Mercurial > jdk8-mips64-public > nashorn / annotate
test/script/sandbox/NASHORN-525.js@2093c4a7abf0 (annotated)
test/script/sandbox/NASHORN-525.js
Thu, 05 Sep 2019 18:59:46 +0800
- author
- aoqi
- date
- Thu, 05 Sep 2019 18:59:46 +0800
- changeset 2493
- 2093c4a7abf0
- parent 1205
- 4112748288bb
- permissions
- -rw-r--r--
Merge
| aoqi@0 | 1 | /* |
| aoqi@0 | 2 | * Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved. |
| aoqi@0 | 3 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
| attila@962 | 4 | * |
| aoqi@0 | 5 | * This code is free software; you can redistribute it and/or modify it |
| aoqi@0 | 6 | * under the terms of the GNU General Public License version 2 only, as |
| aoqi@0 | 7 | * published by the Free Software Foundation. |
| attila@962 | 8 | * |
| aoqi@0 | 9 | * This code is distributed in the hope that it will be useful, but WITHOUT |
| aoqi@0 | 10 | * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
| aoqi@0 | 11 | * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
| aoqi@0 | 12 | * version 2 for more details (a copy is included in the LICENSE file that |
| aoqi@0 | 13 | * accompanied this code). |
| attila@962 | 14 | * |
| aoqi@0 | 15 | * You should have received a copy of the GNU General Public License version |
| aoqi@0 | 16 | * 2 along with this work; if not, write to the Free Software Foundation, |
| aoqi@0 | 17 | * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
| attila@962 | 18 | * |
| aoqi@0 | 19 | * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
| aoqi@0 | 20 | * or visit www.oracle.com if you need additional information or have any |
| aoqi@0 | 21 | * questions. |
| aoqi@0 | 22 | */ |
| aoqi@0 | 23 | |
| aoqi@0 | 24 | /** |
| attila@962 | 25 | * NASHORN-525 : nashorn misses security access checks |
| aoqi@0 | 26 | * |
| aoqi@0 | 27 | * @test |
| aoqi@0 | 28 | * @run |
| aoqi@0 | 29 | */ |
| aoqi@0 | 30 | |
| aoqi@0 | 31 | function check(code) { |
| aoqi@0 | 32 | try { |
| aoqi@0 | 33 | eval(code); |
| aoqi@0 | 34 | fail("SecurityException expected for : " + code); |
| aoqi@0 | 35 | } catch (e) { |
| aoqi@0 | 36 | if (! (e instanceof java.lang.SecurityException)) { |
| aoqi@0 | 37 | fail("SecurityException expected, but got " + e); |
| aoqi@0 | 38 | } |
| aoqi@0 | 39 | } |
| aoqi@0 | 40 | } |
| aoqi@0 | 41 | |
| aoqi@0 | 42 | // if security manager is absent, pass the test vacuously. |
| aoqi@0 | 43 | if (java.lang.System.getSecurityManager() != null) { |
| aoqi@0 | 44 | // try accessing class from 'sun.*' packages |
| aoqi@0 | 45 | check("Packages.sun.misc.Unsafe"); |
| aoqi@0 | 46 | check("Java.type('sun.misc.Unsafe')"); |
| aoqi@0 | 47 | |
| aoqi@0 | 48 | // TODO this works in Java8 but not in Java8, disabling for now |
| aoqi@0 | 49 | check("java.lang.Class.forName('sun.misc.Unsafe')"); |
| aoqi@0 | 50 | |
| aoqi@0 | 51 | // try System.exit and System.loadLibrary |
| aoqi@0 | 52 | check("java.lang.System.exit(0)"); |
| aoqi@0 | 53 | check("java.lang.System.loadLibrary('foo')"); |
| aoqi@0 | 54 | } |
