Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 663002 Details for
Bug 884705
CVE-2013-1927 icedtea-web: GIFAR issue
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
[patch]
Suggested reproducer for icedtea-web automated testsuite
headerPositionVErification2-testSuite.patch (text/plain), 26.69 KB, created by
jiri vanek
on 2012-12-13 14:36:55 UTC
(
hide
)
Description:
Suggested reproducer for icedtea-web automated testsuite
Filename:
MIME Type:
Creator:
jiri vanek
Created:
2012-12-13 14:36:55 UTC
Size:
26.69 KB
patch
obsolete
>diff -r 1fe2a4f7981f tests/reproducers/custom/GifarCreator/srcs/Makefile >--- /dev/null Thu Jan 01 00:00:00 1970 +0000 >+++ b/tests/reproducers/custom/GifarCreator/srcs/Makefile Thu Dec 13 12:40:02 2012 +0100 >@@ -0,0 +1,17 @@ >+DEPLOY_SUBDIR=$(REPRODUCERS_TESTS_SERVER_DEPLOYDIR) >+GIF=$(DEPLOY_SUBDIR)/happyNonAnimated.gif >+JAR=$(DEPLOY_SUBDIR)/GifarBase.jar >+RESULT1=$(DEPLOY_SUBDIR)/Gifar.jar >+RESULT2=$(DEPLOY_SUBDIR)/Gifar.gif >+ >+#this is dependent on reproducers/signed/GifarBase >+ >+prepare-reproducer: >+ cat $(GIF) > $(RESULT1) >+ cat $(JAR) >> $(RESULT1) >+ cp $(RESULT1) $(RESULT2) >+ >+clean-reproducer: >+ rm -rf $(RESULT1) >+ rm -rf $(RESULT2) >+ >diff -r 1fe2a4f7981f tests/reproducers/signed/GifarBase/resources/gifarView_hacked.html >--- /dev/null Thu Jan 01 00:00:00 1970 +0000 >+++ b/tests/reproducers/signed/GifarBase/resources/gifarView_hacked.html Thu Dec 13 12:40:02 2012 +0100 >@@ -0,0 +1,48 @@ >+<!-- >+ >+This file is part of IcedTea. >+ >+IcedTea is free software; you can redistribute it and/or modify >+it under the terms of the GNU General Public License as published by >+the Free Software Foundation; either version 2, or (at your option) >+any later version. >+ >+IcedTea is distributed in the hope that it will be useful, but >+WITHOUT ANY WARRANTY; without even the implied warranty of >+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU >+General Public License for more details. >+ >+You should have received a copy of the GNU General Public License >+along with IcedTea; see the file COPYING. If not, write to the >+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA >+02110-1301 USA. >+ >+Linking this library statically or dynamically with other modules is >+making a combined work based on this library. Thus, the terms and >+conditions of the GNU General Public License cover the whole >+combination. >+ >+As a special exception, the copyright holders of this library give you >+permission to link this library with independent modules to produce an >+executable, regardless of the license terms of these independent >+modules, and to copy and distribute the resulting executable under >+terms of your choice, provided that you also meet, for each linked >+independent module, the terms and conditions of the license of that >+module. An independent module is a module which is not derived from >+or based on this library. If you modify this library, you may extend >+this exception to your version of the library, but you are not >+obligated to do so. If you do not wish to do so, delete this >+exception statement from your version. >+ >+ --> >+<html><head></head><body bgcolor="blue"> >+<p><applet code="GifarMain.class" archive="Gifar.gif" codebase="." width="250" height="200"> >+ <param name="image" value="Gifar.jar"> >+</applet></p> >+<p> >+<img alt="There should be gif image" src="happyNonAnimated.gif"/> >+<img alt="There should be gif image" src="Gifar.jar"/> >+<img alt="There should be gif image" src="Gifar.gif"/> >+</p> >+</body> >+</html> >diff -r 1fe2a4f7981f tests/reproducers/signed/GifarBase/resources/gifarView_ok.html >--- /dev/null Thu Jan 01 00:00:00 1970 +0000 >+++ b/tests/reproducers/signed/GifarBase/resources/gifarView_ok.html Thu Dec 13 12:40:02 2012 +0100 >@@ -0,0 +1,48 @@ >+<!