Guard all the places that ant sets the security manager

- This copies the code because org.eclipse.ant.internal.launching.remote.InternalAntRunner can't see (much of) anything else define by org.eclipse.ant. #1660
eclipse-platform · Dec 17, 2024 · bcb41f4 · bcb41f4
1 parent 34dc0b9
commit bcb41f4
Show file tree

Hide file tree

Showing 2 changed files with 39 additions and 19 deletions.
diff --git a/...pse.ant.launching/remote/org/eclipse/ant/internal/launching/remote/InternalAntRunner.java b/...pse.ant.launching/remote/org/eclipse/ant/internal/launching/remote/InternalAntRunner.java
@@ -50,6 +50,7 @@
 import org.apache.tools.ant.Task;
 import org.apache.tools.ant.TaskAdapter;
 import org.apache.tools.ant.util.FileUtils;
+import org.apache.tools.ant.util.JavaEnvUtils;
 import org.eclipse.ant.internal.launching.remote.logger.RemoteAntBuildLogger;
 
 /**
@@ -58,6 +59,17 @@
  */
 public class InternalAntRunner {
 
+	private static final boolean IS_SECURITY_MANAGER_SUPPORTED = isSecurityManagerAllowed();
+
+	private static boolean isSecurityManagerAllowed() {
+		String sm = System.getProperty("java.security.manager"); //$NON-NLS-1$
+		if (sm == null) { // default is 'disallow' since 18 and was 'allow' before
+			return !JavaEnvUtils.isAtLeastJavaVersion("18"); //$NON-NLS-1$
+		}
+		// Value is either 'disallow' or 'allow' or specifies the SecurityManager class to set
+		return !"disallow".equals(sm); //$NON-NLS-1$
+	}
+
 	/**
 	 * Message priority for project help messages.
 	 */
@@ -443,7 +455,9 @@ private void run(List<String> argList) {
 				printArguments(getCurrentProject());
 			}
 			try {
-				System.setSecurityManager(new AntSecurityManager(originalSM, Thread.currentThread()));
+				if (IS_SECURITY_MANAGER_SUPPORTED) {
+					System.setSecurityManager(new AntSecurityManager(originalSM, Thread.currentThread()));
+				}
 			}
 			catch (UnsupportedOperationException ex) {
 				logMessage(null, RemoteAntMessages.getString("InternalAntRunner.SecurityManagerError"), Project.MSG_WARN); //$NON-NLS-1$

diff --git a/ant/org.eclipse.ant.ui/Ant Tools Support/org/eclipse/ant/internal/ui/model/AntModel.java b/ant/org.eclipse.ant.ui/Ant Tools Support/org/eclipse/ant/internal/ui/model/AntModel.java
@@ -49,6 +49,7 @@
 import org.apache.tools.ant.Task;
 import org.apache.tools.ant.TaskAdapter;
 import org.apache.tools.ant.UnknownElement;
+import org.apache.tools.ant.util.JavaEnvUtils;
 import org.eclipse.ant.core.AntCorePlugin;
 import org.eclipse.ant.core.AntCorePreferences;
 import org.eclipse.ant.core.AntSecurityException;
@@ -89,6 +90,17 @@
 @SuppressWarnings("removal") // SecurityManager
 public class AntModel implements IAntModel {
 
