You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-commits@db.apache.org by mi...@apache.org on 2006/04/28 18:31:05 UTC
svn commit: r397945 - in /db/derby/code/branches/10.1/java:
engine/org/apache/derby/impl/store/raw/data/
testing/org/apache/derbyTesting/functionTests/tests/lang/
testing/org/apache/derbyTesting/functionTests/util/
Author: mikem
Date: Fri Apr 28 09:31:03 2006
New Revision: 397945
URL: http://svn.apache.org/viewcvs?rev=397945&view=rev
Log:
DERBY-616
backporting fix for DERBY-616 (svn 384282) from trunk into 10.1 branch,
targeted for upcoming 10.1.3 release.
original notes for fix:
o Added a missing privileged blocks for I/O call in StreamFileContainer.java ,
this class is used by the sort during index creation ..etc.
o Enabled some of the tests which were not running under security manager
earlier because of this bug to run by default with security manager.
o removed the additional permissions from the derby test policy file
that were added earlier to avoid this bug for some test cases.
Modified:
db/derby/code/branches/10.1/java/engine/org/apache/derby/impl/store/raw/data/StreamFileContainer.java
db/derby/code/branches/10.1/java/testing/org/apache/derbyTesting/functionTests/tests/lang/authorize_app.properties
db/derby/code/branches/10.1/java/testing/org/apache/derbyTesting/functionTests/tests/lang/wisconsin_app.properties
db/derby/code/branches/10.1/java/testing/org/apache/derbyTesting/functionTests/util/derby_tests.policy
Modified: db/derby/code/branches/10.1/java/engine/org/apache/derby/impl/store/raw/data/StreamFileContainer.java
URL: http://svn.apache.org/viewcvs/db/derby/code/branches/10.1/java/engine/org/apache/derby/impl/store/raw/data/StreamFileContainer.java?rev=397945&r1=397944&r2=397945&view=diff
==============================================================================
--- db/derby/code/branches/10.1/java/engine/org/apache/derby/impl/store/raw/data/StreamFileContainer.java (original)
+++ db/derby/code/branches/10.1/java/engine/org/apache/derby/impl/store/raw/data/StreamFileContainer.java Fri Apr 28 09:31:03 2006
@@ -57,6 +57,7 @@
import org.apache.derby.iapi.services.io.DynamicByteArrayOutputStream;
import org.apache.derby.iapi.services.io.LimitInputStream;
import org.apache.derby.iapi.services.property.PropertyUtil;
+import org.apache.derby.iapi.util.ReuseFactory;
import java.util.Properties;
import java.io.InputStream;
@@ -66,6 +67,10 @@
import java.io.EOFException;
import java.io.InvalidClassException;
import java.io.Externalizable;
+import java.security.AccessController;
+import java.security.PrivilegedExceptionAction;
+import java.security.PrivilegedActionException;
+import java.io.FileNotFoundException;
/**
@@ -84,7 +89,7 @@
**/
-public class StreamFileContainer implements TypedFormat
+public class StreamFileContainer implements TypedFormat, PrivilegedExceptionAction
{
/**************************************************************************
@@ -138,6 +143,17 @@
private byte[] zeroBytes; // in case encryption
// stream needs pad.
+
+ /* privileged actions */
+ private static final int STORAGE_FILE_EXISTS_ACTION = 1;
+ private static final int STORAGE_FILE_DELETE_ACTION = 2;
+ private static final int STORAGE_FILE_MKDIRS_ACTION = 3;
+ private static final int STORAGE_FILE_GET_OUTPUT_STREAM_ACTION = 4;
+ private static final int STORAGE_FILE_GET_INPUT_STREAM_ACTION = 5;
+ private int actionCode;
+ private StorageFile actionStorageFile;
+
+
/**************************************************************************
* Constructors for This class:
**************************************************************************
@@ -179,7 +195,7 @@
{
file = getFileName(identity, true, false);
- if (file.exists())
+ if (privExists(file))
{
// note I'm left in the no-identity state as fillInIdentity()
// hasn't been called.
