test/src/jdk/nashorn/api/scripting/test/ScriptEngineSecurityTest.java - platform/external/jetbrains/jdk8u_nashorn - Git at Google

 /*
  * Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
  * under the terms of the GNU General Public License version 2 only, as
  * published by the Free Software Foundation.  Oracle designates this
  * particular file as subject to the "Classpath" exception as provided
  * by Oracle in the LICENSE file that accompanied this code.
  *
  * This code is distributed in the hope that it will be useful, but WITHOUT
  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  * version 2 for more details (a copy is included in the LICENSE file that
  * accompanied this code).
  *
  * You should have received a copy of the GNU General Public License version
  * 2 along with this work; if not, write to the Free Software Foundation,
  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  *
  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  * or visit www.oracle.com if you need additional information or have any
  * questions.
  */

 package jdk.nashorn.api.scripting.test;

 import static org.testng.Assert.fail;
 import java.lang.reflect.InvocationHandler;
 import java.lang.reflect.Method;
 import java.lang.reflect.Proxy;
 import javax.script.ScriptEngine;
 import javax.script.ScriptEngineManager;
 import javax.script.ScriptException;
 import jdk.nashorn.api.scripting.ClassFilter;
 import jdk.nashorn.api.scripting.NashornScriptEngineFactory;
 import org.testng.annotations.Test;

 /**
  * jsr223 tests for security access checks.
  */
 @SuppressWarnings("javadoc")
 public class ScriptEngineSecurityTest {

     private static void log(final String msg) {
         org.testng.Reporter.log(msg, true);
     }

     @Test
     public void securityPackagesTest() {
         if (System.getSecurityManager() == null) {
             // pass vacuously
             return;
         }

         final ScriptEngineManager m = new ScriptEngineManager();
         final ScriptEngine e = m.getEngineByName("nashorn");
         try {
             e.eval("var v = Packages.sun.misc.Unsafe;");
             fail("should have thrown SecurityException");
         } catch (final Exception exp) {
             if (exp instanceof SecurityException) {
                 log("got " + exp + " as expected");
             } else {
                 fail(exp.getMessage());
             }
         }
     }

     @Test
     public void securityJavaTypeTest() {
         if (System.getSecurityManager() == null) {
             // pass vacuously
             return;
         }

         final ScriptEngineManager m = new ScriptEngineManager();
         final ScriptEngine e = m.getEngineByName("nashorn");
         try {
             e.eval("var v = Java.type('sun.misc.Unsafe');");
             fail("should have thrown SecurityException");
         } catch (final Exception exp) {
             if (exp instanceof SecurityException) {
                 log("got " + exp + " as expected");
             } else {
                 fail(exp.getMessage());
             }
         }
     }

     @Test
     public void securityClassForNameTest() {
         if (System.getSecurityManager() == null) {
             // pass vacuously
             return;
         }

         final ScriptEngineManager m = new ScriptEngineManager();
         final ScriptEngine e = m.getEngineByName("nashorn");
         try {
             e.eval("var v = java.lang.Class.forName('sun.misc.Unsafe');");
             fail("should have thrown SecurityException");
         } catch (final Exception exp) {
             if (exp instanceof SecurityException) {
                 log("got " + exp + " as expected");
             } else {
                 fail(exp.getMessage());
             }
         }
     }

     @Test
     public void securitySystemExit() {
         if (System.getSecurityManager() == null) {
             // pass vacuously
             return;
         }

         final ScriptEngineManager m = new ScriptEngineManager();
         final ScriptEngine e = m.getEngineByName("nashorn");
         try {
             e.eval("java.lang.System.exit(0);");
             fail("should have thrown SecurityException");
         } catch (final Exception exp) {
             if (exp instanceof SecurityException) {
                 log("got " + exp + " as expected");
             } else {
                 fail(exp.getMessage());
             }
         }
     }


     @Test
     public void securitySystemExitFromFinalizerThread() throws ScriptException {
         if (System.getSecurityManager() == null) {
             // pass vacuously
             return;
         }

         final ScriptEngineManager m = new ScriptEngineManager();
         final ScriptEngine e = m.getEngineByName("nashorn");
         e.eval("var o = Java.extend(Java.type('javax.imageio.spi.ServiceRegistry'), { deregisterAll: this.exit.bind(null, 1234)});\n" +
                 "new o(new java.util.ArrayList().iterator())");
         System.gc();
         System.runFinalization();
         // NOTE: this test just exits the VM if it fails.
     }

