-
Bug
-
Resolution: Fixed
-
Major
-
None
-
Windows 8 64bit, Jenkins 1.509.4, groovy-postbuild 2.0, script-security 1.6
Running a following script
"30".toInteger();
Results following error:
org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException: unclassified method java.lang.String toInteger at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor.onMethodCall(SandboxInterceptor.java:63) at org.kohsuke.groovy.sandbox.impl.Checker$1.call(Checker.java:111) at org.kohsuke.groovy.sandbox.impl.Checker.checkedCall(Checker.java:108) at org.kohsuke.groovy.sandbox.impl.Checker$checkedCall.callStatic(Unknown Source) at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCallStatic(CallSiteArray.java:50) at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callStatic(AbstractCallSite.java:157) at Script1.run(Script1.groovy) at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.GroovySandbox.run(GroovySandbox.java:119) at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SecureGroovyScript.evaluate(SecureGroovyScript.java:160) at org.jvnet.hudson.plugins.groovypostbuild.GroovyPostbuildRecorder.perform(GroovyPostbuildRecorder.java:355) at hudson.tasks.BuildStepMonitor$1.perform(BuildStepMonitor.java:19) at hudson.model.AbstractBuild$AbstractBuildExecution.perform(AbstractBuild.java:780) at hudson.model.AbstractBuild$AbstractBuildExecution.performAllBuildSteps(AbstractBuild.java:752) at hudson.model.Build$BuildExecution.post2(Build.java:183) at hudson.model.AbstractBuild$AbstractBuildExecution.post(AbstractBuild.java:705) at hudson.model.Run.execute(Run.java:1617) at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:46) at hudson.model.ResourceController.execute(ResourceController.java:88) at hudson.model.Executor.run(Executor.java:237)
It looks caused for String.toInteger() is not provided in JDK and additionally provided by Groovy.
- is related to
-
-
- Reopened
-
-
-
- Resolved
-
[JENKINS-25119] Sandbox cannot handle methods Groovy provides additionally
ikedam
created issue -
This is at root a problem in the Groovy Sandbox library, that it fails to tell an interceptor the real call site.
| Assignee | Original: Jesse Glick [ jglick ] | New: Kohsuke Kawaguchi [ kohsuke ] |
I think this was already fixed in 1.11; file a PR with a test proving it (or demonstrating otherwise).
ikedam
made changes -
| Assignee | Original: Kohsuke Kawaguchi [ kohsuke ] | New: ikedam [ ikedam ] |
ikedam
added a comment - Now it works! Thanks.
I'll add a test for that. | Assignee | Original: ikedam [ ikedam ] | New: Jesse Glick [ jglick ] |
| Resolution | New: Fixed [ 1 ] | |
| Status | Original: Open [ 1 ] | New: Resolved [ 5 ] |
Code changed in jenkins
User: ikedam
Path:
src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptorTest.java
http://jenkins-ci.org/commit/script-security-plugin/d90c1f5c5c4523157f7c42dd0bd410376ed5a78b
Log:
JENKINS-25119 Added a test for additional methods in the Groovy environment.
Code changed in jenkins
User: Jesse Glick
Path:
src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptorTest.java
http://jenkins-ci.org/commit/script-security-plugin/1b3b7dc40512ca1401bb30ea280867400d85b344
Log:
Merge pull request #7 from ikedam/feature/JENKINS-25119_testDefaultGroovyMethods
JENKINS-25119 a test for additional methods in the Groovy environment
Compare: https://github.com/jenkinsci/script-security-plugin/compare/e016e3292f63...1b3b7dc40512
Methods groovy provides for String: http://groovy.codehaus.org/groovy-jdk/java/lang/String.html
I don't know how Groovy handle them.
Maybe this is a limitation (no workaround).