Fix remaining security manager problems. Forbiddenapis now passes.
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1713915 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Uwe Schindler
parent
73a8488838
commit
493a157e6a
@ -35,6 +35,7 @@ import org.apache.poi.poifs.filesystem.DocumentInputStream;
|
|||||||
import org.apache.poi.poifs.filesystem.NPOIFSFileSystem;
|
import org.apache.poi.poifs.filesystem.NPOIFSFileSystem;
|
||||||
import org.apache.poi.poifs.filesystem.OPOIFSFileSystem;
|
import org.apache.poi.poifs.filesystem.OPOIFSFileSystem;
|
||||||
import org.apache.poi.poifs.filesystem.POIFSFileSystem;
|
import org.apache.poi.poifs.filesystem.POIFSFileSystem;
|
||||||
|
import org.apache.poi.util.Internal;
|
||||||
import org.apache.poi.util.POILogFactory;
|
import org.apache.poi.util.POILogFactory;
|
||||||
import org.apache.poi.util.POILogger;
|
import org.apache.poi.util.POILogger;
|
||||||
|
|
||||||
@ -305,4 +306,9 @@ public abstract class POIDocument {
|
|||||||
* @throws IOException thrown on errors writing to the stream
|
* @throws IOException thrown on errors writing to the stream
|
||||||
*/
|
*/
|
||||||
public abstract void write(OutputStream out) throws IOException;
|
public abstract void write(OutputStream out) throws IOException;
|
||||||
|
|
||||||
|
@Internal
|
||||||
|
public DirectoryNode getDirectory() {
|
||||||
|
return directory;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -26,7 +26,6 @@ java.util.Locale#setDefault(java.util.Locale) @ Do not use methods that depend o
|
|||||||
java.util.TimeZone#getDefault() @ Do not use methods that depend on the current Local, either use Locale.ROOT or let the user define the local, see class LocaleUtil for details
|
java.util.TimeZone#getDefault() @ Do not use methods that depend on the current Local, either use Locale.ROOT or let the user define the local, see class LocaleUtil for details
|
||||||
java.util.Date#toString() @ Do not use methods that depend on the current Local, either use Locale.ROOT or let the user define the local, see class LocaleUtil for details
|
java.util.Date#toString() @ Do not use methods that depend on the current Local, either use Locale.ROOT or let the user define the local, see class LocaleUtil for details
|
||||||
|
|
||||||
# disabled as there are still invocations that we could not remove easily
|
# Disallow reflection on private object fields/methods
|
||||||
#java.lang.reflect.AccessibleObject#setAccessible(java.lang.reflect.AccessibleObject[], boolean) @ Reflection usage fails with SecurityManagers and likely will not work any more in Java 9
|
java.lang.reflect.AccessibleObject#setAccessible(java.lang.reflect.AccessibleObject[], boolean) @ Reflection usage fails with SecurityManagers and likely will not work any more in Java 9
|
||||||
#java.lang.reflect.AccessibleObject#setAccessible(boolean) @ Reflection usage fails with SecurityManagers and likely will not work any more in Java 9
|
java.lang.reflect.AccessibleObject#setAccessible(boolean) @ Reflection usage fails with SecurityManagers and likely will not work any more in Java 9
|
||||||
#java.lang.reflect.Method#invoke(java.lang.Object, java.lang.Object[]) @ Reflection usage fails with SecurityManagers and likely will not work any more in Java 9
|
|
||||||
|
|||||||
@ -233,4 +233,9 @@ public abstract class HWPFDocumentCore extends POIDocument
