From: Simon Steiner <ssteiner@apache.org>
Date: Tue, 7 Dec 2021 08:04:15 +0000 (+0000)
Subject: FOP-3038: Allow sections which need security permissions to be run when AllPermission... 
X-Git-Tag: fop-2_7~9
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=69ce536bf92f774d4d0a09d9068c1dbc972715f7;p=xmlgraphics-fop.git

FOP-3038: Allow sections which need security permissions to be run when AllPermission denied in caller code

git-svn-id: https://svn.apache.org/repos/asf/xmlgraphics/fop/trunk@1895652 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/fop-core/src/main/java/org/apache/fop/apps/FopFactory.java b/fop-core/src/main/java/org/apache/fop/apps/FopFactory.java
index 6708f2113..2685fe021 100644
--- a/fop-core/src/main/java/org/apache/fop/apps/FopFactory.java
+++ b/fop-core/src/main/java/org/apache/fop/apps/FopFactory.java
@@ -24,6 +24,8 @@ import java.io.IOException;
 import java.io.InputStream;
 import java.io.OutputStream;
 import java.net.URI;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
 import java.util.HashMap;
 import java.util.Map;
 import java.util.Set;
@@ -142,8 +144,14 @@ public final class FopFactory implements ImageContext {
      * @param baseURI the base URI to resolve resource URIs against
      * @return the requested FopFactory instance.
      */
-    public static FopFactory newInstance(URI baseURI) {
-        return new FopFactoryBuilder(baseURI).build();
+    public static FopFactory newInstance(final URI baseURI) {
+        return AccessController.doPrivileged(
+            new PrivilegedAction<FopFactory>() {
+                public FopFactory run() {
+                    return new FopFactoryBuilder(baseURI).build();
+                }
+            }
+        );
     }
 
     /**
diff --git a/fop-core/src/main/java/org/apache/fop/fo/FOTreeBuilder.java b/fop-core/src/main/java/org/apache/fop/fo/FOTreeBuilder.java
index 249f0e0fe..766b6188d 100644
--- a/fop-core/src/main/java/org/apache/fop/fo/FOTreeBuilder.java
+++ b/fop-core/src/main/java/org/apache/fop/fo/FOTreeBuilder.java
@@ -20,6 +20,8 @@
 package org.apache.fop.fo;
 
 import java.io.OutputStream;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
 
 import org.xml.sax.Attributes;
 import org.xml.sax.ContentHandler;
@@ -171,23 +173,49 @@ public class FOTreeBuilder extends DefaultHandler {
     }
 
     /** {@inheritDoc} */
-    public void startElement(String namespaceURI, String localName, String rawName,
-                             Attributes attlist) throws SAXException {
+    public void startElement(final String namespaceURI, final String localName, final String rawName,
+                             final Attributes attlist) throws SAXException {
         this.depth++;
         errorinstart = false;
-        try {
-            delegate.startElement(namespaceURI, localName, rawName, attlist);
-        } catch (SAXException e) {
+        final ContentHandler contentHandler = delegate;
+        SAXException saxException = AccessController.doPrivileged(
+            new PrivilegedAction<SAXException>() {
+                public SAXException run() {
+                    try {
+                        contentHandler.startElement(namespaceURI, localName, rawName, attlist);
+                    } catch (SAXException e) {
+                        return e;
+                    }
+                    return null;
+                }
+            }
+        );
+        if (saxException != null) {
             errorinstart = true;
-            throw e;
+            throw saxException;
         }
     }
 
