Issues running JAXP jtreg tests ("java.lang.RuntimePermission" "accessDeclaredMembers")

Tue Nov 22 19:27:43 UTC 2016

On Tue, Nov 22, 2016 at 8:08 PM, Joe Wang <huizhe.wang at oracle.com> wrote:
> Daniel, you're awesome!  This could have potentially been a frustration to
> anyone with a newer testng, as Christoph and Volker have experienced. This
> issue really needs to be fixed immediately :-)
>

And Oracle should try to use the same tools versions as the community :)
As mentioned earlier in this thread, nobody can currently build jtreg
with testng 6.9.5 as described on the jtreg page :(

> Joe
>
>
> On 11/22/16, 7:58 AM, Daniel Fuchs wrote:
>>
>> On 22/11/16 14:51, Langer, Christoph wrote:
>>>
>>> In that case, if we can't change testng, maybe the jaxp SecurityManager
>>> can allow testng to access the declared members without granting this to the
>>> testee code?
>>
>>
>> That's what I was prototyping.
>> The patch below seem to fix the issue - but it's a bit ugly.
>> (note I just tested it with XSLTFunctionsTest - you need to
>>  rm -r JT* after applying to the jaxp repo)
>>
>> It might be less ugly if we had a system property set
>> by jtreg to point at <jtreg>/lib - as we could use that
>> to predict the code source location - but I don't think
>> we do.
>>
>> -- daniel
>>
>> diff --git a/test/javax/xml/jaxp/libs/jaxp/library/JAXPPolicyManager.java
>> b/test/javax/xml/jaxp/libs/jaxp/library/JAXPPolicyManager.java
>> --- a/test/javax/xml/jaxp/libs/jaxp/library/JAXPPolicyManager.java
>> +++ b/test/javax/xml/jaxp/libs/jaxp/library/JAXPPolicyManager.java
>> @@ -23,6 +23,7 @@
>>  package jaxp.library;
>>
>>
>> +import java.net.URL;
>>  import java.security.CodeSource;
>>  import java.security.Permission;
>>  import java.security.PermissionCollection;
>> @@ -34,6 +35,7 @@
>>  import java.util.HashMap;
>>  import java.util.Map;
>>  import java.util.PropertyPermission;
>> +import java.util.Set;
>>  import java.util.StringJoiner;
>>
>>
>> @@ -163,6 +165,8 @@
>>   * JAXP concrete classes.
>>   */
>>  class TestPolicy extends Policy {
>> +    private final static Set<String> TEST_JARS =
>> +         Set.of("jtreg.jar", "javatest.jar", "testng.jar");
>>      private final PermissionCollection permissions = new Permissions();
>>
>>      private ThreadLocal<Map<Integer, Permission>> transientPermissions =
>> new ThreadLocal<>();
>> @@ -221,9 +225,30 @@
>>
>>          if (permissions.implies(perm))
>>              return true;
>> -        else
>> +        else {
>> +            boolean before = allowAll();
>> +            String path = null;
>> +            try {
>> +                CodeSource cs = (domain == null) ? null :
>> domain.getCodeSource();
>> +                URL loc = (cs == null) ? null : cs.getLocation();
>> +                path = (loc == null) ? null : loc.getPath();
>> +            } finally {
>> +                setAllowAll(before);
>> +            }
>> +            if (path != null && TEST_JARS.stream()
>> +                                .filter(path::endsWith)
>> +                                .findAny()
>> +                                .isPresent()) {
>> +                return true;
>> +            } else {
>>              return tmpImplies(perm);
>>      }
>> +        }
>> +    }
>> +
>> +
>> +
>>
>>      /*
>>       * Add a temporary permission in current thread context. This won't
>> impact
>>
>