[rfc][icedtea-web] Reproducer for: Ignore invalid .jar files in applets
Jiri Vanek
jvanek at redhat.com
Fri Jun 15 00:33:35 PDT 2012
On 06/14/2012 09:26 PM, Adam Domurad wrote:
> Updated reproducer. Hopefully this one is good for HEAD ?
nn... You have avoid all my questions :)
Mainly - you have added killer threads, but you are never starting them.
I assume thats the reasdon why you still neeed timout in first thread. So start the killers and get
rid of timeout!
J.
>
> On Mon, 2012-06-04 at 10:42 +0200, Jiri Vanek wrote:
>> > On 06/01/2012 04:45 PM, Adam Domurad wrote:
>>> > > Here's is a reproducer for the previous patch (which still needs a
>>> > > reviewer btw).
>> > Thanx a lot for test! Few hint inline.
>> >
>>> > >
>>> > > ChangeLog:
>>> > > 2012-06-01 Adam Domurad<adomurad at redhat.com>
>>> > >
>>> > > *
>>> > > tests/jnlp_tests/simple/AppletReadsInvalidJar/resources/AppletReadsInvalidJar.html:
>>> > > *
>>> > > tests/jnlp_tests/simple/AppletReadsInvalidJar/resources/AppletReadsInvalidJar.jnlp:
>>> > > * tests/jnlp_tests/simple/AppletReadsInvalidJar/srcs/Valid.java:
>>> > > *
>>> > > tests/jnlp_tests/simple/AppletReadsInvalidJar/testcases/AppletReadsInvalidJarTests.java:
>>> > > Reproducer for checking behaviour of existing but invalid (corrupt,
>>> > > etc) jar files in .jnlp files (should fail) and applet tags (should be
>>> > > ignored)
>> >
>> > It is not clear whether the test should fail, or the test should pass with failure of application. See below for more comments on this topic.
>>> > >
>>> > > On Mon, 2012-05-28 at 16:23 -0400, Adam Domurad wrote:
>> >
>> > ...snip...
>> >
>>> > > +exception statement from your version.
>>> > > + */
>>> > > +public class Valid extends Applet {
>>> > > + @Override
>>> > > + public void init() {
>>> > > + System.out.println("Program Executed Correctly.");
>>> > > + }
>>> > > +}
>> >
>> > You do not need to create such a simple application each time, but you can reuse one of the existing. But for this case we can probably live with new one (depends on you)
>> >
>>> > > diff --git a/tests/jnlp_tests/simple/AppletReadsInvalidJar/testcases/AppletReadsInvalidJarTests.java b/tests/jnlp_tests/simple/AppletReadsInvalidJar/testcases/AppletReadsInvalidJarTests.java
>>> > > new file mode 100644
>> >
>> > ...snip...
>> >
>>> > > +
>>> > > + /*This SHOULD NOT execute the applet!*/
>>> > > + @Test
>>> > > + public void AppletJNLPTest() throws Exception {
>>> > > + long previous_timeout = ServerAccess.PROCESS_TIMEOUT;
>>> > > + /*This test should be short, so set to 2 seconds*/
>>> > > + ServerAccess.PROCESS_TIMEOUT = 2 * 1000;
>>> > > +
>>> > > + ServerAccess.ProcessResult pr = server.executeJavawsHeadless("/AppletReadsInvalidJar.jnlp");
>>> > > +
>>> > > + String s0 = "Program Executed Correctly.";
>>> > > + Assert.assertTrue("AppletTakesLastParam stdout should NOT contain " + s0 + ", but did (applet should not have ran!).", !pr.stdout.contains(s0));
>>> > > +
>>> > > + ServerAccess.PROCESS_TIMEOUT = previous_timeout;
>>> > > + }
>> >
>> > In this case you are launching applet in javaws. It will not launch application. Is this time outing necessary? If the applet in javaws is not laoded at all, then
>> > javaws should be terminated or not?
>> > Also there is small complex - applets should be launched_without_ hedaless, but if exception is launched in not-headless mode, then dialog-window keeps hanging n the air.
>> >
>> > If timeout is really necessary (killer thread is not enough I guess) then the restore of original one must be in finally block.
>> > Although to check the type of exception can be very handy.
>> >
>> > Last comment here - the issue is never going to be fixed (applet by jnlp) correct? In case that it should be fixed n some future, then this test should be failing (@KnownToFail)
>> >
>> >
>> >
>>> > > +
>>> > > + /*This SHOULD execute the applet!*/
>>> > > + @Test
>>> > > + public void AppletInFirefoxTest() throws Exception {
>>> > > + ServerAccess.ProcessResult pr = server.executeBrowser("/AppletReadsInvalidJar.html");
>>> > > +
>>> > > + String s0 = "Program Executed Correctly.";
>>> > > + Assert.assertTrue("AppletTakesLastParam stdout should contain " + s0 + " but did not.", pr.stdout.contains(s0));
>>> > > + }
>>> > > +}
>> >
>> > Tahnx for test again!
>> >
>> > J.
>> >
>
>
> ignore-invalid-jar-files-reproducers-updated.patch
>
>
> diff --git a/tests/jnlp_tests/simple/AppletReadsInvalidJar/resources/AppletReadsInvalidJar.html b/tests/jnlp_tests/simple/AppletReadsInvalidJar/resources/AppletReadsInvalidJar.html
> new file mode 100644
> --- /dev/null
> +++ b/tests/jnlp_tests/simple/AppletReadsInvalidJar/resources/AppletReadsInvalidJar.html
> @@ -0,0 +1,42 @@
> +<!--
> +
> +This file is part of IcedTea.
> +
> +IcedTea is free software; you can redistribute it and/or modify
> +it under the terms of the GNU General Public License as published by
> +the Free Software Foundation; either version 2, or (at your option)
> +any later version.
> +
> +IcedTea is distributed in the hope that it will be useful, but
> +WITHOUT ANY WARRANTY; without even the implied warranty of
> +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> +General Public License for more details.
> +
> +You should have received a copy of the GNU General Public License
> +along with IcedTea; see the file COPYING. If not, write to the
> +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
> +02110-1301 USA.
> +
> +Linking this library statically or dynamically with other modules is
> +making a combined work based on this library. Thus, the terms and
> +conditions of the GNU General Public License cover the whole
> +combination.
> +
> +As a special exception, the copyright holders of this library give you
> +permission to link this library with independent modules to produce an
> +executable, regardless of the license terms of these independent
> +modules, and to copy and distribute the resulting executable under
> +terms of your choice, provided that you also meet, for each linked
> +independent module, the terms and conditions of the license of that
> +module. An independent module is a module which is not derived from
> +or based on this library. If you modify this library, you may extend
> +this exception to your version of the library, but you are not
> +obligated to do so. If you do not wish to do so, delete this
> +exception statement from your version.
> +
> + -->
> +<html><head></head><body bgcolor="blue">
> +<p><applet code="Valid.class" archive="NOT_A_VALID_JAR.jar,AppletReadsInvalidJar.jar">
> +</applet></p>
> +</body>
> +</html>
> diff --git a/tests/jnlp_tests/simple/AppletReadsInvalidJar/resources/AppletReadsInvalidJar.jnlp b/tests/jnlp_tests/simple/AppletReadsInvalidJar/resources/AppletReadsInvalidJar.jnlp
> new file mode 100644
> --- /dev/null
> +++ b/tests/jnlp_tests/simple/AppletReadsInvalidJar/resources/AppletReadsInvalidJar.jnlp
> @@ -0,0 +1,62 @@
> +<!--
> +
> +This file is part of IcedTea.
> +
> +IcedTea is free software; you can redistribute it and/or modify
> +it under the terms of the GNU General Public License as published by
> +the Free Software Foundation; either version 2, or (at your option)
> +any later version.
> +
> +IcedTea is distributed in the hope that it will be useful, but
> +WITHOUT ANY WARRANTY; without even the implied warranty of
> +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> +General Public License for more details.
> +
> +You should have received a copy of the GNU General Public License
> +along with IcedTea; see the file COPYING. If not, write to the
> +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
> +02110-1301 USA.
> +
> +Linking this library statically or dynamically with other modules is
> +making a combined work based on this library. Thus, the terms and
> +conditions of the GNU General Public License cover the whole
> +combination.
> +
> +As a special exception, the copyright holders of this library give you
> +permission to link this library with independent modules to produce an
> +executable, regardless of the license terms of these independent
> +modules, and to copy and distribute the resulting executable under
> +terms of your choice, provided that you also meet, for each linked
> +independent module, the terms and conditions of the license of that
> +module. An independent module is a module which is not derived from
> +or based on this library. If you modify this library, you may extend
> +this exception to your version of the library, but you are not
> +obligated to do so. If you do not wish to do so, delete this
> +exception statement from your version.
> +
> + -->
> +<?xml version="1.0" encoding="utf-8"?>
> +<jnlp spec="1.0" href="AppletReadsInvalidJar.jnlp" codebase=".">
> +<information>
> +<title>AppletReadsInvalidJar</title>
> +<vendor>IcedTea</vendor>
> +<homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/>
> +<description>AppletTest</description>
> +<offline/>
> +</information>
> +<resources>
> +<j2se version="1.4+"/>
> +<jar href="NOT_A_VALID_JAR.jar"/>
> +<jar href="AppletReadsInvalidJar.jar"/>
> +</resources>
> +<applet-desc
> + documentBase="."
> + name="AppletReadsInvalidJar"
> + main-class="ValidHeadless"
> + width="100"
> + height="100">
> +</applet-desc>
> +</jnlp>
> +
> +
> +</applet-desc>
> diff --git a/tests/jnlp_tests/simple/AppletReadsInvalidJar/resources/NOT_A_VALID_JAR.jar b/tests/jnlp_tests/simple/AppletReadsInvalidJar/resources/NOT_A_VALID_JAR.jar
> new file mode 100644
> diff --git a/tests/jnlp_tests/simple/AppletReadsInvalidJar/srcs/Valid.java b/tests/jnlp_tests/simple/AppletReadsInvalidJar/srcs/Valid.java
> new file mode 100644
> --- /dev/null
> +++ b/tests/jnlp_tests/simple/AppletReadsInvalidJar/srcs/Valid.java
> @@ -0,0 +1,59 @@
> +import java.applet.Applet;
> +
> +/*
> +Copyright (C) 2011 Red Hat, Inc.
> +
> +This file is part of IcedTea.
> +
> +IcedTea is free software; you can redistribute it and/or
> +modify it under the terms of the GNU General Public License as published by
> +the Free Software Foundation, version 2.
> +
> +IcedTea is distributed in the hope that it will be useful,
> +but WITHOUT ANY WARRANTY; without even the implied warranty of
> +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> +General Public License for more details.
> +
> +You should have received a copy of the GNU General Public License
> +along with IcedTea; see the file COPYING. If not, write to
> +the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
> +02110-1301 USA.
> +
> +Linking this library statically or dynamically with other modules is
> +making a combined work based on this library. Thus, the terms and
> +conditions of the GNU General Public License cover the whole
> +combination.
> +
> +As a special exception, the copyright holders of this library give you
> +permission to link this library with independent modules to produce an
> +executable, regardless of the license terms of these independent
> +modules, and to copy and distribute the resulting executable under
> +terms of your choice, provided that you also meet, for each linked
> +independent module, the terms and conditions of the license of that
> +module. An independent module is a module which is not derived from
> +or based on this library. If you modify this library, you may extend
> +this exception to your version of the library, but you are not
> +obligated to do so. If you do not wish to do so, delete this
> +exception statement from your version.
> + */
> +public class Valid extends Applet {
> +
> + private class Killer extends Thread {
> + @Override
> + public void run() {
> + try {
> + int n = 2000;
> + Thread.sleep(n);
> + System.exit(0);
> + } catch (Exception ex) {
> + }
> + }
> + }
> +
> + private Killer killer = new Killer();
> +
> + @Override
> + public void init() {
> + System.out.println("Program Executed Correctly.");
> + }
> +}
> diff --git a/tests/jnlp_tests/simple/AppletReadsInvalidJar/srcs/ValidHeadless.java b/tests/jnlp_tests/simple/AppletReadsInvalidJar/srcs/ValidHeadless.java
> new file mode 100644
> --- /dev/null
> +++ b/tests/jnlp_tests/simple/AppletReadsInvalidJar/srcs/ValidHeadless.java
> @@ -0,0 +1,56 @@
> +/*
> +Copyright (C) 2011 Red Hat, Inc.
> +
> +This file is part of IcedTea.
> +
> +IcedTea is free software; you can redistribute it and/or
> +modify it under the terms of the GNU General Public License as published by
> +the Free Software Foundation, version 2.
> +
> +IcedTea is distributed in the hope that it will be useful,
> +but WITHOUT ANY WARRANTY; without even the implied warranty of
> +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> +General Public License for more details.
> +
> +You should have received a copy of the GNU General Public License
> +along with IcedTea; see the file COPYING. If not, write to
> +the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
> +02110-1301 USA.
> +
> +Linking this library statically or dynamically with other modules is
> +making a combined work based on this library. Thus, the terms and
> +conditions of the GNU General Public License cover the whole
> +combination.
