrown with the message "Field is final".

I'm pretty sure that there is a huge amount of code out there that could be broken this way. Watch out!!
Bottom line: singleton fields should always be declared private static final!!! Moreover, make sure you never grant ReflectPermission and RuntimePermission.accessDeclaredMembers in the java.policy file of your production code.

- Gannu.

A wonderful article

Mutual Authentication for Web Services: A Live Example

- Gannu.

Quote Of the Day!!!!

Just came across this one...........

"Danish Kaneria is no Shane Warne, [but] he does at least have a googly which - in terms of being able to read it - was sent down in Urdu to England's batsmen"
The Daily Telegraph's Martin Johnson watches England collapse at Multan

- Gannu.

After long time!!!!

Hmmmmmmmm......... after a long time, i just thought peeping into my blog.... was busy all days but no excuse :)

Last month one of my ex-colleague from Germany visited me n my frnds ...we roamed around Hyderabad and had fun :)

Some of the photos from his visit...



At my old chennai office thats Claus,Prashant and Bala (From Left)



Again thats Faris, Prashant,Prakash,Claus,Sathya (From Left)



Thats Me, Seshu and Siva (From Left)



Thats Siva,Claus and Me @ Prasadz (From Left)



@ Seshu's Office



@ Charminar

- Gannu