Author: peter_firmstone Date: Sun May 26 11:10:57 2013 New Revision: 1486408
URL: http://svn.apache.org/r1486408 Log: River-420 Fixes for unsafe publication by exporting during construction. Ensure export is performed with construction context (AccessControlContext) in RemoteListener. Add shutdown exception handling to NonActivatableGroupAdmin and Pipe to clean up if setup fails. Modified: river/jtsk/skunk/qa_refactor/trunk/qa/src/com/sun/jini/qa/harness/NonActivatableGroupAdmin.java river/jtsk/skunk/qa_refactor/trunk/qa/src/com/sun/jini/qa/harness/Pipe.java river/jtsk/skunk/qa_refactor/trunk/qa/src/com/sun/jini/test/share/RemoteListener.java Modified: river/jtsk/skunk/qa_refactor/trunk/qa/src/com/sun/jini/qa/harness/NonActivatableGroupAdmin.java URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa_refactor/trunk/qa/src/com/sun/jini/qa/harness/NonActivatableGroupAdmin.java?rev=1486408&r1=1486407&r2=1486408&view=diff ============================================================================== --- river/jtsk/skunk/qa_refactor/trunk/qa/src/com/sun/jini/qa/harness/NonActivatableGroupAdmin.java (original) +++ river/jtsk/skunk/qa_refactor/trunk/qa/src/com/sun/jini/qa/harness/NonActivatableGroupAdmin.java Sun May 26 11:10:57 2013 @@ -157,6 +157,7 @@ public class NonActivatableGroupAdmin ex "NonActivatableGroup exec command line: '" + cmdBuf + "'"); logServiceParameters(); + ObjectInputStream proxyStream = null; // exec the process, setup the pipe, and get the proxy try { process = Runtime.getRuntime().exec(cmdArray); @@ -166,14 +167,29 @@ public class NonActivatableGroupAdmin ex null, //filter new NonActGrpAnnotator("NonActGrp-out: ")); outPipe.start(); - ObjectInputStream proxyStream = - new ObjectInputStream(process.getErrorStream()); + proxyStream = new ObjectInputStream(process.getErrorStream()); proxy = (NonActivatableGroup) ((MarshalledObject) proxyStream.readObject()).get(); - } catch (IOException e) { + } catch (IOException e) { + // Clean up. + process.destroy(); + try { + outPipe.stop(); + } catch (IOException ex){ }//Ignore + try { + if (proxyStream != null) proxyStream.close(); + } catch (IOException ex){ } // Ignore. throw new TestException("NonActivatableGroupAdmin: Failed to exec " + "the group", e); } catch (ClassNotFoundException e) { + // Clean up. + process.destroy(); + try { + outPipe.stop(); + } catch (IOException ex){ }//Ignore + try { + if (proxyStream != null) proxyStream.close(); + } catch (IOException ex){ } // Ignore. throw new TestException("NonActivatableGroupAdmin: Failed to exec " + "the group", e); } Modified: river/jtsk/skunk/qa_refactor/trunk/qa/src/com/sun/jini/qa/harness/Pipe.java URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa_refactor/trunk/qa/src/com/sun/jini/qa/harness/Pipe.java?rev=1486408&r1=1486407&r2=1486408&view=diff ============================================================================== --- river/jtsk/skunk/qa_refactor/trunk/qa/src/com/sun/jini/qa/harness/Pipe.java (original) +++ river/jtsk/skunk/qa_refactor/trunk/qa/src/com/sun/jini/qa/harness/Pipe.java Sun May 26 11:10:57 2013 @@ -89,6 +89,12 @@ class Pipe implements Runnable { void start(){ outThread.start(); } + + void stop() throws IOException{ + outThread.interrupt(); + in.close(); + stream.close(); + } /** * Wait until the run method terminates due to reading EOF on input Modified: river/jtsk/skunk/qa_refactor/trunk/qa/src/com/sun/jini/test/share/RemoteListener.java URL: http://svn.apache.org/viewvc/river/jtsk/skunk/qa_refactor/trunk/qa/src/com/sun/jini/test/share/RemoteListener.java?rev=1486408&r1=1486407&r2=1486408&view=diff ============================================================================== --- river/jtsk/skunk/qa_refactor/trunk/qa/src/com/sun/jini/test/share/RemoteListener.java (original) +++ river/jtsk/skunk/qa_refactor/trunk/qa/src/com/sun/jini/test/share/RemoteListener.java Sun May 26 11:10:57 2013 @@ -32,6 +32,10 @@ import java.io.ObjectStreamException; import java.io.Serializable; import java.io.WriteAbortedException; import java.rmi.server.ExportException; +import java.security.AccessControlContext; +import java.security.AccessController; +import java.security.PrivilegedActionException; +import java.security.PrivilegedExceptionAction; import java.util.logging.Level; import java.util.logging.Logger; @@ -51,13 +55,33 @@ class RemoteListener implements RemoteEv private Object proxy; private final Exporter exporter; + private final AccessControlContext context; RemoteListener(Exporter exporter) throws RemoteException { this.exporter = exporter; + this.context = AccessController.getContext(); // Save context for lazy export. } + /** + * Must synchronize on this when called. + * @return proxy + * @throws ExportException + */ private Object getProxy() throws ExportException{ - if (proxy == null) proxy = exporter.export(this); + if (proxy == null){ + try { + proxy = AccessController.doPrivileged(new PrivilegedExceptionAction<Object>(){ + + @Override + public Object run() throws ExportException { + return exporter.export(RemoteListener.this); + } + + }, context); + } catch (PrivilegedActionException ex) { + throw (ExportException) ex.getException(); + } + } return proxy; }