-- >+ >+This file is part of IcedTea. >+ >+IcedTea is free software; you can redistribute it and/or modify >+it under the terms of the GNU General Public License as published by >+the Free Software Foundation; either version 2, or (at your option) >+any later version. >+ >+IcedTea is distributed in the hope that it will be useful, but >+WITHOUT ANY WARRANTY; without even the implied warranty of >+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU >+General Public License for more details. >+ >+You should have received a copy of the GNU General Public License >+along with IcedTea; see the file COPYING. If not, write to the >+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA >+02110-1301 USA. >+ >+Linking this library statically or dynamically with other modules is >+making a combined work based on this library. Thus, the terms and >+conditions of the GNU General Public License cover the whole >+combination. >+ >+As a special exception, the copyright holders of this library give you >+permission to link this library with independent modules to produce an >+executable, regardless of the license terms of these independent >+modules, and to copy and distribute the resulting executable under >+terms of your choice, provided that you also meet, for each linked >+independent module, the terms and conditions of the license of that >+module. An independent module is a module which is not derived from >+or based on this library. If you modify this library, you may extend >+this exception to your version of the library, but you are not >+obligated to do so. If you do not wish to do so, delete this >+exception statement from your version. >+ >+ --> >+<html><head></head><body bgcolor="blue"> >+<p><applet code="GifarMain.class" archive="GifarBase.jar" codebase="." width="250" height="200"> >+ <param name="image" value="Gifar.jar"> >+</applet></p> >+<p> >+<img alt="There should be gif image" src="happyNonAnimated.gif"/> >+<img alt="There should be gif image" src="Gifar.jar"/> >+<img alt="There should be gif image" src="Gifar.gif"/> >+</p> >+</body> >+</html> >diff -r 1fe2a4f7981f tests/reproducers/signed/GifarBase/resources/gifar_applet.jnlp >--- /dev/null Thu Jan 01 00:00:00 1970 +0000 >+++ b/tests/reproducers/signed/GifarBase/resources/gifar_applet.jnlp Thu Dec 13 12:40:02 2012 +0100 >@@ -0,0 +1,65 @@ >+<!-- >+ >+This file is part of IcedTea. >+ >+IcedTea is free software; you can redistribute it and/or modify >+it under the terms of the GNU General Public License as published by >+the Free Software Foundation; either version 2, or (at your option) >+any later version. >+ >+IcedTea is distributed in the hope that it will be useful, but >+WITHOUT ANY WARRANTY; without even the implied warranty of >+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU >+General Public License for more details. >+ >+You should have received a copy of the GNU General Public License >+along with IcedTea; see the file COPYING. If not, write to the >+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA >+02110-1301 USA. >+ >+Linking this library statically or dynamically with other modules is >+making a combined work based on this library. Thus, the terms and >+conditions of the GNU General Public License cover the whole >+combination. >+ >+As a special exception, the copyright holders of this library give you >+permission to link this library with independent modules to produce an >+executable, regardless of the license terms of these independent >+modules, and to copy and distribute the resulting executable under >+terms of your choice, provided that you also meet, for each linked >+independent module, the terms and conditions of the license of that >+module. An independent module is a module which is not derived from >+or based on this library. If you modify this library, you may extend >+this exception to your version of the library, but you are not >+obligated to do so. If you do not wish to do so, delete this >+exception statement from your version. >+ >+ --> >+<?xml version="1.0" encoding="utf-8"?> >+<jnlp spec="1.0" href="gifar_applet.jnlp" codebase="."> >+ <information> >+ <title>GifarView</title> >+ <vendor>IcedTea</vendor> >+ <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/> >+ <description>Gifar issue</description> >+ <offline/> >+ </information> >+ <resources> >+ <j2se version="1.4+"/> >+ <jar href="Gifar.gif"/> >+ </resources> >+ <security> >+ <all-permissions/> >+ </security> >+ <applet-desc >+ documentBase="." >+ name="Gifar" >+ main-class="GifarMain" >+ width="250" >+ height="200"> >+ <param name="image" value="Gifar.jar"/> >+ </applet-desc> >+</jnlp> >+ >+ >+</applet-desc> >diff -r 1fe2a4f7981f tests/reproducers/signed/GifarBase/resources/gifar_application.jnlp >--- /dev/null Thu Jan 01 00:00:00 1970 +0000 >+++ b/tests/reproducers/signed/GifarBase/resources/gifar_application.jnlp Thu Dec 13 12:40:02 2012 +0100 >@@ -0,0 +1,60 @@ >+<!-- >+ >+This file is part of IcedTea. >+ >+IcedTea is free software; you can redistribute it and/or modify >+it under the terms of the GNU General Public License as published by >+the Free Software Foundation; either version 2, or (at your option) >+any later version. >+ >+IcedTea is distributed in the hope that it will be useful, but >+WITHOUT ANY WARRANTY; without even the implied warranty of >+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU >+General Public License for more details. >+ >+You should have received a copy of the GNU General Public License >+along with IcedTea; see the file COPYING. If not, write to the >+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA >+02110-1301 USA. >+ >+Linking this library statically or dynamically with other modules is >+making a combined work based on this library. Thus, the terms and >+conditions of the GNU General Public License cover the whole >+combination. >+ >+As a special exception, the copyright holders of this library give you >+permission to link this library with independent modules to produce an >+executable, regardless of the license terms of these independent >+modules, and to copy and distribute the resulting executable under >+terms of your choice, provided that you also meet, for each linked >+independent module, the terms and conditions of the license of that >+module. An independent module is a module which is not derived from >+or based on this library. If you modify this library, you may extend >+this exception to your version of the library, but you are not >+obligated to do so. If you do not wish to do so, delete this >+exception statement from your version. >+ >+ --> >+<?xml version="1.0" encoding="utf-8"?> >+<jnlp spec="1.0" href="gifar_application.jnlp" codebase="."> >+ <information> >+ <title>GifarView</title> >+ <vendor>IcedTea</vendor> >+ <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/> >+ <description>Gifar issue</description> >+ <offline/> >+ </information> >+ <security> >+ <all-permissions/> >+ </security> >+ <resources> >+ <j2se version="1.4+"/> >+ <jar href="Gifar.gif"/> >+ </resources> >+ <application-desc main-class="GifarMain"> >+ <argument>Gifar.jar</argument> >+ </application-desc> >+</jnlp> >+ >+ >+</applet-desc> >diff -r 1fe2a4f7981f tests/reproducers/signed/GifarBase/resources/happyNonAnimated.gif >Binary file tests/reproducers/signed/GifarBase/resources/happyNonAnimated.gif has changed >diff -r 1fe2a4f7981f tests/reproducers/signed/GifarBase/srcs/GifarMain.java >--- /dev/null Thu