8007521: $ENV should be undefined when security manager is present
Reviewed-by: hannesw, jlaskey
--- a/nashorn/src/jdk/nashorn/internal/objects/Global.java Tue Feb 05 09:11:03 2013 +0530
+++ b/nashorn/src/jdk/nashorn/internal/objects/Global.java Tue Feb 05 18:44:54 2013 +0530
@@ -34,6 +34,7 @@
import java.lang.invoke.MethodHandle;
import java.lang.invoke.MethodHandles;
import java.lang.ref.SoftReference;
+import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
@@ -1464,8 +1465,20 @@
addOwnProperty("$OPTIONS", Attribute.NOT_ENUMERABLE, value);
// Nashorn extension: global.$ENV (scripting-mode-only)
- value = ScriptingFunctions.getENVValues(newEmptyInstance(), this.isStrictContext());
- addOwnProperty(ScriptingFunctions.ENV_NAME, Attribute.NOT_ENUMERABLE, value);
+ if (System.getSecurityManager() == null) {
+ // do not fill $ENV if we have a security manager around
+ // Retrieve current state of ENV variables.
+ final ScriptObject env = newEmptyInstance();
+ env.putAll(System.getenv());
+ addOwnProperty(ScriptingFunctions.ENV_NAME, Attribute.NOT_ENUMERABLE, env);
+ } else {
+ addOwnProperty(ScriptingFunctions.ENV_NAME, Attribute.NOT_ENUMERABLE, UNDEFINED);
+ }
+
+ // add other special properties for exec support
+ addOwnProperty(ScriptingFunctions.OUT_NAME, Attribute.NOT_ENUMERABLE, UNDEFINED);
+ addOwnProperty(ScriptingFunctions.ERR_NAME, Attribute.NOT_ENUMERABLE, UNDEFINED);
+ addOwnProperty(ScriptingFunctions.EXIT_NAME, Attribute.NOT_ENUMERABLE, UNDEFINED);
}
private void initTypedArray() {
--- a/nashorn/src/jdk/nashorn/internal/runtime/ScriptingFunctions.java Tue Feb 05 09:11:03 2013 +0530
+++ b/nashorn/src/jdk/nashorn/internal/runtime/ScriptingFunctions.java Tue Feb 05 18:44:54 2013 +0530
@@ -61,9 +61,9 @@
/** Names of special properties used by $EXEC API. */
public static final String EXEC_NAME = "$EXEC";
- private static final String OUT_NAME = "$OUT";
- private static final String ERR_NAME = "$ERR";
- private static final String EXIT_NAME = "$EXIT";
+ public static final String OUT_NAME = "$OUT";
+ public static final String ERR_NAME = "$ERR";
+ public static final String EXIT_NAME = "$EXIT";
/** Names of special properties used by $ENV API. */
public static final String ENV_NAME = "$ENV";
@@ -139,14 +139,6 @@
// Current global is need to fetch additional inputs and for additional results.
final ScriptObject global = Context.getGlobal();
- // Current ENV property state.
- final Object env = global.get(ENV_NAME);
- // Make sure ENV is a valid script object.
- if (!(env instanceof ScriptObject)) {
- typeError("env.not.object");
- }
- final ScriptObject envProperties = (ScriptObject)env;
-
// Break exec string into tokens.
final StringTokenizer tokenizer = new StringTokenizer(JSType.toString(string));
final String[] cmdArray = new String[tokenizer.countTokens()];
@@ -157,18 +149,23 @@
// Set up initial process.
final ProcessBuilder processBuilder = new ProcessBuilder(cmdArray);
- // If a working directory is present, use it.
- final Object pwd = envProperties.get(PWD_NAME);
- if (pwd != UNDEFINED) {
- processBuilder.directory(new File(JSType.toString(pwd)));
- }
+ // Current ENV property state.
+ final Object env = global.get(ENV_NAME);
+ if (env instanceof ScriptObject) {
+ final ScriptObject envProperties = (ScriptObject)env;
- // Set up ENV variables.
- final Map<String, String> environment = processBuilder.environment();
- environment.clear();
- for (Map.Entry<Object, Object> entry : envProperties.entrySet()) {
+ // If a working directory is present, use it.
+ final Object pwd = envProperties.get(PWD_NAME);
+ if (pwd != UNDEFINED) {
+ processBuilder.directory(new File(JSType.toString(pwd)));
+ }
- environment.put(JSType.toString(entry.getKey()), JSType.toString(entry.getValue()));
+ // Set up ENV variables.
+ final Map<String, String> environment = processBuilder.environment();
+ environment.clear();
+ for (Map.Entry<Object, Object> entry : envProperties.entrySet()) {
+ environment.put(JSType.toString(entry.getKey()), JSType.toString(entry.getValue()));
+ }
}
// Start the process.
@@ -214,31 +211,6 @@
return out;
}
- /**
- * Return an object containing properties mapping to ENV variables.
- *
- * @param envProperties object to receive properties
- * @param isStrict global's strict state
- *
- * @return Script object with properties mapping to ENV variables.
- */
- public static ScriptObject getENVValues(final ScriptObject envProperties, final boolean isStrict) {
- // Retrieve current state of ENV variables.
- Map<String, String> envVars;
- try {
- envVars = System.getenv();
- } catch(SecurityException ex) {
- envVars = new HashMap<>();
- }
-
- // Map ENV variables.
- for (Map.Entry<String, String> entry : envVars.entrySet()) {
- envProperties.set(entry.getKey(), entry.getValue(), isStrict);
- }
-
- return envProperties;
- }
-
private static MethodHandle findOwnMH(final String name, final Class<?> rtype, final Class<?>... types) {
return MH.findStatic(MethodHandles.lookup(), ScriptingFunctions.class, name, MH.type(rtype, types));
}
--- a/nashorn/test/script/basic/JDK-8006191.js Tue Feb 05 09:11:03 2013 +0530
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,65 +0,0 @@
-/*
- * Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * - Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * - Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * - Neither the name of Oracle nor the names of its
- * contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
- * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
- * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
- * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
- * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
- * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
- * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
- * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
- * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
- * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-/**
- * JDK-8006191 - `cmd` -> exec("cmd") in script mode
- *
- * @test
- * @option -scripting
- * @argument ArgumentFromCommandLine
- * @run
- */
-
-#!/usr/bin/jjs
-
-$ENV.PWD = ".";
-print($ENV.PWD);
-
-var files = `ls`.trim().split("\n");
-for (var i in files) {
- var file = files[i];
- if (file.contains("README")) {
- print(file);
- }
-}
-
-var result = $EXEC("cat", <<EOD);
-This is a bunch of stuff
-that I want written out
-including ${$ARG[0]}
-EOD
-print(result);
-print($OUT);
-
-var arg = "-Q";
-`ls ${arg}`;
-print($ERR);
-print($EXIT);
--- a/nashorn/test/script/basic/JDK-8006191.js.EXPECTED Tue Feb 05 09:11:03 2013 +0530
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,14 +0,0 @@
-.
-README
-RELEASE_README
-THIRD_PARTY_README
-This is a bunch of stuff
-that I want written out
-including ArgumentFromCommandLine
-This is a bunch of stuff
-that I want written out
-including ArgumentFromCommandLine
-ls: illegal option -- Q
-usage: ls [-ABCFGHLOPRSTUWabcdefghiklmnopqrstuwx1] [file ...]
-
-1
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/nashorn/test/script/currently-failing/JDK-8006191.js Tue Feb 05 18:44:54 2013 +0530
@@ -0,0 +1,65 @@
+/*
+ * Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * - Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * - Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * - Neither the name of Oracle nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+ * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/**
+ * JDK-8006191 - `cmd` -> exec("cmd") in script mode
+ *
+ * @test
+ * @option -scripting
+ * @argument ArgumentFromCommandLine
+ * @run
+ */
+
+#!/usr/bin/jjs
+
+$ENV.PWD = ".";
+print($ENV.PWD);
+
+var files = `ls`.trim().split("\n");
+for (var i in files) {
+ var file = files[i];
+ if (file.contains("README")) {
+ print(file);
+ }
+}
+
+var result = $EXEC("cat", <<EOD);
+This is a bunch of stuff
+that I want written out
+including ${$ARG[0]}
+EOD
+print(result);
+print($OUT);
+
+var arg = "-Q";
+`ls ${arg}`;
+print($ERR);
+print($EXIT);
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/nashorn/test/script/currently-failing/JDK-8006191.js.EXPECTED Tue Feb 05 18:44:54 2013 +0530
@@ -0,0 +1,14 @@
+.
+README
+RELEASE_README
+THIRD_PARTY_README
+This is a bunch of stuff
+that I want written out
+including ArgumentFromCommandLine
+This is a bunch of stuff
+that I want written out
+including ArgumentFromCommandLine
+ls: illegal option -- Q
+usage: ls [-ABCFGHLOPRSTUWabcdefghiklmnopqrstuwx1] [file ...]
+
+1
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/nashorn/test/script/sandbox/env.js Tue Feb 05 18:44:54 2013 +0530
@@ -0,0 +1,36 @@
+/*
+ * Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/**
+ * Try to get env object
+ *
+ * @test
+ * @security
+ * @option -scripting
+ */
+
+var env = $ENV;
+// should be empty!!
+for (i in env) {
+ print("FAILED: can get: " + i + " = " + env[i]);
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/nashorn/test/script/sandbox/exec.js Tue Feb 05 18:44:54 2013 +0530
@@ -0,0 +1,39 @@
+/*
+ * Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/**
+ * Try to get exec
+ *
+ * @test
+ * @security
+ * @option -scripting
+ */
+
+try {
+ var ans = `java -version`;
+ fail("should have thrown exception!");
+} catch (e) {
+ if (! (e instanceof java.lang.SecurityException)) {
+ fail("SecurityException expected, got " + e);
+ }
+}