Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-43519

security sandbox should whitelist #eachWithIndex

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Minor
    • Resolution: Duplicate
    • Component/s: script-security-plugin
    • Labels:
      None
    • Environment:
      script-security 1.27
    • Similar Issues:

      Description

       Issue 1) #eachWithIndex blows up unless it is used inside of a method marked as @NonCPS.  Eg.

      java.lang.UnsupportedOperationException: Calling public static java.util.List org.codehaus.groovy.runtime.DefaultGroovyMethods.eachWithIndex(java.util.List,groovy.lang.Closure) on a CPS-transformed closure is not yet supported (JENKINS-26481); encapsulate in a @NonCPS method, or use Java-style loops
      

      Issue 2) This method is not whitelisted

      @NonCPS
      def String myjoin(String ... parts) {
       String text = null
      def n = parts.size()
       parts.eachWithIndex { x, i ->
         if (text == null) {
           text = x
         } else {
           text += x
         }
         if (i < (n - 1)) {
           text += '/'
         }
        }
        return text
      }
      echo myjoin('a', 'b')
      

       

      org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException: Scripts not permitted to use staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods eachWithIndex java.lang.Object groovy.lang.Closure
      

       

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                jhoblitt Joshua Hoblitt
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: