Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-25119

Sandbox cannot handle methods Groovy provides additionally

    Details

    • Type: Bug
    • Status: Resolved (View Workflow)
    • Priority: Major
    • Resolution: Fixed
    • Component/s: script-security-plugin
    • Labels:
      None
    • Environment:
      Windows 8 64bit, Jenkins 1.509.4, groovy-postbuild 2.0, script-security 1.6
    • Similar Issues:

      Description

      Running a following script

      "30".toInteger();
      

      Results following error:

      org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException: unclassified method java.lang.String toInteger
      	at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor.onMethodCall(SandboxInterceptor.java:63)
      	at org.kohsuke.groovy.sandbox.impl.Checker$1.call(Checker.java:111)
      	at org.kohsuke.groovy.sandbox.impl.Checker.checkedCall(Checker.java:108)
      	at org.kohsuke.groovy.sandbox.impl.Checker$checkedCall.callStatic(Unknown Source)
      	at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCallStatic(CallSiteArray.java:50)
      	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callStatic(AbstractCallSite.java:157)
      	at Script1.run(Script1.groovy)
      	at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.GroovySandbox.run(GroovySandbox.java:119)
      	at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SecureGroovyScript.evaluate(SecureGroovyScript.java:160)
      	at org.jvnet.hudson.plugins.groovypostbuild.GroovyPostbuildRecorder.perform(GroovyPostbuildRecorder.java:355)
      	at hudson.tasks.BuildStepMonitor$1.perform(BuildStepMonitor.java:19)
      	at hudson.model.AbstractBuild$AbstractBuildExecution.perform(AbstractBuild.java:780)
      	at hudson.model.AbstractBuild$AbstractBuildExecution.performAllBuildSteps(AbstractBuild.java:752)
      	at hudson.model.Build$BuildExecution.post2(Build.java:183)
      	at hudson.model.AbstractBuild$AbstractBuildExecution.post(AbstractBuild.java:705)
      	at hudson.model.Run.execute(Run.java:1617)
      	at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:46)
      	at hudson.model.ResourceController.execute(ResourceController.java:88)
      	at hudson.model.Executor.run(Executor.java:237)
      

      It looks caused for String.toInteger() is not provided in JDK and additionally provided by Groovy.

        Attachments

          Issue Links

            Activity

            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: Jesse Glick
            Path:
            src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptorTest.java
            http://jenkins-ci.org/commit/script-security-plugin/c5cb52160a7a6296e6f9aee660d547abb18bb67d
            Log:
            Merge branch 'JENKINS-25119-addendum' into JENKINS-28586

            Compare: https://github.com/jenkinsci/script-security-plugin/compare/6d46df1cf867...c5cb52160a7a

            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Jesse Glick Path: src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptorTest.java http://jenkins-ci.org/commit/script-security-plugin/c5cb52160a7a6296e6f9aee660d547abb18bb67d Log: Merge branch ' JENKINS-25119 -addendum' into JENKINS-28586 Compare: https://github.com/jenkinsci/script-security-plugin/compare/6d46df1cf867...c5cb52160a7a
            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: Jesse Glick
            Path:
            src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptorTest.java
            http://jenkins-ci.org/commit/script-security-plugin/c6d43e762aa89ed0f13182059d219775708baa61
            Log:
            Merge pull request #14 from jglick/JENKINS-25119-addendum

            JENKINS-25119 Cleaning up test from #7

            Compare: https://github.com/jenkinsci/script-security-plugin/compare/6f16f00e0f19...c6d43e762aa8

            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Jesse Glick Path: src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptorTest.java http://jenkins-ci.org/commit/script-security-plugin/c6d43e762aa89ed0f13182059d219775708baa61 Log: Merge pull request #14 from jglick/ JENKINS-25119 -addendum JENKINS-25119 Cleaning up test from #7 Compare: https://github.com/jenkinsci/script-security-plugin/compare/6f16f00e0f19...c6d43e762aa8
            Hide
            batmat Baptiste Mathus added a comment -

            Another example I just ran into, not sure I should file a new issue or reopen this one:

            def date = Calendar.instance
            date.setTime(new Date())
            date.add(Calendar.HOUR_OF_DAY,-1)
            
            String oneHourAgo = date.getTime().format("yyyy-MM-dd'T'HH:mm:ss.SSS'Z'",TimeZone.getTimeZone('UTC'))
            

            Will trigger:

            [Pipeline] End of Pipeline
            org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException: unclassified method java.util.Date format java.lang.String sun.util.calendar.ZoneInfo
            	at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor.onMethodCall(SandboxInterceptor.java:74)
            

            With nothing ever showing up in the script approval page.

            Show
            batmat Baptiste Mathus added a comment - Another example I just ran into, not sure I should file a new issue or reopen this one: def date = Calendar.instance date.setTime( new Date()) date.add(Calendar.HOUR_OF_DAY,-1) String oneHourAgo = date.getTime().format( "yyyy-MM-dd 'T' HH:mm:ss.SSS 'Z' " ,TimeZone.getTimeZone( 'UTC' )) Will trigger: [Pipeline] End of Pipeline org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException: unclassified method java.util.Date format java.lang.String sun.util.calendar.ZoneInfo at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor.onMethodCall(SandboxInterceptor.java:74) With nothing ever showing up in the script approval page.
            Hide
            potatopankakes Jeff Burke added a comment -

            seems like same is true for:
            org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException: unclassified method java.lang.String allWhiteSpace

            Show
            potatopankakes Jeff Burke added a comment - seems like same is true for: org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException: unclassified method java.lang.String allWhiteSpace
            Hide
            jglick Jesse Glick added a comment -

            Baptiste Mathus Jeff Burke adding comments to closed issues is a waste of time. If you have something reproducible in current software releases that does not look like an obvious duplicate of an open bug, file a fresh bug with complete steps to reproduce from scratch in a self-contained test case yada yada.

            Show
            jglick Jesse Glick added a comment - Baptiste Mathus Jeff Burke adding comments to closed issues is a waste of time. If you have something reproducible in current software releases that does not look like an obvious duplicate of an open bug, file a fresh bug with complete steps to reproduce from scratch in a self-contained test case yada yada.

              People

              • Assignee:
                jglick Jesse Glick
                Reporter:
                ikedam ikedam
              • Votes:
                0 Vote for this issue
                Watchers:
                7 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: