/*
* Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package jdk.nashorn.api.scripting.test;
import static org.testng.Assert.fail;
import java.lang.reflect.InvocationHandler;
import java.lang.reflect.Method;
import java.lang.reflect.Proxy;
import javax.script.ScriptEngine;
import javax.script.ScriptEngineManager;
import javax.script.ScriptException;
import jdk.nashorn.api.scripting.ClassFilter;
import jdk.nashorn.api.scripting.NashornScriptEngineFactory;
import org.testng.annotations.Test;
/**
* jsr223 tests for security access checks.
*
* @test
* @run testng/othervm jdk.nashorn.api.scripting.test.ScriptEngineSecurityTest
*/
@SuppressWarnings("javadoc")
public class ScriptEngineSecurityTest {
private static void log(final String msg) {
org.testng.Reporter.log(msg, true);
}
@Test
public void securityPackagesTest() {
if (System.getSecurityManager() == null) {
// pass vacuously
return;
}
final ScriptEngineManager m = new ScriptEngineManager();
final ScriptEngine e = m.getEngineByName("nashorn");
try {
e.eval("var v = Packages.sun.misc.Unsafe;");
fail("should have thrown SecurityException");
} catch (final Exception exp) {
if (exp instanceof SecurityException) {
log("got " + exp + " as expected");
} else {
fail(exp.getMessage());
}
}
}
@Test
public void securityJavaTypeTest() {
if (System.getSecurityManager() == null) {
// pass vacuously
return;
}
final ScriptEngineManager m = new ScriptEngineManager();
final ScriptEngine e = m.getEngineByName("nashorn");
try {
e.eval("var v = Java.type('sun.misc.Unsafe');");
fail("should have thrown SecurityException");
} catch (final Exception exp) {
if (exp instanceof SecurityException) {
log("got " + exp + " as expected");
} else {
fail(exp.getMessage());
}
}
}
@Test
public void securityClassForNameTest() {
if (System.getSecurityManager() == null) {
// pass vacuously
return;
}
final ScriptEngineManager m = new ScriptEngineManager();
final ScriptEngine e = m.getEngineByName("nashorn");
try {
e.eval("var v = java.lang.Class.forName('sun.misc.Unsafe');");
fail("should have thrown SecurityException");
} catch (final Exception exp) {
if (exp instanceof SecurityException) {
log("got " + exp + " as expected");
} else {
fail(exp.getMessage());
}
}
}
@Test
public void securitySystemExit() {
if (System.getSecurityManager() == null) {
// pass vacuously
return;
}
final ScriptEngineManager m = new ScriptEngineManager();
final ScriptEngine e = m.getEngineByName("nashorn");
try {
e.eval("java.lang.System.exit(0);");
fail("should have thrown SecurityException");
} catch (final Exception exp) {
if (exp instanceof SecurityException) {
log("got " + exp + " as expected");
} else {
fail(exp.getMessage());
}
}
}
@Test
public void securitySystemExitFromFinalizerThread() throws ScriptException {
if (System.getSecurityManager() == null) {
// pass vacuously
return;
}
final ScriptEngineManager m = new ScriptEngineManager();
final ScriptEngine e = m.getEngineByName("nashorn");
e.eval("var o = Java.extend(Java.type('javax.imageio.spi.ServiceRegistry'), { deregisterAll: this.exit.bind(null, 1234)});\n" +
"new o(new java.util.ArrayList().iterator())");
System.gc();
System.runFinalization();
// NOTE: this test just exits the VM if it fails.