Jan 01 00:00:00 1970 +0000 >+++ b/tests/reproducers/signed/GifarBase/srcs/GifarMain.java Thu Dec 13 12:40:02 2012 +0100 >@@ -0,0 +1,212 @@ >+ >+import java.awt.BorderLayout; >+import java.awt.image.BufferedImage; >+import java.net.URL; >+import javax.imageio.ImageIO; >+import javax.jnlp.BasicService; >+import javax.jnlp.ServiceManager; >+import javax.swing.Icon; >+import javax.swing.ImageIcon; >+import javax.swing.JApplet; >+import javax.swing.JFrame; >+import javax.swing.JLabel; >+ >+/* AppletTest.java >+ Copyright (C) 2011 Red Hat, Inc. >+ >+ This file is part of IcedTea. >+ >+ IcedTea is free software; you can redistribute it and/or >+ modify it under the terms of the GNU General Public License as published by >+ the Free Software Foundation, version 2. >+ >+ IcedTea is distributed in the hope that it will be useful, >+ but WITHOUT ANY WARRANTY; without even the implied warranty of >+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU >+ General Public License for more details. >+ >+ You should have received a copy of the GNU General Public License >+ along with IcedTea; see the file COPYING. If not, write to >+ the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA >+ 02110-1301 USA. >+ >+ Linking this library statically or dynamically with other modules is >+ making a combined work based on this library. Thus, the terms and >+ conditions of the GNU General Public License cover the whole >+ combination. >+ >+ As a special exception, the copyright holders of this library give you >+ permission to link this library with independent modules to produce an >+ executable, regardless of the license terms of these independent >+ modules, and to copy and distribute the resulting executable under >+ terms of your choice, provided that you also meet, for each linked >+ independent module, the terms and conditions of the license of that >+ module. An independent module is a module which is not derived from >+ or based on this library. If you modify this library, you may extend >+ this exception to your version of the library, but you are not >+ obligated to do so. If you do not wish to do so, delete this >+ exception statement from your version. >+ */ >+public class GifarMain extends JApplet { >+ >+ boolean isApplet = true; >+ String defaultPath = "happyNonAnimated.gif"; >+ String imageName; >+ URL path = null; >+ >+ private class Killer extends Thread { >+ >+ public int n = 3000; >+ >+ @Override >+ public void run() { >+ try { >+ Thread.sleep(n); >+ System.out.println("gifar killing himself after " + n + " ms of life"); >+ System.exit(0); >+ } catch (Exception ex) { >+ } >+ } >+ } >+ private Killer killer; >+ >+ @Override >+ public void init() { >+ System.out.println("gifar was initialised"); >+ killer = new Killer(); >+ this.setLayout(new BorderLayout()); >+ String futurePath = null; >+ if (isApplet) { >+ futurePath = getParameter("image"); >+ if ("yes".equals(futurePath)) { >+ imageName = defaultPath; >+ } else if (futurePath != null) { >+ imageName = futurePath; >+ } >+ } >+ } >+ >+ @Override >+ public void start() { >+ System.out.println("gifar is starting"); >+ String s = "<html>" + System.getProperty("java.vm.version") + "<br>" >+ + System.getProperty("java.vm.vendor") + "<br>" >+ + System.getProperty("java.vm.name") + "<br>" >+ + System.getProperty("java.specification.version") + "<br>" >+ + System.getProperty("java.specification.vendor") + "<br>" >+ + System.getProperty("java.specification.name") + "</html>"; >+ JLabel jLabel1 = new JLabel(s); >+ this.add(jLabel1, BorderLayout.NORTH); >+ System.out.println("Used image: " + imageName); >+ if (imageName != null) { >+ try { >+ path = new URL(getIndependentCodebase(), imageName); >+ System.out.println("Loading: "+path.toString()); >+ JLabel jLabel2 = new JLabel(loadIcon(path)); >+ System.out.println("Image loaded"); >+ this.add(jLabel2, BorderLayout.SOUTH); >+ } catch (Exception ex) { >+ //ex.printStackTrace(); >+ throw new RuntimeException(ex); >+ } >+ } >+ killer.start(); >+ System.out.println("is applet: " + isApplet); >+ System.out.println("gifar was started"); >+ } >+ >+ Icon loadIcon(URL u) { >+ try { >+ BufferedImage i = ImageIO.read(u.openStream()); >+ return new ImageIcon(i); >+ } catch (Exception ex) { >+ throw new RuntimeException(ex); >+ } >+ >+ >+ } >+ >+ public URL getIndependentCodebase() { >+ try { >+ URL u1 = getCodeBaseApplet(); >+ URL u2 = getCodeBaseJavaws(); >+ if (u1 != null) { >+ return u1; >+ } >+ if (u2 != null) { >+ return u2; >+ } >+ return new URL("http://localhost:44321/"); >+ } catch (Exception ex) { >+ throw new RuntimeException(ex); >+ } >+ >+ } >+ >+ public URL getCodeBaseApplet() { >+ try { >+ URL codebase = getCodeBase(); >+ if (codebase != null) { >+ System.out.println("applet codebase: " + codebase.toString()); >+ return codebase; >+ } else { >+ System.out.println("applet codebase: null"); >+ } >+ } catch (Exception ex) { >+ ex.printStackTrace(); >+ System.out.println("applet codebase: null"); >+ } >+ return null; >+ } >+ >+ public URL getCodeBaseJavaws() { >+ try { >+ BasicService bs = (BasicService) ServiceManager.lookup("javax.jnlp.BasicService"); >+ URL codebase = bs.getCodeBase(); >+ if (codebase != null) { >+ System.out.println("javaws codebase: " + codebase.toString()); >+ return codebase; >+ } else { >+ System.out.println("javaws codebase: null"); >+ } >+ } catch (Exception ex) { >+ ex.printStackTrace(); >+ System.out.println("javaws codebase: null"); >+ } >+ return null; >+ } >+ >+ @Override >+ public void stop() { >+ System.out.println("gifar was stopped"); >+ } >+ >+ @Override >+ public void destroy() { >+ System.out.println("gifar will be destroyed"); >+ } >+ >+ public static void main(String args[]) { >+ final JFrame f = new JFrame(); >+ f.setLayout(new BorderLayout()); >+ f.setSize(250, 200); >+ GifarMain gm = new GifarMain(); >+ gm.isApplet = false; >+ f.add(gm); >+ gm.init(); >+ if (args.length > 0) { >+ if ("yes".equals(args[0])) { >+ gm.imageName = gm.defaultPath; >+ } else { >+ gm.imageName = args[0]; >+ } >+ } >+ gm.start(); >+ f.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE); >+ java.awt.EventQueue.invokeLater(new Runnable() { >+ public void run() { >+ f.setVisible(true); >+ } >+ }); >+ } >+} >diff -r 1fe2a4f7981f tests/reproducers/signed/GifarBase/testcases/GifarTestcases.java >--- /dev/null Thu Jan 01 00:00:00 1970 +0000 >+++ b/tests/reproducers/signed/GifarBase/testcases/GifarTestcases.java Thu Dec 13 12:40:02 2012 +0100 >@@ -0,0 +1,206 @@ >+/* AppletTestTests.java >+ Copyright (C) 2011 Red Hat, Inc. >+ >+ This file is part of IcedTea. >+ >+ IcedTea is free software; you can redistribute it and/or >+ modify it under the terms of the GNU General Public License as published by >+ the Free Software Foundation, version 2. >+ >+ IcedTea is distributed in the hope that it will be useful, >+ but WITHOUT ANY WARRANTY; without even the implied warranty of >+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU >+ General Public License for more details. >+ >+ You should have received a copy of the GNU General Public License >+ along with IcedTea; see the file COPYING. If not, write to >+ the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA >+ 02110-1301 USA. >+ >+ Linking this library statically or dynamically with other modules is >+ making a combined work based on this library. Thus, the terms and >+ conditions of the GNU General Public License cover the whole >+ combination. >+ >+ As a special exception, the copyright holders of this library give