# HG changeset patch # User sundar # Date 1358478906 -19800 # Node ID 374e36bd135743051602dd2852429d14a255bde2 # Parent 5b8bcfd712d34d82d1387f76de6f9cd3835d5234 8006527: nashorn jsr223 engine does not work in sandbox Reviewed-by: jlaskey, attila, lagergren diff -r 5b8bcfd712d3 -r 374e36bd1357 nashorn/bin/nashornsecure --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/nashorn/bin/nashornsecure Fri Jan 18 08:45:06 2013 +0530 @@ -0,0 +1,29 @@ +#!/bin/bash +# +# Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved. +# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +# +# This code is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License version 2 only, as +# published by the Free Software Foundation. Oracle designates this +# particular file as subject to the "Classpath" exception as provided +# by Oracle in the LICENSE file that accompanied this code. +# +# This code is distributed in the hope that it will be useful, but WITHOUT +# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +# version 2 for more details (a copy is included in the LICENSE file that +# accompanied this code). +# +# You should have received a copy of the GNU General Public License version +# 2 along with this work; if not, write to the Free Software Foundation, +# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +# or visit www.oracle.com if you need additional information or have any +# questions. +# + +[ -z "$JAVA_HOME" ] && echo "Please set JAVA_HOME" && exit 1; + +$JAVA_HOME/bin/jrunscript -J-Djava.security.manager -J-Xms2G -J-Xmx2G -J-XX:-TieredCompilation -J-server -J-esa -J-ea -J-Djava.ext.dirs=$JAVA_HOME/jre/lib/ext:`dirname $0`/../dist -J-XX:+HeapDumpOnOutOfMemoryError -J-Djava.lang.invoke.MethodHandle.DEBUG_NAMES=false -J-Dnashorn.debug=true -l nashorn $* diff -r 5b8bcfd712d3 -r 374e36bd1357 nashorn/bin/nashornsecure.bat --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/nashorn/bin/nashornsecure.bat Fri Jan 18 08:45:06 2013 +0530 @@ -0,0 +1,27 @@ +rem +rem Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved. +rem DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +rem +rem This code is free software; you can redistribute it and/or modify it +rem under the terms of the GNU General Public License version 2 only, as +rem published by the Free Software Foundation. Oracle designates this +rem particular file as subject to the "Classpath" exception as provided +rem by Oracle in the LICENSE file that accompanied this code. +rem +rem This code is distributed in the hope that it will be useful, but WITHOUT +rem ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +rem FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +rem version 2 for more details (a copy is included in the LICENSE file that +rem accompanied this code). +rem +rem You should have received a copy of the GNU General Public License version +rem 2 along with this work; if not, write to the Free Software Foundation, +rem Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +rem +rem Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +rem or visit www.oracle.com if you need additional information or have any +rem questions. +rem +@echo off + +jrunscript -J-Djava.security.manager -J-Xms2G -J-Xmx2G -J-XX:-TieredCompilation -J-server -J-esa -J-ea -J-Djava.ext.dirs=%~dp0\..\dist -J-XX:+HeapDumpOnOutOfMemoryError -J-Dnashorn.debug=true -J-Djava.lang.invoke.MethodHandle.DEBUG_NAMES=false -l nashorn diff -r 5b8bcfd712d3 -r 374e36bd1357 nashorn/src/jdk/nashorn/api/scripting/NashornScriptEngine.java --- a/nashorn/src/jdk/nashorn/api/scripting/NashornScriptEngine.java Thu Jan 17 10:33:39 2013 -0400 +++ b/nashorn/src/jdk/nashorn/api/scripting/NashornScriptEngine.java Fri Jan 18 08:45:06 2013 +0530 @@ -91,7 +91,7 @@ // throw ParseException on first error from script final ErrorManager errors = new Context.ThrowErrorManager(); - // create new Nashorn Context and get global object + // create new Nashorn Context this.nashornContext = AccessController.doPrivileged(new PrivilegedAction() { @Override public Context run() { @@ -107,7 +107,19 @@ }); // create new global object - this.global = nashornContext.createGlobal(); + this.global = AccessController.doPrivileged(new PrivilegedAction() { + @Override + public ScriptObject run() { + try { + return nashornContext.createGlobal(); + } catch (final RuntimeException e) { + if (Context.DEBUG) { + e.printStackTrace(); + } + throw e; + } + } + }); // current ScriptContext exposed as "context" global.addOwnProperty("context", Property.NOT_ENUMERABLE, context); @@ -121,14 +133,8 @@ // evaluate engine initial script try { - AccessController.doPrivileged(new PrivilegedExceptionAction() { - @Override - public Void run() throws ScriptException { - evalEngineScript(); - return null; - } - }); - } catch (final PrivilegedActionException e) { + evalEngineScript(); + } catch (final ScriptException e) { if (Context.DEBUG) { e.printStackTrace(); } @@ -330,15 +336,20 @@ evalSupportScript("resources/engine.js"); } - private void evalSupportScript(String script) throws ScriptException { - final URL url = NashornScriptEngine.class.getResource(script); + private void evalSupportScript(final String script) throws ScriptException { try { - final InputStream is = url.openStream(); - put(ScriptEngine.FILENAME, url); + final InputStream is = AccessController.doPrivileged( + new PrivilegedExceptionAction() { + public InputStream run() throws Exception { + final URL url = NashornScriptEngine.class.getResource(script); + return url.openStream(); + } + }); + put(ScriptEngine.FILENAME, ":" + script); try (final InputStreamReader isr = new InputStreamReader(is)) { eval(isr); } - } catch (final IOException e) { + } catch (final PrivilegedActionException | IOException e) { throw new ScriptException(e); } finally { put(ScriptEngine.FILENAME, null); diff -r 5b8bcfd712d3 -r 374e36bd1357 nashorn/src/jdk/nashorn/api/scripting/resources/init.js --- a/nashorn/src/jdk/nashorn/api/scripting/resources/init.js Thu Jan 17 10:33:39 2013 -0400 +++ b/nashorn/src/jdk/nashorn/api/scripting/resources/init.js Fri Jan 18 08:45:06 2013 +0530 @@ -187,11 +187,31 @@ } /** - * This is java.lang.System properties wrapped by jmap. + * This is java.lang.System properties wrapped by JSAdapter. * For eg. to access java.class.path property, you can use * the syntax sysProps["java.class.path"] */ -var sysProps = jmap(java.lang.System.getProperties()); +var sysProps = new JSAdapter({ + __get__ : function (name) { + return java.lang.System.getProperty(name); + }, + __has__ : function (name) { + return java.lang.System.getProperty(name) != null; + }, + __getIds__ : function() { + return java.lang.System.getProperties().keySet().toArray(); + }, + __delete__ : function(name) { + java.lang.System.clearProperty(name); + return true; + }, + __put__ : function (name, value) { + java.lang.System.setProperty(name, value); + }, + toString: function() { + return ""; + } +}); // stdout, stderr & stdin var out = java.lang.System.out; diff -r 5b8bcfd712d3 -r 374e36bd1357 nashorn/src/jdk/nashorn/internal/objects/NativeJSAdapter.java --- a/nashorn/src/jdk/nashorn/internal/objects/NativeJSAdapter.java Thu Jan 17 10:33:39 2013 -0400 +++ b/nashorn/src/jdk/nashorn/internal/objects/NativeJSAdapter.java Fri Jan 18 08:45:06 2013 +0530 @@ -734,6 +734,10 @@ } private static MethodHandle findOwnMH(final String name, final Class rtype, final Class... types) { - return MH.findStatic(MethodHandles.lookup(), NativeJSAdapter.class, name, MH.type(rtype, types)); + try { + return MethodHandles.lookup().findStatic(NativeJSAdapter.class, name, MH.type(rtype, types)); + } catch (final NoSuchMethodException | IllegalAccessException e) { + throw new AssertionError(e); + } } } diff -r 5b8bcfd712d3 -r 374e36bd1357 nashorn/test/script/sandbox/engine.js --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/nashorn/test/script/sandbox/engine.js Fri Jan 18 08:45:06 2013 +0530 @@ -0,0 +1,34 @@ +/* + * Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/** + * Test that sandbox code can create script engine. + * + * @test + * @run + * @security + */ + +var mgr = new javax.script.ScriptEngineManager(); +var engine = mgr.getEngineByName("nashorn"); +print(engine.eval("'hello' + ' world'")); diff -r 5b8bcfd712d3 -r 374e36bd1357 nashorn/test/script/sandbox/engine.js.EXPECTED --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/nashorn/test/script/sandbox/engine.js.EXPECTED Fri Jan 18 08:45:06 2013 +0530 @@ -0,0 +1,1 @@ +hello world diff -r 5b8bcfd712d3 -r 374e36bd1357 nashorn/test/script/sandbox/jsadapter.js --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/nashorn/test/script/sandbox/jsadapter.js Fri Jan 18 08:45:06 2013 +0530 @@ -0,0 +1,34 @@ +/* + * Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/** + * Test that sandbox code can access jsadapter + * + * @test + * @run + * @security + */ + +var mgr = new javax.script.ScriptEngineManager(); +var engine = mgr.getEngineByName("nashorn"); +engine.eval("var v = new JSAdapter() {};");