[rfc][icedtea-web] Fix for PR1198, JSObject passed incorrectly to Javascript

Jiri Vanek jvanek at redhat.com
Mon Jan 7 06:53:01 PST 2013 

On 01/04/2013 06:19 PM, Adam Domurad wrote:
> On 01/04/2013 04:43 AM, Jiri Vanek wrote:
>> On 12/03/2012 08:03 PM, Adam Domurad wrote:
>>> On 11/30/2012 04:08 PM, Adam Domurad wrote:
>>>> Hi all. Attached is a fix for PR1198.
>>>>
>>>> I still plan to write unit tests for at least the new method
>>>> PluginAppletViewer.toObjectIDString, but I wanted to get this out before leaving for the weekend.
>>>>
>>>> One tricky thing with this patch was that it had to consolidate _a lot_ of duplicated
>>>> functionality (actually I found some subtle differences in handling, this should be more
>>>> consistent). Once that was done the actual patch was fairly straight forward.
>>>>
>>>> The basic issue was that JSObject was being passed as if it were a normal Java object, when the
>>>> liveconnect spec specifies that it should be returned as the underlying javascript object.
>>>>
>>>> A method was added to JSObject to get the underlying reference. This was kept package-private to
>>>> not pollute its public interface. As well, a new permission was added for accessing this method.
>>>> To access this outside of the package, a utility was created in JSUtil.
>>>>
>>>> This patch adds a special case to Java->JS communication when sending objects, to indicate that
>>>> a Javascript object is being passed.
>>>>
>>>> With patch applied, JSObjectFromEval should pass in all browsers.
>>>>
>>>> 2012-11-30  Adam Domurad <adomurad at redhat.com>
>>>>
>>>>     Fix PR1198: JSObject passed incorrectly to Javascript
>>>>     * plugin/icedteanp/IcedTeaJavaRequestProcessor.cc: Pass extra data for
>>>>     'jsobject' object result messages.
>>>>     * plugin/icedteanp/IcedTeaPluginRequestProcessor.cc: Same.
>>>>     * plugin/icedteanp/IcedTeaPluginUtils.cc: Add special casing of
>>>>     javascript references passed from java.
>>>>     * plugin/icedteanp/java/netscape/javascript/JSObjectUnboxPermission.java:
>>>>     New permission for unboxing a JSObject's internal reference.
>>>>     * plugin/icedteanp/java/netscape/javascript/JSObject.java
>>>>     (getInternalReference): New, package-private, retrieves internal
>>>>     reference (Must have proper permission).
>>>>     * plugin/icedteanp/java/netscape/javascript/JSUtil.java
>>>>     (getJSObjectInternalReference) New, utility for accessing
>>>>     JSObject#getInternalReference from outside the package.
>>>>     * plugin/icedteanp/java/sun/applet/PluginAppletSecurityContext.java:
>>>>     (toObjectIDString): New, creates a string that precisely identifies a
>>>>     Java object.
>>>>     (handleMessage): Replace a lot of duplicated functionality with
>>>>     'toObjectIDString'.
>>>>     * plugin/icedteanp/java/sun/applet/PluginAppletViewer.java: Replace
>>>>     duplicated functionality with 'toObjectIDString'.
>>>>     * tests/reproducers/simple/JSObjectFromEval/srcs/JSObjectFromEval.java:
>>>>     Don't print out type passed (differs from browser to browser).
>>>>     * tests/reproducers/simple/JSObjectFromEval/testcases/JSObjectFromEvalTest.java:
>>>>     Don't check type passed (differs from browser to browser). Remove
>>>>     known-to-fail. Reformat.
>>>
>>> As promised attached is the unit-test for the newly introduced Java->JS function (which
>>> encapsulates logic that was duplicated in many areas)
>>>
>>> Note that this patch contains a Makefile patch for unit testing sun.applet package, however this
>>> will be committed with another now-approved patch so I have left it out of the ChangeLog.
>>>
>>> ChangeLog:
>>> 2012-12-XX  Adam Domurad <adomurad at redhat.com>
>>>
>>>      Unit test for PluginAppletSecurityContext#toObjectIDString. Make
>>>      PluginAppletSecurityContext more unit-testable.
>>>      * plugin/icedteanp/java/sun/applet/PluginAppletSecurityContext.java:
>>>      Don't initialize security manager in constructor. Fix a few Java->JS
>>>      corner cases.
>>>      * plugin/icedteanp/java/sun/applet/PluginMain.java: Initialize
>>>      SecurityManager before creating PluginAppletSecurityContext.
>>>      * tests/netx/unit/sun/applet/PluginAppletSecurityContextTest.java:
>>>      Unit test for all the corner cases of converting a Java object to a
>>>      string that can be precisely identified.
>>>
>>> Happy hacking,
>>> -Adam
>>>
>>>
>>
>> Tests first. A lot of questions....
>>
>>> jsfix-unittest.patch
>>>
>>>
>>> diff --git a/Makefile.am b/Makefile.am
>>> --- a/Makefile.am
...
>>> -
>>> -        JNLPRuntime.disableExit();
>>> -
>>
>> Can't the moving of this initiliazaton cause some hole?
>
> This code is invoked exactly once, and I figured this type of thing shouldn't be in a constructor.
> It was causing problems for my unit tests because of the security manager it installed. A different
> solution is welcome.
> The problem is I need access to PluginAppletSecurityContext #toObjectIDString. It requires a
> security context instance. IMO this is an indicator that this class 'does too much' (a class called
> SecurityContext handling all the liveconnect logic??).
> If you feel I should do it, I can move liveconnect logic into a different class and then testing
> will be fine.

I understood why you did it, I wanted to ensure you know what you are doing :)
I completely agree that with this class doing to much. Some refactoring is possible as another 
changeset. But I'm for it (although not understanding all possible security impacts).

>> What corner cases it fixed? Can't they be fixed by better way?
>> Anyway - it should be in different changeset.
>>
>>>           URL u = null;
>>>           try {
>>>               u = new URL("file://");
>>> @@ -348,16 +337,16 @@ public class PluginAppletSecurityContext
>>>        */
>>>       public String toObjectIDString(Object obj, Class<?> type, boolean unboxPrimitives) {
>>>
>>> +        /* Void (can occur from declared return type), pass special "void" string: */
>>> +        if (type == Void.TYPE) {
>>> +            return "literalreturn void";
>>> +        }
>>> +
>>>           /* Null, pass special "null" string: */
>>>           if (obj == null) {
>>>               return "literalreturn null";
>>>           }
>>>
>>> -        /* Void (can occur from declared return type), pass special "void" string: */
>>> -        if (type == Void.TYPE) {
>>> -            return "literalreturn void";
>>> -        }
>>> -
>>>           /* Primitive, accurately represented by its toString() form: */
>>>           boolean returnAsString = ( type == Boolean.TYPE
>>>                                   || type == Byte.TYPE
>>> @@ -378,7 +367,7 @@ public class PluginAppletSecurityContext
>>>
>>>           /* Floating point number, we ensure we give enough precision: */
>>>           if ( type == Float.TYPE || type == Double.TYPE ||
>>> -                ( unboxPrimitives&&  (type == Double.class || type == Double.class) )) {
>>> +                ( unboxPrimitives&&  (type == Float.class || type == Double.class) )) {
>>
>> Why this? Also Shouldn't it be  in different changeset?
>
> I will move this into the fix itself, they were bugs discovered during unit testing :-)
>
> [.. rest snipped..]
Isn't missing updated  junit patch here?

Thanx for looking into it.
J.

More information about the distro-pkg-dev mailing list