root
/
jenkins
mirror of https://github.com/jenkinsci/jenkins.git
1
0
Fork 0
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge pull request #3439 from oleg-nenashev/bug/JENKINS-51179 

[JENKINS-51179] - Provide diagnostics when loading corrupted fingerprint files
This commit is contained in:
Oleg Nenashev 2018-05-15 11:56:13 +02:00 committed by GitHub
parent cdda62c35a 922617509e
commit 9e64bcdcb4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 24 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
core/src/main/java/hudson/model/Fingerprint.java
View File

@ -1366,7 +1366,12 @@ public class Fingerprint implements ModelObject, Saveable {
start = System.currentTimeMillis();
try {
Fingerprint f = (Fingerprint) configFile.read();
Object loaded = configFile.read();
if (!(loaded instanceof Fingerprint)) {
throw new IOException("Unexpected Fingerprint type. Expected " + Fingerprint.class + " or subclass but got "
+ (loaded != null ? loaded.getClass() : "null"));
}
Fingerprint f = (Fingerprint) loaded;
if(logger.isLoggable(Level.FINE))
logger.fine("Loading fingerprint "+file+" took "+(System.currentTimeMillis()-start)+"ms");
if (f.facets==null)

18
test/src/test/java/hudson/model/FingerprintTest.java
View File

@ -23,6 +23,7 @@
*/
package hudson.model;
import hudson.XmlFile;
import hudson.security.ACL;
import hudson.security.ACLContext;
import hudson.security.AuthorizationMatrixProperty;
@ -30,6 +31,8 @@ import hudson.security.Permission;
import hudson.security.ProjectMatrixAuthorizationStrategy;
import hudson.tasks.ArtifactArchiver;
import hudson.tasks.Fingerprinter;
import java.io.File;
import java.io.IOException;
import java.util.Arrays;
import java.util.HashMap;
@ -50,6 +53,7 @@ import org.jvnet.hudson.test.MockFolder;
import org.jvnet.hudson.test.SecuredMockFolder;
import org.jvnet.hudson.test.WorkspaceCopyFileBuilder;
import static org.hamcrest.Matchers.containsString;
import static org.junit.Assert.*;
import static org.hamcrest.Matchers.notNullValue;
import static org.hamcrest.Matchers.nullValue;
@ -115,6 +119,20 @@ public class FingerprintTest {
assertTrue("Usages do not have a reference to " + project, usages.containsKey(project.getName()));
assertTrue("Usages do not have a reference to " + project2, usages.containsKey(project2.getName()));
}
@Test
@Issue("JENKINS-51179")
public void shouldThrowIOExceptionWhenFileIsInvalid() throws Exception {
XmlFile f = new XmlFile(new File(rule.jenkins.getRootDir(), "foo.xml"));
f.write("Hello, world!");
try {
Fingerprint.load(f.getFile());
} catch (IOException ex) {
assertThat(ex.getMessage(), containsString("Unexpected Fingerprint type"));
return;
}
fail("Expected IOException");
}
@Test
@Issue("SECURITY-153")