diff --git a/source/net/sourceforge/filebot/format/AssociativeScriptObject.java b/source/net/sourceforge/filebot/format/AssociativeScriptObject.java index a4bd2a8b..8f21f238 100644 --- a/source/net/sourceforge/filebot/format/AssociativeScriptObject.java +++ b/source/net/sourceforge/filebot/format/AssociativeScriptObject.java @@ -156,16 +156,13 @@ public class AssociativeScriptObject implements Scriptable { * Map allowing look-up of values by a fault-tolerant key as specified by the defining key. * */ - protected class LenientLookup extends AbstractMap { + private class LenientLookup extends AbstractMap { - private final Map> source; + private final Map> source = new HashMap>(); public LenientLookup(Map source) { - // initialize source map - this.source = new HashMap>(source.size()); - - // populate source map + // populate entry map for (Entry entry : source.entrySet()) { this.source.put(definingKey(entry.getKey()), entry); } diff --git a/source/net/sourceforge/filebot/format/ExpressionFormat.java b/source/net/sourceforge/filebot/format/ExpressionFormat.java index fea60dd1..fe3afcb5 100644 --- a/source/net/sourceforge/filebot/format/ExpressionFormat.java +++ b/source/net/sourceforge/filebot/format/ExpressionFormat.java @@ -4,10 +4,6 @@ package net.sourceforge.filebot.format; import java.io.FilePermission; import java.io.InputStreamReader; -import java.lang.reflect.InvocationHandler; -import java.lang.reflect.InvocationTargetException; -import java.lang.reflect.Method; -import java.lang.reflect.Proxy; import java.security.AccessControlContext; import java.security.AccessControlException; import java.security.AccessController; @@ -114,10 +110,12 @@ public class ExpressionFormat extends Format { public StringBuffer format(Bindings bindings, StringBuffer sb) { - ScriptContext context = new SimpleScriptContext(); - // use privileged bindings so we are not restricted by the script sandbox - context.setBindings(PrivilegedBindings.newProxy(bindings, AccessController.getContext()), ScriptContext.GLOBAL_SCOPE); + Bindings priviledgedBindings = PrivilegedInvocation.newProxy(Bindings.class, bindings, AccessController.getContext()); + + // initialize script context with the privileged bindings + ScriptContext context = new SimpleScriptContext(); + context.setBindings(priviledgedBindings, ScriptContext.GLOBAL_SCOPE); for (Object snipped : compilation) { if (snipped instanceof CompiledScript) { @@ -181,52 +179,6 @@ public class ExpressionFormat extends Format { } - private static class PrivilegedBindings implements InvocationHandler { - - private final Bindings bindings; - private final AccessControlContext context; - - - private PrivilegedBindings(Bindings bindings, AccessControlContext context) { - this.bindings = bindings; - this.context = context; - } - - - @Override - public Object invoke(final Object proxy, final Method method, final Object[] args) throws Throwable { - try { - return AccessController.doPrivileged(new PrivilegedExceptionAction() { - - @Override - public Object run() throws Exception { - return method.invoke(bindings, args); - } - }, context); - } catch (PrivilegedActionException e) { - Throwable cause = e.getException(); - - // the underlying method may have throw an exception - if (cause instanceof InvocationTargetException) { - // get actual cause - cause = cause.getCause(); - } - - // forward cause - throw cause; - } - } - - - public static Bindings newProxy(Bindings bindings, AccessControlContext context) { - InvocationHandler invocationHandler = new PrivilegedBindings(bindings, context); - - // create dynamic invocation proxy - return (Bindings) Proxy.newProxyInstance(PrivilegedBindings.class.getClassLoader(), new Class[] { Bindings.class }, invocationHandler); - } - } - - private static class SecureCompiledScript extends CompiledScript { private final CompiledScript compiledScript; diff --git a/source/net/sourceforge/filebot/format/PrivilegedInvocation.java b/source/net/sourceforge/filebot/format/PrivilegedInvocation.java new file mode 100644 index 00000000..01120add --- /dev/null +++ b/source/net/sourceforge/filebot/format/PrivilegedInvocation.java @@ -0,0 +1,59 @@ + +package net.sourceforge.filebot.format; + + +import java.lang.reflect.InvocationHandler; +import java.lang.reflect.InvocationTargetException; +import java.lang.reflect.Method; +import java.lang.reflect.Proxy; +import java.security.AccessControlContext; +import java.security.AccessController; +import java.security.PrivilegedActionException; +import java.security.PrivilegedExceptionAction; + + +public class PrivilegedInvocation implements InvocationHandler { + + private final Object object; + private final AccessControlContext context; + + + private PrivilegedInvocation(Object object, AccessControlContext context) { + this.object = object; + this.context = context; + } + + + @Override + public Object invoke(final Object proxy, final Method method, final Object[] args) throws Throwable { + try { + return AccessController.doPrivileged(new PrivilegedExceptionAction() { + + @Override + public Object run() throws Exception { + return method.invoke(object, args); + } + }, context); + } catch (PrivilegedActionException e) { + Throwable cause = e.getException(); + + // the underlying method may have throw an exception + if (cause instanceof InvocationTargetException) { + // get actual cause + cause = cause.getCause(); + } + + // forward cause + throw cause; + } + } + + + public static I newProxy(Class type, I object, AccessControlContext context) { + InvocationHandler invocationHandler = new PrivilegedInvocation(object, context); + ClassLoader classLoader = Thread.currentThread().getContextClassLoader(); + + // create dynamic invocation proxy + return type.cast(Proxy.newProxyInstance(classLoader, new Class[] { type }, invocationHandler)); + } +}