You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@commons.apache.org by "Ian Connor (JIRA)" <ji...@apache.org> on 2014/08/08 17:29:12 UTC

[jira] [Comment Edited] (JEXL-145) Incorrect test case in SandboxTest

    [ https://issues.apache.org/jira/browse/JEXL-145?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14090869#comment-14090869 ] 

Ian Connor edited comment on JEXL-145 at 8/8/14 3:28 PM:
---------------------------------------------------------

A potential fix is to replace code of the format
{noformat}
String actual = sandbox.execute(obj.getClass().getName(), method);
{noformat}
with
{noformat}
String objClassName = (obj instanceof Class) ? ((Class<?>)obj).getName() : obj.getClass().getName();
String actual = sandbox.execute(objClassName, method);
{noformat}


was (Author: ianc):
A potential fix is to replace code of the format
{{
String actual = sandbox.execute(obj.getClass().getName(), method);
}}
with
{{
String objClassName = (obj instanceof Class) ? ((Class<?>)obj).getName() : obj.getClass().getName();
String actual = sandbox.execute(objClassName, method);
}}

> Incorrect test case in SandboxTest
> ----------------------------------
>
>                 Key: JEXL-145
>                 URL: https://issues.apache.org/jira/browse/JEXL-145
>             Project: Commons JEXL
>          Issue Type: Bug
>    Affects Versions: 2.1.1
>         Environment: JDK 1.7.0_45
>            Reporter: Ian Connor
>
> Whilst debugging blacklisting of static functions using the Sandbox class and unable to get it to work I checked the testcase SandboxTest. I subsequently found that the test of System.exit() in testRestrict() passes not because System.currentTimeMillis() is whitelisted but because of a signature mismatch i.e System.exit() requires an int parameter. Changing the expression to System.exit(1) causes the test to end prematruely due to exit() being called.
> The white listing fails in SandboxUberspectImpl.getMethod() because obj is a Class and getClass().getName() returns "java.lang.Class" which doesn't match "java.lang.System" as specified in SandboxTest.testRestrict().



--
This message was sent by Atlassian JIRA
(v6.2#6252)