8006527: nashorn jsr223 engine does not work in sandbox
authorsundar
Fri, 18 Jan 2013 08:45:06 +0530
changeset 16180 374e36bd1357
parent 16179 5b8bcfd712d3
child 16181 f6a125580f62
8006527: nashorn jsr223 engine does not work in sandbox Reviewed-by: jlaskey, attila, lagergren
nashorn/bin/nashornsecure
nashorn/bin/nashornsecure.bat
nashorn/src/jdk/nashorn/api/scripting/NashornScriptEngine.java
nashorn/src/jdk/nashorn/api/scripting/resources/init.js
nashorn/src/jdk/nashorn/internal/objects/NativeJSAdapter.java
nashorn/test/script/sandbox/engine.js
nashorn/test/script/sandbox/engine.js.EXPECTED
nashorn/test/script/sandbox/jsadapter.js
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/nashorn/bin/nashornsecure	Fri Jan 18 08:45:06 2013 +0530
@@ -0,0 +1,29 @@
+#!/bin/bash
+#
+# Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.  Oracle designates this
+# particular file as subject to the "Classpath" exception as provided
+# by Oracle in the LICENSE file that accompanied this code.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+
+[ -z "$JAVA_HOME" ] && echo "Please set JAVA_HOME" && exit 1;
+
+$JAVA_HOME/bin/jrunscript -J-Djava.security.manager -J-Xms2G -J-Xmx2G -J-XX:-TieredCompilation -J-server -J-esa -J-ea -J-Djava.ext.dirs=$JAVA_HOME/jre/lib/ext:`dirname $0`/../dist -J-XX:+HeapDumpOnOutOfMemoryError -J-Djava.lang.invoke.MethodHandle.DEBUG_NAMES=false -J-Dnashorn.debug=true -l nashorn $*
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/nashorn/bin/nashornsecure.bat	Fri Jan 18 08:45:06 2013 +0530
@@ -0,0 +1,27 @@
+rem
+rem Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved.
+rem DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+rem
+rem This code is free software; you can redistribute it and/or modify it
+rem under the terms of the GNU General Public License version 2 only, as
+rem published by the Free Software Foundation.  Oracle designates this
+rem particular file as subject to the "Classpath" exception as provided
+rem by Oracle in the LICENSE file that accompanied this code.
+rem
+rem This code is distributed in the hope that it will be useful, but WITHOUT
+rem ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+rem FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+rem version 2 for more details (a copy is included in the LICENSE file that
+rem accompanied this code).
+rem
+rem You should have received a copy of the GNU General Public License version
+rem 2 along with this work; if not, write to the Free Software Foundation,
+rem Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+rem
+rem Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+rem or visit www.oracle.com if you need additional information or have any
+rem questions.
+rem
+@echo off
+
+jrunscript -J-Djava.security.manager -J-Xms2G -J-Xmx2G -J-XX:-TieredCompilation -J-server -J-esa -J-ea -J-Djava.ext.dirs=%~dp0\..\dist -J-XX:+HeapDumpOnOutOfMemoryError -J-Dnashorn.debug=true -J-Djava.lang.invoke.MethodHandle.DEBUG_NAMES=false -l nashorn
--- a/nashorn/src/jdk/nashorn/api/scripting/NashornScriptEngine.java	Thu Jan 17 10:33:39 2013 -0400
+++ b/nashorn/src/jdk/nashorn/api/scripting/NashornScriptEngine.java	Fri Jan 18 08:45:06 2013 +0530
@@ -91,7 +91,7 @@
 
         // throw ParseException on first error from script
         final ErrorManager errors = new Context.ThrowErrorManager();
-        // create new Nashorn Context and get global object
+        // create new Nashorn Context
         this.nashornContext = AccessController.doPrivileged(new PrivilegedAction<Context>() {
             @Override
             public Context run() {
@@ -107,7 +107,19 @@
         });
 
         // create new global object
-        this.global = nashornContext.createGlobal();
+        this.global =  AccessController.doPrivileged(new PrivilegedAction<ScriptObject>() {
+            @Override
+            public ScriptObject run() {
+                try {
+                    return nashornContext.createGlobal();
+                } catch (final RuntimeException e) {
+                    if (Context.DEBUG) {
+                        e.printStackTrace();
+                    }
+                    throw e;
+                }
+            }
+        });
 
         // current ScriptContext exposed as "context"
         global.addOwnProperty("context", Property.NOT_ENUMERABLE, context);
@@ -121,14 +133,8 @@
 
