summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSven Gothel <sgothel@jausoft.com>2019-03-25 05:04:03 +0100
committerSven Gothel <sgothel@jausoft.com>2019-03-25 05:04:03 +0100
commit0c567321c6d594ec11edfd3aa848a0a634c544ef (patch)
treedccd421e769a716cdb7526776ac7a15c9596c3e6
parent4375d2824ac6ff656df184ea0c19ab781e3524e8 (diff)
Bug 1219, Bug 1231: Re-add executable test by execution
Re-adding executable test by execution is required for 'blocker technology' like Windows's 'Software Restriction Policies (SRP)', which only gets activated by the actual execution attempt. Merely testing the file's (ACL) execution flags via NIO's isExecutable is not sufficient. Implementation first tests the file's (ACL) execution flags via NIO's isExecutable. If the NIO test was successful or not available, the actual execution test is performed. To mitigate the virus scanner's false positive, we use an executable shell script per default now, which may be overriden by the new environment 'jogamp.gluegen.UseNativeExeFile=true' Tested on GNU/Linux with one temp folder having mount options 'noexec' and on Windows using Software Restriction Policies (SRP) disallowing one temp folder. Both temp folder were first in line via environment 'java.io.tmpdir'.
-rwxr-xr-xmake/scripts/java-win64.bat4
-rwxr-xr-xmake/scripts/runtest-x64.bat4
-rwxr-xr-xmake/scripts/runtest.sh3
-rw-r--r--src/java/com/jogamp/common/util/IOUtil.java29
4 files changed, 26 insertions, 14 deletions
diff --git a/make/scripts/java-win64.bat b/make/scripts/java-win64.bat
index 640fcb3..ee854cf 100755
--- a/make/scripts/java-win64.bat
+++ b/make/scripts/java-win64.bat
@@ -18,7 +18,9 @@ echo CP_ALL %CP_ALL%
set X_ARGS="-Drootrel.build=%BLD_SUB%" "-Dgluegen.root=.."
REM set D_ARGS="-Djogamp.debug.IOUtil" "-Djogamp.debug.JNILibLoader" "-Djogamp.debug.TempFileCache" "-Djogamp.debug.JarUtil" "-Djogamp.debug.TempJarCache"
REM set D_ARGS="-Djogamp.debug.Platform" "-Djogamp.debug.NativeLibrary" "-Djogamp.debug.IOUtil"
-set D_ARGS="-Djogamp.debug.IOUtil" "-Djogamp.debug.IOUtil.Exe" "-Djogamp.debug.IOUtil.Exe.NoStream"
+REM set D_ARGS="-Djogamp.debug.IOUtil" "-Djogamp.debug.IOUtil.Exe" "-Djogamp.debug.IOUtil.Exe.NoStream"
+REM set D_ARGS="-Djogamp.debug.IOUtil" "-Djogamp.debug.TempFileCache" "-Djogamp.debug.TempJarCache" "-Djogamp.debug.IOUtil.Exe" "-Djogamp.gluegen.UseNativeExeFile=true" "-Djava.io.tmpdir=c:\temp_noexec"
+set D_ARGS="-Djogamp.debug.IOUtil" "-Djogamp.debug.TempFileCache" "-Djogamp.debug.TempJarCache" "-Djava.io.tmpdir=c:\temp_noexec"
REM set D_ARGS="-Djogamp.debug=all"
REM %J2RE_HOME%\bin\java -classpath %CP_ALL% %X_ARGS% %D_ARGS% "-Djava.library.path=%LIB_DIR%" "-Dsun.java2d.noddraw=true" "-Dsun.awt.noerasebackground=true" %1 %2 %3 %4 %5 %6 %7 %8 %9 > java-win64.log 2>&1
diff --git a/make/scripts/runtest-x64.bat b/make/scripts/runtest-x64.bat
