From ff847f7e6cda71c801cf12ceb5d951eacff58505 Mon Sep 17 00:00:00 2001 From: sarpsahinalp Date: Fri, 6 Dec 2024 09:26:52 +0100 Subject: [PATCH 1/4] Add packageName --- .../java/JavaSecurityTestCaseFactoryAndBuilder.java | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/main/java/de/tum/cit/ase/ares/api/securitytest/java/JavaSecurityTestCaseFactoryAndBuilder.java b/src/main/java/de/tum/cit/ase/ares/api/securitytest/java/JavaSecurityTestCaseFactoryAndBuilder.java index ef717e8b..39dc921a 100644 --- a/src/main/java/de/tum/cit/ase/ares/api/securitytest/java/JavaSecurityTestCaseFactoryAndBuilder.java +++ b/src/main/java/de/tum/cit/ase/ares/api/securitytest/java/JavaSecurityTestCaseFactoryAndBuilder.java @@ -7,11 +7,9 @@ import com.tngtech.archunit.core.domain.JavaClasses; import com.tngtech.archunit.core.importer.ClassFileImporter; import de.tum.cit.ase.ares.api.aop.java.JavaSecurityTestCaseSupported; -import de.tum.cit.ase.ares.api.architecture.ArchitectureSecurityTestCase; import de.tum.cit.ase.ares.api.architecture.java.CallGraphBuilderUtils; import de.tum.cit.ase.ares.api.architecture.java.JavaArchitecturalTestCaseSupported; import de.tum.cit.ase.ares.api.architecture.java.JavaArchitectureTestCase; -import de.tum.cit.ase.ares.api.architecture.java.archunit.JavaArchUnitSecurityTestCase; import de.tum.cit.ase.ares.api.aop.java.JavaSecurityTestCase; import de.tum.cit.ase.ares.api.policy.SecurityPolicy; import de.tum.cit.ase.ares.api.policy.SecurityPolicy.ResourceAccesses; @@ -215,6 +213,7 @@ private void createSecurityTestCases() { new SecurityPolicy.PackagePermission("org.java.aspectj"), new SecurityPolicy.PackagePermission("org.aspectj"), new SecurityPolicy.PackagePermission("de.tum.cit.ase.ares.api.aop.java.aspectj.adviceandpointcut"))); + new SecurityPolicy.PackagePermission(packageName); // // From b90bc0d24c6873b5b22e3d995c973027c0e0b4e7 Mon Sep 17 00:00:00 2001 From: sarpsahinalp Date: Fri, 6 Dec 2024 09:36:56 +0100 Subject: [PATCH 2/4] Add linking native methods --- .../templates/architecture/java/wala/methods/classloader.txt | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/main/resources/de/tum/cit/ase/ares/api/templates/architecture/java/wala/methods/classloader.txt b/src/main/resources/de/tum/cit/ase/ares/api/templates/architecture/java/wala/methods/classloader.txt index efcf69d2..555cceef 100644 --- a/src/main/resources/de/tum/cit/ase/ares/api/templates/architecture/java/wala/methods/classloader.txt +++ b/src/main/resources/de/tum/cit/ase/ares/api/templates/architecture/java/wala/methods/classloader.txt @@ -27,4 +27,6 @@ java.lang.System.setProperties(Ljava/util/Properties;) java.util.ResourceBundle.getBundle java.lang.System.setErr java.lang.System.setIn -java.lang.System.setOut \ No newline at end of file +java.lang.System.setOut +java.lang.Runtime.loadLibrary0 +java.lang.Runtime.load0 \ No newline at end of file From 0698d5e4e7adf79bf4e059968b25e91dffcfbbfa Mon Sep 17 00:00:00 2001 From: Markus Paulsen Date: Fri, 6 Dec 2024 11:01:32 +0100 Subject: [PATCH 3/4] Fixed FileChannel.open --- .../pointcut/JavaInstrumentationPointcutDefinitions.java | 8 ++++---- .../fileSystem/FileSystemAccessPenguin.java | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/src/main/java/de/tum/cit/ase/ares/api/aop/java/instrumentation/pointcut/JavaInstrumentationPointcutDefinitions.java b/src/main/java/de/tum/cit/ase/ares/api/aop/java/instrumentation/pointcut/JavaInstrumentationPointcutDefinitions.java index 84e53b57..26e46ae7 100644 --- a/src/main/java/de/tum/cit/ase/ares/api/aop/java/instrumentation/pointcut/JavaInstrumentationPointcutDefinitions.java +++ b/src/main/java/de/tum/cit/ase/ares/api/aop/java/instrumentation/pointcut/JavaInstrumentationPointcutDefinitions.java @@ -142,7 +142,9 @@ static ElementMatcher getMethodsMatcher( "java.io.BufferedReader", List.of("lines"), "java.nio.channels.FileChannel", - List.of("open") + List.of("open"), + "java.nio.file.spi.FileSystemProvider", + List.of("newFileChannel") ); // @@ -167,9 +169,7 @@ static ElementMatcher getMethodsMatcher( "java.nio.file.Files", List.of("write", "writeString", "newOutputStream", "writeBytes", "writeAllBytes", "writeLines"), "java.io.File", - List.of("setWritable"), - "java.nio.channels.FileChannel", - List.of("open") + List.of("setWritable") ); // diff --git a/src/test/java/de/tum/cit/ase/ares/integration/testuser/subject/architectureTests/fileSystem/FileSystemAccessPenguin.java b/src/test/java/de/tum/cit/ase/ares/integration/testuser/subject/architectureTests/fileSystem/FileSystemAccessPenguin.java index ced459d4..ea40ab50 100644 --- a/src/test/java/de/tum/cit/ase/ares/integration/testuser/subject/architectureTests/fileSystem/FileSystemAccessPenguin.java +++ b/src/test/java/de/tum/cit/ase/ares/integration/testuser/subject/architectureTests/fileSystem/FileSystemAccessPenguin.java @@ -228,7 +228,7 @@ public static void accessFileSystemViaPrintStream() throws FileNotFoundException * Access the file system using the {@link FileChannel} class for writing. */ public static void accessFileSystemViaFileChannelWrite() throws IOException { - FileChannel fileChannel = FileChannel.open(Path.of("pom123.xml")); + FileChannel fileChannel = FileChannel.open(Path.of("pom123.xml"), StandardOpenOption.WRITE); fileChannel.write(ByteBuffer.allocate(10)); } From 8127354b65b0955d61b901fab1ba8d1176192b31 Mon Sep 17 00:00:00 2001 From: Markus Paulsen Date: Fri, 6 Dec 2024 11:21:58 +0100 Subject: [PATCH 4/4] Fixed FileChannel.open --- .../architectureTests/fileSystem/FileSystemAccessPenguin.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/test/java/de/tum/cit/ase/ares/integration/testuser/subject/architectureTests/fileSystem/FileSystemAccessPenguin.java b/src/test/java/de/tum/cit/ase/ares/integration/testuser/subject/architectureTests/fileSystem/FileSystemAccessPenguin.java index ea40ab50..20934da5 100644 --- a/src/test/java/de/tum/cit/ase/ares/integration/testuser/subject/architectureTests/fileSystem/FileSystemAccessPenguin.java +++ b/src/test/java/de/tum/cit/ase/ares/integration/testuser/subject/architectureTests/fileSystem/FileSystemAccessPenguin.java @@ -123,7 +123,7 @@ public static void accessFileSystemViaInputStreamReader() throws IOException { * Access the file system using the {@link FileChannel} class for reading. */ public static void accessFileSystemViaFileChannelRead() throws IOException { - FileChannel fileChannel = FileChannel.open(Path.of("pom123.xml")); + FileChannel fileChannel = FileChannel.open(Path.of("pom123.xml"), StandardOpenOption.READ); fileChannel.read(ByteBuffer.allocate(10)); }