}
@Test
public void securitySystemLoadLibrary() {
if (System.getSecurityManager() == null) {
// pass vacuously
return;
}
final ScriptEngineManager m = new ScriptEngineManager();
final ScriptEngine e = m.getEngineByName("nashorn");
try {
e.eval("java.lang.System.loadLibrary('foo');");
fail("should have thrown SecurityException");
} catch (final Exception exp) {
if (exp instanceof SecurityException) {
log("got " + exp + " as expected");
} else {
fail(exp.getMessage());
}
}
}
// @bug 8032948: Nashorn linkages awry
@SuppressWarnings({ "serial", "deprecation" })
public static class FakeProxy extends Proxy {
public FakeProxy(final InvocationHandler ih) {
super(ih);
}
public static Class<?> makeProxyClass(final ClassLoader cl, final Class<?>... ifaces) {
return Proxy.getProxyClass(cl, ifaces);
}
}
@Test
public void fakeProxySubclassAccessCheckTest() {
if (System.getSecurityManager() == null) {
// pass vacuously
return;
}
final ScriptEngineManager m = new ScriptEngineManager();
final ScriptEngine e = m.getEngineByName("nashorn");
e.put("name", ScriptEngineSecurityTest.class.getName());
e.put("cl", ScriptEngineSecurityTest.class.getClassLoader());
e.put("intfs", new Class[] { Runnable.class });
final String getClass = "Java.type(name + '$FakeProxy').getProxyClass(cl, intfs);";
// Should not be able to call static methods of Proxy via fake subclass
try {
e.eval(getClass);
fail("should have thrown SecurityException");
} catch (final Exception exp) {
if (! (exp instanceof SecurityException)) {
fail("SecurityException expected, got " + exp);
}
}
}
@Test
public void fakeProxySubclassAccessCheckTest2() {
if (System.getSecurityManager() == null) {
// pass vacuously
return;
}
final ScriptEngineManager m = new ScriptEngineManager();
final ScriptEngine e = m.getEngineByName("nashorn");
e.put("name", ScriptEngineSecurityTest.class.getName());
e.put("cl", ScriptEngineSecurityTest.class.getClassLoader());
e.put("intfs", new Class[] { Runnable.class });
final String getClass = "Java.type(name + '$FakeProxy').makeProxyClass(cl, intfs);";
// Should not be able to call static methods of Proxy via fake subclass
try {
e.eval(getClass);
fail("should have thrown SecurityException");
} catch (final Exception exp) {
if (! (exp instanceof SecurityException)) {
fail("SecurityException expected, got " + exp);
}
}
}
@Test
public static void proxyStaticAccessCheckTest() {
if (System.getSecurityManager() == null) {
// pass vacuously
return;
}
final ScriptEngineManager m = new ScriptEngineManager();
final ScriptEngine e = m.getEngineByName("nashorn");
final Runnable r = (Runnable)Proxy.newProxyInstance(
ScriptEngineSecurityTest.class.getClassLoader(),
new Class[] { Runnable.class },
new InvocationHandler() {
@Override
public Object invoke(final Object p, final Method mtd, final Object[] a) {
return null;
}
});
e.put("rc", r.getClass());
e.put("cl", ScriptEngineSecurityTest.class.getClassLoader());
e.put("intfs", new Class[] { Runnable.class });
// make sure static methods of Proxy is not accessible via subclass
try {
e.eval("rc.static.getProxyClass(cl, intfs)");
fail("Should have thrown SecurityException");
} catch (final Exception exp) {
if (! (exp instanceof SecurityException)) {
fail("SecurityException expected, got " + exp);
}
}
}
@Test
public void nashornConfigSecurityTest() {
if (System.getSecurityManager() == null) {
// pass vacuously
return;
}
final NashornScriptEngineFactory fac = new NashornScriptEngineFactory();
try {
fac.getScriptEngine(new ClassFilter() {
@Override
public boolean exposeToScripts(final String name) {
return true;
}
});
fail("SecurityException should have been thrown");
} catch (final SecurityException e) {
//empty
}
}
@Test
public void nashornConfigSecurityTest2() {
if (System.getSecurityManager() == null) {
// pass vacuously
return;
}
final NashornScriptEngineFactory fac = new NashornScriptEngineFactory();
try {
fac.getScriptEngine(new String[0], null, new ClassFilter() {
@Override
public boolean exposeToScripts(final String name) {
return true;
}
});
fail("SecurityException should have been thrown");
} catch (final SecurityException e) {
//empty
}
}
}