SecurityExceptions when analyzing JARs with broken/expired signatures
See <https://github.com/wala/WALA/issues/100>
This commit is contained in:
parent
065a3ff767
commit
e2e5bcf435
|
@ -457,7 +457,7 @@ public abstract class IRTests {
|
|||
if (libFile.exists()) {
|
||||
foundLib = true;
|
||||
try {
|
||||
engine.addSystemModule(new JarFileModule(new JarFile(libFile)));
|
||||
engine.addSystemModule(new JarFileModule(new JarFile(libFile, false)));
|
||||
} catch (IOException e) {
|
||||
Assert.fail(e.getMessage());
|
||||
}
|
||||
|
|
|
@ -49,7 +49,7 @@ public class Java7CallGraphTest extends DynamicCallGraphTestBase {
|
|||
F.deleteOnExit();
|
||||
|
||||
AnalysisScope scope = CallGraphTestUtil.makeJ2SEAnalysisScope("base.txt", CallGraphTestUtil.REGRESSION_EXCLUSIONS);
|
||||
scope.addToScope(ClassLoaderReference.Application, new JarFile(F));
|
||||
scope.addToScope(ClassLoaderReference.Application, new JarFile(F, false));
|
||||
|
||||
ClassHierarchy cha = ClassHierarchy.make(scope);
|
||||
Iterable<Entrypoint> entrypoints = com.ibm.wala.ipa.callgraph.impl.Util.makeMainEntrypoints(scope, cha, "Lpack/ocamljavaMain");
|
||||
|
|
|
@ -104,7 +104,7 @@ public class SimpleThreadEscapeAnalysis extends AbstractAnalysisEngine {
|
|||
collectJars(files[i], result);
|
||||
}
|
||||
} else if (f.getAbsolutePath().endsWith(".jar")) {
|
||||
result.add(new JarFile(f));
|
||||
result.add(new JarFile(f, false));
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -330,7 +330,7 @@ public class SimpleThreadEscapeAnalysis extends AbstractAnalysisEngine {
|
|||
|
||||
Set<JarFile> jars = HashSetFactory.make();
|
||||
for (int i = 1; i < args.length; i++) {
|
||||
jars.add(new JarFile(args[i]));
|
||||
jars.add(new JarFile(args[i], false));
|
||||
}
|
||||
|
||||
Set<IClass> escapingTypes = (new SimpleThreadEscapeAnalysis(jars, mainClassName)).gatherThreadEscapingClasses();
|
||||
|
|
|
@ -58,7 +58,7 @@ public abstract class AbstractNestedJarFileModule implements Module {
|
|||
}
|
||||
cache = HashMapFactory.make();
|
||||
try {
|
||||
final JarInputStream stream = new JarInputStream(getNestedContents());
|
||||
final JarInputStream stream = new JarInputStream(getNestedContents(), false);
|
||||
for (ZipEntry z = stream.getNextEntry(); z != null; z = stream.getNextEntry()) {
|
||||
final String name = z.getName();
|
||||
if (DEBUG) {
|
||||
|
|
|
@ -321,7 +321,7 @@ public class ClassLoaderImpl implements IClassLoader {
|
|||
}
|
||||
Map<String, Object> result = HashMapFactory.make();
|
||||
try {
|
||||
JarInputStream s = new JarInputStream(new ByteArrayInputStream(jarFileContents));
|
||||
JarInputStream s = new JarInputStream(new ByteArrayInputStream(jarFileContents), false);
|
||||
JarEntry entry = null;
|
||||
while ((entry = s.getNextJarEntry()) != null) {
|
||||
byte[] entryBytes = getEntryBytes(entry, entrySizesForFile.get(entry.getName()), s);
|
||||
|
|
|
@ -177,7 +177,7 @@ public class AnalysisScopeReader {
|
|||
} else if ("stdlib".equals(entryType)) {
|
||||
String[] stdlibs = WalaProperties.getJ2SEJarFiles();
|
||||
for (int i = 0; i < stdlibs.length; i++) {
|
||||
scope.addToScope(walaLoader, new JarFile(stdlibs[i]));
|
||||
scope.addToScope(walaLoader, new JarFile(stdlibs[i], false));
|
||||
}
|
||||
} else {
|
||||
Assertions.UNREACHABLE();
|
||||
|
@ -222,7 +222,7 @@ public class AnalysisScopeReader {
|
|||
while (paths.hasMoreTokens()) {
|
||||
String path = paths.nextToken();
|
||||
if (path.endsWith(".jar")) {
|
||||
JarFile jar = new JarFile(path);
|
||||
JarFile jar = new JarFile(path, false);
|
||||
scope.addToScope(loader, jar);
|
||||
try {
|
||||
if (jar.getManifest() != null) {
|
||||
|
|
|
@ -175,7 +175,7 @@ public class FileProvider {
|
|||
return new JarFileModule(new JarFile(filePath, false));
|
||||
} else {
|
||||
final URLConnection in = url.openConnection();
|
||||
final JarInputStream jarIn = new JarInputStream(in.getInputStream());
|
||||
final JarInputStream jarIn = new JarInputStream(in.getInputStream(), false);
|
||||
return new JarStreamModule(jarIn);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -170,7 +170,7 @@ public abstract class OfflineInstrumenterBase {
|
|||
cachedJar.close();
|
||||
}
|
||||
cachedJarFile = file;
|
||||
cachedJar = new JarFile(file);
|
||||
cachedJar = new JarFile(file, false);
|
||||
return cachedJar;
|
||||
}
|
||||
}
|
||||
|
@ -230,7 +230,7 @@ public abstract class OfflineInstrumenterBase {
|
|||
* Add a JAR file containing source classes to instrument.
|
||||
*/
|
||||
final public void addInputJar(File f) throws IOException {
|
||||
JarFile jf = new JarFile(f);
|
||||
JarFile jf = new JarFile(f, false);
|
||||
for (Enumeration<JarEntry> e = jf.entries(); e.hasMoreElements();) {
|
||||
JarEntry entry = e.nextElement();
|
||||
String name = entry.getName();
|
||||
|
|
Loading…
Reference in New Issue