Issues running JAXP jtreg tests ("java.lang.RuntimePermission" "accessDeclaredMembers")

Daniel Fuchs daniel.fuchs at oracle.com
Tue Nov 22 15:58:59 UTC 2016 

On 22/11/16 14:51, Langer, Christoph wrote:
> In that case, if we can't change testng, maybe the jaxp SecurityManager can allow testng to access the declared members without granting this to the testee code?

That's what I was prototyping.
The patch below seem to fix the issue - but it's a bit ugly.
(note I just tested it with XSLTFunctionsTest - you need to
  rm -r JT* after applying to the jaxp repo)

It might be less ugly if we had a system property set
by jtreg to point at <jtreg>/lib - as we could use that
to predict the code source location - but I don't think
we do.

-- daniel

diff --git 
a/test/javax/xml/jaxp/libs/jaxp/library/JAXPPolicyManager.java 
b/test/javax/xml/jaxp/libs/jaxp/library/JAXPPolicyManager.java
--- a/test/javax/xml/jaxp/libs/jaxp/library/JAXPPolicyManager.java
+++ b/test/javax/xml/jaxp/libs/jaxp/library/JAXPPolicyManager.java
@@ -23,6 +23,7 @@
  package jaxp.library;


+import java.net.URL;
  import java.security.CodeSource;
  import java.security.Permission;
  import java.security.PermissionCollection;
@@ -34,6 +35,7 @@
  import java.util.HashMap;
  import java.util.Map;
  import java.util.PropertyPermission;
+import java.util.Set;
  import java.util.StringJoiner;


@@ -163,6 +165,8 @@
   * JAXP concrete classes.
   */
  class TestPolicy extends Policy {
+    private final static Set<String> TEST_JARS =
+         Set.of("jtreg.jar", "javatest.jar", "testng.jar");
      private final PermissionCollection permissions = new Permissions();

      private ThreadLocal<Map<Integer, Permission>> transientPermissions 
= new ThreadLocal<>();
@@ -221,9 +225,30 @@

          if (permissions.implies(perm))
              return true;
-        else
+        else {
+            boolean before = allowAll();
+            String path = null;
+            try {
+                CodeSource cs = (domain == null) ? null : 
domain.getCodeSource();
+                URL loc = (cs == null) ? null : cs.getLocation();
+                path = (loc == null) ? null : loc.getPath();
+            } finally {
+                setAllowAll(before);
+            }
+            if (path != null && TEST_JARS.stream()
+                                .filter(path::endsWith)
+                                .findAny()
+                                .isPresent()) {
+                return true;
+            } else {
              return tmpImplies(perm);
      }
+        }
+    }
+
+
+

      /*
       * Add a temporary permission in current thread context. This 
won't impact

More information about the core-libs-dev mailing list