This is an automated email from the ASF dual-hosted git repository.
henrib pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/commons-jexl.git
The following commit(s) were added to refs/heads/master by this push:
new 9a04761e JEXL: fix JexlSandbox regression (detected through Java21);
9a04761e is described below
commit 9a04761ea1a8712bbffe98609eb35e7cf39e20fa
Author: Henrib <hbies...@gmail.com>
AuthorDate: Wed Aug 21 18:17:34 2024 +0200
JEXL: fix JexlSandbox regression (detected through Java21);
---
.../commons/jexl3/introspection/JexlSandbox.java | 28 +++++++++++++++++-----
.../commons/jexl3/introspection/SandboxTest.java | 18 +++++++-------
2 files changed, 31 insertions(+), 15 deletions(-)
diff --git
a/src/main/java/org/apache/commons/jexl3/introspection/JexlSandbox.java
b/src/main/java/org/apache/commons/jexl3/introspection/JexlSandbox.java
index 3ab8e32f..2ce5db98 100644
--- a/src/main/java/org/apache/commons/jexl3/introspection/JexlSandbox.java
+++ b/src/main/java/org/apache/commons/jexl3/introspection/JexlSandbox.java
@@ -262,6 +262,26 @@ public final class JexlSandbox {
return clazz == null ? BLOCK_ALL : compute(clazz);
}
+ private static Permissions inheritable(Permissions p) {
+ return p != null && p.isInheritable() ? p : null;
+ }
+
+ /**
+ * Find first inherited interface that defines permissions through
recursion.
+ * @param clazz the clazz
+ * @return the array of all its interfaces
+ */
+ private Permissions computeInterfaces(final Class<?> clazz) {
+ Permissions permissions = inheritable(sandbox.get(clazz.getName()));
+ if (permissions == null) {
+ final Class<?>[] interfaces = clazz.getInterfaces();
+ for (int i = 0; permissions == null && i < interfaces.length; ++i)
{
+ permissions = computeInterfaces(interfaces[i]);
+ }
+ }
+ return permissions;
+ }
+
/**
* Computes and optionally stores the permissions associated to a class.
*
@@ -273,9 +293,9 @@ public final class JexlSandbox {
if (permissions == null) {
if (inherit) {
// find first inherited interface that defines permissions
- Class<?>[] interfaces = clazz.getInterfaces();
+ final Class<?>[] interfaces = clazz.getInterfaces();
for (int i = 0; permissions == null && i < interfaces.length;
++i) {
- permissions =
inheritable(sandbox.get(interfaces[i].getName()));
+ permissions = computeInterfaces(interfaces[i]);
}
// nothing defined yet, find first superclass that defines
permissions
if (permissions == null) {
@@ -297,10 +317,6 @@ public final class JexlSandbox {
return permissions;
}
- private Permissions inheritable(Permissions p) {
- return p != null && p.isInheritable() ? p : null;
- }
-
/**
* Gets the set of permissions associated to a class.
*
diff --git
a/src/test/java/org/apache/commons/jexl3/introspection/SandboxTest.java
b/src/test/java/org/apache/commons/jexl3/introspection/SandboxTest.java
index 8f26f40f..17980c3b 100644
--- a/src/test/java/org/apache/commons/jexl3/introspection/SandboxTest.java
+++ b/src/test/java/org/apache/commons/jexl3/introspection/SandboxTest.java
@@ -355,7 +355,7 @@ public class SandboxTest extends JexlTestCase {
sandbox.permissions(SomeInterface.class.getName(), true, true, true,
true);
final JexlEngine sjexl = new
JexlBuilder().sandbox(sandbox).safe(false).strict(true).create();
final JexlScript someOp = sjexl.createScript("foo.bar()", "foo");
- assertEquals(42, someOp.execute(null, foo));
+ assertEquals(42, (int) someOp.execute(null, foo));
}
@Test
@@ -365,7 +365,7 @@ public class SandboxTest extends JexlTestCase {
sandbox.permissions(Foo386.class.getName(), true, true, true, true);
final JexlEngine sjexl = new
JexlBuilder().sandbox(sandbox).safe(false).strict(true).create();
final JexlScript someOp = sjexl.createScript("foo.bar()", "foo");
- assertEquals(-42, someOp.execute(null, foo));
+ assertEquals(-42, (int) someOp.execute(null, foo));
}
@Test
@@ -484,16 +484,16 @@ public class SandboxTest extends JexlTestCase {
final JexlScript get = sjexl.createScript("foo[x]", "foo", "x");
result = method.execute(ctxt, foo, "nothing");
- assertEquals(true, result);
+ assertTrue((boolean) result);
result = null;
- result = get.execute(null, foo, 0);
+ result = get.execute(null, foo, Integer.valueOf(0));
assertEquals("nothing", result);
result = null;
- result = set.execute(null, foo, 0, "42");
+ result = set.execute(null, foo, Integer.valueOf(0), "42");
assertEquals("42", result);
result = null;
- result = get.execute(null, foo, 0);
+ result = get.execute(null, foo, Integer.valueOf(0));
assertEquals("42", result);
}
@@ -508,10 +508,10 @@ public class SandboxTest extends JexlTestCase {
// sandbox.block(Foo.class.getName()).execute();
final JexlEngine sjexl = new
JexlBuilder().sandbox(sandbox).safe(false).strict(true).create();
final JexlScript someOp = sjexl.createScript("foo.someOp(y)", "foo",
"y");
- result = someOp.execute(ctxt, foo, 30);
- assertEquals(42, result);
+ result = someOp.execute(ctxt, foo, Integer.valueOf(30));
+ assertEquals(42, (int) result);
final JexlScript nonCallable =
sjexl.createScript("foo.nonCallable(y)", "foo", "y");
- assertThrows(JexlException.class, () -> nonCallable.execute(null, foo,
0));
+ assertThrows(JexlException.class, () -> nonCallable.execute(null, foo,
Integer.valueOf(0)));
}
@Test