> +
> +As a special exception, the copyright holders of this library give you
> +permission to link this library with independent modules to produce an
> +executable, regardless of the license terms of these independent
> +modules, and to copy and distribute the resulting executable under
> +terms of your choice, provided that you also meet, for each linked
> +independent module, the terms and conditions of the license of that
> +module. An independent module is a module which is not derived from
> +or based on this library. If you modify this library, you may extend
> +this exception to your version of the library, but you are not
> +obligated to do so. If you do not wish to do so, delete this
> +exception statement from your version.
> + */
> +public class ValidHeadless {
> +
> + private class Killer extends Thread {
> + @Override
> + public void run() {
> + try {
> + int n = 2000;
> + Thread.sleep(n);
> + System.exit(0);
> + } catch (Exception ex) {
> + }
> + }
> + }
> +
> + private Killer killer = new Killer();
> +
> + public static void main(String[] args){
> + System.out.println("Program Executed Correctly.");
> + }
> +}
> diff --git a/tests/jnlp_tests/simple/AppletReadsInvalidJar/testcases/AppletReadsInvalidJarTests.java b/tests/jnlp_tests/simple/AppletReadsInvalidJar/testcases/AppletReadsInvalidJarTests.java
> new file mode 100644
> --- /dev/null
> +++ b/tests/jnlp_tests/simple/AppletReadsInvalidJar/testcases/AppletReadsInvalidJarTests.java
> @@ -0,0 +1,76 @@
> +/* AppletReadsInvalidJarTests.java
> +Copyright (C) 2011 Red Hat, Inc.
> +
> +This file is part of IcedTea.
> +
> +IcedTea is free software; you can redistribute it and/or
> +modify it under the terms of the GNU General Public License as published by
> +the Free Software Foundation, version 2.
> +
> +IcedTea is distributed in the hope that it will be useful,
> +but WITHOUT ANY WARRANTY; without even the implied warranty of
> +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> +General Public License for more details.
> +
> +You should have received a copy of the GNU General Public License
> +along with IcedTea; see the file COPYING. If not, write to
> +the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
> +02110-1301 USA.
> +
> +Linking this library statically or dynamically with other modules is
> +making a combined work based on this library. Thus, the terms and
> +conditions of the GNU General Public License cover the whole
> +combination.
> +
> +As a special exception, the copyright holders of this library give you
> +permission to link this library with independent modules to produce an
> +executable, regardless of the license terms of these independent
> +modules, and to copy and distribute the resulting executable under
> +terms of your choice, provided that you also meet, for each linked
> +independent module, the terms and conditions of the license of that
> +module. An independent module is a module which is not derived from
> +or based on this library. If you modify this library, you may extend
> +this exception to your version of the library, but you are not
> +obligated to do so. If you do not wish to do so, delete this
> +exception statement from your version.
> + */
> +
> +import net.sourceforge.jnlp.ServerAccess;
> +import net.sourceforge.jnlp.ServerAccess.ProcessResult;
> +import net.sourceforge.jnlp.LaunchException;
> +import org.junit.Assert;
> +
> +import org.junit.Test;
> +
> +public class AppletReadsInvalidJarTests {
> +
> + private static ServerAccess server = new ServerAccess();
> +
> + /*This SHOULD NOT execute the applet!*/
> + @Test
> + public void AppletJNLPTest() throws Exception {
> + long previousTimeout = ServerAccess.PROCESS_TIMEOUT;
> + boolean exceptionOccurred = false;
> + try {
> + /*This test should be short, so set to 2 seconds*/
> + ServerAccess.PROCESS_TIMEOUT = 2 * 1000;
> + ServerAccess.ProcessResult pr = server.executeJavawsHeadless("/AppletReadsInvalidJar.jnlp");
> +
> + String s0 = "Program Executed Correctly.";
> + Assert.assertFalse("AppletReadsInvalidJar stdout should NOT contain " + s0 + ", but did (applet should not have ran!).", pr.stdout.contains(s0));
> + String s1 = "ZipException";
> + Assert.assertTrue("AppletReadsInvalidJar stderr should contain 'ZipException', but did not.", pr.stderr.contains(s1));
> + } finally {
> + ServerAccess.PROCESS_TIMEOUT = previousTimeout;
> + }
> + }
> +
> + /*This SHOULD execute the applet!*/
> + @Test
> + public void AppletInFirefoxTest() throws Exception {
> + ServerAccess.ProcessResult pr = server.executeBrowser("/AppletReadsInvalidJar.html");
> +
> + String s0 = "Program Executed Correctly.";
> + Assert.assertTrue("AppletReadsInvalidJar stdout should contain " + s0 + " but did not.", pr.stdout.contains(s0));
> + }
> +}
>
More information about the distro-pkg-dev
mailing list