mirror of https://github.com/apache/lucene.git
SOLR-4195: Further restrict security policy of tests to disallow writing to files outside the test's work dir (e.g. disallow writing to build/test-files)
git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1422368 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
parent
6af24c8866
commit
a9e41d20a3
|
@ -148,6 +148,7 @@ public class Compile {
|
|||
// no base token (stem) on a line
|
||||
}
|
||||
}
|
||||
in.close();
|
||||
|
||||
Optimizer o = new Optimizer();
|
||||
Optimizer2 o2 = new Optimizer2();
|
||||
|
|
|
@ -60,7 +60,9 @@ import java.io.BufferedReader;
|
|||
import java.io.DataInputStream;
|
||||
import java.io.File;
|
||||
import java.io.FileInputStream;
|
||||
import java.io.FileOutputStream;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.io.InputStreamReader;
|
||||
import java.io.LineNumberReader;
|
||||
import java.net.URI;
|
||||
|
@ -69,12 +71,18 @@ import java.util.StringTokenizer;
|
|||
|
||||
import org.apache.lucene.util.IOUtils;
|
||||
import org.apache.lucene.util.LuceneTestCase;
|
||||
import org.apache.lucene.util._TestUtil;
|
||||
|
||||
public class TestCompile extends LuceneTestCase {
|
||||
|
||||
public void testCompile() throws Exception {
|
||||
URI uri = getClass().getResource("testRules.txt").toURI();
|
||||
String path = uri.getPath();
|
||||
File dir = _TestUtil.getTempDir("testCompile");
|
||||
dir.mkdirs();
|
||||
InputStream input = getClass().getResourceAsStream("testRules.txt");
|
||||
File output = new File(dir, "testRules.txt");
|
||||
copy(input, output);
|
||||
input.close();
|
||||
String path = output.getAbsolutePath();
|
||||
Compile.main(new String[] {"test", path});
|
||||
String compiled = path + ".out";
|
||||
Trie trie = loadTrie(compiled);
|
||||
|
@ -84,8 +92,13 @@ public class TestCompile extends LuceneTestCase {
|
|||
}
|
||||
|
||||
public void testCompileBackwards() throws Exception {
|
||||
URI uri = getClass().getResource("testRules.txt").toURI();
|
||||
String path = uri.getPath();
|
||||
File dir = _TestUtil.getTempDir("testCompile");
|
||||
dir.mkdirs();
|
||||
InputStream input = getClass().getResourceAsStream("testRules.txt");
|
||||
File output = new File(dir, "testRules.txt");
|
||||
copy(input, output);
|
||||
input.close();
|
||||
String path = output.getAbsolutePath();
|
||||
Compile.main(new String[] {"-test", path});
|
||||
String compiled = path + ".out";
|
||||
Trie trie = loadTrie(compiled);
|
||||
|
@ -95,8 +108,13 @@ public class TestCompile extends LuceneTestCase {
|
|||
}
|
||||
|
||||
public void testCompileMulti() throws Exception {
|
||||
URI uri = getClass().getResource("testRules.txt").toURI();
|
||||
String path = uri.getPath();
|
||||
File dir = _TestUtil.getTempDir("testCompile");
|
||||
dir.mkdirs();
|
||||
InputStream input = getClass().getResourceAsStream("testRules.txt");
|
||||
File output = new File(dir, "testRules.txt");
|
||||
copy(input, output);
|
||||
input.close();
|
||||
String path = output.getAbsolutePath();
|
||||
Compile.main(new String[] {"Mtest", path});
|
||||
String compiled = path + ".out";
|
||||
Trie trie = loadTrie(compiled);
|
||||
|
@ -151,5 +169,20 @@ public class TestCompile extends LuceneTestCase {
|
|||
// no base token (stem) on a line
|
||||
}
|
||||
}
|
||||
|
||||
in.close();
|
||||
}
|
||||
|
||||
private static void copy(InputStream input, File output) throws IOException {
|
||||
FileOutputStream os = new FileOutputStream(output);
|
||||
try {
|
||||
byte buffer[] = new byte[1024];
|
||||
int len;
|
||||
while ((len = input.read(buffer)) > 0) {
|
||||
os.write(buffer, 0, len);
|
||||
}
|
||||
} finally {
|
||||
os.close();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -896,7 +896,7 @@
|
|||
<sysproperty key="java.io.tmpdir" value="." />
|
||||
|
||||
<!-- Restrict access to certain Java features and install security manager: -->
|
||||
<sysproperty key="tests.sandbox.dir" value="${build.dir}" />
|
||||
<sysproperty key="tests.sandbox.dir" value="${tests.tempDir}" />
|
||||
<sysproperty key="clover.db.dir" value="${clover.db.dir}" />
|
||||
<sysproperty key="java.security.manager" value="org.apache.lucene.util.TestSecurityManager" />
|
||||
<sysproperty key="java.security.policy" value="${common.dir}/tools/junit4/tests.policy" />
|
||||
|
|
|
@ -16,6 +16,8 @@
|
|||
*/
|
||||
package org.apache.solr.handler.dataimport;
|
||||
|
||||
import org.apache.commons.io.FileUtils;
|
||||
import org.junit.AfterClass;
|
||||
import org.junit.BeforeClass;
|
||||
import org.junit.Test;
|
||||
|
||||
|
@ -46,12 +48,22 @@ public class TestNonWritablePersistFile extends AbstractDataImportHandlerTestCas
|
|||
" </entity>\n" +
|
||||
" </document>\n" +
|
||||
"</dataConfig>\n";
|
||||
private static String tmpSolrHome;
|
||||
|
||||
@BeforeClass
|
||||
public static void beforeClass() throws Exception {
|
||||
initCore("dataimport-solrconfig.xml", "dataimport-schema.xml");
|
||||
public static void createTempSolrHomeAndCore() throws Exception {
|
||||
createTempDir();
|
||||
tmpSolrHome = TEMP_DIR + File.separator + TestNonWritablePersistFile.class.getSimpleName() + System.currentTimeMillis();
|
||||
FileUtils.copyDirectory(getFile("dih/solr"), new File(tmpSolrHome).getAbsoluteFile());
|
||||
initCore("dataimport-solrconfig.xml", "dataimport-schema.xml",
|
||||
new File(tmpSolrHome).getAbsolutePath());
|
||||
}
|
||||
|
||||
@AfterClass
|
||||
public static void destroyTempSolrHomeAndCore() throws Exception {
|
||||
FileUtils.deleteDirectory(new File(tmpSolrHome).getAbsoluteFile());
|
||||
}
|
||||
|
||||
@Test
|
||||
@SuppressWarnings("unchecked")
|
||||
public void testNonWritablePersistFile() throws Exception {
|
||||
|
|
Loading…
Reference in New Issue