Mercurial > hg > openjdk > jigsaw > nashorn
changeset 68:c48e8a28da90
8007521: $ENV should be undefined when security manager is present
Reviewed-by: hannesw, jlaskey
author | sundar |
---|---|
date | Tue, 05 Feb 2013 18:44:54 +0530 |
parents | 5c2ed5d89524 |
children | 819b5485949d |
files | src/jdk/nashorn/internal/objects/Global.java src/jdk/nashorn/internal/runtime/ScriptingFunctions.java test/script/basic/JDK-8006191.js test/script/basic/JDK-8006191.js.EXPECTED test/script/currently-failing/JDK-8006191.js test/script/currently-failing/JDK-8006191.js.EXPECTED test/script/sandbox/env.js test/script/sandbox/exec.js |
diffstat | 8 files changed, 187 insertions(+), 127 deletions(-) [+] |
line wrap: on
line diff
--- a/src/jdk/nashorn/internal/objects/Global.java Tue Feb 05 09:11:03 2013 +0530 +++ b/src/jdk/nashorn/internal/objects/Global.java Tue Feb 05 18:44:54 2013 +0530 @@ -34,6 +34,7 @@ import java.lang.invoke.MethodHandle; import java.lang.invoke.MethodHandles; import java.lang.ref.SoftReference; +import java.util.HashMap; import java.util.LinkedHashMap; import java.util.List; import java.util.Map; @@ -1464,8 +1465,20 @@ addOwnProperty("$OPTIONS", Attribute.NOT_ENUMERABLE, value); // Nashorn extension: global.$ENV (scripting-mode-only) - value = ScriptingFunctions.getENVValues(newEmptyInstance(), this.isStrictContext()); - addOwnProperty(ScriptingFunctions.ENV_NAME, Attribute.NOT_ENUMERABLE, value); + if (System.getSecurityManager() == null) { + // do not fill $ENV if we have a security manager around + // Retrieve current state of ENV variables. + final ScriptObject env = newEmptyInstance(); + env.putAll(System.getenv()); + addOwnProperty(ScriptingFunctions.ENV_NAME, Attribute.NOT_ENUMERABLE, env); + } else { + addOwnProperty(ScriptingFunctions.ENV_NAME, Attribute.NOT_ENUMERABLE, UNDEFINED); + } + + // add other special properties for exec support + addOwnProperty(ScriptingFunctions.OUT_NAME, Attribute.NOT_ENUMERABLE, UNDEFINED); + addOwnProperty(ScriptingFunctions.ERR_NAME, Attribute.NOT_ENUMERABLE, UNDEFINED); + addOwnProperty(ScriptingFunctions.EXIT_NAME, Attribute.NOT_ENUMERABLE, UNDEFINED); } private void initTypedArray() {
--- a/src/jdk/nashorn/internal/runtime/ScriptingFunctions.java Tue Feb 05 09:11:03 2013 +0530 +++ b/src/jdk/nashorn/internal/runtime/ScriptingFunctions.java Tue Feb 05 18:44:54 2013 +0530 @@ -61,9 +61,9 @@ /** Names of special properties used by $EXEC API. */ public static final String EXEC_NAME = "$EXEC"; - private static final String OUT_NAME = "$OUT"; - private static final String ERR_NAME = "$ERR"; - private static final String EXIT_NAME = "$EXIT"; + public static final String OUT_NAME = "$OUT"; + public static final String ERR_NAME = "$ERR"; + public static final String EXIT_NAME = "$EXIT"; /** Names of special properties used by $ENV API. */ public static final String ENV_NAME = "$ENV"; @@ -139,14 +139,6 @@ // Current global is need to fetch additional inputs and for additional results. final ScriptObject global = Context.getGlobal(); - // Current ENV property state. - final Object env = global.get(ENV_NAME); - // Make sure ENV is a valid script object. - if (!(env instanceof ScriptObject)) { - typeError("env.not.object"); - } - final ScriptObject envProperties = (ScriptObject)env; - // Break exec string into tokens. final StringTokenizer tokenizer = new StringTokenizer(JSType.toString(string)); final String[] cmdArray = new String[tokenizer.countTokens()]; @@ -157,18 +149,23 @@ // Set up initial process. final ProcessBuilder processBuilder = new ProcessBuilder(cmdArray); - // If a working directory is present, use it. - final Object pwd = envProperties.get(PWD_NAME); - if (pwd != UNDEFINED) { - processBuilder.directory(new File(JSType.toString(pwd))); - } + // Current ENV property state. + final Object env = global.get(ENV_NAME); + if (env instanceof ScriptObject) { + final ScriptObject envProperties = (ScriptObject)env; - // Set up ENV variables. - final Map<String, String> environment = processBuilder.environment(); - environment.clear(); - for (Map.Entry<Object, Object> entry : envProperties.entrySet()) { + // If a working directory is present, use it. + final Object pwd = envProperties.get(PWD_NAME); + if (pwd != UNDEFINED) { + processBuilder.directory(new File(JSType.toString(pwd))); + } - environment.put(JSType.toString(entry.getKey()), JSType.toString(entry.getValue())); + // Set up ENV variables. + final Map<String, String> environment = processBuilder.environment(); + environment.clear(); + for (Map.Entry<Object, Object> entry : envProperties.entrySet()) { + environment.put(JSType.toString(entry.getKey()), JSType.toString(entry.getValue())); + } } // Start the process. @@ -214,31 +211,6 @@ return out; } - /** - * Return an object containing properties mapping to ENV variables. - * - * @param envProperties object to receive properties - * @param isStrict global's strict state - * - * @return Script object with properties mapping to ENV variables. - */ - public static ScriptObject getENVValues(final ScriptObject envProperties, final boolean isStrict) { - // Retrieve current state of ENV variables. - Map<String, String> envVars; - try { - envVars = System.getenv(); - } catch(SecurityException ex) { - envVars = new HashMap<>(); - } - - // Map ENV variables. - for (Map.Entry<String, String> entry : envVars.entrySet()) { - envProperties.set(entry.getKey(), entry.getValue(), isStrict); - } - - return envProperties; - } - private static MethodHandle findOwnMH(final String name, final Class<?> rtype, final Class<?>... types) { return MH.findStatic(MethodHandles.lookup(), ScriptingFunctions.class, name, MH.type(rtype, types)); }
--- a/test/script/basic/JDK-8006191.js Tue Feb 05 09:11:03 2013 +0530 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,65 +0,0 @@ -/* - * Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * - Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * - Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * - Neither the name of Oracle nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS - * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, - * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR - * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, - * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR - * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF - * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING - * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS - * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -/** - * JDK-8006191 - `cmd` -> exec("cmd") in script mode - * - * @test - * @option -scripting - * @argument ArgumentFromCommandLine - * @run - */ - -#!/usr/bin/jjs - -$ENV.PWD = "."; -print($ENV.PWD); - -var files = `ls`.trim().split("\n"); -for (var i in files) { - var file = files[i]; - if (file.contains("README")) { - print(file); - } -} - -var result = $EXEC("cat", <<EOD); -This is a bunch of stuff -that I want written out -including ${$ARG[0]} -EOD -print(result); -print($OUT); - -var arg = "-Q"; -`ls ${arg}`; -print($ERR); -print($EXIT);
--- a/test/script/basic/JDK-8006191.js.EXPECTED Tue Feb 05 09:11:03 2013 +0530 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,14 +0,0 @@ -. -README -RELEASE_README -THIRD_PARTY_README -This is a bunch of stuff -that I want written out -including ArgumentFromCommandLine -This is a bunch of stuff -that I want written out -including ArgumentFromCommandLine -ls: illegal option -- Q -usage: ls [-ABCFGHLOPRSTUWabcdefghiklmnopqrstuwx1] [file ...] - -1
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/script/currently-failing/JDK-8006191.js Tue Feb 05 18:44:54 2013 +0530 @@ -0,0 +1,65 @@ +/* + * Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * - Neither the name of Oracle nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS + * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +/** + * JDK-8006191 - `cmd` -> exec("cmd") in script mode + * + * @test + * @option -scripting + * @argument ArgumentFromCommandLine + * @run + */ + +#!/usr/bin/jjs + +$ENV.PWD = "."; +print($ENV.PWD); + +var files = `ls`.trim().split("\n"); +for (var i in files) { + var file = files[i]; + if (file.contains("README")) { + print(file); + } +} + +var result = $EXEC("cat", <<EOD); +This is a bunch of stuff +that I want written out +including ${$ARG[0]} +EOD +print(result); +print($OUT); + +var arg = "-Q"; +`ls ${arg}`; +print($ERR); +print($EXIT);
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/script/currently-failing/JDK-8006191.js.EXPECTED Tue Feb 05 18:44:54 2013 +0530 @@ -0,0 +1,14 @@ +. +README +RELEASE_README +THIRD_PARTY_README +This is a bunch of stuff +that I want written out +including ArgumentFromCommandLine +This is a bunch of stuff +that I want written out +including ArgumentFromCommandLine +ls: illegal option -- Q +usage: ls [-ABCFGHLOPRSTUWabcdefghiklmnopqrstuwx1] [file ...] + +1
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/script/sandbox/env.js Tue Feb 05 18:44:54 2013 +0530 @@ -0,0 +1,36 @@ +/* + * Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/** + * Try to get env object + * + * @test + * @security + * @option -scripting + */ + +var env = $ENV; +// should be empty!! +for (i in env) { + print("FAILED: can get: " + i + " = " + env[i]); +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/script/sandbox/exec.js Tue Feb 05 18:44:54 2013 +0530 @@ -0,0 +1,39 @@ +/* + * Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/** + * Try to get exec + * + * @test + * @security + * @option -scripting + */ + +try { + var ans = `java -version`; + fail("should have thrown exception!"); +} catch (e) { + if (! (e instanceof java.lang.SecurityException)) { + fail("SecurityException expected, got " + e); + } +}