[API CHANGE] Remove unused CPLD_ACCESS feature from C++/Java component loaders

...introduced in 2000 with 38974aee "added library loading limitation by using env variable CPLD_ACCESSPATH=path1;path2; etc." and 9be3c618 "#80090# restrict jar file access to java system property com.sun.star.comp.loader.CPLD_ACCESSPATH" but already in 2004 considered "a hack [that] seems to be unused nowadays" in 1d3164df "CWS sb20: #i29119# Replaced sandbox.jar-based class loader with an own one." Change-Id: I637afd5daeb4ca097edd17f834c81af892dcfc6a

[API CHANGE] Remove unused CPLD_ACCESS feature from C++/Java component loaders
...introduced in 2000 with 38974aee "added library loading limitation by using env variable CPLD_ACCESSPATH=path1;path2; etc." and 9be3c618 "#80090# restrict jar file access to java system property com.sun.star.comp.loader.CPLD_ACCESSPATH" but already in 2004 considered "a hack [that] seems to be unused nowadays" in 1d3164df "CWS sb20: #i29119# Replaced sandbox.jar-based class loader with an own one." Change-Id: I637afd5daeb4ca097edd17f834c81af892dcfc6a
3fb51feb · Stephan Bergmann · e669d631 · 3fb51feb · 3fb51feb · 3fb51feb
Kaydet (Commit) 3fb51feb authored Eyl 30, 2013 tarafından Stephan Bergmann
Showing with 4 additions and 233 deletions

shlib.cxx cppuhelper/source/shlib.cxx +1 -169

shlib.hxx include/cppuhelper/shlib.hxx +3 -6

RegistrationClassFinder.java jurt/com/sun/star/comp/loader/RegistrationClassFinder.java +0 -58

No files found.
--- a/cppuhelper/source/shlib.cxx
+++ b/cppuhelper/source/shlib.cxx
@@ -17,14 +17,13 @@
 *   the License at http://www.apache.org/licenses/LICENSE-2.0 .
 */
-#include <config_features.h>
+#include "sal/config.h"
 #include "osl/diagnose.h"
 #include "osl/file.hxx"
 #include "osl/mutex.hxx"
 #include "osl/module.hxx"
 #include "rtl/ustrbuf.hxx"
-#include "rtl/instance.hxx"
 #include "uno/environment.h"
 #include "uno/mapping.hxx"
 #include "cppuhelper/factory.hxx"
@@ -33,7 +32,6 @@
 #include "com/sun/star/beans/XPropertySet.hpp"
 #include <stdio.h>
-#include <vector>
 #ifdef ANDROID
 #include <osl/detail/android-bootstrap.h>
@@ -54,155 +52,8 @@ using rtl::OUStringBuffer;
 namespace cppu
 {
-#if OSL_DEBUG_LEVEL > 1
-//------------------------------------------------------------------------------
-static inline void out( const char * p ) SAL_THROW(())
-{
-    printf( "%s\n", p );
-}
-static inline void out( const OUString & r ) throw ()
-{
-    OString s( OUStringToOString( r, RTL_TEXTENCODING_ASCII_US ) );
-    out( s.getStr() );
-}
-#endif
-namespace
-{
-    class buildAccessDPath
-    {
-    private:
-        ::std::vector< OUString > m_aAccessDPath;
-        bool m_bCPLD_ACCESSPATHSet;
-    public:
-        buildAccessDPath() : m_bCPLD_ACCESSPATHSet(false)
-        {
-            const char * pEnv = ::getenv( "CPLD_ACCESSPATH" );
-            if (pEnv)
-            {
-                m_bCPLD_ACCESSPATHSet = true;
-                OString aEnv( pEnv );
-                sal_Int32 nIndex = 0;
-                do
-                {
-                    OUString aStr( OStringToOUString(
-                        aEnv.getToken( 0, ';', nIndex ),
-                        RTL_TEXTENCODING_ASCII_US ) );
-                    OUString aFileUrl;
-                    if (FileBase::getFileURLFromSystemPath(aStr, aFileUrl)
-                        != FileBase::E_None)
-                    {
-                        OSL_ASSERT(false);
-                    }
-                    m_aAccessDPath.push_back( aFileUrl );
-                } while( nIndex != -1 );
-    #if OSL_DEBUG_LEVEL > 1
-                out( "> cpld: acknowledged following access path(s): \"" );
-                ::std::vector< OUString >::const_iterator iPos( m_aAccessDPath.begin() );
-                while (iPos != m_aAccessDPath.end())
-                {
-                    out( *iPos );
-                    ++iPos;
-                    if (iPos != m_aAccessDPath.end())
-                        out( ";" );
-                }
-                out( "\"\n" );
-    #endif
-            }
-            else
-            {
-                // no access path env set
-    #if OSL_DEBUG_LEVEL > 1
-                out( "=> no CPLD_ACCESSPATH set.\n" );
-    #endif
-            }
-        }
-        ::std::vector< OUString >* getAccessDPath() { return m_bCPLD_ACCESSPATHSet ? &m_aAccessDPath : NULL; }
-    };
-    class theAccessDPath : public rtl::Static<buildAccessDPath, theAccessDPath> {};
-}
 #ifndef DISABLE_DYNLOADING
-static const ::std::vector< OUString > * getAccessDPath() SAL_THROW(())
-{
-    return theAccessDPath::get().getAccessDPath();
-}
-//------------------------------------------------------------------------------
-static bool checkAccessPath( OUString * pComp ) throw ()
-{
-    const ::std::vector< OUString > * pPath = getAccessDPath();
-    if (pPath)
-    {
-        sal_Bool bAbsolute = pComp->startsWith( "file://" );
-        for ( ::std::vector< OUString >::const_iterator iPos( pPath->begin() );
-              iPos != pPath->end(); ++iPos )
-        {
-            OUString aBaseDir( *iPos );
-            OUString aAbs;
-            if ( bAbsolute )
-            {
-                aAbs = *pComp;
-#if OSL_DEBUG_LEVEL > 1
-                out( "> taking path: \"" );
-                out( aAbs );
-#endif
-            }
-            else
-            {
-                if (osl_File_E_None !=
-                    ::osl_getAbsoluteFileURL(
-                        aBaseDir.pData, pComp->pData, &aAbs.pData ))
-                {
-                    continue;
-                }
-#if OSL_DEBUG_LEVEL > 1
-                out( "> found path: \"" );
-                out( aBaseDir );
-                out( "\" + \"" );
-                out( *pComp );
-                out( "\" => \"" );
-                out( aAbs );
-#endif
-            }
-            if (0 == aAbs.indexOf( aBaseDir ) && // still part of it?
-                aBaseDir.getLength() < aAbs.getLength() &&
-                (aBaseDir[ aBaseDir.getLength() -1 ] == (sal_Unicode)'/' ||
-                 // dir boundary
-                 aAbs[ aBaseDir.getLength() ] == (sal_Unicode)'/'))
-            {
-#if OSL_DEBUG_LEVEL > 1
-                out( ": ok.\n" );
-#endif
-                // load from absolute path
-                *pComp = aAbs;
-                return true;
-            }
-#if OSL_DEBUG_LEVEL > 1
-            else
-            {
-                out( "\" ...does not match given path \"" );
-                out( aBaseDir );
-                out( "\".\n" );
-            }
-#endif
-        }
-        return false;
-    }
-    else
-    {
-        // no access path env set
-        return true;
-    }
-}
-//------------------------------------------------------------------------------
 static OUString makeComponentPath(
    const OUString & rLibName, const OUString & rPath )
 {
@@ -490,15 +341,6 @@ Reference< XInterface > SAL_CALL loadSharedLibComponentFactory(
 #endif
    OUString aModulePath( makeComponentPath( sLibName, rPath ) );
-    if (! checkAccessPath( &aModulePath ))
-    {
-        OUString const msg(
-                "permission denied to load component library: " + aModulePath);
-        SAL_WARN("cppuhelper", msg);
-        throw loader::CannotActivateFactoryException(msg,
-            Reference< XInterface >() );
-    }
    oslModule lib = osl_loadModule(
        aModulePath.pData, SAL_LOADMODULE_LAZY | SAL_LOADMODULE_GLOBAL );
    if (! lib)
@@ -662,16 +504,6 @@ void SAL_CALL writeSharedLibComponentInfo(
    SAL_THROW( (registry::CannotRegisterImplementationException) )
 {
    OUString aModulePath( makeComponentPath( rLibName, rPath ) );
-    if (! checkAccessPath( &aModulePath ))
-    {
-        OUString const msg(
-                "permission denied to load component library: " + aModulePath);
-        SAL_WARN("cppuhelper", msg);
-        throw registry::CannotRegisterImplementationException(msg,
-            Reference< XInterface >() );
-    }
    oslModule lib = osl_loadModule(
        aModulePath.pData, SAL_LOADMODULE_LAZY | SAL_LOADMODULE_GLOBAL );
    if (! lib)

