Tue, 05 Feb 2013 18:44:54 +0530
8007521: $ENV should be undefined when security manager is present
Reviewed-by: hannesw, jlaskey
1.1 --- a/src/jdk/nashorn/internal/objects/Global.java Tue Feb 05 09:11:03 2013 +0530 1.2 +++ b/src/jdk/nashorn/internal/objects/Global.java Tue Feb 05 18:44:54 2013 +0530 1.3 @@ -34,6 +34,7 @@ 1.4 import java.lang.invoke.MethodHandle; 1.5 import java.lang.invoke.MethodHandles; 1.6 import java.lang.ref.SoftReference; 1.7 +import java.util.HashMap; 1.8 import java.util.LinkedHashMap; 1.9 import java.util.List; 1.10 import java.util.Map; 1.11 @@ -1464,8 +1465,20 @@ 1.12 addOwnProperty("$OPTIONS", Attribute.NOT_ENUMERABLE, value); 1.13 1.14 // Nashorn extension: global.$ENV (scripting-mode-only) 1.15 - value = ScriptingFunctions.getENVValues(newEmptyInstance(), this.isStrictContext()); 1.16 - addOwnProperty(ScriptingFunctions.ENV_NAME, Attribute.NOT_ENUMERABLE, value); 1.17 + if (System.getSecurityManager() == null) { 1.18 + // do not fill $ENV if we have a security manager around 1.19 + // Retrieve current state of ENV variables. 1.20 + final ScriptObject env = newEmptyInstance(); 1.21 + env.putAll(System.getenv()); 1.22 + addOwnProperty(ScriptingFunctions.ENV_NAME, Attribute.NOT_ENUMERABLE, env); 1.23 + } else { 1.24 + addOwnProperty(ScriptingFunctions.ENV_NAME, Attribute.NOT_ENUMERABLE, UNDEFINED); 1.25 + } 1.26 + 1.27 + // add other special properties for exec support 1.28 + addOwnProperty(ScriptingFunctions.OUT_NAME, Attribute.NOT_ENUMERABLE, UNDEFINED); 1.29 + addOwnProperty(ScriptingFunctions.ERR_NAME, Attribute.NOT_ENUMERABLE, UNDEFINED); 1.30 + addOwnProperty(ScriptingFunctions.EXIT_NAME, Attribute.NOT_ENUMERABLE, UNDEFINED); 1.31 } 1.32 1.33 private void initTypedArray() {
2.1 --- a/src/jdk/nashorn/internal/runtime/ScriptingFunctions.java Tue Feb 05 09:11:03 2013 +0530 2.2 +++ b/src/jdk/nashorn/internal/runtime/ScriptingFunctions.java Tue Feb 05 18:44:54 2013 +0530 2.3 @@ -61,9 +61,9 @@ 2.4 2.5 /** Names of special properties used by $EXEC API. */ 2.6 public static final String EXEC_NAME = "$EXEC"; 2.7 - private static final String OUT_NAME = "$OUT"; 2.8 - private static final String ERR_NAME = "$ERR"; 2.9 - private static final String EXIT_NAME = "$EXIT"; 2.10 + public static final String OUT_NAME = "$OUT"; 2.11 + public static final String ERR_NAME = "$ERR"; 2.12 + public static final String EXIT_NAME = "$EXIT"; 2.13 2.14 /** Names of special properties used by $ENV API. */ 2.15 public static final String ENV_NAME = "$ENV"; 2.16 @@ -139,14 +139,6 @@ 2.17 // Current global is need to fetch additional inputs and for additional results. 2.18 final ScriptObject global = Context.getGlobal(); 2.19 2.20 - // Current ENV property state. 2.21 - final Object env = global.get(ENV_NAME); 2.22 - // Make sure ENV is a valid script object. 2.23 - if (!(env instanceof ScriptObject)) { 2.24 - typeError("env.not.object"); 2.25 - } 2.26 - final ScriptObject envProperties = (ScriptObject)env; 2.27 - 2.28 // Break exec string into tokens. 2.29 final StringTokenizer tokenizer = new StringTokenizer(JSType.toString(string)); 2.30 final String[] cmdArray = new String[tokenizer.countTokens()]; 2.31 @@ -157,18 +149,23 @@ 2.32 // Set up initial process. 2.33 final ProcessBuilder processBuilder = new ProcessBuilder(cmdArray); 2.34 2.35 - // If a working directory is present, use it. 2.36 - final Object pwd = envProperties.get(PWD_NAME); 2.37 - if (pwd != UNDEFINED) { 2.38 - processBuilder.directory(new File(JSType.toString(pwd))); 2.39 - } 2.40 + // Current ENV property state. 2.41 + final Object env = global.get(ENV_NAME); 2.42 + if (env instanceof ScriptObject) { 2.43 + final ScriptObject envProperties = (ScriptObject)env; 2.44 2.45 - // Set up ENV variables. 