diff options
author | Andrew Vuong <akvuong@google.com> | 2023-02-22 21:17:27 +0000 |
---|---|---|
committer | Andrew Vuong <akvuong@google.com> | 2023-02-22 21:17:27 +0000 |
commit | 757677e8848ed434bb36206b674db6d601cbe5e5 (patch) | |
tree | 2ab78e0ae0cda6d3ac8006cd6e0c6be8dc78a873 /velocity-engine-core/src/main/java/org/apache/velocity/util/introspection/SecureUberspector.java | |
parent | bc4c7a291f1579e1b6b903dc43b707a755577565 (diff) | |
parent | f2461dce3a7455fc0416a7b0b95ed4021eff714d (diff) | |
download | apache-velocity-engine-757677e8848ed434bb36206b674db6d601cbe5e5.tar.gz |
Merge of apache-velocity-engine from aosp/masteraml_tz4_332714010
Bug: 262898801
Test: mma
Change-Id: I68491a2e8b89245a1bff44d86023cec475ff902d
Diffstat (limited to 'velocity-engine-core/src/main/java/org/apache/velocity/util/introspection/SecureUberspector.java')
-rw-r--r-- | velocity-engine-core/src/main/java/org/apache/velocity/util/introspection/SecureUberspector.java | 85 |
1 files changed, 85 insertions, 0 deletions
diff --git a/velocity-engine-core/src/main/java/org/apache/velocity/util/introspection/SecureUberspector.java b/velocity-engine-core/src/main/java/org/apache/velocity/util/introspection/SecureUberspector.java new file mode 100644 index 00000000..bce6d084 --- /dev/null +++ b/velocity-engine-core/src/main/java/org/apache/velocity/util/introspection/SecureUberspector.java @@ -0,0 +1,85 @@ +package org.apache.velocity.util.introspection; + +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +import org.apache.velocity.runtime.RuntimeConstants; + +import java.util.Iterator; + +/** + * Use a custom introspector that prevents classloader related method + * calls. Use this introspector for situations in which template + * writers are numerous or untrusted. Specifically, this introspector + * prevents creation of arbitrary objects or reflection on objects. + * + * <p>To use this introspector, set the following property: + * <pre> + * introspector.uberspect.class = org.apache.velocity.util.introspection.SecureUberspector + * </pre> + * + * @author <a href="mailto:wglass@forio.com">Will Glass-Husain</a> + * @version $Id$ + * @since 1.5 + */ +public class SecureUberspector extends UberspectImpl +{ + /** + * init - generates the Introspector. As the setup code + * makes sure that the log gets set before this is called, + * we can initialize the Introspector using the log object. + */ + @Override + public void init() + { + String [] badPackages = rsvc.getConfiguration() + .getStringArray(RuntimeConstants.INTROSPECTOR_RESTRICT_PACKAGES); + + String [] badClasses = rsvc.getConfiguration() + .getStringArray(RuntimeConstants.INTROSPECTOR_RESTRICT_CLASSES); + + introspector = new SecureIntrospectorImpl(badClasses, badPackages, log); + } + + /** + * Get an iterator from the given object. Since the superclass method + * this secure version checks for execute permission. + * + * @param obj object to iterate over + * @param i line, column, template info + * @return Iterator for object + */ + @Override + public Iterator getIterator(Object obj, Info i) + { + if (obj != null) + { + SecureIntrospectorControl sic = (SecureIntrospectorControl)introspector; + if (sic.checkObjectExecutePermission(obj.getClass(), null)) + { + return super.getIterator(obj, i); + } + else + { + log.warn("Cannot retrieve iterator from {} due to security restrictions.", obj.getClass().getName()); + } + } + return null; + } +} |