|
|||||||
}
|
}
|
||||||
|
|
||||||
public abstract TextPieceTable getTextTable();
|
public abstract TextPieceTable getTextTable();
|
||||||
|
|
||||||
|
@Internal
|
||||||
|
public byte[] getMainStream() {
|
||||||
|
return _mainStream;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -23,7 +23,6 @@ import java.io.File;
|
|||||||
import java.io.FileInputStream;
|
import java.io.FileInputStream;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.io.InputStream;
|
import java.io.InputStream;
|
||||||
import java.lang.reflect.Method;
|
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
import java.util.Arrays;
|
import java.util.Arrays;
|
||||||
import java.util.Collections;
|
import java.util.Collections;
|
||||||
@ -32,7 +31,6 @@ import java.util.LinkedHashMap;
|
|||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
|
|
||||||
import org.apache.poi.POIDocument;
|
|
||||||
import org.apache.poi.hwpf.HWPFDocument;
|
import org.apache.poi.hwpf.HWPFDocument;
|
||||||
import org.apache.poi.hwpf.HWPFDocumentCore;
|
import org.apache.poi.hwpf.HWPFDocumentCore;
|
||||||
import org.apache.poi.hwpf.HWPFOldDocument;
|
import org.apache.poi.hwpf.HWPFOldDocument;
|
||||||
@ -63,7 +61,6 @@ import org.apache.poi.hwpf.usermodel.Picture;
|
|||||||
import org.apache.poi.hwpf.usermodel.Range;
|
import org.apache.poi.hwpf.usermodel.Range;
|
||||||
import org.apache.poi.poifs.common.POIFSConstants;
|
import org.apache.poi.poifs.common.POIFSConstants;
|
||||||
import org.apache.poi.poifs.filesystem.DirectoryEntry;
|
import org.apache.poi.poifs.filesystem.DirectoryEntry;
|
||||||
import org.apache.poi.poifs.filesystem.DirectoryNode;
|
|
||||||
import org.apache.poi.poifs.filesystem.Entry;
|
import org.apache.poi.poifs.filesystem.Entry;
|
||||||
import org.apache.poi.poifs.filesystem.POIFSFileSystem;
|
import org.apache.poi.poifs.filesystem.POIFSFileSystem;
|
||||||
import org.apache.poi.util.Beta;
|
import org.apache.poi.util.Beta;
|
||||||
@ -458,12 +455,7 @@ public final class HWPFLister
|
|||||||
|
|
||||||
public void dumpFileSystem() throws Exception
|
public void dumpFileSystem() throws Exception
|
||||||
{
|
{
|
||||||
java.lang.reflect.Field field = POIDocument.class
|
System.out.println( dumpFileSystem( _doc.getDirectory() ) );
|
||||||
.getDeclaredField( "directory" );
|
|
||||||
field.setAccessible( true );
|
|
||||||
DirectoryNode directoryNode = (DirectoryNode) field.get( _doc );
|
|
||||||
|
|
||||||
System.out.println( dumpFileSystem( directoryNode ) );
|
|
||||||
}
|
}
|
||||||
|
|
||||||
private String dumpFileSystem( DirectoryEntry directory )
|
private String dumpFileSystem( DirectoryEntry directory )
|
||||||
@ -531,10 +523,7 @@ public final class HWPFLister
|
|||||||
|
|
||||||
HWPFDocument doc = (HWPFDocument) _doc;
|
HWPFDocument doc = (HWPFDocument) _doc;
|
||||||
|
|
||||||
java.lang.reflect.Field fMainStream = HWPFDocumentCore.class
|
byte[] mainStream = _doc.getMainStream();
|
||||||
.getDeclaredField( "_mainStream" );
|
|
||||||
fMainStream.setAccessible( true );
|
|
||||||
byte[] mainStream = (byte[]) fMainStream.get( _doc );
|
|
||||||
|
|
||||||
PlexOfCps binTable = new PlexOfCps( doc.getTableStream(), doc
|
PlexOfCps binTable = new PlexOfCps( doc.getTableStream(), doc
|
||||||
.getFileInformationBlock().getFcPlcfbtePapx(), doc
|
.getFileInformationBlock().getFcPlcfbtePapx(), doc
|
||||||
