Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-25118

GroovyPostbuildRecorder$BadgeManager.setBuildNumber cannot be used in sandbox

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved (View Workflow)
    • Priority: Major
    • Resolution: Fixed
    • Component/s: script-security-plugin
    • Labels:
      None
    • Environment:
      Windows 8 64bit, Jenkins 1.509.4, Groovy Postbuild 2.0, Script Security 1.6
    • Similar Issues:

      Description

      When groovy-postbuild uses GroovyPostbuildRecorder$BadgeManager.setBuildNumber in the script-security sandbox, the script fails with following log:

      Groovy script failed:
      
      org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException: unclassified method org.jvnet.hudson.plugins.groovypostbuild.GroovyPostbuildRecorder$BadgeManager setBuildNumber java.lang.Integer
      	at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor.onMethodCall(SandboxInterceptor.java:63)
      	at org.kohsuke.groovy.sandbox.impl.Checker$1.call(Checker.java:111)
      	at org.kohsuke.groovy.sandbox.impl.Checker.checkedCall(Checker.java:108)
      	at org.kohsuke.groovy.sandbox.impl.Checker$checkedCall.callStatic(Unknown Source)
      	at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCallStatic(CallSiteArray.java:50)
      	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callStatic(AbstractCallSite.java:157)
      	at Script1.run(Script1.groovy)
      	at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.GroovySandbox.run(GroovySandbox.java:119)
      	at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SecureGroovyScript.evaluate(SecureGroovyScript.java:160)
      	at org.jvnet.hudson.plugins.groovypostbuild.GroovyPostbuildRecorder.perform(GroovyPostbuildRecorder.java:355)
      	at hudson.tasks.BuildStepMonitor$1.perform(BuildStepMonitor.java:19)
      	at hudson.model.AbstractBuild$AbstractBuildExecution.perform(AbstractBuild.java:780)
      	at hudson.model.AbstractBuild$AbstractBuildExecution.performAllBuildSteps(AbstractBuild.java:752)
      	at hudson.model.Build$BuildExecution.post2(Build.java:183)
      	at hudson.model.AbstractBuild$AbstractBuildExecution.post(AbstractBuild.java:705)
      	at hudson.model.Run.execute(Run.java:1617)
      	at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:46)
      	at hudson.model.ResourceController.execute(ResourceController.java:88)
      	at hudson.model.Executor.run(Executor.java:237)
      

      And it's not recorded to pending signatures.

        Attachments

          Activity

          Hide
          ikedam ikedam added a comment -

          This looks caused for:

          • signature of setBuildNumber is boolean setBuildNumber (int).
          • Groovy passes integers with Integer.class.
          • GroovyCallSiteSelector fails to identify setBuildNumber as int.class.isinstance(new Integer(1)) returns false.
          Show
          ikedam ikedam added a comment - This looks caused for: signature of setBuildNumber is boolean setBuildNumber (int) . Groovy passes integers with Integer.class . GroovyCallSiteSelector fails to identify setBuildNumber as int.class.isinstance(new Integer(1)) returns false .
          Show
          ikedam ikedam added a comment - https://github.com/jenkinsci/script-security-plugin/pull/6
          Hide
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: ikedam
          Path:
          src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptorTest.java
          http://jenkins-ci.org/commit/script-security-plugin/80d2ccb63ebf517cfe1c68ba1f18267fcded2472
          Log:
          JENKINS-25118 Added a test to reproduce JENKINS-25118

          Show
          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: ikedam Path: src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptorTest.java http://jenkins-ci.org/commit/script-security-plugin/80d2ccb63ebf517cfe1c68ba1f18267fcded2472 Log: JENKINS-25118 Added a test to reproduce JENKINS-25118
          Hide
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: ikedam
          Path:
          src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovyCallSiteSelector.java
          http://jenkins-ci.org/commit/script-security-plugin/ba5b9ac9701d2e051fdf436b5cb43dfa4f027462
          Log:
          [FIXED JENKINS-25118] Matches primitives and wrapper types when matching methods.

          Show
          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: ikedam Path: src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovyCallSiteSelector.java http://jenkins-ci.org/commit/script-security-plugin/ba5b9ac9701d2e051fdf436b5cb43dfa4f027462 Log: [FIXED JENKINS-25118] Matches primitives and wrapper types when matching methods.
          Hide
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: Jesse Glick
          Path:
          src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptorTest.java
          http://jenkins-ci.org/commit/script-security-plugin/0240639d543544ef9546e11ca32c77b5b36c6628
          Log:
          JENKINS-25118 Enhanced test to make sure the call can be whitelisted, too.

          Show
          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Jesse Glick Path: src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptorTest.java http://jenkins-ci.org/commit/script-security-plugin/0240639d543544ef9546e11ca32c77b5b36c6628 Log: JENKINS-25118 Enhanced test to make sure the call can be whitelisted, too.

            People

            • Assignee:
              jglick Jesse Glick
              Reporter:
              ikedam ikedam
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: