Mercurial > jdk8-mips64-public > nashorn / annotate
test/script/sandbox/unsafe.js@6d5471a497fb (annotated)
test/script/sandbox/unsafe.js
Thu, 31 Aug 2017 15:30:47 +0800
- author
- aoqi
- date
- Thu, 31 Aug 2017 15:30:47 +0800
- changeset 952
- 6d5471a497fb
- parent 136
- c54e218333be
- parent 0
- b1a7da25b547
- child 1205
- 4112748288bb
- permissions
- -rw-r--r--
merge
| aoqi@0 | 1 | /* |
| aoqi@0 | 2 | * Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved. |
| aoqi@0 | 3 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
| aoqi@0 | 4 | * |
| aoqi@0 | 5 | * This code is free software; you can redistribute it and/or modify it |
| aoqi@0 | 6 | * under the terms of the GNU General Public License version 2 only, as |
| aoqi@0 | 7 | * published by the Free Software Foundation. |
| aoqi@0 | 8 | * |
| aoqi@0 | 9 | * This code is distributed in the hope that it will be useful, but WITHOUT |
| aoqi@0 | 10 | * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
| aoqi@0 | 11 | * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
| aoqi@0 | 12 | * version 2 for more details (a copy is included in the LICENSE file that |
| aoqi@0 | 13 | * accompanied this code). |
| aoqi@0 | 14 | * |
| aoqi@0 | 15 | * You should have received a copy of the GNU General Public License version |
| aoqi@0 | 16 | * 2 along with this work; if not, write to the Free Software Foundation, |
| aoqi@0 | 17 | * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
| aoqi@0 | 18 | * |
| aoqi@0 | 19 | * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
| aoqi@0 | 20 | * or visit www.oracle.com if you need additional information or have any |
| aoqi@0 | 21 | * questions. |
| aoqi@0 | 22 | */ |
| aoqi@0 | 23 | |
| aoqi@0 | 24 | /** |
| aoqi@0 | 25 | * Try to access sensitive class like Unsafe. |
| aoqi@0 | 26 | * |
| aoqi@0 | 27 | * @test |
| aoqi@0 | 28 | * @security |
| aoqi@0 | 29 | * @run |
| aoqi@0 | 30 | */ |
| aoqi@0 | 31 | |
| aoqi@0 | 32 | function check(e) { |
| aoqi@0 | 33 | if (! (e instanceof java.lang.SecurityException)) { |
| aoqi@0 | 34 | fail("expected SecurityException, got " + e); |
| aoqi@0 | 35 | } |
| aoqi@0 | 36 | } |
| aoqi@0 | 37 | |
| aoqi@0 | 38 | try { |
| aoqi@0 | 39 | var unsafe = java.lang.Class.forName("sun.misc.Unsafe"); |
| aoqi@0 | 40 | fail("No SecurityException for Class.forName sun.misc.Unsafe"); |
| aoqi@0 | 41 | } catch (e) { |
| aoqi@0 | 42 | check(e); |
| aoqi@0 | 43 | } |
| aoqi@0 | 44 | |
| aoqi@0 | 45 | try { |
| aoqi@0 | 46 | var unsafe = Java.type("sun.misc.Unsafe"); |
| aoqi@0 | 47 | fail("No SecurityException for Java.type sun.misc.Unsafe"); |
| aoqi@0 | 48 | } catch (e) { |
| aoqi@0 | 49 | check(e); |
| aoqi@0 | 50 | } |
| aoqi@0 | 51 | |
| aoqi@0 | 52 | try { |
| aoqi@0 | 53 | var unsafe = Packages.sun.misc.Unsafe; |
| aoqi@0 | 54 | fail("No SecurityException for Packages.sun.misc.Unsafe"); |
| aoqi@0 | 55 | } catch (e) { |
| aoqi@0 | 56 | check(e); |
| aoqi@0 | 57 | } |
| aoqi@0 | 58 | |
| aoqi@0 | 59 | try { |
| aoqi@0 | 60 | var cl = Packages.jdk.nashorn.internal.runtime.Context.class; |
| aoqi@0 | 61 | var unsafe = cl.getClassLoader().loadClass("sun.misc.Unsafe"); |
| aoqi@0 | 62 | } catch (e) { |
| aoqi@0 | 63 | check(e); |
| aoqi@0 | 64 | } |
