From 1cf438b4438bb113dfc86b46fc346aacb033c34a Mon Sep 17 00:00:00 2001 From: Ed Merks Date: Tue, 17 Dec 2024 09:18:57 +0100 Subject: [PATCH] Guard all the places that ant sets the security manager - This copies the code because org.eclipse.ant.internal.launching.remote.InternalAntRunner can't see (much of) anything else define by org.eclipse.ant. https://github.com/eclipse-platform/eclipse.platform/issues/1660 --- .../launching/remote/InternalAntRunner.java | 16 ++++++- .../ant/internal/ui/model/AntModel.java | 42 +++++++++++-------- 2 files changed, 39 insertions(+), 19 deletions(-) diff --git a/ant/org.eclipse.ant.launching/remote/org/eclipse/ant/internal/launching/remote/InternalAntRunner.java b/ant/org.eclipse.ant.launching/remote/org/eclipse/ant/internal/launching/remote/InternalAntRunner.java index 5ae2b7f3290..f5691278a8f 100644 --- a/ant/org.eclipse.ant.launching/remote/org/eclipse/ant/internal/launching/remote/InternalAntRunner.java +++ b/ant/org.eclipse.ant.launching/remote/org/eclipse/ant/internal/launching/remote/InternalAntRunner.java @@ -50,6 +50,7 @@ import org.apache.tools.ant.Task; import org.apache.tools.ant.TaskAdapter; import org.apache.tools.ant.util.FileUtils; +import org.apache.tools.ant.util.JavaEnvUtils; import org.eclipse.ant.internal.launching.remote.logger.RemoteAntBuildLogger; /** @@ -58,6 +59,17 @@ */ public class InternalAntRunner { + private static final boolean IS_SECURITY_MANAGER_SUPPORTED = isSecurityManagerAllowed(); + + private static boolean isSecurityManagerAllowed() { + String sm = System.getProperty("java.security.manager"); //$NON-NLS-1$ + if (sm == null) { // default is 'disallow' since 18 and was 'allow' before + return !JavaEnvUtils.isAtLeastJavaVersion("18"); //$NON-NLS-1$ + } + // Value is either 'disallow' or 'allow' or specifies the SecurityManager class to set + return !"disallow".equals(sm); //$NON-NLS-1$ + } + /** * Message priority for project help messages. */ @@ -443,7 +455,9 @@ private void run(List argList) { printArguments(getCurrentProject()); } try { - System.setSecurityManager(new AntSecurityManager(originalSM, Thread.currentThread())); + if (IS_SECURITY_MANAGER_SUPPORTED) { + System.setSecurityManager(new AntSecurityManager(originalSM, Thread.currentThread())); + } } catch (UnsupportedOperationException ex) { logMessage(null, RemoteAntMessages.getString("InternalAntRunner.SecurityManagerError"), Project.MSG_WARN); //$NON-NLS-1$ diff --git a/ant/org.eclipse.ant.ui/Ant Tools Support/org/eclipse/ant/internal/ui/model/AntModel.java b/ant/org.eclipse.ant.ui/Ant Tools Support/org/eclipse/ant/internal/ui/model/AntModel.java index bb62c0e7a0e..8cc6b3722fa 100644 --- a/ant/org.eclipse.ant.ui/Ant Tools Support/org/eclipse/ant/internal/ui/model/AntModel.java +++ b/ant/org.eclipse.ant.ui/Ant Tools Support/org/eclipse/ant/internal/ui/model/AntModel.java @@ -49,6 +49,7 @@ import org.apache.tools.ant.Task; import org.apache.tools.ant.TaskAdapter; import org.apache.tools.ant.UnknownElement; +import org.apache.tools.ant.util.JavaEnvUtils; import org.eclipse.ant.core.AntCorePlugin; import org.eclipse.ant.core.AntCorePreferences; import org.eclipse.ant.core.AntSecurityException; @@ -89,6 +90,17 @@ @SuppressWarnings("removal") // SecurityManager public class AntModel implements IAntModel { + private static final boolean IS_SECURITY_MANAGER_SUPPORTED = isSecurityManagerAllowed(); + + private static boolean isSecurityManagerAllowed() { + String sm = System.getProperty("java.security.manager"); //$NON-NLS-1$ + if (sm == null) { // default is 'disallow' since 18 and was 'allow' before + return !JavaEnvUtils.isAtLeastJavaVersion("18"); //$NON-NLS-1$ + } + // Value is either 'disallow' or 'allow' or specifies the SecurityManager class to set + return !"disallow".equals(sm); //$NON-NLS-1$ + } + private static ClassLoader fgClassLoader; private static int fgInstanceCount = 0; private static Object loaderLock = new Object(); @@ -363,8 +375,10 @@ private void parseDocument(IDocument input) { SecurityManager origSM = System.getSecurityManager(); processAntHome(true); try { - // set a security manager to disallow system exit and system property setting - System.setSecurityManager(new AntSecurityManager(origSM, Thread.currentThread(), false)); + if (IS_SECURITY_MANAGER_SUPPORTED) { + // set a security manager to disallow system exit and system property setting + System.setSecurityManager(new AntSecurityManager(origSM, Thread.currentThread(), false)); + } resolveBuildfile(); endReporting(); // clear the additional property-holder(s) to avoid potential memory leaks @@ -379,7 +393,9 @@ private void parseDocument(IDocument input) { finally { Thread.currentThread().setContextClassLoader(originalClassLoader); getClassLoader(null); - System.setSecurityManager(origSM); + if (System.getSecurityManager() instanceof AntSecurityManager) { + System.setSecurityManager(origSM); + } project.fireBuildFinished(null); // cleanup (IntrospectionHelper) } } @@ -550,9 +566,7 @@ private void setGlobalProperties(Project project) { private void resolveBuildfile() { Collection nodeCopy = new ArrayList<>(fTaskNodes); - Iterator iter = nodeCopy.iterator(); - while (iter.hasNext()) { - AntTaskNode node = iter.next(); + for (AntTaskNode node : nodeCopy) { fNodeBeingResolved = node; fNodeBeingResolvedIndex = -1; if (node.configure(false)) { @@ -1439,10 +1453,8 @@ private void reconcileTaskAndTypes() { if (fCurrentNodeIdentifiers == null || fDefinerNodeIdentifierToDefinedTasks == null) { return; } - Iterator iter = fDefinerNodeIdentifierToDefinedTasks.keySet().iterator(); ComponentHelper helper = ComponentHelper.getComponentHelper(fProjectNode.getProject()); - while (iter.hasNext()) { - String key = iter.next(); + for (String key : fDefinerNodeIdentifierToDefinedTasks.keySet()) { if (fCurrentNodeIdentifiers.get(key) == null) { removeDefinerTasks(key, helper.getAntTypeTable()); } @@ -1579,9 +1591,7 @@ public AntElementNode getReferenceNode(String text) { } Set nodes = fTaskToNode.keySet(); - Iterator iter = nodes.iterator(); - while (iter.hasNext()) { - Task task = iter.next(); + for (Task task : nodes) { Task tmptask = task; if (tmptask instanceof UnknownElement) { UnknownElement element = (UnknownElement) tmptask; @@ -1720,9 +1730,7 @@ protected void addDefinedTasks(List newTasks, AntDefiningTaskNode node) fCurrentNodeIdentifiers.remove(identifier); } fDefinerNodeIdentifierToDefinedTasks.put(identifier, newTasks); - Iterator iter = newTasks.iterator(); - while (iter.hasNext()) { - String name = iter.next(); + for (String name : newTasks) { fTaskNameToDefiningNode.put(name, node); } } @@ -1800,9 +1808,7 @@ private String getPrefixMapping(String prefix) { private String getUserPrefixMapping(String prefix) { if (fNamespacePrefixMappings != null) { Set> entrySet = fNamespacePrefixMappings.entrySet(); - Iterator> entries = entrySet.iterator(); - while (entries.hasNext()) { - Map.Entry entry = entries.next(); + for (Entry entry : entrySet) { if (entry.getValue().equals(prefix)) { return entry.getKey(); }