Mercurial > jdk8-mips64-public > nashorn / annotate
test/script/sandbox/NASHORN-525.js@d1e2050e575e (annotated)
test/script/sandbox/NASHORN-525.js
Thu, 26 Sep 2013 10:43:59 -0700
- author
- cl
- date
- Thu, 26 Sep 2013 10:43:59 -0700
- changeset 558
- d1e2050e575e
- parent 7
- 5a1b0714df0e
- child 952
- 6d5471a497fb
- child 962
- ac62e33a99b0
- permissions
- -rw-r--r--
Added tag jdk8-b109 for changeset 6ec2f9e5ed5b
| jlaskey@3 | 1 | /* |
| jlaskey@7 | 2 | * Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved. |
| jlaskey@3 | 3 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
| jlaskey@3 | 4 | * |
| jlaskey@3 | 5 | * This code is free software; you can redistribute it and/or modify it |
| jlaskey@3 | 6 | * under the terms of the GNU General Public License version 2 only, as |
| jlaskey@3 | 7 | * published by the Free Software Foundation. |
| jlaskey@3 | 8 | * |
| jlaskey@3 | 9 | * This code is distributed in the hope that it will be useful, but WITHOUT |
| jlaskey@3 | 10 | * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
| jlaskey@3 | 11 | * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
| jlaskey@3 | 12 | * version 2 for more details (a copy is included in the LICENSE file that |
| jlaskey@3 | 13 | * accompanied this code). |
| jlaskey@3 | 14 | * |
| jlaskey@3 | 15 | * You should have received a copy of the GNU General Public License version |
| jlaskey@3 | 16 | * 2 along with this work; if not, write to the Free Software Foundation, |
| jlaskey@3 | 17 | * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
| jlaskey@3 | 18 | * |
| jlaskey@3 | 19 | * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
| jlaskey@3 | 20 | * or visit www.oracle.com if you need additional information or have any |
| jlaskey@3 | 21 | * questions. |
| jlaskey@3 | 22 | */ |
| jlaskey@3 | 23 | |
| jlaskey@3 | 24 | /** |
| jlaskey@3 | 25 | * NASHORN-525 : nashorn misses security access checks |
| jlaskey@3 | 26 | * |
| jlaskey@3 | 27 | * @test |
| jlaskey@3 | 28 | * @run |
| jlaskey@3 | 29 | */ |
| jlaskey@3 | 30 | |
| jlaskey@3 | 31 | function check(code) { |
| jlaskey@3 | 32 | try { |
| jlaskey@3 | 33 | eval(code); |
| jlaskey@3 | 34 | fail("SecurityException expected for : " + code); |
| jlaskey@3 | 35 | } catch (e) { |
| jlaskey@3 | 36 | if (! (e instanceof java.lang.SecurityException)) { |
| jlaskey@3 | 37 | fail("SecurityException expected, but got " + e); |
| jlaskey@3 | 38 | } |
| jlaskey@3 | 39 | } |
| jlaskey@3 | 40 | } |
| jlaskey@3 | 41 | |
| jlaskey@3 | 42 | // if security manager is absent, pass the test vacuously. |
| jlaskey@3 | 43 | if (java.lang.System.getSecurityManager() != null) { |
| jlaskey@3 | 44 | // try accessing class from 'sun.*' packages |
| jlaskey@3 | 45 | check("Packages.sun.misc.Unsafe"); |
| jlaskey@3 | 46 | check("Java.type('sun.misc.Unsafe')"); |
| jlaskey@3 | 47 | |
| jlaskey@3 | 48 | // TODO this works in Java8 but not in Java8, disabling for now |
| jlaskey@3 | 49 | check("java.lang.Class.forName('sun.misc.Unsafe')"); |
| jlaskey@3 | 50 | |
| jlaskey@3 | 51 | // try System.exit and System.loadLibrary |
| jlaskey@3 | 52 | check("java.lang.System.exit(0)"); |
| jlaskey@3 | 53 | check("java.lang.System.loadLibrary('foo')"); |
| jlaskey@3 | 54 | } |
