/hg/icedtea-web: Fixed reproducer affected by identificator in ....

jvanek at icedtea.classpath.org jvanek at icedtea.classpath.org
Fri Sep 4 07:05:20 UTC 2015 

changeset 815a192dab3b in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=815a192dab3b
author: Jiri Vanek <jvanek at redhat.com>
date: Fri Sep 04 09:05:07 2015 +0200

	Fixed reproducer affected by identificator in .appletTrustSettings

	* tests/reproducers/simple/FakeCodebase/testcases/FakeCodebaseTests.java: instead of checking number of lines in appletTrustSettings directly, now  reading this file via UnsignedAppletActionStorageImpl and using its data


diffstat:

 ChangeLog                                                              |   7 ++
 tests/reproducers/simple/FakeCodebase/testcases/FakeCodebaseTests.java |  27 +++++----
 2 files changed, 22 insertions(+), 12 deletions(-)

diffs (90 lines):

diff -r 5e17b80cbd8a -r 815a192dab3b ChangeLog
--- a/ChangeLog	Thu Sep 03 17:29:53 2015 +0200
+++ b/ChangeLog	Fri Sep 04 09:05:07 2015 +0200
@@ -1,3 +1,10 @@
+2015-09-04  Jiri Vanek  <jvanek at redhat.com>
+
+	Fixed reproducer affected by identificator in .appletTrustSettings 
+	* tests/reproducers/simple/FakeCodebase/testcases/FakeCodebaseTests.java:
+	instead of checking number of lines in appletTrustSettings directly, now
+	reading this file via UnsignedAppletActionStorageImpl and using its data
+
 2015-09-03  Jiri Vanek  <jvanek at redhat.com>
 
 		* netx/net/sourceforge/jnlp/resources/Messages_de.properties: removed all commented original sentences
diff -r 5e17b80cbd8a -r 815a192dab3b tests/reproducers/simple/FakeCodebase/testcases/FakeCodebaseTests.java
--- a/tests/reproducers/simple/FakeCodebase/testcases/FakeCodebaseTests.java	Thu Sep 03 17:29:53 2015 +0200
+++ b/tests/reproducers/simple/FakeCodebase/testcases/FakeCodebaseTests.java	Fri Sep 04 09:05:07 2015 +0200
@@ -37,6 +37,7 @@
 
 import java.io.File;
 import java.io.IOException;
+import java.lang.reflect.Method;
 import java.util.Arrays;
 import net.sourceforge.jnlp.OptionsDefinitions;
 import static org.junit.Assert.assertTrue;
@@ -56,9 +57,9 @@
 import net.sourceforge.jnlp.config.PathsAndFiles;
 import net.sourceforge.jnlp.runtime.ManifestAttributesChecker;
 import net.sourceforge.jnlp.security.appletextendedsecurity.AppletSecurityLevel;
+import net.sourceforge.jnlp.security.appletextendedsecurity.impl.UnsignedAppletActionStorageImpl;
 import net.sourceforge.jnlp.tools.DeploymentPropertiesModifier;
 import net.sourceforge.jnlp.util.FileUtils;
-import org.junit.After;
 import org.junit.AfterClass;
 import org.junit.Assert;
 import org.junit.BeforeClass;
@@ -128,9 +129,7 @@
             ProcessResult pr1 = server.executeBrowser("/" + ORIG_BASE, AutoClose.CLOSE_ON_CORRECT_END);
             assertTrue(pr1.stdout.contains(AutoOkClosingListener.MAGICAL_OK_CLOSING_STRING));
             //the record was added to .appletSecuritySettings
-            String s2 = FileUtils.loadFileAsString(PathsAndFiles.APPLET_TRUST_SETTINGS_USER.getFile()).trim();
-            String[] ss2 = s2.split("\n");
-            Assert.assertEquals(1, ss2.length);
+            assertRecordsCountInAppletTrustSettings(1);
             //create atacker
             String htmlin = FileUtils.loadFileAsString(new File(server.getDir(), HTMLIN + ".in"));
             //now change codebase to be same as ^ but launch applet from  evilServer1
@@ -149,9 +148,7 @@
             );
             //this  MUST ask for permissions to run, otherwise fail
             assertTrue(pr2.stdout.contains(AutoOkClosingListener.MAGICAL_OK_CLOSING_STRING));
-            String s1 = FileUtils.loadFileAsString(PathsAndFiles.APPLET_TRUST_SETTINGS_USER.getFile()).trim();
-            String[] ss1 = s1.split("\n");
-            Assert.assertEquals(2, ss1.length);
+            assertRecordsCountInAppletTrustSettings(2);
         } finally {
             dp.restoreProperties();
         }
@@ -206,8 +203,7 @@
             //the record was added to .appletSecuritySettings
             String s2 = FileUtils.loadFileAsString(PathsAndFiles.APPLET_TRUST_SETTINGS_USER.getFile()).trim();
             Assert.assertNotEquals("on codebase only, the file must not be stroed, stright save, it must be", codebase, s2.contains(JORIG_BASE));
-            String[] ss2 = s2.split("\n");
-            Assert.assertEquals(1, ss2.length);
+            assertRecordsCountInAppletTrustSettings(1);
             //create atacker
             String htmlin = FileUtils.loadFileAsString(new File(server.getDir(), JHTMLIN + ".in"));
             //now change codebase to be same as ^ but launch applet from  evilServer1
@@ -237,11 +233,18 @@
             String s1 = FileUtils.loadFileAsString(PathsAndFiles.APPLET_TRUST_SETTINGS_USER.getFile()).trim();
             Assert.assertNotEquals("on codebase only, the file must not be stroed, stright save, it must be", codebase, s1.contains(JHTMLIN));
             Assert.assertNotEquals("on codebase only, the file must not be stroed, stright save, it must be", codebase, s1.contains(JORIG_BASE));
-            String[] ss1 = s1.split("\n");
-            Assert.assertEquals(2, ss1.length);
+            assertRecordsCountInAppletTrustSettings(2);
         } finally {
             dp.restoreProperties();
         }
     }
-
+private void assertRecordsCountInAppletTrustSettings(int expected) throws Exception{
+     UnsignedAppletActionStorageImpl i1 = new UnsignedAppletActionStorageImpl(PathsAndFiles.APPLET_TRUST_SETTINGS_USER.getFile());
+      //i1.readContents();
+     Method readContents = UnsignedAppletActionStorageImpl.class.getDeclaredMethod("readContents");
+     readContents.setAccessible(true);
+     readContents.invoke(i1);
+     Assert.assertEquals(expected, i1.getMatchingItems(null, null, null).size());
+    
 }
+}

More information about the distro-pkg-dev mailing list