you >+ permission to link this library with independent modules to produce an >+ executable, regardless of the license terms of these independent >+ modules, and to copy and distribute the resulting executable under >+ terms of your choice, provided that you also meet, for each linked >+ independent module, the terms and conditions of the license of that >+ module. An independent module is a module which is not derived from >+ or based on this library. If you modify this library, you may extend >+ this exception to your version of the library, but you are not >+ obligated to do so. If you do not wish to do so, delete this >+ exception statement from your version. >+ */ >+ >+import java.awt.image.BufferedImage; >+import java.io.File; >+import java.io.IOException; >+import java.util.Arrays; >+import java.util.List; >+import javax.imageio.ImageIO; >+import net.sourceforge.jnlp.ClosingListener; >+import net.sourceforge.jnlp.ProcessResult; >+import net.sourceforge.jnlp.ServerAccess; >+import net.sourceforge.jnlp.annotations.NeedsDisplay; >+import net.sourceforge.jnlp.annotations.TestInBrowsers; >+import net.sourceforge.jnlp.browsertesting.BrowserTest; >+import net.sourceforge.jnlp.browsertesting.Browsers; >+import net.sourceforge.jnlp.closinglisteners.RulesFolowingClosingListener; >+import net.sourceforge.jnlp.runtime.JNLPRuntime; >+import net.sourceforge.jnlp.util.InvalidJarHeaderException; >+import net.sourceforge.jnlp.util.JarFile; >+import org.junit.Assert; >+import org.junit.Test; >+ >+public class GifarTestcases extends BrowserTest { >+ >+ List<String> trustIgnore = Arrays.asList(new String[]{ServerAccess.HEADLES_OPTION, "-Xtrustall", "-Xignoreheaders"}); >+ List<String> trust = Arrays.asList(new String[]{ServerAccess.HEADLES_OPTION, "-Xtrustall"}); >+ RulesFolowingClosingListener.ContainsRule exceptionRule = new RulesFolowingClosingListener.ContainsRule(InvalidJarHeaderException.class.getName()); >+ RulesFolowingClosingListener.ContainsRule okRule = new RulesFolowingClosingListener.ContainsRule("Image loaded"); >+ RulesFolowingClosingListener.ContainsRule sucideRule = new RulesFolowingClosingListener.ContainsRule("gifar killing himself"); >+ >+ private ClosingListener getExceptionClosingListener() { >+ return new RulesFolowingClosingListener(exceptionRule); >+ } >+ >+ private ClosingListener getOkClosingListener() { >+ return new RulesFolowingClosingListener(okRule, sucideRule); >+ } >+ File okJar = new File(server.getDir(), "GifarBase.jar"); >+ File hackedJar = new File(server.getDir(), "Gifar.jar"); >+ File okImage = new File(server.getDir(), "happyNonAnimated.gif"); >+ File hackedImage = new File(server.getDir(), "Gifar.gif"); >+ >+ @Test >+ public void unittest_verify_okJar() throws IOException { >+ JNLPRuntime.setIgnoreHeaders(false); >+ JarFile j1 = new JarFile(okJar); >+ Assert.assertNotNull(j1); >+ JNLPRuntime.setIgnoreHeaders(true); >+ JarFile j2 = new JarFile(okJar); >+ Assert.assertNotNull(j2); >+ >+ } >+ >+ @Test >+ public void unittest_verify_badJar() throws IOException { >+ JNLPRuntime.setIgnoreHeaders(false); >+ Exception ex=null; >+ JarFile j1=null; >+ try{ >+ j1 = new JarFile(hackedJar); >+ }catch(InvalidJarHeaderException e){ >+ ex=e; >+ } >+ Assert.assertNull(j1); >+ Assert.assertNotNull(ex); >+ Assert.assertEquals(InvalidJarHeaderException.class, ex.getClass()); >+ JNLPRuntime.setIgnoreHeaders(true); >+ JarFile j2 = new JarFile(hackedJar); >+ Assert.assertNotNull(j2); >+ >+ } >+ >+ >+ @Test >+ public void unittest_verify_badImageAsJar() throws IOException { >+ JNLPRuntime.setIgnoreHeaders(false); >+ Exception ex=null; >+ JarFile j1=null; >+ try{ >+ j1 = new JarFile(hackedImage); >+ }catch(InvalidJarHeaderException e){ >+ ex=e; >+ } >+ Assert.assertNull(j1); >+ Assert.assertNotNull(ex); >+ Assert.assertEquals(InvalidJarHeaderException.class, ex.getClass()); >+ JNLPRuntime.setIgnoreHeaders(true); >+ JarFile j2 = new JarFile(hackedImage); >+ Assert.assertNotNull(j2); >+ >+ } >+ >+ @Test >+ public void unittest_verify_okImage() throws IOException { >+ JNLPRuntime.setIgnoreHeaders(false); >+ BufferedImage j1 = ImageIO.read(okImage); >+ Assert.assertNotNull(j1); >+ JNLPRuntime.setIgnoreHeaders(true); >+ BufferedImage j2 = ImageIO.read(okImage); >+ Assert.assertNotNull(j2); >+ >+ } >+ >+ @Test >+ public void unittest_verify_badImaqe() throws IOException { >+ JNLPRuntime.setIgnoreHeaders(false); >+ BufferedImage j1 = ImageIO.read(hackedImage); >+ Assert.assertNotNull(j1); >+ JNLPRuntime.setIgnoreHeaders(true); >+ BufferedImage j2 = ImageIO.read(hackedImage); >+ Assert.assertNotNull(j2); >+ >+ } >+ @Test >+ @NeedsDisplay >+ public void GifarViaJnlp_application() throws Exception { >+ ProcessResult pr = server.executeJavaws(trust, "gifar_application.jnlp"); >+ Assert.assertEquals((Integer) 0, pr.returnValue); >+ Assert.assertFalse("stdout " + okRule.toFailingString() + " but did", okRule.evaluate(pr.stdout)); >+ Assert.assertTrue("stderr " + exceptionRule.toPassingString() + " but did'nt", exceptionRule.evaluate(pr.stderr)); >+ } >+ >+ @Test >+ @NeedsDisplay >+ public void GifarViaJnlp_application_ignoreHeaders() throws Exception { >+ ProcessResult pr = server.executeJavaws(trustIgnore, "gifar_application.jnlp"); >+ Assert.assertEquals((Integer) 0, pr.returnValue); >+ Assert.assertTrue("stdout " + okRule.toPassingString() + " but didn't", okRule.evaluate(pr.stdout)); >+ Assert.assertFalse("stderr " + exceptionRule.toFailingString() + " but did", exceptionRule.evaluate(pr.stderr)); >+ } >+ >+ @Test >+ @NeedsDisplay >+ public void GifarViaJnlp_applet() throws Exception { >+ ProcessResult pr = server.executeJavaws(trust, "gifar_applet.jnlp"); >+ Assert.assertEquals((Integer) 0, pr.returnValue); >+ Assert.assertFalse("stdout " + okRule.toFailingString() + " but did", okRule.evaluate(pr.stdout)); >+ Assert.assertTrue("stderr " + exceptionRule.toPassingString() + " but didn't", exceptionRule.evaluate(pr.stderr)); >+ } >+ >+ @Test >+ @NeedsDisplay >+ public void GifarViaJnlp_applet_ignoreHeaders() throws Exception { >+ ProcessResult pr = server.executeJavaws(trustIgnore, "gifar_applet.jnlp"); >+ Assert.assertEquals((Integer) 0, pr.returnValue); >+ Assert.assertTrue("stdout " + okRule.toPassingString() + " but didn't", okRule.evaluate(pr.stdout)); >+ Assert.assertFalse("stderr " + exceptionRule.toFailingString() + " but did", exceptionRule.evaluate(pr.stderr)); >+ } >+ >+ @Test >+ @TestInBrowsers(testIn = {Browsers.all}) >+ @NeedsDisplay >+ public void GifarViaBrowser_hacked() throws Exception { >+ ProcessResult pr = server.executeBrowser("gifarView_hacked.html", getOkClosingListener(), getExceptionClosingListener()); >+ Assert.assertFalse("stdout " + okRule.toFailingString() + " but did", okRule.evaluate(pr.stdout)); >+ Assert.assertTrue("stderr " + exceptionRule.toPassingString() + " but didn't", exceptionRule.evaluate(pr.stderr)); >+ >+ >+ } >+ >+ @Test >+ @TestInBrowsers(testIn = {Browsers.one}) >+ @NeedsDisplay >+ public void GifarViaBrowser_ok() throws Exception { >+ ProcessResult pr = server.executeBrowser("gifarView_ok.html", getOkClosingListener(), getExceptionClosingListener()); >+ Assert.assertTrue("stdout " + okRule.toPassingString() + " but didn't", okRule.evaluate(pr.stdout)); >+ Assert.assertFalse("stderr " + exceptionRule.toFailingString() + " but did", exceptionRule.evaluate(pr.stderr)); >+ >+ >+ } >+}
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=663002">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 884705
:
659469
| 663002 |
663003