index 70a0ec3..1457174 100755
--- a/make/scripts/runtest-x64.bat
+++ b/make/scripts/runtest-x64.bat
@@ -4,7 +4,7 @@ REM set TEMP=C:\Users\jogamp\temp-exec
REM set TMP=C:\Users\jogamp\temp-exec
REM scripts\java-win64.bat com.jogamp.common.GlueGenVersion
-REM scripts\java-win64.bat com.jogamp.common.util.TestVersionInfo
+scripts\java-win64.bat com.jogamp.common.util.TestVersionInfo
REM scripts\java-win64.bat com.jogamp.gluegen.jcpp.IncludeAbsoluteTest
@@ -12,7 +12,7 @@ REM scripts\java-win64.bat com.jogamp.gluegen.test.junit.generation.Test1p1JavaE
REM scripts\java-win64.bat com.jogamp.gluegen.test.junit.generation.Test1p2ProcAddressEmitter
REM scripts\java-win64.bat com.jogamp.common.util.TestTempJarCache
REM scripts\java-win64.bat com.jogamp.common.os.TestElfReader01
-scripts\java-win64.bat com.jogamp.common.util.TestPlatform01
+REM scripts\java-win64.bat com.jogamp.common.util.TestPlatform01
REM scripts\java-win64.bat com.jogamp.common.util.TestIOUtil01
REM scripts\java-win64.bat com.jogamp.common.util.TestJarUtil
diff --git a/make/scripts/runtest.sh b/make/scripts/runtest.sh
index bd8e8ae..be2e415 100755
--- a/make/scripts/runtest.sh
+++ b/make/scripts/runtest.sh
@@ -61,7 +61,8 @@ X_ARGS="-Drootrel.build=$ROOTREL_BUILD -Dgluegen.root=$GLUEGEN_ROOT"
#D_ARGS="-Djogamp.debug.Lock -Djogamp.debug.Lock.TraceLock"
#D_ARGS="-Djogamp.debug.Lock.TraceLock"
#D_ARGS="-Djogamp.debug.IOUtil -Djogamp.debug.IOUtil.Exe -Djogamp.debug.IOUtil.Exe.NoStream"
-D_ARGS="-Djogamp.debug.IOUtil -Djogamp.debug.IOUtil.Exe"
+#D_ARGS="-Djogamp.debug.IOUtil -Djogamp.debug.TempFileCache -Djogamp.debug.TempJarCache -Djogamp.debug.IOUtil.Exe"
+D_ARGS="-Djogamp.debug.IOUtil -Djogamp.debug.TempFileCache -Djogamp.debug.TempJarCache -Djava.io.tmpdir=/run/501"
#D_ARGS="-Djogamp.debug.ByteBufferInputStream"
#D_ARGS="-Djogamp.debug.Buffers"
#D_ARGS="-Djogamp.debug.Bitstream"
diff --git a/src/java/com/jogamp/common/util/IOUtil.java b/src/java/com/jogamp/common/util/IOUtil.java
index 9f95582..0381ebc 100644
--- a/src/java/com/jogamp/common/util/IOUtil.java
+++ b/src/java/com/jogamp/common/util/IOUtil.java
@@ -72,10 +72,10 @@ public class IOUtil {
private static final boolean testTempDirExec;
private static final Method fileToPathGetter;
private static final Method isExecutableQuery;
- private static final boolean useNioExecTest;
+ private static final boolean useNativeExeFile;
static {
- final boolean _props[] = { false, false, false, false, false };
+ final boolean _props[] = { false, false, false, false, false, false };
final Method[] res = AccessController.doPrivileged(new PrivilegedAction<Method[]>() {
@Override
public Method[] run() {
@@ -88,6 +88,7 @@ public class IOUtil {
// For security reasons, we have to hardcode this, i.e. disable this manual debug feature!