     @Test
     public void securitySystemLoadLibrary() {
         if (System.getSecurityManager() == null) {
             // pass vacuously
             return;
         }

         final ScriptEngineManager m = new ScriptEngineManager();
         final ScriptEngine e = m.getEngineByName("nashorn");
         try {
             e.eval("java.lang.System.loadLibrary('foo');");
             fail("should have thrown SecurityException");
         } catch (final Exception exp) {
             if (exp instanceof SecurityException) {
                 log("got " + exp + " as expected");
             } else {
                 fail(exp.getMessage());
             }
         }
     }

     // @bug 8032948: Nashorn linkages awry
     @SuppressWarnings("serial")
     public static class FakeProxy extends Proxy {
         public FakeProxy(final InvocationHandler ih) {
             super(ih);
         }

         public static Class<?> makeProxyClass(final ClassLoader cl, final Class<?>... ifaces) {
             return Proxy.getProxyClass(cl, ifaces);
         }
     }

     @Test
     public void fakeProxySubclassAccessCheckTest() {
         if (System.getSecurityManager() == null) {
             // pass vacuously
             return;
         }

         final ScriptEngineManager m = new ScriptEngineManager();
         final ScriptEngine e = m.getEngineByName("nashorn");

         e.put("name", ScriptEngineSecurityTest.class.getName());
         e.put("cl", ScriptEngineSecurityTest.class.getClassLoader());
         e.put("intfs", new Class[] { Runnable.class });

         final String getClass = "Java.type(name + '$FakeProxy').getProxyClass(cl, intfs);";

         // Should not be able to call static methods of Proxy via fake subclass
         try {
             e.eval(getClass);
             fail("should have thrown SecurityException");
         } catch (final Exception exp) {
             if (! (exp instanceof SecurityException)) {
                 fail("SecurityException expected, got " + exp);
             }
         }
     }

     @Test
     public void fakeProxySubclassAccessCheckTest2() {
         if (System.getSecurityManager() == null) {
             // pass vacuously
             return;
         }

         final ScriptEngineManager m = new ScriptEngineManager();
         final ScriptEngine e = m.getEngineByName("nashorn");

         e.put("name", ScriptEngineSecurityTest.class.getName());
         e.put("cl", ScriptEngineSecurityTest.class.getClassLoader());
         e.put("intfs", new Class[] { Runnable.class });

         final String getClass = "Java.type(name + '$FakeProxy').makeProxyClass(cl, intfs);";

         // Should not be able to call static methods of Proxy via fake subclass
         try {
             e.eval(getClass);
             fail("should have thrown SecurityException");
         } catch (final Exception exp) {
             if (! (exp instanceof SecurityException)) {
                 fail("SecurityException expected, got " + exp);
             }
         }
     }

     @Test
     public static void proxyStaticAccessCheckTest() {
         if (System.getSecurityManager() == null) {
             // pass vacuously
             return;
         }

         final ScriptEngineManager m = new ScriptEngineManager();
         final ScriptEngine e = m.getEngineByName("nashorn");
         final Runnable r = (Runnable)Proxy.newProxyInstance(
             ScriptEngineTest.class.getClassLoader(),
             new Class[] { Runnable.class },
             new InvocationHandler() {
                 @Override
                 public Object invoke(final Object p, final Method mtd, final Object[] a) {
                     return null;
                 }
             });

         e.put("rc", r.getClass());
         e.put("cl", ScriptEngineSecurityTest.class.getClassLoader());
         e.put("intfs", new Class[] { Runnable.class });

         // make sure static methods of Proxy is not accessible via subclass
         try {
             e.eval("rc.static.getProxyClass(cl, intfs)");
             fail("Should have thrown SecurityException");
         } catch (final Exception exp) {
             if (! (exp instanceof SecurityException)) {
                 fail("SecurityException expected, got " + exp);
             }
         }
     }


     @Test
     public void nashornConfigSecurityTest() {
         if (System.getSecurityManager() == null) {
             // pass vacuously
             return;
         }

         final NashornScriptEngineFactory fac = new NashornScriptEngineFactory();
         try {
             fac.getScriptEngine(new ClassFilter() {
                @Override
                public boolean exposeToScripts(final String name) {
                    return true;
                }
             });
             fail("SecurityException should have been thrown");
         } catch (final SecurityException e) {
             //empty
         }
     }

