Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-29541

workflow scripts can't use String.substring(int,int)

XMLWordPrintable

      1.609.1, wf 1.8, secript-scurity 1.14

      org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException: Scripts not permitted to use method java.lang.String substring int int

      same for gstring.

      org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException: Scripts not permitted to use method groovy.lang.GroovyObject invokeMethod java.lang.String java.lang.Object (org.codehaus.groovy.runtime.GStringImpl substring java.lang.Integer java.lang.Integer)

          [JENKINS-29541] workflow scripts can't use String.substring(int,int)

          James Nord created issue -

          Antonio Muñiz added a comment -

          I think this PR on script-security-plugin is solving the issue.

          Antonio Muñiz added a comment - I think this PR on script-security-plugin is solving the issue.

          James Nord added a comment - - edited

          the second issue looks like it may be resolved (when using GString) - but I don;t see how this would change the lack of white list for java.lang.String.substring(...)

          James Nord added a comment - - edited the second issue looks like it may be resolved (when using GString) - but I don;t see how this would change the lack of white list for java.lang.String.substring(...)

          Antonio Muñiz added a comment -

          Oh, yeah, I thought that substring was listed in DefaultGroovyMethods, but it's not

          Antonio Muñiz added a comment - Oh, yeah, I thought that substring was listed in DefaultGroovyMethods , but it's not
          Jesse Glick made changes -
          Component/s Original: workflow-plugin [ 18820 ]
          Jesse Glick made changes -
          Labels New: workflow
          Jesse Glick made changes -
          Link New: This issue is blocking JENKINS-25804 [ JENKINS-25804 ]
          Jesse Glick made changes -
          Status Original: Open [ 1 ] New: In Progress [ 3 ]
          Jesse Glick made changes -
          Remote Link New: This issue links to "PR 20 (Web Link)" [ 13104 ]

          SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: Jesse Glick
          Path:
          src/main/resources/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/generic-whitelist
          src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptorTest.java
          http://jenkins-ci.org/commit/script-security-plugin/45f6ad3caa5e4fb0b9ce7dfd4bf0d1ab1f487a57
          Log:
          JENKINS-29541 Reproduced problem in test.

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: Jesse Glick Path: src/main/resources/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/generic-whitelist src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptorTest.java http://jenkins-ci.org/commit/script-security-plugin/45f6ad3caa5e4fb0b9ce7dfd4bf0d1ab1f487a57 Log: JENKINS-29541 Reproduced problem in test.

            jglick Jesse Glick
            teilo James Nord
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: