From 45fdebc0fbbc924e9e3cc88fecddf7629a70f4c4 Mon Sep 17 00:00:00 2001 From: Joakim Erdfelt Date: Fri, 3 Feb 2023 10:20:46 -0600 Subject: [PATCH 01/16] Issue #9309 - More comprehensive escaping of command line options Signed-off-by: Joakim Erdfelt --- .../jetty/start/CommandLineBuilder.java | 41 +++++++++++++------ .../jetty/start/CommandLineBuilderTest.java | 39 ++++++++---------- 2 files changed, 46 insertions(+), 34 deletions(-) diff --git a/jetty-start/src/main/java/org/eclipse/jetty/start/CommandLineBuilder.java b/jetty-start/src/main/java/org/eclipse/jetty/start/CommandLineBuilder.java index 8ab2de286359..b1e5fb5b8e01 100644 --- a/jetty-start/src/main/java/org/eclipse/jetty/start/CommandLineBuilder.java +++ b/jetty-start/src/main/java/org/eclipse/jetty/start/CommandLineBuilder.java @@ -19,6 +19,17 @@ public class CommandLineBuilder { + // Matrix of 7-bit characters that needs escaping on command line. + private static final boolean[] NEEDS_ESCAPING = new boolean[127]; + + static + { + for (char c : " %$\\{}[]()\"|<>&;`!".toCharArray()) + { + NEEDS_ESCAPING[c] = true; + } + } + public static File findExecutable(File root, String path) { String npath = path.replace('/', File.separatorChar); @@ -59,21 +70,28 @@ public static String findJavaBin() * * @param arg the argument to quote * @return the quoted and escaped argument + * @deprecated use {@link #escape(String) instead} */ + @Deprecated public static String quote(String arg) { - boolean needsQuoting = (arg.indexOf(' ') >= 0) || (arg.indexOf('"') >= 0); - if (!needsQuoting) - { - return arg; - } + return escape(arg); + } + + /** + * Escape the raw string to make it suitable for use on a command line. + * + * @param arg the argument to escape + * @return the escaped argument + */ + public static String escape(String arg) + { StringBuilder buf = new StringBuilder(); - // buf.append('"'); boolean escaped = false; boolean quoted = false; for (char c : arg.toCharArray()) { - if (!quoted && !escaped && ((c == '"') || (c == ' '))) + if (!quoted && !escaped && NEEDS_ESCAPING[c]) { buf.append("\\"); } @@ -85,7 +103,6 @@ public static String quote(String arg) escaped = (c == '\\'); buf.append(c); } - // buf.append('"'); return buf.toString(); } @@ -113,7 +130,7 @@ public void addArg(String arg) { if (arg != null) { - args.add(quote(arg)); + args.add(escape(arg)); } } @@ -136,11 +153,11 @@ public void addEqualsArg(String name, String value) { if ((value != null) && (value.length() > 0)) { - args.add(quote(name + "=" + value)); + args.add(escape(name + "=" + value)); } else { - args.add(quote(name)); + args.add(escape(name)); } } @@ -180,7 +197,7 @@ public String toString(String delim) { buf.append(delim); } - buf.append(quote(arg)); + buf.append(arg); // we assume escaping has occurred during addArg } return buf.toString(); diff --git a/jetty-start/src/test/java/org/eclipse/jetty/start/CommandLineBuilderTest.java b/jetty-start/src/test/java/org/eclipse/jetty/start/CommandLineBuilderTest.java index d2ab3b889194..9aab6689d3b7 100644 --- a/jetty-start/src/test/java/org/eclipse/jetty/start/CommandLineBuilderTest.java +++ b/jetty-start/src/test/java/org/eclipse/jetty/start/CommandLineBuilderTest.java @@ -21,54 +21,49 @@ public class CommandLineBuilderTest { - private CommandLineBuilder cmd = new CommandLineBuilder("java"); - - @BeforeEach - public void setUp() - { - cmd.addEqualsArg("-Djava.io.tmpdir", "/home/java/temp dir/"); - cmd.addArg("--version"); - } - @Test public void testSimpleCommandline() { + CommandLineBuilder cmd = new CommandLineBuilder("java"); + cmd.addEqualsArg("-Djava.io.tmpdir", "/home/java/temp dir/"); + cmd.addArg("--version"); assertThat(cmd.toString(), is("java -Djava.io.tmpdir=/home/java/temp\\ dir/ --version")); } @Test - public void testQuotingSimple() + public void testEscapedSimple() { - assertQuoting("/opt/jetty", "/opt/jetty"); + assertEscaping("/opt/jetty", "/opt/jetty"); } @Test - public void testQuotingSpaceInPath() + public void testEscapedSpaceInPath() { - assertQuoting("/opt/jetty 7/home", "/opt/jetty\\ 7/home"); + assertEscaping("/opt/jetty 7/home", "/opt/jetty\\ 7/home"); } @Test - public void testQuotingSpaceAndQuotesInPath() + public void testEscapedSpaceAndQuotesInPath() { - assertQuoting("/opt/jetty 7 \"special\"/home", "/opt/jetty\\ 7\\ \\\"special\\\"/home"); + assertEscaping("/opt/jetty 7 \"special\"/home", "/opt/jetty\\ 7\\ \\\"special\\\"/home"); } @Test - public void testToStringIsQuotedEvenIfArgsAreNotQuotedForProcessBuilder() + public void testEscapedFormattingString() { - System.out.println(cmd.toString()); + assertEscaping("%{client}a - %u %{dd/MMM/yyyy:HH:mm:ss ZZZ|GMT}t \"%r\" %s %O \"%{Referer}i\" \"%{User-Agent}i\"", + "\\%\\{client\\}a\\ -\\ \\%u\\ \\%\\{dd/MMM/yyyy:HH:mm:ss\\ ZZZ\\|GMT\\}t\\ \\\"\\%r\\\"\\ \\%s\\ \\%O\\ \\\"\\%\\{Referer\\}i\\\"\\ \\\"\\%\\{User-Agent\\}i\\\""); } @Test - public void testQuoteQuotationMarks() + public void testEscapeQuotationMarks() { - assertQuoting("-XX:OnOutOfMemoryError='kill -9 %p'", "-XX:OnOutOfMemoryError='kill -9 %p'"); + assertEscaping("-XX:OnOutOfMemoryError='kill -9 %p'", "-XX:OnOutOfMemoryError='kill -9 %p'"); } - private void assertQuoting(String raw, String expected) + private void assertEscaping(String raw, String expected) { - String actual = CommandLineBuilder.quote(raw); - assertThat("Quoted version of [" + raw + "]", actual, is(expected)); + String actual = CommandLineBuilder.escape(raw); + assertThat("Escaped version of [" + raw + "]", actual, is(expected)); } } From 5ca878f334f9adeaad83cafc0cf8ddf7b1aeec21 Mon Sep 17 00:00:00 2001 From: Joakim Erdfelt Date: Mon, 6 Feb 2023 15:33:19 -0600 Subject: [PATCH 02/16] Report bad format string on error Signed-off-by: Joakim Erdfelt --- .../main/java/org/eclipse/jetty/server/CustomRequestLog.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/jetty-server/src/main/java/org/eclipse/jetty/server/CustomRequestLog.java b/jetty-server/src/main/java/org/eclipse/jetty/server/CustomRequestLog.java index 4eb998d33700..6a6ad0d0df79 100644 --- a/jetty-server/src/main/java/org/eclipse/jetty/server/CustomRequestLog.java +++ b/jetty-server/src/main/java/org/eclipse/jetty/server/CustomRequestLog.java @@ -571,14 +571,14 @@ else if (m.group("LITERAL") != null) } else { - throw new IllegalStateException("formatString parsing error"); + throw new IllegalStateException("formatString parsing error: " + formatString); } remaining = m.group("REMAINING"); } else { - throw new IllegalArgumentException("Invalid format string"); + throw new IllegalArgumentException("Invalid format string: " + formatString); } } From 8c992b9c93dfc505bb619bff1dba662b3d7d7f95 Mon Sep 17 00:00:00 2001 From: Joakim Erdfelt Date: Mon, 6 Feb 2023 15:46:50 -0600 Subject: [PATCH 03/16] CommandLineBuilder doesn't escape, and only quotes with single-quote tick when arg has space. Signed-off-by: Joakim Erdfelt --- .../jetty/start/CommandLineBuilder.java | 74 ++++++++----------- .../java/org/eclipse/jetty/start/Main.java | 2 +- .../jetty/start/CommandLineBuilderTest.java | 39 +++++----- 3 files changed, 48 insertions(+), 67 deletions(-) diff --git a/jetty-start/src/main/java/org/eclipse/jetty/start/CommandLineBuilder.java b/jetty-start/src/main/java/org/eclipse/jetty/start/CommandLineBuilder.java index b1e5fb5b8e01..ee1e433f7a68 100644 --- a/jetty-start/src/main/java/org/eclipse/jetty/start/CommandLineBuilder.java +++ b/jetty-start/src/main/java/org/eclipse/jetty/start/CommandLineBuilder.java @@ -19,17 +19,6 @@ public class CommandLineBuilder { - // Matrix of 7-bit characters that needs escaping on command line. - private static final boolean[] NEEDS_ESCAPING = new boolean[127]; - - static - { - for (char c : " %$\\{}[]()\"|<>&;`!".toCharArray()) - { - NEEDS_ESCAPING[c] = true; - } - } - public static File findExecutable(File root, String path) { String npath = path.replace('/', File.separatorChar); @@ -70,40 +59,10 @@ public static String findJavaBin() * * @param arg the argument to quote * @return the quoted and escaped argument - * @deprecated use {@link #escape(String) instead} */ - @Deprecated public static String quote(String arg) { - return escape(arg); - } - - /** - * Escape the raw string to make it suitable for use on a command line. - * - * @param arg the argument to escape - * @return the escaped argument - */ - public static String escape(String arg) - { - StringBuilder buf = new StringBuilder(); - boolean escaped = false; - boolean quoted = false; - for (char c : arg.toCharArray()) - { - if (!quoted && !escaped && NEEDS_ESCAPING[c]) - { - buf.append("\\"); - } - // don't quote text in single quotes - if (!escaped && (c == '\'')) - { - quoted = !quoted; - } - escaped = (c == '\\'); - buf.append(c); - } - return buf.toString(); + return "'" + arg + "'"; } private List args; @@ -130,7 +89,7 @@ public void addArg(String arg) { if (arg != null) { - args.add(escape(arg)); + args.add(arg); } } @@ -153,11 +112,11 @@ public void addEqualsArg(String name, String value) { if ((value != null) && (value.length() > 0)) { - args.add(escape(name + "=" + value)); + args.add(name + "=" + value); } else { - args.add(escape(name)); + args.add(name); } } @@ -203,6 +162,31 @@ public String toString(String delim) return buf.toString(); } + /** + * A version of {@link #toString()} where every arg is evaluated for potential {@code '} (single-quote tick) wrapping. + * + * @param delim the delimiter between args, use {@code ' '} (space) for shell executable command line. + * @return the toString but each arg that has spaces is surrounded by {@code '} (single-quote tick) + */ + public