+	private static final boolean IS_SECURITY_MANAGER_SUPPORTED = isSecurityManagerAllowed();
+
+	private static boolean isSecurityManagerAllowed() {
+		String sm = System.getProperty("java.security.manager"); //$NON-NLS-1$
+		if (sm == null) { // default is 'disallow' since 18 and was 'allow' before
+			return !JavaEnvUtils.isAtLeastJavaVersion("18"); //$NON-NLS-1$
+		}
+		// Value is either 'disallow' or 'allow' or specifies the SecurityManager class to set
+		return !"disallow".equals(sm); //$NON-NLS-1$
+	}
+
 	private static ClassLoader fgClassLoader;
 	private static int fgInstanceCount = 0;
 	private static Object loaderLock = new Object();
@@ -363,8 +375,10 @@ private void parseDocument(IDocument input) {
 				SecurityManager origSM = System.getSecurityManager();
 				processAntHome(true);
 				try {
-					// set a security manager to disallow system exit and system property setting
-					System.setSecurityManager(new AntSecurityManager(origSM, Thread.currentThread(), false));
+					if (IS_SECURITY_MANAGER_SUPPORTED) {
+						// set a security manager to disallow system exit and system property setting
+						System.setSecurityManager(new AntSecurityManager(origSM, Thread.currentThread(), false));
+					}
 					resolveBuildfile();
 					endReporting();
 					// clear the additional property-holder(s) to avoid potential memory leaks
@@ -379,7 +393,9 @@ private void parseDocument(IDocument input) {
 				finally {
 					Thread.currentThread().setContextClassLoader(originalClassLoader);
 					getClassLoader(null);
-					System.setSecurityManager(origSM);
+					if (System.getSecurityManager() instanceof AntSecurityManager) {
+						System.setSecurityManager(origSM);
+					}
 					project.fireBuildFinished(null); // cleanup (IntrospectionHelper)
 				}
 			}
@@ -550,9 +566,7 @@ private void setGlobalProperties(Project project) {
 
 	private void resolveBuildfile() {
 		Collection<AntTaskNode> nodeCopy = new ArrayList<>(fTaskNodes);
-		Iterator<AntTaskNode> iter = nodeCopy.iterator();
-		while (iter.hasNext()) {
-			AntTaskNode node = iter.next();
+		for (AntTaskNode node : nodeCopy) {
 			fNodeBeingResolved = node;
 			fNodeBeingResolvedIndex = -1;
 			if (node.configure(false)) {
@@ -1439,10 +1453,8 @@ private void reconcileTaskAndTypes() {
 		if (fCurrentNodeIdentifiers == null || fDefinerNodeIdentifierToDefinedTasks == null) {
 			return;
 		}
-		Iterator<String> iter = fDefinerNodeIdentifierToDefinedTasks.keySet().iterator();
 		ComponentHelper helper = ComponentHelper.getComponentHelper(fProjectNode.getProject());
-		while (iter.hasNext()) {
-			String key = iter.next();
+		for (String key : fDefinerNodeIdentifierToDefinedTasks.keySet()) {
 			if (fCurrentNodeIdentifiers.get(key) == null) {
 				removeDefinerTasks(key, helper.getAntTypeTable());
 			}
@@ -1579,9 +1591,7 @@ public AntElementNode getReferenceNode(String text) {
 		}
 
 		Set<Task> nodes = fTaskToNode.keySet();
-		Iterator<Task> iter = nodes.iterator();
-		while (iter.hasNext()) {
-			Task task = iter.next();
+		for (Task task : nodes) {
 			Task tmptask = task;
 			if (tmptask instanceof UnknownElement) {
 				UnknownElement element = (UnknownElement) tmptask;
@@ -1720,9 +1730,7 @@ protected void addDefinedTasks(List<String> newTasks, AntDefiningTaskNode node)
 			fCurrentNodeIdentifiers.remove(identifier);
 		}
 		fDefinerNodeIdentifierToDefinedTasks.put(identifier, newTasks);
-		Iterator<String> iter = newTasks.iterator();
-		while (iter.hasNext()) {
-			String name = iter.next();
+		for (String name : newTasks) {
 			fTaskNameToDefiningNode.put(name, node);
 		}
 	}
@@ -1800,9 +1808,7 @@ private String getPrefixMapping(String prefix) {
 	private String getUserPrefixMapping(String prefix) {
 		if (fNamespacePrefixMappings != null) {
 			Set<Entry<String, String>> entrySet = fNamespacePrefixMappings.entrySet();
-			Iterator<Entry<String, String>> entries = entrySet.iterator();
-			while (entries.hasNext()) {
-				Map.Entry<String, String> entry = entries.next();
+			for (Entry<String, String> entry : entrySet) {
 				if (entry.getValue().equals(prefix)) {
 					return entry.getKey();
 				}