FYI: Serialization throwpoint tests

FYI: Serialization throwpoint tests

[Gary Benson]

[-- Attachment #1: Type: text/plain, Size: 228 bytes --]

Hi again,

I just added throwpoint checks for java.io.ObjectInputStream and
java.io.ObjectOutputStream.  With this patch all throwpoints in
java.io.* are annotated, and all but a couple in java.io.File have
tests.

Cheers,
Gary

[-- Attachment #2: patch --]
[-- Type: text/plain, Size: 7660 bytes --]

Index: ChangeLog
===================================================================
RCS file: /cvs/mauve/mauve/ChangeLog,v
retrieving revision 1.1331
diff -u -r1.1331 ChangeLog
--- ChangeLog	4 Jan 2006 11:20:48 -0000	1.1331
+++ ChangeLog	4 Jan 2006 12:37:54 -0000
@@ -1,5 +1,10 @@
 2006-01-04  Gary Benson <gbenson@redhat.com>
 
+	* gnu/testlet/java/io/ObjectInputStream/security.java: New test.
+	* gnu/testlet/java/io/ObjectOutputStream/security.java: Likewise.
+
+2006-01-04  Gary Benson <gbenson@redhat.com>
+
 	* gnu/testlet/TestSecurityManager2.java (TestSecurityManager2):
 	Preload some classes to avoid infinite loops when in force.
 
