Re: Issues running JAXP jtreg tests ("java.lang.RuntimePermission" "accessDeclaredMembers")

Tue, 22 Nov 2016 08:01:00 -0800 

On 22/11/16 14:51, Langer, Christoph wrote:

In that case, if we can't change testng, maybe the jaxp SecurityManager can 
allow testng to access the declared members without granting this to the testee 
code?


That's what I was prototyping.
The patch below seem to fix the issue - but it's a bit ugly.
(note I just tested it with XSLTFunctionsTest - you need to
 rm -r JT* after applying to the jaxp repo)

It might be less ugly if we had a system property set
by jtreg to point at <jtreg>/lib - as we could use that
to predict the code source location - but I don't think
we do.

-- daniel


diff --git 
a/test/javax/xml/jaxp/libs/jaxp/library/JAXPPolicyManager.java 
b/test/javax/xml/jaxp/libs/jaxp/library/JAXPPolicyManager.java

--- a/test/javax/xml/jaxp/libs/jaxp/library/JAXPPolicyManager.java
+++ b/test/javax/xml/jaxp/libs/jaxp/library/JAXPPolicyManager.java
@@ -23,6 +23,7 @@
 package jaxp.library;


+import java.net.URL;
 import java.security.CodeSource;
 import java.security.Permission;
 import java.security.PermissionCollection;
@@ -34,6 +35,7 @@
 import java.util.HashMap;
 import java.util.Map;
 import java.util.PropertyPermission;
+import java.util.Set;
 import java.util.StringJoiner;


@@ -163,6 +165,8 @@
  * JAXP concrete classes.
  */
 class TestPolicy extends Policy {
+    private final static Set<String> TEST_JARS =
+         Set.of("jtreg.jar", "javatest.jar", "testng.jar");
     private final PermissionCollection permissions = new Permissions();


     private ThreadLocal<Map<Integer, Permission>> transientPermissions 
= new ThreadLocal<>();

@@ -221,9 +225,30 @@

         if (permissions.implies(perm))
             return true;
-        else
+        else {
+            boolean before = allowAll();
+            String path = null;
+            try {

+                CodeSource cs = (domain == null) ? null : 
domain.getCodeSource();

+                URL loc = (cs == null) ? null : cs.getLocation();
+                path = (loc == null) ? null : loc.getPath();
+            } finally {
+                setAllowAll(before);
+            }
+            if (path != null && TEST_JARS.stream()
+                                .filter(path::endsWith)
+                                .findAny()
+                                .isPresent()) {
+                return true;
+            } else {
             return tmpImplies(perm);
     }
+        }
+    }
+
+
+

     /*

      * Add a temporary permission in current thread context. This 
won't impact































					Reply via email to