         // evaluate engine initial script
         try {
-            AccessController.doPrivileged(new PrivilegedExceptionAction<Void>() {
-                @Override
-                public Void run() throws ScriptException {
-                    evalEngineScript();
-                    return null;
-                }
-            });
-        } catch (final PrivilegedActionException e) {
+            evalEngineScript();
+        } catch (final ScriptException e) {
             if (Context.DEBUG) {
                 e.printStackTrace();
             }
@@ -330,15 +336,20 @@
         evalSupportScript("resources/engine.js");
     }
 
-    private void evalSupportScript(String script) throws ScriptException {
-        final URL url = NashornScriptEngine.class.getResource(script);
+    private void evalSupportScript(final String script) throws ScriptException {
         try {
-            final InputStream is = url.openStream();
-            put(ScriptEngine.FILENAME, url);
+            final InputStream is = AccessController.doPrivileged(
+                    new PrivilegedExceptionAction<InputStream>() {
+                        public InputStream run() throws Exception {
+                            final URL url = NashornScriptEngine.class.getResource(script);
+                            return url.openStream();
+                        }
+                    });
+            put(ScriptEngine.FILENAME, "<engine>:" + script);
             try (final InputStreamReader isr = new InputStreamReader(is)) {
                 eval(isr);
             }
-        } catch (final IOException e) {
+        } catch (final PrivilegedActionException | IOException e) {
             throw new ScriptException(e);
         } finally {
             put(ScriptEngine.FILENAME, null);
--- a/nashorn/src/jdk/nashorn/api/scripting/resources/init.js	Thu Jan 17 10:33:39 2013 -0400
+++ b/nashorn/src/jdk/nashorn/api/scripting/resources/init.js	Fri Jan 18 08:45:06 2013 +0530
@@ -187,11 +187,31 @@
 }
 
 /**
- * This is java.lang.System properties wrapped by jmap.
+ * This is java.lang.System properties wrapped by JSAdapter.
  * For eg. to access java.class.path property, you can use
  * the syntax sysProps["java.class.path"]
  */
-var sysProps = jmap(java.lang.System.getProperties());
+var sysProps = new JSAdapter({
+    __get__ : function (name) {
+        return java.lang.System.getProperty(name);
+    },
+    __has__ : function (name) {
+        return java.lang.System.getProperty(name) != null;
+    },
+    __getIds__ : function() {
+        return java.lang.System.getProperties().keySet().toArray();
+    },
+    __delete__ : function(name) {
+        java.lang.System.clearProperty(name);
+        return true;
+    },
+    __put__ : function (name, value) {
+        java.lang.System.setProperty(name, value);
+    },
+    toString: function() {
+        return "<system properties>";
+    }
+});
 
 // stdout, stderr & stdin
 var out = java.lang.System.out;
--- a/nashorn/src/jdk/nashorn/internal/objects/NativeJSAdapter.java	Thu Jan 17 10:33:39 2013 -0400
+++ b/nashorn/src/jdk/nashorn/internal/objects/NativeJSAdapter.java	Fri Jan 18 08:45:06 2013 +0530
@@ -734,6 +734,10 @@
     }
 
     private static MethodHandle findOwnMH(final String name, final Class<?> rtype, final Class<?>... types) {
-        return MH.findStatic(MethodHandles.lookup(), NativeJSAdapter.class, name, MH.type(rtype, types));
+        try {
+            return MethodHandles.lookup().findStatic(NativeJSAdapter.class, name, MH.type(rtype, types));
+        } catch (final NoSuchMethodException | IllegalAccessException e) {
+            throw new AssertionError(e);
+        }
     }
 }
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/nashorn/test/script/sandbox/engine.js	Fri Jan 18 08:45:06 2013 +0530
@@ -0,0 +1,34 @@
+/*
+ * Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ * 
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ * 
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ * 
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ * 
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/**
+ * Test that sandbox code can create script engine.
+ *
+ * @test
+ * @run
+ * @security
+ */
+
+var mgr = new javax.script.ScriptEngineManager();
+var engine = mgr.getEngineByName("nashorn");
+print(engine.eval("'hello' + ' world'"));
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/nashorn/test/script/sandbox/engine.js.EXPECTED	Fri Jan 18 08:45:06 2013 +0530
@@ -0,0 +1,1 @@
+hello world
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/nashorn/test/script/sandbox/jsadapter.js	Fri Jan 18 08:45:06 2013 +0530
@@ -0,0 +1,34 @@
+/*
+ * Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ * 
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ * 
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ * 
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ * 
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/**
+ * Test that sandbox code can access jsadapter
+ *
+ * @test
+ * @run
+ * @security
+ */
+
+var mgr = new javax.script.ScriptEngineManager();
+var engine = mgr.getEngineByName("nashorn");
+engine.eval("var v = new JSAdapter() {};");