aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEvgeny Mandrikov <mandrikov@gmail.com>2011-09-23 14:50:30 +0400
committerEvgeny Mandrikov <mandrikov@gmail.com>2011-09-23 17:00:34 +0400
commite00498300ccbe8f0381df2790e18f0188cd86eab (patch)
treec79d59137766c93fc716999c82df78e52e9f877e
parent553c0fcbd6433eed0e6e9f94e6e0c057a0de0b7c (diff)
downloadsonarqube-e00498300ccbe8f0381df2790e18f0188cd86eab.tar.gz
sonarqube-e00498300ccbe8f0381df2790e18f0188cd86eab.zip
SONAR-2824 Java Squid should use isolated ClassLoader for bytecode analysis
-rw-r--r--plugins/sonar-squid-java-plugin/src/main/java/org/sonar/java/bytecode/ClassworldsClassLoader.java2
-rw-r--r--plugins/sonar-squid-java-plugin/src/test/java/org/sonar/java/bytecode/ClassworldsClassLoaderTest.java20
2 files changed, 21 insertions, 1 deletions
diff --git a/plugins/sonar-squid-java-plugin/src/main/java/org/sonar/java/bytecode/ClassworldsClassLoader.java b/plugins/sonar-squid-java-plugin/src/main/java/org/sonar/java/bytecode/ClassworldsClassLoader.java
index 4cc10aedce1..6a814c8499f 100644
--- a/plugins/sonar-squid-java-plugin/src/main/java/org/sonar/java/bytecode/ClassworldsClassLoader.java
+++ b/plugins/sonar-squid-java-plugin/src/main/java/org/sonar/java/bytecode/ClassworldsClassLoader.java
@@ -45,7 +45,7 @@ public final class ClassworldsClassLoader {
public static ClassLoader create(Collection<File> bytecodeFilesOrDirectories) {
try {
ClassWorld world = new ClassWorld();
- ClassRealm realm = world.newRealm("squid.project");
+ ClassRealm realm = world.newRealm("squid.project", null /* explicit declaration that parent should be bootstrap class loader */);
for (File bytecode : bytecodeFilesOrDirectories) {
URL url = getURL(bytecode);
diff --git a/plugins/sonar-squid-java-plugin/src/test/java/org/sonar/java/bytecode/ClassworldsClassLoaderTest.java b/plugins/sonar-squid-java-plugin/src/test/java/org/sonar/java/bytecode/ClassworldsClassLoaderTest.java
index ea93533cffc..7f248c6eef3 100644
--- a/plugins/sonar-squid-java-plugin/src/test/java/org/sonar/java/bytecode/ClassworldsClassLoaderTest.java
+++ b/plugins/sonar-squid-java-plugin/src/test/java/org/sonar/java/bytecode/ClassworldsClassLoaderTest.java
@@ -19,6 +19,7 @@
*/
package org.sonar.java.bytecode;
+import org.codehaus.classworlds.ClassWorld;
import org.junit.Test;
import org.sonar.java.ast.SquidTestUtils;
@@ -39,6 +40,25 @@ public class ClassworldsClassLoaderTest {
assertThat(ClassworldsClassLoader.create(Collections.<File>emptyList()), not(nullValue()));
}
+ /**
+ * See SONAR-2824:
+ * ClassLoader created by {@link ClassworldsClassLoader},
+ * should be able to load classes only from JDK and from provided list of JAR-files,
+ * thus it shouldn't be able to load class {@link ClassWorld}.
+ */
+ @Test
+ public void shouldBeIsolated() throws ClassNotFoundException {
+ ClassLoader classloader = ClassworldsClassLoader.create(Collections.EMPTY_LIST);
+ try {
+ classloader.loadClass(ClassWorld.class.getName());
+ fail();
+ } catch (ClassNotFoundException e) {
+ // ok
+ }
+ assertThat(classloader.loadClass("java.lang.Integer"), not(nullValue()));
+ assertThat(classloader.getResource("java/lang/Integer.class"), not(nullValue()));
+ }
+
@Test
public void createFromDirectory() throws ClassNotFoundException {
File dir = SquidTestUtils.getFile("/bytecode/bin/");