@@ -226,14 +242,14 @@
{
file = getFileName(this.identity, false, true);
- if (!file.exists())
+ if (!privExists(file))
return null;
try
{
if (!forUpdate)
{
- fileIn = file.getInputStream();
+ fileIn = privGetInputStream(file);
if (dataFactory.databaseEncrypted())
{
@@ -459,7 +475,7 @@
try
{
- fileOut = file.getOutputStream();
+ fileOut = privGetOutputStream(file);
FormatableBitSet validColumns = rowSource.getValidColumns();
@@ -966,9 +982,9 @@
{
close();
- if (file.exists())
+ if (privExists(file))
{
- return file.delete();
+ return privDelete(file);
}
else
{
@@ -1005,7 +1021,7 @@
StorageFile container = dataFactory.getContainerPath( identity, false);
- if (!container.exists())
+ if (!privExists(container))
{
if (!forCreate)
@@ -1013,14 +1029,14 @@
StorageFile directory = container.getParentDir();
- if (!directory.exists())
+ if (!privExists(directory))
{
// make sure only 1 thread can create a segment at one time
synchronized(dataFactory)
{
- if (!directory.exists())
+ if (!privExists(directory))
{
- if (!directory.mkdirs())
+ if (!privMkdirs(directory))
{
if (errorOK)
return null;
@@ -1036,4 +1052,132 @@
return container;
}
}
+
+
+
+
+ private synchronized boolean privExists(StorageFile file)
+ {
+ actionCode = STORAGE_FILE_EXISTS_ACTION;
+ actionStorageFile = file;
+
+ try
+ {
+ Object ret = AccessController.doPrivileged( this);
+ return ((Boolean) ret).booleanValue();
+ }catch( PrivilegedActionException pae)
+ {
+ // method executed under this priveleged block
+ // does not throw an exception
+ return false;
+ }
+ finally
+ {
+ actionStorageFile = null;
+ }
+ }
+
+ private synchronized boolean privMkdirs(StorageFile file)
+ {
+ actionCode = STORAGE_FILE_MKDIRS_ACTION;
+ actionStorageFile = file;
+
+ try
+ {
+ Object ret = AccessController.doPrivileged( this);
+ return ((Boolean) ret).booleanValue();
+ }catch( PrivilegedActionException pae)
+ {
+ // method executed under this priveleged block
+ // does not throw an exception
+ return false;
+ }
+ finally
+ {
+ actionStorageFile = null;
+ }
+ }
+
+
+ private synchronized boolean privDelete(StorageFile file)
+ {
+ actionCode = STORAGE_FILE_DELETE_ACTION;
+ actionStorageFile = file;
+
+ try
+ {
+ Object ret = AccessController.doPrivileged( this);
+ return ((Boolean) ret).booleanValue();
+ }catch( PrivilegedActionException pae)
+ {
+ // method executed under this priveleged block
+ // does not throw an exception
+ return false;
+ }
+ finally
+ {
+ actionStorageFile = null;
+ }
+ }
+
+ private synchronized OutputStream privGetOutputStream(StorageFile file)
+ throws FileNotFoundException
+ {
+ actionCode = STORAGE_FILE_GET_OUTPUT_STREAM_ACTION;
+ actionStorageFile = file;
+
+ try
+ {
+ return (OutputStream) AccessController.doPrivileged( this);
+ }catch( PrivilegedActionException pae)
+ {
+ throw (FileNotFoundException)pae.getException();
+ }
+ finally
+ {
+ actionStorageFile = null;
+ }
+ }
+
+
+ private synchronized InputStream privGetInputStream(StorageFile file)
+ throws FileNotFoundException
+ {
+ actionCode = STORAGE_FILE_GET_INPUT_STREAM_ACTION;
+ actionStorageFile = file;
+
+ try
+ {
+ return (InputStream) AccessController.doPrivileged( this);
+ }catch( PrivilegedActionException pae)
+ {
+ throw (FileNotFoundException)pae.getException();
+ }
+ finally
+ {
+ actionStorageFile = null;
+ }
+ }
+
+
+ // PrivilegedAction method
+ public Object run() throws FileNotFoundException
+ {
+ switch(actionCode)
+ {
+ case STORAGE_FILE_EXISTS_ACTION:
+ return ReuseFactory.getBoolean(actionStorageFile.exists());
+ case STORAGE_FILE_DELETE_ACTION:
+ return ReuseFactory.getBoolean(actionStorageFile.delete());
+ case STORAGE_FILE_MKDIRS_ACTION:
+ return ReuseFactory.getBoolean(actionStorageFile.mkdirs());
+ case STORAGE_FILE_GET_OUTPUT_STREAM_ACTION:
+ return actionStorageFile.getOutputStream();
+ case STORAGE_FILE_GET_INPUT_STREAM_ACTION:
+ return actionStorageFile.getInputStream();
+ }
+
+ return null;
+ }
+
}
Modified: db/derby/code/branches/10.1/java/testing/org/apache/derbyTesting/functionTests/tests/lang/authorize_app.properties
URL: http://svn.apache.org/viewcvs/db/derby/code/branches/10.1/java/testing/org/apache/derbyTesting/functionTests/tests/lang/authorize_app.properties?rev=397945&r1=397944&r2=397945&view=diff
==============================================================================
--- db/derby/code/branches/10.1/java/testing/org/apache/derbyTesting/functionTests/tests/lang/authorize_app.properties (original)
+++ db/derby/code/branches/10.1/java/testing/org/apache/derbyTesting/functionTests/tests/lang/authorize_app.properties Fri Apr 28 09:31:03 2006
@@ -5,4 +5,9 @@
useextdirs=true
#Exclude for J2ME/Foundation - test requires java.sql.DriverManager
-runwithfoundation=false
\ No newline at end of file
+runwithfoundation=false=======
+#Exclude for J2ME/Foundation for now - test uses server-side JDBC
+runwithfoundation=false
+
+# Test fails with security manager due to bug DEBRY-537
+noSecurityManager=true
Modified: db/derby/code/branches/10.1/java/testing/org/apache/derbyTesting/functionTests/tests/lang/wisconsin_app.properties
URL: http://svn.apache.org/viewcvs/db/derby/code/branches/10.1/java/testing/org/apache/derbyTesting/functionTests/tests/lang/wisconsin_app.properties?rev=397945&r1=397944&r2=397945&view=diff
==============================================================================
--- db/derby/code/branches/10.1/java/testing/org/apache/derbyTesting/functionTests/tests/lang/wisconsin_app.properties (original)
+++ db/derby/code/branches/10.1/java/testing/org/apache/derbyTesting/functionTests/tests/lang/wisconsin_app.properties Fri Apr 28 09:31:03 2006
@@ -15,5 +15,4 @@
usedefaults=true
-#Exclude for J2ME/Foundation - test requires java.math.BigDecimal
-runwithfoundation=false
\ No newline at end of file
+supportfiles=tests/lang/wisc_setup.sql
Modified: db/derby/code/branches/10.1/java/testing/org/apache/derbyTesting/functionTests/util/derby_tests.policy
URL: http://svn.apache.org/viewcvs/db/derby/code/branches/10.1/java/testing/org/apache/derbyTesting/functionTests/util/derby_tests.policy?rev=397945&r1=397944&r2=397945&view=diff
==============================================================================
--- db/derby/code/branches/10.1/java/testing/org/apache/derbyTesting/functionTests/util/derby_tests.policy (original)
+++ db/derby/code/branches/10.1/java/testing/org/apache/derbyTesting/functionTests/util/derby_tests.policy Fri Apr 28 09:31:03 2006
@@ -56,9 +56,6 @@
// BUG DERBY-622 derbynet/sysinfo.java
permission java.io.FilePermission "${csinfo.codedir}${/}*", "read";
- // BUG DERBY-616 lang/wisconsin.sql & jdbcapi/maxfieldsize.java
- permission java.io.FilePermission "${derby.system.home}${/}wombat${/}tmp${/}-", "read, write, delete";
-
// BUG DERBY-623 - sane=true
permission java.util.PropertyPermission "derby.monitor.verbose", "read";
permission java.util.PropertyPermission "derby.debug.*", "read";