2.46 - final Map<String, String> environment = processBuilder.environment(); 2.47 - environment.clear(); 2.48 - for (Map.Entry<Object, Object> entry : envProperties.entrySet()) { 2.49 + // If a working directory is present, use it. 2.50 + final Object pwd = envProperties.get(PWD_NAME); 2.51 + if (pwd != UNDEFINED) { 2.52 + processBuilder.directory(new File(JSType.toString(pwd))); 2.53 + } 2.54 2.55 - environment.put(JSType.toString(entry.getKey()), JSType.toString(entry.getValue())); 2.56 + // Set up ENV variables. 2.57 + final Map<String, String> environment = processBuilder.environment(); 2.58 + environment.clear(); 2.59 + for (Map.Entry<Object, Object> entry : envProperties.entrySet()) { 2.60 + environment.put(JSType.toString(entry.getKey()), JSType.toString(entry.getValue())); 2.61 + } 2.62 } 2.63 2.64 // Start the process. 2.65 @@ -214,31 +211,6 @@ 2.66 return out; 2.67 } 2.68 2.69 - /** 2.70 - * Return an object containing properties mapping to ENV variables. 2.71 - * 2.72 - * @param envProperties object to receive properties 2.73 - * @param isStrict global's strict state 2.74 - * 2.75 - * @return Script object with properties mapping to ENV variables. 2.76 - */ 2.77 - public static ScriptObject getENVValues(final ScriptObject envProperties, final boolean isStrict) { 2.78 - // Retrieve current state of ENV variables. 2.79 - Map<String, String> envVars; 2.80 - try { 2.81 - envVars = System.getenv(); 2.82 - } catch(SecurityException ex) { 2.83 - envVars = new HashMap<>(); 2.84 - } 2.85 - 2.86 - // Map ENV variables. 2.87 - for (Map.Entry<String, String> entry : envVars.entrySet()) { 2.88 - envProperties.set(entry.getKey(), entry.getValue(), isStrict); 2.89 - } 2.90 - 2.91 - return envProperties; 2.92 - } 2.93 - 2.94 private static MethodHandle findOwnMH(final String name, final Class<?> rtype, final Class<?>... types) { 2.95 return MH.findStatic(MethodHandles.lookup(), ScriptingFunctions.class, name, MH.type(rtype, types)); 2.96 }
3.1 --- a/test/script/basic/JDK-8006191.js Tue Feb 05 09:11:03 2013 +0530 3.2 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 3.3 @@ -1,65 +0,0 @@ 3.4 -/* 3.5 - * Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved. 3.6 - * 3.7 - * Redistribution and use in source and binary forms, with or without 3.8 - * modification, are permitted provided that the following conditions 3.9 - * are met: 3.10 - * 3.11 - * - Redistributions of source code must retain the above copyright 3.12 - * notice, this list of conditions and the following disclaimer. 3.13 - * 3.14 - * - Redistributions in binary form must reproduce the above copyright 3.15 - * notice, this list of conditions and the following disclaimer in the 3.16 - * documentation and/or other materials provided with the distribution. 3.17 - * 3.18 - * - Neither the name of Oracle nor the names of its 3.19 - * contributors may be used to endorse or promote products derived 3.20 - * from this software without specific prior written permission. 3.21 - * 3.22 - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS 3.23 - * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, 3.24 - * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 3.25 - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR 3.26 - * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 3.27 - * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 3.28 - * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 3.29 - * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 3.30 - * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 3.31 - * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 3.32 - * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 3.33 - */ 3.34 - 3.35 -/** 3.36 - * JDK-8006191 - `cmd` -> exec("cmd") in script mode 3.37 - * 3.38 - * @test 3.39 - * @option -scripting 3.40 - * @argument ArgumentFromCommandLine 3.41 - * @run 3.42 - */ 3.43 - 3.44 -#!