@ -584,12 +573,6 @@ public final class HWPFLister
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
Method newParagraph = Paragraph.class.getDeclaredMethod(
|
|
||||||
"newParagraph", Range.class, PAPX.class );
|
|
||||||
newParagraph.setAccessible( true );
|
|
||||||
java.lang.reflect.Field _props = Paragraph.class
|
|
||||||
.getDeclaredField( "_props" );
|
|
||||||
_props.setAccessible( true );
|
|
||||||
|
|
||||||
for ( PAPX papx : _doc.getParagraphTable().getParagraphs() )
|
for ( PAPX papx : _doc.getParagraphTable().getParagraphs() )
|
||||||
{
|
{
|
||||||
@ -597,9 +580,8 @@ public final class HWPFLister
|
|||||||
|
|
||||||
if ( withProperties )
|
if ( withProperties )
|
||||||
{
|
{
|
||||||
Paragraph paragraph = (Paragraph) newParagraph.invoke( null,
|
Paragraph paragraph = Paragraph.newParagraph( _doc.getOverallRange(), papx );
|
||||||
_doc.getOverallRange(), papx );
|
System.out.println( paragraph.getProps() );
|
||||||
System.out.println( _props.get( paragraph ) );
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( true )
|
if ( true )
|
||||||
|
|||||||
@ -94,7 +94,7 @@ public class Paragraph extends Range implements Cloneable {
|
|||||||
public final static short SPRM_FADJUSTRIGHT = 0x2448;
|
public final static short SPRM_FADJUSTRIGHT = 0x2448;
|
||||||
|
|
||||||
@Internal
|
@Internal
|
||||||
static Paragraph newParagraph( Range parent, PAPX papx )
|
public static Paragraph newParagraph( Range parent, PAPX papx )
|
||||||
{
|
{
|
||||||
HWPFDocumentCore doc = parent._doc;
|
HWPFDocumentCore doc = parent._doc;
|
||||||
ListTables listTables = doc.getListTables();
|
ListTables listTables = doc.getListTables();
|
||||||
@ -659,4 +659,9 @@ public class Paragraph extends Range implements Cloneable {
|
|||||||
{
|
{
|
||||||
return "Paragraph [" + getStartOffset() + "; " + getEndOffset() + ")";
|
return "Paragraph [" + getStartOffset() + "; " + getEndOffset() + ")";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Internal
|
||||||
|
public ParagraphProperties getProps() {
|
||||||
|
return _props;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -17,9 +17,6 @@
|
|||||||
|
|
||||||
package org.apache.poi.hwpf.usermodel;
|
package org.apache.poi.hwpf.usermodel;
|
||||||
|
|
||||||
import java.lang.reflect.AccessibleObject;
|
|
||||||
import java.lang.reflect.Field;
|
|
||||||
|
|
||||||
import org.apache.poi.hwpf.model.types.SEPAbstractType;
|
import org.apache.poi.hwpf.model.types.SEPAbstractType;
|
||||||
|
|
||||||
public final class SectionProperties extends SEPAbstractType
|
public final class SectionProperties extends SEPAbstractType
|
||||||
@ -46,38 +43,4 @@ public final class SectionProperties extends SEPAbstractType
|
|||||||
return copy;
|
return copy;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
|
||||||
public boolean equals( Object obj )
|
|
||||||
{
|
|
||||||
Field[] fields = SectionProperties.class.getSuperclass()
|
|
||||||
.getDeclaredFields();
|
|
||||||
AccessibleObject.setAccessible( fields, true );
|
|
||||||
try
|
|
||||||
{
|
|
||||||
for ( int x = 0; x < fields.length; x++ )
|
|
||||||
{
|
|
||||||
Object obj1 = fields[x].get( this );
|
|
||||||
Object obj2 = fields[x].get( obj );
|
|
||||||
if ( obj1 == null && obj2 == null )
|
|
||||||
{
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
if ( obj1 == null || obj2 == null || !obj1.equals( obj2 ) )
|