     /** {@inheritDoc} */
-    public void endElement(String uri, String localName, String rawName)
-                throws SAXException {
+    public void endElement(final String uri, final String localName, final String rawName) throws SAXException {
         if (!errorinstart) {
-            this.delegate.endElement(uri, localName, rawName);
+            final ContentHandler contentHandler = delegate;
+            SAXException saxException = AccessController.doPrivileged(
+                new PrivilegedAction<SAXException>() {
+                    public SAXException run() {
+                        try {
+                            contentHandler.endElement(uri, localName, rawName);
+                        } catch (SAXException e) {
+                            return e;
+                        }
+                        return null;
+                    }
+                }
+            );
+            if (saxException != null) {
+                throw saxException;
+            }
+
             this.depth--;
             if (depth == 0) {
                 if (delegate != mainFOHandler) {
diff --git a/fop-core/src/test/java/org/apache/fop/apps/FopFactoryTestCase.java b/fop-core/src/test/java/org/apache/fop/apps/FopFactoryTestCase.java
index 439ffa44e..ee95810a6 100644
--- a/fop-core/src/test/java/org/apache/fop/apps/FopFactoryTestCase.java
+++ b/fop-core/src/test/java/org/apache/fop/apps/FopFactoryTestCase.java
@@ -19,7 +19,18 @@
 
 package org.apache.fop.apps;
 
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
 import java.io.IOException;
+import java.net.URI;
+import java.security.Permission;
+
+import javax.xml.transform.Result;
+import javax.xml.transform.Source;
+import javax.xml.transform.Transformer;
+import javax.xml.transform.TransformerFactory;
+import javax.xml.transform.sax.SAXResult;
+import javax.xml.transform.stream.StreamSource;
 
 import org.junit.Test;
 import org.xml.sax.SAXException;
@@ -63,4 +74,42 @@ public class FopFactoryTestCase extends BaseConstructiveUserConfigTest {
             fail(e.getMessage());
         }
     }
+
+    @Test
+    public void testSecurityManager() throws Exception {
+        System.setSecurityManager(new SecurityManager() {
+            public void checkPermission(Permission perm) {
+                for (StackTraceElement element : Thread.currentThread().getStackTrace()) {
+                    if (element.toString().contains("java.security.AccessController.doPrivileged")
+                            || element.toString().contains("newFop(")
+                            || element.toString().contains("setSecurityManager(")) {
+                        return;
+                    }
+                }
+                throw new RuntimeException("doPrivileged not used for " + perm);
+            }
+        });
+        FopFactory fopFactory = FopFactory.newInstance(new URI("."));
+        ByteArrayOutputStream out = new ByteArrayOutputStream();
+        String fo = "<fo:root xmlns:fo=\"http://www.w3.org/1999/XSL/Format\" "
+                + "xmlns:fox=\"http://xmlgraphics.apache.org/fop/extensions\">\n"
+                + "  <fo:layout-master-set>\n"
+                + "    <fo:simple-page-master master-name=\"simple\" page-height=\"27.9cm\" page-width=\"21.6cm\">\n"
+                + "      <fo:region-body />\n"
+                + "    </fo:simple-page-master>\n"
+                + "  </fo:layout-master-set>\n"
+                + "  <fo:page-sequence master-reference=\"simple\">\n"
+                + "    <fo:flow flow-name=\"xsl-region-body\">\n"
+                + " <fo:block font-size=\"100pt\">test2test2test2test2test2test2test2test2test2test2te"
+                + "st2test2test2test2test2test2test2</fo:block>     \n"
+                + "</fo:flow>\n"
+                + "  </fo:page-sequence>\n"
+                + "</fo:root>\n";
+        Fop fop = fopFactory.newFop(MimeConstants.MIME_PDF, fopFactory.newFOUserAgent(), out);
+        Transformer transformer = TransformerFactory.newInstance().newTransformer();
+        Source src = new StreamSource(new ByteArrayInputStream(fo.getBytes()));
+        Result res = new SAXResult(fop.getDefaultHandler());
+        transformer.transform(src, res);
+        System.setSecurityManager(null);
+    }
 }
diff --git a/fop/lib/xmlgraphics-commons-svn-trunk.jar b/fop/lib/xmlgraphics-commons-svn-trunk.jar
index 542966f5f..6368e1244 100644
Binary files a/fop/lib/xmlgraphics-commons-svn-trunk.jar and b/fop/lib/xmlgraphics-commons-svn-trunk.jar differ