--- a/include/cppuhelper/shlib.hxx
+++ b/include/cppuhelper/shlib.hxx
@@ -40,8 +40,7 @@ namespace cppu
 /** Loads a shared library component and gets the factory out of it.  You can give either a
    fully qualified libname or single lib name.  The libname need not be pre/postfixed
    (e.g. xxx.dll).  You can give parameter rPath to force lookup of the library in a specific
-    directory.  The resulting path of the library will be checked against environment variable
+    directory.
-    CPLD_ACCESSPATH if set.
    @param rLibName name of the library
    @param rPath optional path
@@ -63,8 +62,7 @@ SAL_CALL loadSharedLibComponentFactory(
 /** Loads a shared library component and gets the factory out of it.  You can give either a
    fully qualified libname or single lib name.  The libname need not be pre/postfixed
    (e.g. xxx.dll).  You can give parameter rPath to force lookup of the library in a specific
-    directory.  The resulting path of the library will be checked against environment variable
+    directory.  An optional 'prefix' parameter is used to determine the symbol
-    CPLD_ACCESSPATH if set. An optional 'prefix' parameter is used to determine the symbol
    name of the entry point in the library.
    @param rLibName name of the library
@@ -109,8 +107,7 @@ SAL_CALL invokeStaticComponentFactory(
 /** Invokes component_writeInfo() function of specified component library.  You can give either
    a fully qualified libname or single lib name. The libname need not be pre/postfixed
    (e.g. xxx.dll).  You can give parameter rPath to force lookup of the library in a specific
-    directory.  The resulting path of the library will be checked against environment variable
+    directory.
-    CPLD_ACCESSPATH if set.
    @deprecated component_writeInfo should no longer be used in new components

--- a/jurt/com/sun/star/comp/loader/RegistrationClassFinder.java
+++ b/jurt/com/sun/star/comp/loader/RegistrationClassFinder.java
@@ -20,11 +20,9 @@ package com.sun.star.comp.loader;
 import com.sun.star.lib.unoloader.UnoClassLoader;
 import com.sun.star.lib.util.WeakMap;
-import java.io.File;
 import java.io.IOException;
 import java.net.URL;
 import java.net.URLClassLoader;
-import java.util.StringTokenizer;
 import java.util.jar.Attributes;
 final class RegistrationClassFinder {
@@ -38,7 +36,6 @@ final class RegistrationClassFinder {
            }
        }
        URL url = new URL(locationUrl);
-        checkAccess(url);
        Attributes attr = UnoClassLoader.getJarMainAttributes(url);
        String name = attr == null
            ? null : attr.getValue("RegistrationClassName");
@@ -65,60 +62,5 @@ final class RegistrationClassFinder {
    private RegistrationClassFinder() {} // do not instantiate
-    private static void checkAccess(URL url) throws ClassNotFoundException {
-        // The system property com.sun.star.comp.loader.CPLD_ACCESSPATH was
-        // introduced as a hack to restrict which UNO components can be
-        // instantiated.  It seems to be unused nowadays, and should probably be
-        // replaced by the native Java security features, anyway.
-        if (accessPath != null) {
-            if (!url.getProtocol().equals("file")) {
-                throw new ClassNotFoundException(
-                    "Access restriction: <" + url + "> is not a file URL");
-            }
-            String p;
-            try {
-                p = new File(url.getFile()).getCanonicalPath();
-            } catch (IOException e) {
-                throw new ClassNotFoundException(
-                    "Access restriction: <" + url + "> is bad: " + e);
-            }
-            for (int i = 0; i < accessPath.length; ++i) {
-                String p2 = accessPath[i];
-                if (p.startsWith(p2) && p.length() > p2.length()
-                    && (p2.charAt(p2.length() - 1) == File.separatorChar
-                        || p.charAt(p2.length()) == File.separatorChar))
-                {
-                    return;
-                }
-            }
-            throw new ClassNotFoundException(
-                "Access restriction: <" + url + "> is restricted");
-        }
-    }
    private static final WeakMap map = new WeakMap();
-    private static final String[] accessPath;
-    static {
-        String[] ap = null;
-        String p = System.getProperty(
-            "com.sun.star.comp.loader.CPLD_ACCESSPATH");
-        if (p != null) {
-            StringTokenizer t = new StringTokenizer(p, ";");
-            ap = new String[t.countTokens()];
-            int i = 0;
-            while (t.hasMoreTokens()) {
-                try {
-                    ap[i] = new File(t.nextToken()).getCanonicalPath();
-                    ++i;
-                } catch (IOException e) {}
-            }
-            if (i != ap.length) {
-                String[] ap2 = new String[i];
-                System.arraycopy(ap, 0, ap2, 0, i);
-                ap = ap2;
-            }
-        }
-        accessPath = ap;
-    }
 }