|
||||||
{
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
catch ( Exception e )
|
|
||||||
{
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public int hashCode() {
|
|
||||||
assert false : "hashCode not designed";
|
|
||||||
return 42; // any arbitrary constant will do
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|||||||
@ -19,10 +19,14 @@ package org.apache.poi.hwpf.model;
|
|||||||
|
|
||||||
import java.lang.reflect.AccessibleObject;
|
import java.lang.reflect.AccessibleObject;
|
||||||
import java.lang.reflect.Field;
|
import java.lang.reflect.Field;
|
||||||
|
import java.security.AccessController;
|
||||||
|
import java.security.PrivilegedActionException;
|
||||||
|
import java.security.PrivilegedExceptionAction;
|
||||||
|
|
||||||
import junit.framework.TestCase;
|
import junit.framework.TestCase;
|
||||||
|
|
||||||
import org.apache.poi.hwpf.HWPFDocFixture;
|
import org.apache.poi.hwpf.HWPFDocFixture;
|
||||||
|
import org.apache.poi.util.SuppressForbidden;
|
||||||
|
|
||||||
public final class TestFileInformationBlock extends TestCase {
|
public final class TestFileInformationBlock extends TestCase {
|
||||||
private FileInformationBlock _fileInformationBlock = null;
|
private FileInformationBlock _fileInformationBlock = null;
|
||||||
@ -37,9 +41,20 @@ public final class TestFileInformationBlock extends TestCase {
|
|||||||
FileInformationBlock newFileInformationBlock = new FileInformationBlock(
|
FileInformationBlock newFileInformationBlock = new FileInformationBlock(
|
||||||
buf);
|
buf);
|
||||||
|
|
||||||
Field[] fields = FileInformationBlock.class.getSuperclass()
|
final Field[] fields;
|
||||||
.getDeclaredFields();
|
try {
|
||||||
AccessibleObject.setAccessible(fields, true);
|
fields = AccessController.doPrivileged(new PrivilegedExceptionAction<Field[]>() {
|
||||||
|
@Override
|
||||||
|
@SuppressForbidden("Test only")
|
||||||
|
public Field[] run() throws Exception {
|
||||||
|
final Field[] fields = FileInformationBlock.class.getSuperclass().getDeclaredFields();
|
||||||
|
AccessibleObject.setAccessible(fields, true);
|
||||||
|
return fields;
|
||||||
|
}
|
||||||
|
});
|
||||||
|
} catch (PrivilegedActionException pae) {
|
||||||
|
throw pae.getException();
|
||||||
|
}
|
||||||
|
|
||||||
for (int x = 0; x < fields.length; x++) {
|
for (int x = 0; x < fields.length; x++) {
|
||||||
assertEquals(fields[x].get(_fileInformationBlock),
|
assertEquals(fields[x].get(_fileInformationBlock),
|
||||||
|
|||||||
@ -91,7 +91,7 @@ public class POITestCase {
|
|||||||
}
|
}
|
||||||
});
|
});
|
||||||
} catch (PrivilegedActionException pae) {
|
} catch (PrivilegedActionException pae) {
|
||||||
throw new AssertionError("Cannot access field '" + fieldName + "' of class " + clazz);
|
throw new RuntimeException("Cannot access field '" + fieldName + "' of class " + clazz, pae.getException());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -112,7 +112,7 @@ public class POITestCase {
|
|||||||
}
|
}
|
||||||
});
|
});
|
||||||
} catch (PrivilegedActionException pae) {
|
} catch (PrivilegedActionException pae) {
|
||||||
throw new AssertionError("Cannot access method '" + methodName + "' of class " + clazz);
|
throw new RuntimeException("Cannot access method '" + methodName + "' of class " + clazz, pae.getException());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user