_props[i++] = false; // PropertyAccess.isPropertyDefined("jogamp.debug.IOUtil.Exe.ExistingFile", true);
_props[i++] = PropertyAccess.getBooleanProperty("jogamp.gluegen.TestTempDirExec", true, true);
+ _props[i++] = PropertyAccess.getBooleanProperty("jogamp.gluegen.UseNativeExeFile", true, false);
// Java 1.7
i=0;
@@ -112,11 +113,11 @@ public class IOUtil {
DEBUG_EXE_NOSTREAM = _props[i++];
DEBUG_EXE_EXISTING_FILE = _props[i++];
testTempDirExec = _props[i++];
+ useNativeExeFile = _props[i++];
i=0;
fileToPathGetter = res[i++];
isExecutableQuery = res[i++];
- useNioExecTest = null != fileToPathGetter && null != isExecutableQuery;
}
}
@@ -753,7 +754,7 @@ public class IOUtil {
private static String getExeTestFileSuffix() {
switch(PlatformPropsImpl.OS_TYPE) {
case WINDOWS:
- if( !useNioExecTest && Platform.CPUFamily.X86 == PlatformPropsImpl.CPU_ARCH.family ) {
+ if( useNativeExeFile && Platform.CPUFamily.X86 == PlatformPropsImpl.CPU_ARCH.family ) {
return ".exe";
} else {
return ".bat";
@@ -794,7 +795,7 @@ public class IOUtil {
private static WeakReference<byte[]> exeTestCodeRef = null;
private static void fillExeTestFile(final File exefile) throws IOException {
- if( !useNioExecTest &&
+ if( useNativeExeFile &&
Platform.OSType.WINDOWS == PlatformPropsImpl.OS_TYPE &&
Platform.CPUFamily.X86 == PlatformPropsImpl.CPU_ARCH.family
) {
@@ -953,7 +954,7 @@ public class IOUtil {
}
private static final Boolean isNioExecutableFile(final File file) {
- if( useNioExecTest ) {
+ if( null != fileToPathGetter && null != isExecutableQuery ) {
try {
return (Boolean) isExecutableQuery.invoke(null, fileToPathGetter.invoke(file));
} catch (final Throwable t) {
@@ -1028,10 +1029,14 @@ public class IOUtil {
Boolean isNioExec = null;
if( existingExe || exeTestFile.setExecutable(true /* exec */, true /* ownerOnly */) ) {
t2 = debug ? System.currentTimeMillis() : 0;
+ // First soft exec test via NIO's ACL check, if available
isNioExec = isNioExecutableFile(exeTestFile);
if( null != isNioExec ) {
res = isNioExec.booleanValue() ? 0 : -1;
- } else {
+ }
+ if( null == isNioExec || 0 <= res ) {
+ // Hard exec test via actual execution, if NIO's ACL check succeeded or not available.
+ // Required, since Windows 'Software Restriction Policies (SRP)' won't be triggered merely by NIO's ACL check.
Process pr = null;
try {
// Using 'Process.exec(String[])' avoids StringTokenizer of 'Process.exec(String)'
@@ -1043,12 +1048,16 @@ public class IOUtil {
}
pr.waitFor();
exitValue = pr.exitValue(); // Note: Bug 1219 Comment 50: On reporter's machine exit value 1 is being returned
- res = 0; // file has been executed
+ if( 0 == exitValue ) {
+ res++; // file has been executed and exited normally
+ } else {
+ res = -2; // abnormal termination
+ }
} catch (final SecurityException se) {
throw se; // fwd Security exception
} catch (final Throwable t) {
t2 = debug ? System.currentTimeMillis() : 0;
- res = -2;
+ res = -3;
if( debug ) {
System.err.println("IOUtil.testDirExec: <"+exeTestFile.getAbsolutePath()+">: Caught "+t.getClass().getSimpleName()+": "+t.getMessage());
t.printStackTrace();
@@ -1070,7 +1079,7 @@ public class IOUtil {
t2 = debug ? System.currentTimeMillis() : 0;
}
- final boolean ok = 0 == res;
+ final boolean ok = 0 <= res;
if( !DEBUG_EXE && !existingExe ) {
exeTestFile.delete();
}