String toQuotedString(String delim) + { + StringBuilder buf = new StringBuilder(); + + for (String arg : args) + { + if (buf.length() > 0) + buf.append(delim); + boolean needsQuotes = (arg.contains(" ")); + if (needsQuotes) + buf.append("'"); + buf.append(arg); + if (needsQuotes) + buf.append("'"); + } + + return buf.toString(); + } + public void debug() { if (!StartLog.isDebugEnabled()) diff --git a/jetty-start/src/main/java/org/eclipse/jetty/start/Main.java b/jetty-start/src/main/java/org/eclipse/jetty/start/Main.java index be8c99fc5b5c..25e289ca1cfa 100644 --- a/jetty-start/src/main/java/org/eclipse/jetty/start/Main.java +++ b/jetty-start/src/main/java/org/eclipse/jetty/start/Main.java @@ -440,7 +440,7 @@ public void start(StartArgs args) throws IOException, InterruptedException if (args.isDryRun()) { CommandLineBuilder cmd = args.getMainArgs(args.getDryRunParts()); - System.out.println(cmd.toString(StartLog.isDebugEnabled() ? " \\\n" : " ")); + System.out.println(cmd.toQuotedString(StartLog.isDebugEnabled() ? " \\\n" : " ")); } if (args.isStopCommand()) diff --git a/jetty-start/src/test/java/org/eclipse/jetty/start/CommandLineBuilderTest.java b/jetty-start/src/test/java/org/eclipse/jetty/start/CommandLineBuilderTest.java index 9aab6689d3b7..8e8c3de7ae44 100644 --- a/jetty-start/src/test/java/org/eclipse/jetty/start/CommandLineBuilderTest.java +++ b/jetty-start/src/test/java/org/eclipse/jetty/start/CommandLineBuilderTest.java @@ -13,7 +13,6 @@ package org.eclipse.jetty.start; -import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import static org.hamcrest.MatcherAssert.assertThat; @@ -27,43 +26,41 @@ public void testSimpleCommandline() CommandLineBuilder cmd = new CommandLineBuilder("java"); cmd.addEqualsArg("-Djava.io.tmpdir", "/home/java/temp dir/"); cmd.addArg("--version"); - assertThat(cmd.toString(), is("java -Djava.io.tmpdir=/home/java/temp\\ dir/ --version")); + assertThat(cmd.toQuotedString(" "), is("java '-Djava.io.tmpdir=/home/java/temp dir/' --version")); } @Test - public void testEscapedSimple() + public void testSimpleHomeNoSpace() { - assertEscaping("/opt/jetty", "/opt/jetty"); + CommandLineBuilder cmd = new CommandLineBuilder("java"); + cmd.addEqualsArg("-Djetty.home", "/opt/jetty"); + assertThat(cmd.toQuotedString(" "), is("java -Djetty.home=/opt/jetty")); } @Test - public void testEscapedSpaceInPath() + public void testSimpleHomeWithSpace() { - assertEscaping("/opt/jetty 7/home", "/opt/jetty\\ 7/home"); + CommandLineBuilder cmd = new CommandLineBuilder("java"); + cmd.addEqualsArg("-Djetty.home", "/opt/jetty 10/home"); + assertThat(cmd.toQuotedString(" "), is("java '-Djetty.home=/opt/jetty 10/home'")); } - @Test - public void testEscapedSpaceAndQuotesInPath() - { - assertEscaping("/opt/jetty 7 \"special\"/home", "/opt/jetty\\ 7\\ \\\"special\\\"/home"); - } @Test public void testEscapedFormattingString() { - assertEscaping("%{client}a - %u %{dd/MMM/yyyy:HH:mm:ss ZZZ|GMT}t \"%r\" %s %O \"%{Referer}i\" \"%{User-Agent}i\"", - "\\%\\{client\\}a\\ -\\ \\%u\\ \\%\\{dd/MMM/yyyy:HH:mm:ss\\ ZZZ\\|GMT\\}t\\ \\\"\\%r\\\"\\ \\%s\\ \\%O\\ \\\"\\%\\{Referer\\}i\\\"\\ \\\"\\%\\{User-Agent\\}i\\\""); + CommandLineBuilder cmd = new CommandLineBuilder("java"); + cmd.addEqualsArg("-Djetty.home", "/opt/jetty"); + cmd.addEqualsArg("jetty.requestlog.formatter", "%{client}a - %u %{dd/MMM/yyyy:HH:mm:ss ZZZ|GMT}t \"%r\" %s %O \"%{Referer}i\" \"%{User-Agent}i\""); + assertThat(cmd.toQuotedString(" "), is("java -Djetty.home=/opt/jetty 'jetty.requestlog.formatter=%{client}a - %u %{dd/MMM/yyyy:HH:mm:ss ZZZ|GMT}t \"%r\" %s %O \"%{Referer}i\" \"%{User-Agent}i\"'")); } @Test - public void testEscapeQuotationMarks() + public void testEscapeUnicode() { - assertEscaping("-XX:OnOutOfMemoryError='kill -9 %p'", "-XX:OnOutOfMemoryError='kill -9 %p'"); - } - - private void assertEscaping(String raw, String expected) - { - String actual = CommandLineBuilder.escape(raw); - assertThat("Escaped version of [" + raw + "]", actual, is(expected)); + CommandLineBuilder cmd = new CommandLineBuilder("java"); + cmd.addEqualsArg("-Djetty.home", "/opt/jetty"); + cmd.addEqualsArg("monetary.symbol", "€"); + assertThat(cmd.toQuotedString(" "), is("java -Djetty.home=/opt/jetty monetary.symbol=€")); } } From 3b6192650063fa2713f9ef26bc819a37c5ed3635 Mon Sep 17 00:00:00 2001 From: Joakim Erdfelt Date: Mon, 6 Feb 2023 15:47:09 -0600 Subject: [PATCH 04/16] Use xargs to split --dry-run args properly for RUN_CMD execution Signed-off-by: Joakim Erdfelt --- jetty-home/src/main/resources/bin/jetty.sh | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/jetty-home/src/main/resources/bin/jetty.sh b/jetty-home/src/main/resources/bin/jetty.sh index 64db38ba645e..59f823fe645a 100755 --- a/jetty-home/src/main/resources/bin/jetty.sh +++ b/jetty-home/src/main/resources/bin/jetty.sh @@ -170,6 +170,7 @@ dumpEnv() echo "JETTY_START_LOG = $JETTY_START_LOG" echo "JETTY_STATE = $JETTY_STATE" echo "JETTY_START_TIMEOUT = $JETTY_START_TIMEOUT" + echo "JETTY_SYS_PROPS = $JETTY_SYS_PROPS" echo "RUN_CMD = ${RUN_CMD[*]}" } @@ -414,9 +415,6 @@ TMPDIR="`cygpath -w $TMPDIR`" ;; esac -BASE_JETTY_SYS_PROPS=$(echo -ne "-Djetty.home=$JETTY_HOME" "-Djetty.base=$JETTY_BASE" "-Djava.io.tmpdir=$TMPDIR") -JETTY_SYS_PROPS=(${JETTY_SYS_PROPS[*]} $BASE_JETTY_SYS_PROPS) - ##################################################### # This is how the Jetty server will be started ##################################################### @@ -435,7 +433,7 @@ CYGWIN*) JETTY_START="`cygpath -w $JETTY_START`";; esac RUN_ARGS=$("$JAVA" -jar "$JETTY_START" --dry-run=opts,path,main,args ${JETTY_ARGS[*]} ${JAVA_OPTIONS[*]}) -RUN_CMD=("$JAVA" $JETTY_SYS_PROPS ${RUN_ARGS[@]}) +RUN_CMD=($JETTY_SYS_PROPS ${RUN_ARGS[@]}) ##################################################### # Comment these out after you're happy with what @@ -495,11 +493,11 @@ case "$ACTION" in # FIXME: Broken solution: wordsplitting, pathname expansion, arbitrary command execution, etc. su - "$JETTY_USER" $SU_SHELL -c " cd \"$JETTY_BASE\" - exec ${RUN_CMD[*]} start-log-file=\"$JETTY_START_LOG\" > /dev/null & + echo ${RUN_CMD[*]} start-log-file=\"$JETTY_START_LOG\" | xargs ${JAVA} > /dev/null & disown \$! echo \$! > \"$JETTY_PID\"" else - "${RUN_CMD[@]}" > /dev/null & + echo ${RUN_CMD[*]} | xargs ${JAVA} > /dev/null & disown $! echo $! > "$JETTY_PID" fi From a238c50a7f4db1bb9cea6f3f8b457f8d2041f8fa Mon Sep 