/usr/bin/jjs 3.45 - 3.46 -$ENV.PWD = "."; 3.47 -print($ENV.PWD); 3.48 - 3.49 -var files = `ls`.trim().split("\n"); 3.50 -for (var i in files) { 3.51 - var file = files[i]; 3.52 - if (file.contains("README")) { 3.53 - print(file); 3.54 - } 3.55 -} 3.56 - 3.57 -var result = $EXEC("cat", <<EOD); 3.58 -This is a bunch of stuff 3.59 -that I want written out 3.60 -including ${$ARG[0]} 3.61 -EOD 3.62 -print(result); 3.63 -print($OUT); 3.64 - 3.65 -var arg = "-Q"; 3.66 -`ls ${arg}`; 3.67 -print($ERR); 3.68 -print($EXIT);
4.1 --- a/test/script/basic/JDK-8006191.js.EXPECTED Tue Feb 05 09:11:03 2013 +0530 4.2 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 4.3 @@ -1,14 +0,0 @@ 4.4 -. 4.5 -README 4.6 -RELEASE_README 4.7 -THIRD_PARTY_README 4.8 -This is a bunch of stuff 4.9 -that I want written out 4.10 -including ArgumentFromCommandLine 4.11 -This is a bunch of stuff 4.12 -that I want written out 4.13 -including ArgumentFromCommandLine 4.14 -ls: illegal option -- Q 4.15 -usage: ls [-ABCFGHLOPRSTUWabcdefghiklmnopqrstuwx1] [file ...] 4.16 - 4.17 -1
5.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 5.2 +++ b/test/script/currently-failing/JDK-8006191.js Tue Feb 05 18:44:54 2013 +0530 5.3 @@ -0,0 +1,65 @@ 5.4 +/* 5.5 + * Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved. 5.6 + * 5.7 + * Redistribution and use in source and binary forms, with or without 5.8 + * modification, are permitted provided that the following conditions 5.9 + * are met: 5.10 + * 5.11 + * - Redistributions of source code must retain the above copyright 5.12 + * notice, this list of conditions and the following disclaimer. 5.13 + * 5.14 + * - Redistributions in binary form must reproduce the above copyright 5.15 + * notice, this list of conditions and the following disclaimer in the 5.16 + * documentation and/or other materials provided with the distribution. 5.17 + * 5.18 + * - Neither the name of Oracle nor the names of its 5.19 + * contributors may be used to endorse or promote products derived 5.20 + * from this software without specific prior written permission. 5.21 + * 5.22 + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS 5.23 + * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, 5.24 + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 5.25 + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR 5.26 + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 5.27 + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 5.28 + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 5.29 + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 5.30 + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 5.31 + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 5.32 + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 5.33 + */ 5.34 + 5.35 +/** 5.36 + * JDK-8006191 - `cmd` -> exec("cmd") in script mode 5.37 + * 5.38 + * @test 5.39 + * @option -scripting 5.40 + * @argument ArgumentFromCommandLine 5.41 + * @run 5.42 + */ 5.43 + 5.44 +#!/usr/bin/jjs 5.45 + 5.46 +$ENV.PWD = "."; 5.47 +print($ENV.PWD); 5.48 + 5.49 +var files = `ls`.trim().split("\n"); 5.50 +for (var i in files) { 5.51 + var file = files[i]; 5.52 + if (file.contains("README")) { 5.53 + print(file); 5.54 + } 5.55 +} 5.56 + 5.57 +var result = $EXEC("cat", <<EOD); 5.58 +This is a bunch of stuff 5.59 +that I want written out 5.60 +including ${$ARG[0]} 5.61 +EOD 5.62 +print(result); 5.63 +print($OUT); 5.64 + 5.65 +var arg = "-Q"; 5.66 +`ls ${arg}`; 5.67 +print($ERR); 5.68 +print($EXIT);
