Skip to content
Permalink
Browse files

[JENKINS-49027] Better report JEP-200 violations in Remoting (#247)

* [JENKINS-49027] Better report JEP-200 violations in Remoting.

* Updated test to look for nested causes.
  • Loading branch information
jglick authored and oleg-nenashev committed Jan 30, 2018
1 parent f266511 commit 9e6472fbffaf7fc84dd84395725f2db404260def
@@ -47,7 +47,6 @@
import java.lang.ref.WeakReference;
import java.net.URL;
import java.util.Collections;
import java.util.HashMap;
import java.util.Date;
import java.util.Hashtable;
import java.util.Locale;
@@ -910,13 +909,11 @@ V call(Callable<V,T> callable) throws IOException, T, InterruptedException {

// re-wrap the exception so that we can capture the stack trace of the caller.
} catch (ClassNotFoundException e) {
IOException x = new IOException("Remote call on "+name+" failed");
x.initCause(e);
throw x;
throw new IOException("Remote call on " + name + " failed", e);
} catch (Error e) {
IOException x = new IOException("Remote call on "+name+" failed");
x.initCause(e);
throw x;
throw new IOException("Remote call on " + name + " failed", e);
} catch (SecurityException e) {
throw new IOException("Failed to deserialize response to " + request + ": " + e, e);
} finally {
// since this is synchronous operation, when the round trip is over
// we assume all the exported objects are out of scope.
@@ -60,8 +60,9 @@ public boolean isBlacklisted(@Nonnull Class c) {
* @throws SecurityException if it is blacklisted
*/
public final String check(String name) {
if (isBlacklisted(name))
throw new SecurityException("Rejected: " +name);
if (isBlacklisted(name)) {
throw new SecurityException("Rejected: " + name + "; see https://jenkins.io/redirect/class-filter/");
}
return name;
}

@@ -71,8 +72,9 @@ public final String check(String name) {
* @throws SecurityException if it is blacklisted
*/
public final Class check(Class c) {
if (isBlacklisted(c))
throw new SecurityException("Rejected: " +c.getName());
if (isBlacklisted(c)) {
throw new SecurityException("Rejected: " + c.getName() + "; see https://jenkins.io/redirect/class-filter/");
}
return c;
}

@@ -62,11 +62,20 @@ public void testBlacklisting() throws Exception {
try {
channel.call(new ReverseGunImporter());
fail("should have failed");
} catch (SecurityException e) {
assertEquals("Rejecting "+GunImporter.class.getName(),e.getMessage());
} catch (Exception e) {
assertEquals("Rejecting "+GunImporter.class.getName(), findSecurityException(e).getMessage());
// e.printStackTrace();
}
}
private static SecurityException findSecurityException(Throwable x) {
if (x instanceof SecurityException) {
return (SecurityException) x;
} else if (x == null) {
throw new AssertionError("no SecurityException detected");
} else {
return findSecurityException(x.getCause());
}
}

/*
Option 1:

0 comments on commit 9e6472f

Please sign in to comment.
You can’t perform that action at this time.