Index: gnu/testlet/java/io/ObjectInputStream/security.java
===================================================================
RCS file: gnu/testlet/java/io/ObjectInputStream/security.java
diff -N gnu/testlet/java/io/ObjectInputStream/security.java
--- /dev/null	1 Jan 1970 00:00:00 -0000
+++ gnu/testlet/java/io/ObjectInputStream/security.java	4 Jan 2006 12:37:54 -0000
@@ -0,0 +1,106 @@
+// Copyright (C) 2006 Red Hat, Inc.
+// Written by Gary Benson <gbenson@redhat.com>
+
+// This file is part of Mauve.
+
+// Mauve is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; either version 2, or (at your option)
+// any later version.
+
+// Mauve is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Mauve; see the file COPYING.  If not, write to
+// the Free Software Foundation, 59 Temple Place - Suite 330,
+// Boston, MA 02111-1307, USA.
+
+package gnu.testlet.java.io.ObjectInputStream;
+
+import java.io.IOException;
+import java.io.ObjectInputStream;
+import java.io.SerializablePermission;
+import java.security.Permission;
+
+import gnu.testlet.Testlet;
+import gnu.testlet.TestHarness;
+import gnu.testlet.TestSecurityManager2;
+
+public class security implements Testlet
+{
+  public void test(TestHarness harness)
+  {
+    try {
+      TestObjectInputStream teststream = new TestObjectInputStream();
+  
+      Permission[] enableSubclassImplementation = new Permission[] {
+	new SerializablePermission("enableSubclassImplementation")};
+
+      Permission[] enableSubstitution = new Permission[] {
+	new SerializablePermission("enableSubstitution")};
+
+      Permission[] noPerms = new Permission[] {};
+
+      TestSecurityManager2 sm = new TestSecurityManager2(harness);
+      try {
+	sm.install();
+
+	// security: java.io.ObjectInputStream-ObjectInputStream
+	harness.checkPoint("constructor");
+	try {
+	  sm.prepareChecks(enableSubclassImplementation, noPerms);
+	  new TestObjectInputStream();
+	  sm.checkAllChecked(harness);
+	}
+	catch (SecurityException ex) {
+	  harness.debug(ex);
+	  harness.check(false, "unexpected check");
+	}
+
+	// security: java.io.ObjectInputStream-enableResolveObject
+	harness.checkPoint("enableResolveObject");
+	try {
+	  sm.prepareChecks(noPerms, noPerms);
+	  teststream.testEnableResolveObject(false);
+	  sm.checkAllChecked(harness);
+	}
+	catch (SecurityException ex) {
+	  harness.debug(ex);
+	  harness.check(false, "unexpected check");
+	}
+	try {
+	  sm.prepareChecks(enableSubstitution, noPerms);
+	  teststream.testEnableResolveObject(true);
+	  sm.checkAllChecked(harness);
+	}
+	catch (SecurityException ex) {
+	  harness.debug(ex);
+	  harness.check(false, "unexpected check");
+	}
+      }
+      finally {
+	sm.uninstall();
+      }
+    }
+    catch (Throwable ex) {
+      harness.debug(ex);
+      harness.check(false, "Unexpected exception");
+    }
+  }
+
+  private static class TestObjectInputStream extends ObjectInputStream
+  {
+    public TestObjectInputStream() throws IOException
+    {
+      super();
+    }
+
+    public boolean testEnableResolveObject(boolean enable)
+    {
+      return enableResolveObject(enable);
+    }
+  }
+}
Index: gnu/testlet/java/io/ObjectOutputStream/security.java
===================================================================
RCS file: gnu/testlet/java/io/ObjectOutputStream/security.java
diff -N gnu/testlet/java/io/ObjectOutputStream/security.java
--- /dev/null	1 Jan 1970 00:00:00 -0000
+++ gnu/testlet/java/io/ObjectOutputStream/security.java	4 Jan 2006 12:37:54 -0000
@@ -0,0 +1,106 @@
+// Copyright (C) 2006 Red Hat, Inc.
+// Written by Gary Benson <gbenson@redhat.com>
+
+// This file is part of Mauve.
+
+// Mauve is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; either version 2, or (at your option)
+// any later version.
+
+// Mauve is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Mauve; see the file COPYING.  If not, write to
+// the Free Software Foundation, 59 Temple Place - Suite 330,
+// Boston, MA 02111-1307, USA.
+
+package gnu.testlet.java.io.ObjectOutputStream;
+
+import java.io.IOException;
+import java.io.ObjectOutputStream;
+import java.io.SerializablePermission;
+import java.security.Permission;
+
+import gnu.testlet.Testlet;
+import gnu.testlet.TestHarness;
+import gnu.testlet.TestSecurityManager2;
+
+public class security implements Testlet
+{
+  public void test(TestHarness harness)
+  {
+    try {
+      TestObjectOutputStream teststream = new TestObjectOutputStream();
+  
+      Permission[] enableSubclassImplementation = new Permission[] {
+	new SerializablePermission("enableSubclassImplementation")};
+
+      Permission[] enableSubstitution = new Permission[] {
+	new SerializablePermission("enableSubstitution")};
+
+      Permission[] noPerms = new Permission[] {};
+
+      TestSecurityManager2 sm = new TestSecurityManager2(harness);
+      try {
+	sm.install();
+
+	// security: java.io.ObjectOutputStream-ObjectOutputStream
+	harness.checkPoint("constructor");
+	try {
+	  sm.prepareChecks(enableSubclassImplementation, noPerms);
+	  new TestObjectOutputStream();
+	  sm.checkAllChecked(harness);
+	}
+	catch (SecurityException ex) {
+	  harness.debug(ex);
+	  harness.check(false, "unexpected check");
+	}
+
+	// security: java.io.ObjectOutputStream-enableReplaceObject
+	harness.checkPoint("enableReplaceObject");
+	try {
+	  sm.prepareChecks(noPerms, noPerms);
+	  teststream.testEnableReplaceObject(false);
+	  sm.checkAllChecked(harness);
+	}
+	catch (SecurityException ex) {
+	  harness.debug(ex);
+	  harness.check(false, "unexpected check");
+	}
+	try {
+	  sm.prepareChecks(enableSubstitution, noPerms);
+	  teststream.testEnableReplaceObject(true);
+	  sm.checkAllChecked(harness);
+	}
+	catch (SecurityException ex) {
+	  harness.debug(ex);
+	  harness.check(false, "unexpected check");
+	}
+      }
+      finally {
+	sm.uninstall();
+      }
+    }
+    catch (Throwable ex) {
+      harness.debug(ex);
+      harness.check(false, "Unexpected exception");
+    }
+  }
+
+  private static class TestObjectOutputStream extends ObjectOutputStream
+  {
+    public TestObjectOutputStream() throws IOException
+    {
+      super();
+    }
+
+    public boolean testEnableReplaceObject(boolean enable)
+    {
+      return enableReplaceObject(enable);
+    }
+  }
+}