6.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 6.2 +++ b/test/script/currently-failing/JDK-8006191.js.EXPECTED Tue Feb 05 18:44:54 2013 +0530 6.3 @@ -0,0 +1,14 @@ 6.4 +. 6.5 +README 6.6 +RELEASE_README 6.7 +THIRD_PARTY_README 6.8 +This is a bunch of stuff 6.9 +that I want written out 6.10 +including ArgumentFromCommandLine 6.11 +This is a bunch of stuff 6.12 +that I want written out 6.13 +including ArgumentFromCommandLine 6.14 +ls: illegal option -- Q 6.15 +usage: ls [-ABCFGHLOPRSTUWabcdefghiklmnopqrstuwx1] [file ...] 6.16 + 6.17 +1
7.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 7.2 +++ b/test/script/sandbox/env.js Tue Feb 05 18:44:54 2013 +0530 7.3 @@ -0,0 +1,36 @@ 7.4 +/* 7.5 + * Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved. 7.6 + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 7.7 + * 7.8 + * This code is free software; you can redistribute it and/or modify it 7.9 + * under the terms of the GNU General Public License version 2 only, as 7.10 + * published by the Free Software Foundation. 7.11 + * 7.12 + * This code is distributed in the hope that it will be useful, but WITHOUT 7.13 + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 7.14 + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 7.15 + * version 2 for more details (a copy is included in the LICENSE file that 7.16 + * accompanied this code). 7.17 + * 7.18 + * You should have received a copy of the GNU General Public License version 7.19 + * 2 along with this work; if not, write to the Free Software Foundation, 7.20 + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 7.21 + * 7.22 + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 7.23 + * or visit www.oracle.com if you need additional information or have any 7.24 + * questions. 7.25 + */ 7.26 + 7.27 +/** 7.28 + * Try to get env object 7.29 + * 7.30 + * @test 7.31 + * @security 7.32 + * @option -scripting 7.33 + */ 7.34 + 7.35 +var env = $ENV; 7.36 +// should be empty!! 7.37 +for (i in env) { 7.38 + print("FAILED: can get: " + i + " = " + env[i]); 7.39 +}
8.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 8.2 +++ b/test/script/sandbox/exec.js Tue Feb 05 18:44:54 2013 +0530 8.3 @@ -0,0 +1,39 @@ 8.4 +/* 8.5 + * Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved. 8.6 + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 8.7 + * 8.8 + * This code is free software; you can redistribute it and/or modify it 8.9 + * under the terms of the GNU General Public License version 2 only, as 8.10 + * published by the Free Software Foundation. 8.11 + * 8.12 + * This code is distributed in the hope that it will be useful, but WITHOUT 8.13 + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 8.14 + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 8.15 + * version 2 for more details (a copy is included in the LICENSE file that 8.16 + * accompanied this code). 8.17 + * 8.18 + * You should have received a copy of the GNU General Public License version 8.19 + * 2 along with this work; if not, write to the Free Software Foundation, 8.20 + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 8.21 + * 8.22 + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 8.23 + * or visit www.oracle.com if you need additional information or have any 8.24 + * questions. 8.25 + */ 8.26 + 8.27 +/** 8.28 + * Try to get exec 8.29 + * 8.30 + * @test 8.31 + * @security 8.32 + * @option -scripting 8.33 + */ 8.34 + 8.35 +try { 8.36 + var ans = `java -version`; 8.37 + fail("should have thrown exception!"); 8.38 +} catch (e) { 8.39 + if (! (e instanceof java.lang.SecurityException)) { 8.40 + fail("SecurityException expected, got " + e); 8.41 + } 8.42 +}