diff options
author | Thomas Watson | 2013-04-16 01:49:44 +0000 |
---|---|---|
committer | Thomas Watson | 2013-04-16 01:49:44 +0000 |
commit | bda586273cfe19c14ef7cc12517c6f6c5b7d68d0 (patch) | |
tree | ef8c646cb859ee4452b56f123e5423cb668ce337 /bundles | |
parent | 9e41c7919e2ab03e55431cb034179ec4d0fc570c (diff) | |
parent | 671f70606091d87ad97c36ae13febe49cf69cf11 (diff) | |
download | rt.equinox.framework-bda586273cfe19c14ef7cc12517c6f6c5b7d68d0.tar.gz rt.equinox.framework-bda586273cfe19c14ef7cc12517c6f6c5b7d68d0.tar.xz rt.equinox.framework-bda586273cfe19c14ef7cc12517c6f6c5b7d68d0.zip |
Merge branch 'master' into twatson/container
Conflicts:
bundles/org.eclipse.osgi/container/src/org/eclipse/osgi/storage/bundlefile/DirBundleFile.java
bundles/org.eclipse.osgi/defaultAdaptor/src/org/eclipse/osgi/internal/baseadaptor/BaseStorage.java
bundles/org.eclipse.osgi/eclipseAdaptor/src/org/eclipse/core/runtime/internal/adaptor/EclipseLazyStarter.java
Diffstat (limited to 'bundles')
6 files changed, 135 insertions, 16 deletions
diff --git a/bundles/org.eclipse.osgi.tests/src/org/eclipse/osgi/tests/bundles/BundleResourceTests.java b/bundles/org.eclipse.osgi.tests/src/org/eclipse/osgi/tests/bundles/BundleResourceTests.java index b97c1a0fb..12f9751ea 100644 --- a/bundles/org.eclipse.osgi.tests/src/org/eclipse/osgi/tests/bundles/BundleResourceTests.java +++ b/bundles/org.eclipse.osgi.tests/src/org/eclipse/osgi/tests/bundles/BundleResourceTests.java @@ -1,5 +1,5 @@ /******************************************************************************* - * Copyright (c) 2010, 2011 IBM Corporation and others. + * Copyright (c) 2010, 2013 IBM Corporation and others. * All rights reserved. This program and the accompanying materials * are made available under the terms of the Eclipse Public License v1.0 * which accompanies this distribution, and is available at @@ -15,6 +15,7 @@ import java.util.Enumeration; import junit.framework.Test; import junit.framework.TestSuite; import org.eclipse.core.tests.harness.CoreTest; +import org.eclipse.osgi.service.environment.EnvironmentInfo; import org.eclipse.osgi.tests.OSGiTestsActivator; import org.osgi.framework.*; @@ -65,6 +66,30 @@ public class BundleResourceTests extends CoreTest { assertNotNull("Did not find resource!", paths); } + public void testBug395274() throws Exception { + ServiceReference<EnvironmentInfo> infoRef = OSGiTestsActivator.getContext().getServiceReference(EnvironmentInfo.class); + EnvironmentInfo info = OSGiTestsActivator.getContext().getService(infoRef); + String original = info.setProperty("osgi.strictBundleEntryPath", "true"); + try { + Bundle bundle = installer.installBundle("test"); //$NON-NLS-1$ + URL path = bundle.getEntry("META-INF./MANIFEST.MF"); + assertNull("found resource!", path); + path = bundle.getEntry("META-INF/MANIFEST.MF"); + assertNotNull("Did not find resource!", path); + path = bundle.getEntry("folder/file1.TXT"); + assertNull("found resource!", path); + path = bundle.getEntry("folder/file1.txt"); + assertNotNull("Did not find resource!", path); + checkEntries(bundle, "/./file1.txt", 1); + checkEntries(bundle, "//file1.txt", 1); + checkEntries(bundle, "/", 1); + checkEntries(bundle, "/.", 1); + } finally { + info.setProperty("osgi.strictBundleEntryPath", original); + OSGiTestsActivator.getContext().ungetService(infoRef); + } + } + public void testBug328795() throws BundleException { Bundle bundle = installer.installBundle("test"); //$NON-NLS-1$ checkEntries(bundle, "notFound\\", 0); // this results in invalid syntax exception which is logged because of trailing escape diff --git a/bundles/org.eclipse.osgi/container/src/org/eclipse/osgi/internal/framework/EquinoxConfiguration.java b/bundles/org.eclipse.osgi/container/src/org/eclipse/osgi/internal/framework/EquinoxConfiguration.java index 3b69ae97c..e0a7580ea 100644 --- a/bundles/org.eclipse.osgi/container/src/org/eclipse/osgi/internal/framework/EquinoxConfiguration.java +++ b/bundles/org.eclipse.osgi/container/src/org/eclipse/osgi/internal/framework/EquinoxConfiguration.java @@ -178,6 +178,8 @@ public class EquinoxConfiguration implements EnvironmentInfo { public static final String PROP_FORCED_RESTART = "osgi.forcedRestart"; //$NON-NLS-1$ public static final String PROP_IGNORE_USER_CONFIGURATION = "eclipse.ignoreUserConfiguration"; //$NON-NLS-1$ + public static final String PROPERTY_STRICT_BUNDLE_ENTRY_PATH = "osgi.strictBundleEntryPath";//$NON-NLS-1$ + private final static Collection<String> populateInitConfig = Arrays.asList(PROP_OSGI_ARCH, PROP_OSGI_OS, PROP_OSGI_WS, PROP_OSGI_NL, FRAMEWORK_OS_NAME, FRAMEWORK_OS_VERSION, FRAMEWORK_PROCESSOR, FRAMEWORK_LANGUAGE); EquinoxConfiguration(Map<String, ?> initialConfiguration, HookRegistry hookRegistry) { @@ -459,6 +461,9 @@ public class EquinoxConfiguration implements EnvironmentInfo { @Override public String setProperty(String key, String value) { + if (value == null) { + return clearConfiguration(key); + } return setConfiguration(key, value); } diff --git a/bundles/org.eclipse.osgi/container/src/org/eclipse/osgi/internal/signedcontent/SignedBundleHook.java b/bundles/org.eclipse.osgi/container/src/org/eclipse/osgi/internal/signedcontent/SignedBundleHook.java index f2b89af1c..31cd94279 100644 --- a/bundles/org.eclipse.osgi/container/src/org/eclipse/osgi/internal/signedcontent/SignedBundleHook.java +++ b/bundles/org.eclipse.osgi/container/src/org/eclipse/osgi/internal/signedcontent/SignedBundleHook.java @@ -1,5 +1,5 @@ /******************************************************************************* - * Copyright (c) 2006, 2010 IBM Corporation and others. + * Copyright (c) 2006, 2013 IBM Corporation and others. * All rights reserved. This program and the accompanying materials * are made available under the terms of the Eclipse Public License v1.0 * which accompanies this distribution, and is available at @@ -202,7 +202,7 @@ public class SignedBundleHook implements ActivatorHookFactory, BundleFileWrapper throw new IllegalArgumentException("null content"); //$NON-NLS-1$ BundleFile contentBundleFile; if (content.isDirectory()) - contentBundleFile = new DirBundleFile(content); + contentBundleFile = new DirBundleFile(content, false); else contentBundleFile = new ZipBundleFile(content, null, null, container.getConfiguration().getDebug()); SignedBundleFile result = new SignedBundleFile(null, VERIFY_ALL, this); diff --git a/bundles/org.eclipse.osgi/container/src/org/eclipse/osgi/storage/Storage.java b/bundles/org.eclipse.osgi/container/src/org/eclipse/osgi/storage/Storage.java index 6677fc623..7ea25440d 100644 --- a/bundles/org.eclipse.osgi/container/src/org/eclipse/osgi/storage/Storage.java +++ b/bundles/org.eclipse.osgi/container/src/org/eclipse/osgi/storage/Storage.java @@ -784,7 +784,8 @@ public class Storage { BundleFile result; try { if (isDirectory) { - result = new DirBundleFile(content); + boolean strictPath = Boolean.parseBoolean(equinoxContainer.getConfiguration().getConfiguration(EquinoxConfiguration.PROPERTY_STRICT_BUNDLE_ENTRY_PATH, Boolean.FALSE.toString())); + result = new DirBundleFile(content, strictPath); } else { result = new ZipBundleFile(content, generation, mruList, getConfiguration().getDebug()); } diff --git a/bundles/org.eclipse.osgi/container/src/org/eclipse/osgi/storage/bundlefile/DirBundleFile.java b/bundles/org.eclipse.osgi/container/src/org/eclipse/osgi/storage/bundlefile/DirBundleFile.java index baaffb1d3..da8c15109 100644 --- a/bundles/org.eclipse.osgi/container/src/org/eclipse/osgi/storage/bundlefile/DirBundleFile.java +++ b/bundles/org.eclipse.osgi/container/src/org/eclipse/osgi/storage/bundlefile/DirBundleFile.java @@ -1,5 +1,5 @@ /******************************************************************************* - * Copyright (c) 2005, 2012 IBM Corporation and others. + * Copyright (c) 2005, 2013 IBM Corporation and others. * All rights reserved. This program and the accompanying materials * are made available under the terms of the Eclipse Public License v1.0 * which accompanies this distribution, and is available at @@ -24,33 +24,83 @@ import org.eclipse.osgi.util.NLS; */ public class DirBundleFile extends BundleFile { + private static final String POINTER_SAME_DIRECTORY_1 = "/.";//$NON-NLS-1$ + private static final String POINTER_SAME_DIRECTORY_2 = "//";//$NON-NLS-1$ + private static final String POINTER_UPPER_DIRECTORY = "..";//$NON-NLS-1$ + + private final boolean enableStrictBundleEntryPath; + /** * Constructs a DirBundleFile * @param basefile the base file * @throws IOException */ - public DirBundleFile(File basefile) throws IOException { - super(basefile); + public DirBundleFile(File basefile, boolean enableStrictBundleEntryPath) throws IOException { + super(getBaseFile(basefile, enableStrictBundleEntryPath)); if (!BundleFile.secureAction.exists(basefile) || !BundleFile.secureAction.isDirectory(basefile)) { throw new IOException(NLS.bind(StorageMsg.ADAPTOR_DIRECTORY_EXCEPTION, basefile)); } + this.enableStrictBundleEntryPath = enableStrictBundleEntryPath; + } + + private static File getBaseFile(File basefile, boolean enableStrictBundleEntryPath) throws IOException { + return enableStrictBundleEntryPath ? secureAction.getCanonicalFile(basefile) : basefile; } public File getFile(String path, boolean nativeCode) { - boolean checkInBundle = path != null && path.indexOf("..") >= 0; //$NON-NLS-1$ - File file = new File(basefile, path); + final boolean checkInBundle = path != null && path.indexOf(POINTER_UPPER_DIRECTORY) >= 0; + File file = new File(this.basefile, path); if (!BundleFile.secureAction.exists(file)) { return null; } - // must do an extra check to make sure file is within the bundle (bug 320546) - if (checkInBundle) { - try { - if (!BundleFile.secureAction.getCanonicalPath(file).startsWith(BundleFile.secureAction.getCanonicalPath(basefile))) + + if (!enableStrictBundleEntryPath) { + // must do an extra check to make sure file is within the bundle (bug 320546) + if (checkInBundle) { + try { + if (!BundleFile.secureAction.getCanonicalPath(file).startsWith(BundleFile.secureAction.getCanonicalPath(basefile))) + return null; + } catch (IOException e) { return null; - } catch (IOException e) { - return null; + } + } + return file; + } + boolean normalize = false; + boolean isBundleRoot = false; + if (path != null) { + isBundleRoot = path.equals("/");//$NON-NLS-1$ + if (!isBundleRoot) { + normalize = checkInBundle || path.indexOf(POINTER_SAME_DIRECTORY_1) >= 0 || path.indexOf(POINTER_SAME_DIRECTORY_2) >= 0; } } + File canonicalFile; + try { + canonicalFile = BundleFile.secureAction.getCanonicalFile(file); + if (!isBundleRoot) { + File absoluteFile = BundleFile.secureAction.getAbsoluteFile(file); + String canonicalPath; + String absolutePath; + if (normalize) { + canonicalPath = canonicalFile.toURI().getPath(); + absolutePath = absoluteFile.toURI().normalize().getPath(); + } else { + canonicalPath = canonicalFile.getPath(); + absolutePath = absoluteFile.getPath(); + } + if (!canonicalPath.equals(absolutePath)) { + return null; + } + } + // must do an extra check to make sure file is within the bundle (bug 320546) + if (checkInBundle) { + if (!canonicalFile.getPath().startsWith(basefile.getPath())) + return null; + } + } catch (IOException e) { + return null; + } + return file; } diff --git a/bundles/org.eclipse.osgi/supplement/src/org/eclipse/osgi/framework/util/SecureAction.java b/bundles/org.eclipse.osgi/supplement/src/org/eclipse/osgi/framework/util/SecureAction.java index 562738f73..7138c36a5 100644 --- a/bundles/org.eclipse.osgi/supplement/src/org/eclipse/osgi/framework/util/SecureAction.java +++ b/bundles/org.eclipse.osgi/supplement/src/org/eclipse/osgi/framework/util/SecureAction.java @@ -1,5 +1,5 @@ /******************************************************************************* - * Copyright (c) 2003, 2010 IBM Corporation and others. + * Copyright (c) 2003, 2013 IBM Corporation and others. * All rights reserved. This program and the accompanying materials * are made available under the terms of the Eclipse Public License v1.0 * which accompanies this distribution, and is available at @@ -164,6 +164,44 @@ public class SecureAction { } /** + * Returns the absolute file. Same as calling + * file.getAbsoluteFile(). + * @param file a file object + * @return the absolute file. + */ + public File getAbsoluteFile(final File file) { + if (System.getSecurityManager() == null) + return file.getAbsoluteFile(); + return AccessController.doPrivileged(new PrivilegedAction<File>() { + public File run() { + return file.getAbsoluteFile(); + } + }, controlContext); + } + + /** + * Returns the canonical file. Same as calling + * file.getCanonicalFile(). + * @param file a file object + * @return the canonical file. + */ + public File getCanonicalFile(final File file) throws IOException { + if (System.getSecurityManager() == null) + return file.getCanonicalFile(); + try { + return AccessController.doPrivileged(new PrivilegedExceptionAction<File>() { + public File run() throws IOException { + return file.getCanonicalFile(); + } + }, controlContext); + } catch (PrivilegedActionException e) { + if (e.getException() instanceof IOException) + throw (IOException) e.getException(); + throw (RuntimeException) e.getException(); + } + } + + /** * Returns true if a file exists, otherwise false is returned. Same as calling * file.exists(). * @param file a file object |