17 00:00:00 2001 From: Joakim Erdfelt Date: Mon, 6 Feb 2023 15:59:12 -0600 Subject: [PATCH 05/16] Fixing checkstyle --- .../java/org/eclipse/jetty/start/CommandLineBuilderTest.java | 1 - 1 file changed, 1 deletion(-) diff --git a/jetty-start/src/test/java/org/eclipse/jetty/start/CommandLineBuilderTest.java b/jetty-start/src/test/java/org/eclipse/jetty/start/CommandLineBuilderTest.java index 8e8c3de7ae44..d2b086a7ee09 100644 --- a/jetty-start/src/test/java/org/eclipse/jetty/start/CommandLineBuilderTest.java +++ b/jetty-start/src/test/java/org/eclipse/jetty/start/CommandLineBuilderTest.java @@ -45,7 +45,6 @@ public void testSimpleHomeWithSpace() assertThat(cmd.toQuotedString(" "), is("java '-Djetty.home=/opt/jetty 10/home'")); } - @Test public void testEscapedFormattingString() { From 3ac7af0d2f989d1af6776ca01176517ed0279563 Mon Sep 17 00:00:00 2001 From: Joakim Erdfelt Date: Mon, 6 Feb 2023 16:09:03 -0600 Subject: [PATCH 06/16] Deprecating quote(String args) Signed-off-by: Joakim Erdfelt --- .../main/java/org/eclipse/jetty/start/CommandLineBuilder.java | 2 ++ 1 file changed, 2 insertions(+) diff --git a/jetty-start/src/main/java/org/eclipse/jetty/start/CommandLineBuilder.java b/jetty-start/src/main/java/org/eclipse/jetty/start/CommandLineBuilder.java index ee1e433f7a68..b8e8d7452e1f 100644 --- a/jetty-start/src/main/java/org/eclipse/jetty/start/CommandLineBuilder.java +++ b/jetty-start/src/main/java/org/eclipse/jetty/start/CommandLineBuilder.java @@ -59,7 +59,9 @@ public static String findJavaBin() * * @param arg the argument to quote * @return the quoted and escaped argument + * @deprecated no replacement, quoting is done by {@link #toQuotedString(String)} now. */ + @Deprecated public static String quote(String arg) { return "'" + arg + "'"; From 22276201f110d2273ffd9b4e37b300f18086bb4a Mon Sep 17 00:00:00 2001 From: Joakim Erdfelt Date: Thu, 23 Feb 2023 13:49:49 -0600 Subject: [PATCH 07/16] Improve action/start and start-stop-daemon usage Signed-off-by: Joakim Erdfelt --- jetty-home/src/main/resources/bin/jetty.sh | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/jetty-home/src/main/resources/bin/jetty.sh b/jetty-home/src/main/resources/bin/jetty.sh index 59f823fe645a..ab6ba112e255 100755 --- a/jetty-home/src/main/resources/bin/jetty.sh +++ b/jetty-home/src/main/resources/bin/jetty.sh @@ -464,13 +464,14 @@ case "$ACTION" in CH_USER="--chuid $JETTY_USER" fi - start-stop-daemon --start $CH_USER \ + echo ${RUN_CMD[@]} start-log-file="$JETTY_START_LOG" | xargs start-stop-daemon \ + --start $CH_USER \ --pidfile "$JETTY_PID" \ --chdir "$JETTY_BASE" \ --background \ --make-pidfile \ --startas "$JAVA" \ - -- ${RUN_ARGS[@]} start-log-file="$JETTY_START_LOG" + -- else From 85234373099f64940bf588939bf956edf4a8eb71 Mon Sep 17 00:00:00 2001 From: Joakim Erdfelt Date: Thu, 23 Feb 2023 16:29:04 -0600 Subject: [PATCH 08/16] Updating action/supervise|run|demo Signed-off-by: Joakim Erdfelt --- jetty-home/src/main/resources/bin/jetty.