You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@harmony.apache.org by "Mikhail Loenko (JIRA)" <ji...@apache.org> on 2006/03/01 12:23:44 UTC
[jira] Commented: (HARMONY-121) Stack overflow running security
manager test
[ http://issues.apache.org/jira/browse/HARMONY-121?page=comments#action_12368262 ]
Mikhail Loenko commented on HARMONY-121:
----------------------------------------
At the first call of custom SecurityManager.checkPermission() the classes required for permission check are not initialized.
Initialization of these classes (e.g. reading system properties or loading of the policy file) causes other permissions checks and thus falls into an infinite recursion.
I see the following way to fix the problem: Initialize Policy (e.g. call Policy.getPolicy()) at the first System.setSecurityManager call.
Currently IBM's System calls 's.checkPackageAccess("java.lang")' that might work well with some
security managers and don't work with others.
If all agree I'll submit a patch for both System and Policy.
> Stack overflow running security manager test
> --------------------------------------------
>
> Key: HARMONY-121
> URL: http://issues.apache.org/jira/browse/HARMONY-121
> Project: Harmony
> Type: Bug
> Components: Classlib
> Reporter: Tim Ellison
>
> The following test case runs ok on the reference impl.but fails with a stack overflow on Harmony code.
> private static class MySecurityManager extends SecurityManager {
> private static final RuntimePermission SET_MANAGER_PERMISSION =
> new RuntimePermission("setSecurityManager");
>
> public void checkPermission(Permission perm) {
> if (!perm.equals(SET_MANAGER_PERMISSION)) {
> super.checkPermission(perm);
> }
> }
> }
> public void test_getProperties() {
> System.setSecurityManager(new MySecurityManager());
> try {
> System.getProperties();
> } catch (SecurityException e) {
> // Expected
> } finally {
> System.setSecurityManager(null);
> }
> }
> The stack overflow is as follows:
> java.lang.StackOverflowError
> at java.util.PropertyPermission.equals(PropertyPermission.java:78)
> at org.apache.harmony.tests.java.lang.SecurityManagerTest$MySecurityManager.checkPermission(SecurityManagerTest.java:44)
> at java.lang.SecurityManager.checkPropertiesAccess(SecurityManager.java:343)
> at java.lang.System.getProperties(System.java:519)
> at org.apache.harmony.security.fortress.PolicyUtils$SystemKit.run(PolicyUtils.java:84)
> at java.security.AccessController.doPrivileged(AccessController.java:183)
> at org.apache.harmony.security.fortress.DefaultPolicy.refresh(DefaultPolicy.java:272)
> at org.apache.harmony.security.fortress.DefaultPolicy.getPermissions(DefaultPolicy.java:194)
> at java.security.Policy.implies(Policy.java:77)
> at java.security.ProtectionDomain.implies(ProtectionDomain.java:118)
> at java.security.AccessController.checkPermission(AccessController.java:88)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:704)
> at org.apache.harmony.tests.java.lang.SecurityManagerTest$MySecurityManager.checkPermission(SecurityManagerTest.java:45)
> at java.lang.SecurityManager.checkPropertiesAccess(SecurityManager.java:343)
> at java.lang.System.getProperties(System.java:519)
> at org.apache.harmony.security.fortress.PolicyUtils$SystemKit.run(PolicyUtils.java:84)
> at java.security.AccessController.doPrivileged(AccessController.java:183)
> at org.apache.harmony.security.fortress.DefaultPolicy.refresh(DefaultPolicy.java:272)
> at org.apache.harmony.security.fortress.DefaultPolicy.getPermissions(DefaultPolicy.java:194)
> at java.security.Policy.implies(Policy.java:77)
> at java.security.ProtectionDomain.implies(ProtectionDomain.java:118)
> at java.security.AccessController.checkPermission(AccessController.java:88)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:704)
> at org.apache.harmony.tests.java.lang.SecurityManagerTest$MySecurityManager.checkPermission(SecurityManagerTest.java:45)
> at java.lang.SecurityManager.checkPropertiesAccess(SecurityManager.java:343)
> at java.lang.System.getProperties(System.java:519)
> <snip>
> at org.apache.harmony.security.fortress.PolicyUtils$SystemKit.run(PolicyUtils.java:84)
> at java.security.AccessController.doPrivileged(AccessController.java:183)
> at org.apache.harmony.security.fortress.DefaultPolicy.refresh(DefaultPolicy.java:272)
> at org.apache.harmony.security.fortress.DefaultPolicy.getPermissions(DefaultPolicy.java:194)
> at java.security.Policy.implies(Policy.java:77)
> at java.security.ProtectionDomain.implies(ProtectionDomain.java:118)
> at java.security.AccessController.checkPermission(AccessController.java:88)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:704)
> at org.apache.harmony.tests.java.lang.SecurityManagerTest$MySecurityManager.checkPermission(SecurityManagerTest.java:45)
> at java.lang.SecurityManager.checkPropertiesAccess(SecurityManager.java:343)
> at java.lang.System.getProperties(System.java:519)
> at org.apache.harmony.security.fortress.PolicyUtils$SystemKit.run(PolicyUtils.java:84)
> at java.security.AccessController.doPrivileged(AccessController.java:183)
> at org.apache.harmony.security.fortress.DefaultPolicy.refresh(DefaultPolicy.java:272)
> at org.apache.harmony.security.fortress.DefaultPolicy.getPermissions(DefaultPolicy.java:194)
> at java.security.Policy.implies(Policy.java:77)
> at java.security.ProtectionDomain.implies(ProtectionDomain.java:118)
> at java.security.AccessController.checkPermission(AccessController.java:88)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:704)
> at org.apache.harmony.tests.java.lang.SecurityManagerTest$MySecurityManager.checkPermission(SecurityManagerTest.java:45)
> at java.lang.SecurityManager.checkPropertiesAccess(SecurityManager.java:343)
> at java.lang.System.getProperties(System.java:519)
> at org.apache.harmony.tests.java.lang.SecurityManagerTest.test_getProperties(SecurityManagerTest.java:53)
> at java.lang.reflect.AccessibleObject.invokeV(AccessibleObject.java:211)
> at java.lang.reflect.Method.invoke(Method.java:248)
> at junit.framework.TestCase.runTest(TestCase.java:154)
> at junit.framework.TestCase.runBare(TestCase.java:127)
> at junit.framework.TestResult$1.protect(TestResult.java:106)
> at junit.framework.TestResult.runProtected(TestResult.java:124)
> at junit.framework.TestResult.run(TestResult.java:109)
> at junit.framework.TestCase.run(TestCase.java:118)
> at junit.framework.TestSuite.runTest(TestSuite.java:208)
> at junit.framework.TestSuite.run(TestSuite.java:203)
> at junit.framework.TestSuite.runTest(TestSuite.java:208)
> at junit.framework.TestSuite.run(TestSuite.java:203)
> at junit.framework.TestSuite.runTest(TestSuite.java:208)
> at junit.framework.TestSuite.run(TestSuite.java:203)
> at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:478)
> at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:344)
> at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:196)
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira