Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
[JENKINS-49543] - Add direct unit test for module class whitelisting
(cherry picked from commit 800668b)
  • Loading branch information
oleg-nenashev authored and olivergondza committed Feb 28, 2018
1 parent db0bdde commit 2ce5036
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 1 deletion.
4 changes: 3 additions & 1 deletion core/src/main/java/jenkins/security/ClassFilterImpl.java
Expand Up @@ -24,6 +24,7 @@

package jenkins.security;

import com.google.common.annotations.VisibleForTesting;
import com.google.common.collect.ImmutableSet;
import hudson.ExtensionList;
import hudson.Main;
Expand Down Expand Up @@ -105,7 +106,8 @@ private static void mockOff() {
ClassFilter.setDefault(ClassFilter.NONE); // even Method on the standard blacklist is going to explode
}

private ClassFilterImpl() {}
@VisibleForTesting
/*package*/ ClassFilterImpl() {}

/** Whether a given class is blacklisted. */
private final Map<Class<?>, Boolean> cache = Collections.synchronizedMap(new WeakHashMap<>());
Expand Down
12 changes: 12 additions & 0 deletions test/src/test/java/jenkins/security/ClassFilterImplTest.java
Expand Up @@ -36,6 +36,7 @@
import hudson.model.FreeStyleProject;
import hudson.model.Result;
import hudson.model.Saveable;
import hudson.remoting.ClassFilter;
import hudson.tasks.BuildStepDescriptor;
import hudson.tasks.Builder;
import java.io.IOException;
Expand All @@ -51,6 +52,7 @@
import org.junit.ClassRule;
import org.junit.Rule;
import org.jvnet.hudson.test.BuildWatcher;
import org.jvnet.hudson.test.Issue;
import org.jvnet.hudson.test.JenkinsRule;
import org.jvnet.hudson.test.LoggerRule;
import org.jvnet.hudson.test.TestExtension;
Expand Down Expand Up @@ -149,6 +151,16 @@ public void xstreamRequiresWhitelist() throws Exception {
assertEquals(Collections.singleton(config), data.keySet());
assertThat(data.values().iterator().next().extra, allOf(containsString("LinkedListMultimap"), containsString("https://jenkins.io/redirect/class-filter/")));
}

@Test
@Issue("JENKINS-49543")
public void moduleClassesShouldBeWhitelisted() throws Exception {
ClassFilterImpl filter = new ClassFilterImpl();
filter.check("org.jenkinsci.main.modules.cli.auth.ssh.UserPropertyImpl");
filter.check("org.jenkinsci.modules.windows_slave_installer.WindowsSlaveInstaller");
filter.check("org.jenkinsci.main.modules.instance_identity.PageDecoratorImpl");
}

@TestExtension("xstreamRequiresWhitelist")
public static class Config extends GlobalConfiguration {
LinkedListMultimap<?, ?> obj;
Expand Down

0 comments on commit 2ce5036

Please sign in to comment.