[JENKINS-60210] Whitelist all java.util.Collections methods

Type: Improvement
Resolution: Fixed
Priority: Minor
Component/s: script-security-plugin
Labels:
None

Similar Issues:
Powered by SuggestiMate

Show

We currently only have Collections.sort whiltelisted, but every method in this class is a static utility method that is safe. Also need to whitelist a couple of Throwable.printStackTrace variations. ~~JENKINS-57344~~ already whitelisted a few java.io methods to make it possible to write to a StringWriter, so together this will make it possible to log more detailed error messages that include exception stacktraces and make it easier to troubleshoot some issues.

Hari Dara created issue - 2019-11-19 09:49

Hari Dara added a comment - 2019-11-19 09:54

PR: https://github.com/jenkinsci/script-security-plugin/pull/280

Hari Dara added a comment - 2019-11-19 09:54 PR: https://github.com/jenkinsci/script-security-plugin/pull/280

Hari Dara made changes - 2019-11-19 09:54

Status

Original: Open [ 1 ]

New: In Progress [ 3 ]

Hari Dara made changes - 2019-11-19 09:54

Status

Original: In Progress [ 3 ]

New: In Review [ 10005 ]

Hari Dara added a comment - 2020-01-28 14:53

PR merged.

Hari Dara added a comment - 2020-01-28 14:53 PR merged.

Hari Dara made changes - 2020-01-28 14:53

Resolution		New: Fixed [ 1 ]
Status	Original: In Review [ 10005 ]	New: Fixed but Unreleased [ 10203 ]

Assignee:: Hari Dara

Reporter:: Hari Dara

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2019-11-19 09:49

Updated:: 2020-01-28 14:53

Resolved:: 2020-01-28 14:53

Jenkins

Details

Description

Attachments

Activity

Collapse comment: Hari Dara added a comment - 2019-11-19 09:54

Expand comment: Hari Dara added a comment - 2019-11-19 09:54

Collapse comment: Hari Dara added a comment - 2020-01-28 14:53

Expand comment: Hari Dara added a comment - 2020-01-28 14:53

People

Dates