• Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Minor Minor
    • script-security-plugin
    • Jenkins 2.73.3, Script Security Plugin 1.36, RedHat Release Server 7.3-7.el7.x86_64

      After upgrading the Script Security Plugin from 1.35 to 1.36, some methods are no longer recognized as valid methods if the first parameters value is null. Find an example below. Probably related to issues JENKINS-47893 or JENKINS-47159 fixed in version 1.36.

       

      I tried to downgrade the plugin from 1.36 to 1.35, and after restarting Jenkins, all pipelines broke, since there were other updated plugins depending on version 1.36. Had to stick with version 1.36 and change the method's logic to check nulls before calling the method that uses varargs.

       

      def printDebugMethodStart(methodName, ... parameters = null) {

             // logic doesn't matter
      }

       

      // This call works

      printDebugMethodStart("myMethod", "param1", "param2", "paramn")

       

      // This call fails (perfectly good case, since I do have 3 parameters in this varargs, but the first parameter happens to have null value)

      printDebugMethodStart("myMethod", null, "param2", "paramn")

       

      // Error details

      java.lang.NoSuchMethodError: No such DSL method 'printDebugMethodStart' found among steps [archive, bat, build, catchError, checkout, deleteDir, dir, dockerFingerprintFrom, dockerFingerprintRun, echo, envVarsForTool, error, fileExists, findFiles, getContext, git, httpRequest, input, isUnix, junit, library, libraryResource, load, mail, milestone, nexusArtifactUploader, nexusPolicyEvaluation, nexusPublisher, node, parallel, powershell, properties, pwd, readFile, readJSON, readManifest, readMavenPom, readProperties, readTrusted, readYaml, registerWebhook, resolveScm, retry, script, sh, sha1, sleep, stage, stash, step, svn, timeout, timestamps, tm, tool, touch, unarchive, unstash, unzip, validateDeclarativePipeline, waitForQualityGate, waitForWebhook, waitUntil, withContext, withCredentials, withDockerContainer, withDockerRegistry, withDockerServer, withEnv, wrap, writeFile, writeJSON, writeMavenPom, writeYaml, ws, zip] or symbols [all, allOf, always, ant, antFromApache, antOutcome, antTarget, any, anyOf, apiToken, architecture, archiveArtifacts, artifactManager, authorizationMatrix, batchFile, booleanParam, branch, buildButton, buildDiscarder, caseInsensitive, caseSensitive, certificate, changelog, changeset, choice, choiceParam, clock, cloud, command, credentials, cron, crumb, defaultView, demand, disableConcurrentBuilds, docker, dockerCert, dockerfile, downloadSettings, downstream, dumb, envVars, environment, expression, file, fileParam, filePath, fingerprint, frameOptions, freeStyle, freeStyleJob, fromScm, fromSource, git, headRegexFilter, headWildcardFilter, hyperlink, hyperlinkToModels, inheriting, inheritingGlobal, installSource, jdk, jdkInstaller, jgit, jgitapache, jnlp, jobDsl, jobName, label, lastDuration, lastFailure, lastGrantedAuthorities, lastStable, lastSuccess, legacy, legacySCM, list, local, location, logRotator, loggedInUsersCanDoAnything, masterBuild, maven, maven3Mojos, mavenErrors, mavenMojos, mavenWarnings, modernSCM, msbuild, msbuildError, msbuildWarning, myView, node, nodeProperties, nonInheriting, nonStoredPasswordParam, none, not, overrideIndexTriggers, paneStatus, parameters, password, pattern, pipeline-model, pipelineTriggers, plainText, plugin, pollSCM, projectNamingStrategy, proxy, queueItemAuthenticator, quietPeriod, remotingCLI, run, runParam, schedule, scmRetryCount, search, security, shell, skipDefaultCheckout, skipStagesAfterUnstable, slave, sourceRegexFilter, sourceWildcardFilter, sshUserPrivateKey, stackTrace, standard, status, string, stringParam, swapSpace, text, textParam, tmpSpace, toolLocation, unsecured, upstream, usernameColonPassword, usernamePassword, viewsTabBar, weather, withAnt, withSonarQubeEnv, zfs, zip] or globals [currentBuild, docker, env, params, pipeline, scm]
      at org.jenkinsci.plugins.workflow.cps.DSL.invokeMethod(DSL.java:173)
      at org.jenkinsci.plugins.workflow.cps.CpsScript.invokeMethod(CpsScript.java:108)
      at sun.reflect.GeneratedMethodAccessor277.invoke(Unknown Source)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      at java.lang.reflect.Method.invoke(Method.java:498)
      at org.codehaus.groovy.reflection.CachedMethod.invoke(CachedMethod.java:93)
      at groovy.lang.MetaMethod.doMethodInvoke(MetaMethod.java:325)
      at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1213)
      at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
      at org.codehaus.groovy.runtime.callsite.PogoMetaClassSite.call(PogoMetaClassSite.java:42)
      at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
      at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
      at org.kohsuke.groovy.sandbox.impl.Checker$1.call(Checker.java:155)
      at org.kohsuke.groovy.sandbox.GroovyInterceptor.onMethodCall(GroovyInterceptor.java:23)
      at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor.onMethodCall(SandboxInterceptor.java:133)
      at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor.onMethodCall(SandboxInterceptor.java:120)
      at org.kohsuke.groovy.sandbox.impl.Checker$1.call(Checker.java:153)
      at org.kohsuke.groovy.sandbox.impl.Checker.checkedCall(Checker.java:157)
      at org.kohsuke.groovy.sandbox.impl.Checker.checkedCall(Checker.java:122)
      at org.kohsuke.groovy.sandbox.impl.Checker.checkedCall(Checker.java:127)
      at com.cloudbees.groovy.cps.sandbox.SandboxInvoker.methodCall(SandboxInvoker.java:17)
      at WorkflowScript.run(WorkflowScript:52)
      at __cps.transform__(Native Method)
      at com.cloudbees.groovy.cps.impl.ContinuationGroup.methodCall(ContinuationGroup.java:57)
      at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.dispatchOrArg(FunctionCallBlock.java:109)
      at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.fixArg(FunctionCallBlock.java:82)
      at sun.reflect.GeneratedMethodAccessor252.invoke(Unknown Source)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      at java.lang.reflect.Method.invoke(Method.java:498)
      at com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72)
      at com.cloudbees.groovy.cps.impl.ConstantBlock.eval(ConstantBlock.java:21)
      at com.cloudbees.groovy.cps.Next.step(Next.java:83)
      at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:174)
      at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:163)
      at org.codehaus.groovy.runtime.GroovyCategorySupport$ThreadCategoryInfo.use(GroovyCategorySupport.java:122)
      at org.codehaus.groovy.runtime.GroovyCategorySupport.use(GroovyCategorySupport.java:261)
      at com.cloudbees.groovy.cps.Continuable.run0(Continuable.java:163)
      at org.jenkinsci.plugins.workflow.cps.SandboxContinuable.access$001(SandboxContinuable.java:19)
      at org.jenkinsci.plugins.workflow.cps.SandboxContinuable$1.call(SandboxContinuable.java:35)
      at org.jenkinsci.plugins.workflow.cps.SandboxContinuable$1.call(SandboxContinuable.java:32)
      at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.GroovySandbox.runInSandbox(GroovySandbox.java:108)
      at org.jenkinsci.plugins.workflow.cps.SandboxContinuable.run0(SandboxContinuable.java:32)
      at org.jenkinsci.plugins.workflow.cps.CpsThread.runNextChunk(CpsThread.java:174)
      at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.run(CpsThreadGroup.java:331)
      at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.access$100(CpsThreadGroup.java:82)
      at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:243)
      at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:231)
      at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$2.call(CpsVmExecutorService.java:64)
      at java.util.concurrent.FutureTask.run(FutureTask.java:266)
      at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:112)
      at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28)
      at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
      at java.util.concurrent.FutureTask.run(FutureTask.java:266)
      at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
      at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
      at java.lang.Thread.run(Thread.java:748)

          [JENKINS-48364] Varargs not recognized when first arg is null

          Daniel Beck added a comment -

          I wonder whether casting null to the expected type makes a difference.

          Daniel Beck added a comment - I wonder whether casting null to the expected type makes a difference.

          Jesse Glick added a comment -

          Doubtful. IIRC the special tricks that the Groovy compiler uses to support both dynamic typing and overload resolution using casts just break down when you go through layers of compiler transformers.

          Jesse Glick added a comment - Doubtful. IIRC the special tricks that the Groovy compiler uses to support both dynamic typing and overload resolution using casts just break down when you go through layers of compiler transformers.

          Andrew Bayer added a comment -

          Found the problem - our type checking for whether something's a valid varargs case looks at the first parameter after the "fixed" parameters and checks if it's an instance of the varargs component type before proceeding. null, strangely enough, is not an instance of any type. =) So in the PR at https://github.com/jenkinsci/script-security-plugin/pull/168, I've added special-casing for null.

          Andrew Bayer added a comment - Found the problem - our type checking for whether something's a valid varargs case looks at the first parameter after the "fixed" parameters and checks if it's an instance of the varargs component type before proceeding. null , strangely enough, is not an instance of any type. =) So in the PR at https://github.com/jenkinsci/script-security-plugin/pull/168 , I've added special-casing for null .

          Code changed in jenkins
          User: Andrew Bayer
          Path:
          src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovyCallSiteSelector.java
          src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptorTest.java
          http://jenkins-ci.org/commit/script-security-plugin/deda81c27a88cecf92077e1666374a9b6abeb0ef
          Log:
          [FIXED JENKINS-48364] Treat null first vararg param properly.

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: Andrew Bayer Path: src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovyCallSiteSelector.java src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptorTest.java http://jenkins-ci.org/commit/script-security-plugin/deda81c27a88cecf92077e1666374a9b6abeb0ef Log: [FIXED JENKINS-48364] Treat null first vararg param properly.

          After upgrading to 1.38 I still get an exception. In this case, the thrown exception is the one reported in https://issues.jenkins-ci.org/browse/JENKINS-48501

          To reproduce it, just create a Pipeline and use a script like the one indicated by Antonio Matos.

          Francisco Fernández added a comment - After upgrading to 1.38 I still get an exception. In this case, the thrown exception is the one reported in  https://issues.jenkins-ci.org/browse/JENKINS-48501 To reproduce it, just create a Pipeline and use a script like the one indicated by Antonio Matos.

            abayer Andrew Bayer
            acxmatos Antonio Matos
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: