[jboss-svn-commits] JBL Code SVN: r13141 - labs/jbossrules/trunk/drools-core/src/test/java/org/drools/rule.
jboss-svn-commits at lists.jboss.org
jboss-svn-commits at lists.jboss.org
Thu Jul 5 22:05:12 EDT 2007
Author: mark.proctor at jboss.com
Date: 2007-07-05 22:05:11 -0400 (Thu, 05 Jul 2007)
New Revision: 13141
Added:
labs/jbossrules/trunk/drools-core/src/test/java/org/drools/rule/PackageCompilationDataTest.java
Log:
JBRULES-760 Security problem in WebSphere with PackageCompilationData classloader
Added: labs/jbossrules/trunk/drools-core/src/test/java/org/drools/rule/PackageCompilationDataTest.java
===================================================================
--- labs/jbossrules/trunk/drools-core/src/test/java/org/drools/rule/PackageCompilationDataTest.java (rev 0)
+++ labs/jbossrules/trunk/drools-core/src/test/java/org/drools/rule/PackageCompilationDataTest.java 2007-07-06 02:05:11 UTC (rev 13141)
@@ -0,0 +1,45 @@
+package org.drools.rule;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.security.CodeSource;
+
+import junit.framework.TestCase;
+
+import org.drools.WorkingMemory;
+import org.drools.spi.EvalExpression;
+import org.drools.spi.Tuple;
+
+public class PackageCompilationDataTest extends TestCase {
+ public static class TestEvalExpression implements EvalExpression {
+ public boolean evaluate(Tuple t, Declaration[] d, WorkingMemory w) {
+ return false;
+ }
+ }
+
+ public void testCodeSourceUrl() throws IOException {
+ final String className = TestEvalExpression.class.getName();
+ final PackageCompilationData pcData = new PackageCompilationData(getClass().getClassLoader());
+ final EvalCondition invoker = new EvalCondition(null);
+ pcData.putInvoker(className, invoker);
+ final InputStream is = getClass().getClassLoader().getResourceAsStream(className.replace('.', '/') + ".class");
+ try {
+ pcData.write(className.replace('.', '/') + ".class", read(is));
+ } finally {
+ is.close();
+ }
+ final CodeSource codeSource = invoker.getEvalExpression().getClass().getProtectionDomain().getCodeSource();
+ assertNotNull(codeSource.getLocation());
+ }
+
+ private static byte[] read(final InputStream is) throws IOException {
+ final ByteArrayOutputStream os = new ByteArrayOutputStream();
+ final byte[] b = new byte[1024];
+ int len;
+ while ((len = is.read(b)) > 0) {
+ os.write(b, 0, len);
+ }
+ return os.toByteArray();
+ }
+}
\ No newline at end of file
More information about the jboss-svn-commits
mailing list