     @Test
     public void nashornConfigSecurityTest2() {
         if (System.getSecurityManager() == null) {
             // pass vacuously
             return;
         }

         final NashornScriptEngineFactory fac = new NashornScriptEngineFactory();
         try {
             fac.getScriptEngine(new String[0], null, new ClassFilter() {
                @Override
                public boolean exposeToScripts(final String name) {
                    return true;
                }
             });
             fail("SecurityException should have been thrown");
         } catch (final SecurityException e) {
             //empty
         }
     }
 }
	/*
	* Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved.
	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
	*
	* This code is free software; you can redistribute it and/or modify it
	* under the terms of the GNU General Public License version 2 only, as
	* published by the Free Software Foundation. Oracle designates this
	* particular file as subject to the "Classpath" exception as provided
	* by Oracle in the LICENSE file that accompanied this code.
	*
	* This code is distributed in the hope that it will be useful, but WITHOUT
	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
	* version 2 for more details (a copy is included in the LICENSE file that
	* accompanied this code).
	*
	* You should have received a copy of the GNU General Public License version
	* 2 along with this work; if not, write to the Free Software Foundation,
	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
	*
	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
	* or visit www.oracle.com if you need additional information or have any
	* questions.
	*/

	package jdk.nashorn.api.scripting.test;

	import static org.testng.Assert.fail;
	import java.lang.reflect.InvocationHandler;
	import java.lang.reflect.Method;
	import java.lang.reflect.Proxy;
	import javax.script.ScriptEngine;
	import javax.script.ScriptEngineManager;
	import javax.script.ScriptException;
	import jdk.nashorn.api.scripting.ClassFilter;
	import jdk.nashorn.api.scripting.NashornScriptEngineFactory;
	import org.testng.annotations.Test;

	/**
	* jsr223 tests for security access checks.
	*/
	@SuppressWarnings("javadoc")
	public class ScriptEngineSecurityTest {

	private static void log(final String msg) {
	org.testng.Reporter.log(msg, true);
	}

	@Test
	public void securityPackagesTest() {
	if (System.getSecurityManager() == null) {
	// pass vacuously
	return;
	}

	final ScriptEngineManager m = new ScriptEngineManager();
	final ScriptEngine e = m.getEngineByName("nashorn");
	try {
	e.eval("var v = Packages.sun.misc.Unsafe;");
	fail("should have thrown SecurityException");
	} catch (final Exception exp) {
	if (exp instanceof SecurityException) {
	log("got " + exp + " as expected");
	} else {
	fail(exp.getMessage());
	}
	}
	}

	@Test
	public void securityJavaTypeTest() {
	if (System.getSecurityManager() == null) {
	// pass vacuously
	return;
	}

	final ScriptEngineManager m = new ScriptEngineManager();
	final ScriptEngine e = m.getEngineByName("nashorn");
	try {
	e.eval("var v = Java.type('sun.misc.Unsafe');");
	fail("should have thrown SecurityException");
	} catch (final Exception exp) {
	if (exp instanceof SecurityException) {
	log("got " + exp + " as expected");
	} else {
	fail(exp.getMessage());
	}
	}
	}

	@Test
	public void securityClassForNameTest() {
	if (System.getSecurityManager() == null) {
	// pass vacuously
	return;
	}

	final ScriptEngineManager m = new ScriptEngineManager();
	final ScriptEngine e = m.getEngineByName("nashorn");
	try {
	e.eval("var v = java.lang.Class.forName('sun.misc.Unsafe');");
	fail("should have thrown SecurityException");
	} catch (final Exception exp) {
	if (exp instanceof SecurityException) {
	log("got " + exp + " as expected");
	} else {
	fail(exp.getMessage());
	}
	}
	}

	@Test
	public void securitySystemExit() {
	if (System.getSecurityManager() == null) {
	// pass vacuously
	return;
	}

	final ScriptEngineManager m = new ScriptEngineManager();
	final ScriptEngine e = m.getEngineByName("nashorn");
	try {
	e.eval("java.lang.System.exit(0);");
	fail("should have thrown SecurityException");
	} catch (final Exception exp) {
	if (exp instanceof SecurityException) {
	log("got " + exp + " as expected");
	} else {
	fail(exp.getMessage());
	}
	}
	}


	@Test
	public void securitySystemExitFromFinalizerThread() throws ScriptException {
	if (System.getSecurityManager() == null) {
	// pass vacuously
	return;
	}

	final ScriptEngineManager m = new ScriptEngineManager();
	final ScriptEngine e = m.getEngineByName("nashorn");
	e.eval("var o = Java.extend(Java.type('javax.imageio.spi.ServiceRegistry'), { deregisterAll: this.exit.bind(null, 1234)});\n" +
	"new o(new java.util.ArrayList().iterator())");
	System.gc();
	System.runFinalization();
	// NOTE: this test just exits the VM if it fails.
	}

	@Test
	public void securitySystemLoadLibrary() {
	if (System.getSecurityManager() == null) {
	// pass vacuously
	return;
	}

	final ScriptEngineManager m = new ScriptEngineManager();
	final ScriptEngine e = m.getEngineByName("nashorn");
	try {
	e.eval("java.lang.System.loadLibrary('foo');");
	fail("should have thrown SecurityException");
	} catch (final Exception exp) {
	if (exp instanceof SecurityException) {
	log("got " + exp + " as expected");
	} else {
	fail(exp.getMessage());
	}
	}
	}

	// @bug 8032948: Nashorn linkages awry
	@SuppressWarnings("serial")
	public static class FakeProxy extends Proxy {
	public FakeProxy(final InvocationHandler ih) {
	super(ih);
	}

	public static Class<?> makeProxyClass(final ClassLoader cl, final Class<?>... ifaces) {
	return Proxy.getProxyClass(cl, ifaces);
	}
	}

	@Test
	public void fakeProxySubclassAccessCheckTest() {
	if (System.getSecurityManager() == null) {
	// pass vacuously
	return;
	}

	final ScriptEngineManager m = new ScriptEngineManager();
	final ScriptEngine e = m.getEngineByName("nashorn");

	e.put("name", ScriptEngineSecurityTest.class.getName());
	e.put("cl", ScriptEngineSecurityTest.class.getClassLoader());
	e.put("intfs", new Class[] { Runnable.class });

	final String getClass = "Java.type(name + '$FakeProxy').getProxyClass(cl, intfs);";

	// Should not be able to call static methods of Proxy via fake subclass
	try {
	e.eval(getClass);
	fail("should have thrown SecurityException");
	} catch (final Exception exp) {
	if (! (exp instanceof SecurityException)) {
	fail("SecurityException expected, got " + exp);
	}
	}
	}

	@Test
	public void fakeProxySubclassAccessCheckTest2() {
	if (System.getSecurityManager() == null) {
	// pass vacuously
	return;
	}

	final ScriptEngineManager m = new ScriptEngineManager();
	final ScriptEngine e = m.getEngineByName("nashorn");

	e.put("name", ScriptEngineSecurityTest.class.getName());
	e.put("cl", ScriptEngineSecurityTest.class.getClassLoader());
	e.put("intfs", new Class[] { Runnable.class });

	final String getClass = "Java.type(name + '$FakeProxy').makeProxyClass(cl, intfs);";

	// Should not be able to call static methods of Proxy via fake subclass
	try {
	e.eval(getClass);
	fail("should have thrown SecurityException");
	} catch (final Exception exp) {
	if (! (exp instanceof SecurityException)) {
	fail("SecurityException expected, got " + exp);
	}
	}
	}

	@Test
	public static void proxyStaticAccessCheckTest() {
	if (System.getSecurityManager() == null) {
	// pass vacuously
	return;
	}

	final ScriptEngineManager m = new ScriptEngineManager();
	final ScriptEngine e = m.getEngineByName("nashorn");
	final Runnable r = (Runnable)Proxy.newProxyInstance(
	ScriptEngineTest.class.getClassLoader(),
	new Class[] { Runnable.class },
	new InvocationHandler() {
	@Override
	public Object invoke(final Object p, final Method mtd, final Object[] a) {
	return null;
	}
	});

	e.put("rc", r.getClass());
	e.put("cl", ScriptEngineSecurityTest.class.getClassLoader());
	e.put("intfs", new Class[] { Runnable.class });

	// make sure static methods of Proxy is not accessible via subclass
	try {
	e.eval("rc.static.getProxyClass(cl, intfs)");
	fail("Should have thrown SecurityException");
	} catch (final Exception exp) {
	if (! (exp instanceof SecurityException)) {
	fail("SecurityException expected, got " + exp);
	}
	}
	}


	@Test
	public void nashornConfigSecurityTest() {
	if (System.getSecurityManager() == null) {
	// pass vacuously
	return;
	}

	final NashornScriptEngineFactory fac = new NashornScriptEngineFactory();
	try {
	fac.getScriptEngine(new ClassFilter() {
	@Override
	public boolean exposeToScripts(final String name) {
	return true;
	}
	});
	fail("SecurityException should have been thrown");
	} catch (final SecurityException e) {
	//empty
	}
	}

	@Test
	public void nashornConfigSecurityTest2() {
	if (System.getSecurityManager() == null) {
	// pass vacuously
	return;
	}

	final NashornScriptEngineFactory fac = new NashornScriptEngineFactory();
	try {
	fac.getScriptEngine(new String[0], null, new ClassFilter() {
	@Override
	public boolean exposeToScripts(final String name) {
	return true;
	}
	});
	fail("SecurityException should have been thrown");
	} catch (final SecurityException e) {
	//empty
	}
	}
	}