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/jetty-home/src/main/resources/bin/jetty.sh b/jetty-home/src/main/resources/bin/jetty.sh index ab6ba112e255..eea2ff1f3dd0 100755 --- a/jetty-home/src/main/resources/bin/jetty.sh +++ b/jetty-home/src/main/resources/bin/jetty.sh @@ -583,7 +583,7 @@ case "$ACTION" in # Under control of daemontools supervise monitor which # handles restarts and shutdowns via the svc program. # - exec "${RUN_CMD[@]}" + echo ${RUN_CMD[*]} | xargs ${JAVA} > /dev/null & ;; @@ -596,7 +596,7 @@ case "$ACTION" in exit 1 fi - exec "${RUN_CMD[@]}" + echo ${RUN_CMD[*]} | xargs ${JAVA} > /dev/null & ;; check|status) From d81941a91eb598ad37324eceb1d12b85a784e017 Mon Sep 17 00:00:00 2001 From: Joakim Erdfelt Date: Mon, 20 Mar 2023 13:42:12 -0500 Subject: [PATCH 09/16] Disable broken JDK19 test Signed-off-by: Joakim Erdfelt --- .../org/eclipse/jetty/nosql/mongodb/AttributeNameTest.java | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/test-sessions/test-mongodb-sessions/src/test/java/org/eclipse/jetty/nosql/mongodb/AttributeNameTest.java b/tests/test-sessions/test-mongodb-sessions/src/test/java/org/eclipse/jetty/nosql/mongodb/AttributeNameTest.java index 38afeb8d85d4..21ffa9a6a707 100644 --- a/tests/test-sessions/test-mongodb-sessions/src/test/java/org/eclipse/jetty/nosql/mongodb/AttributeNameTest.java +++ b/tests/test-sessions/test-mongodb-sessions/src/test/java/org/eclipse/jetty/nosql/mongodb/AttributeNameTest.java @@ -32,6 +32,8 @@ import org.junit.jupiter.api.AfterAll; import org.junit.jupiter.api.BeforeAll; import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.condition.DisabledForJreRange; +import org.junit.jupiter.api.condition.JRE; import org.testcontainers.junit.jupiter.Testcontainers; import static org.junit.jupiter.api.Assertions.assertEquals; @@ -59,6 +61,7 @@ public static void afterClass() throws Exception } @Test + @DisabledForJreRange(min = JRE.JAVA_19) // mongo fails on JDK 19 public void testAttributeNamesWithDots() throws Exception { String contextPath = ""; From cc408b7fe5af2253ab25602784e378e37fc1d4bb Mon Sep 17 00:00:00 2001 From: Joakim Erdfelt Date: Tue, 21 Mar 2023 07:04:29 -0500 Subject: [PATCH 10/16] Disable broken JDK19 test Signed-off-by: Joakim Erdfelt --- .../java/org/eclipse/jetty/nosql/mongodb/AttributeNameTest.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/test-sessions/test-mongodb-sessions/src/test/java/org/eclipse/jetty/nosql/mongodb/AttributeNameTest.java b/tests/test-sessions/test-mongodb-sessions/src/test/java/org/eclipse/jetty/nosql/mongodb/AttributeNameTest.java index 337c38bc96b3..1a5a819ab6ec 100644 --- a/tests/test-sessions/test-mongodb-sessions/src/test/java/org/eclipse/jetty/nosql/mongodb/AttributeNameTest.java +++ b/tests/test-sessions/test-mongodb-sessions/src/test/java/org/eclipse/jetty/nosql/mongodb/AttributeNameTest.java @@ -45,6 +45,7 @@ * See bug: https://bugs.eclipse.org/bugs/show_bug.cgi?id=444595 */ @Testcontainers(disabledWithoutDocker = true) +@DisabledForJreRange(min = JRE.JAVA_19) // mongo fails on JDK 19 public class AttributeNameTest { @BeforeAll @@ -61,7 +62,6 @@ public static void afterClass() throws Exception } @Test - @DisabledForJreRange(min = JRE.JAVA_19) // mongo fails on JDK 19 public void testAttributeNamesWithDots() throws Exception { String contextPath = ""; From 4a761f4aee75ae69d4fb50ee4a25c7df745aa866 Mon Sep 17 00:00:00 2001 From: Joakim Erdfelt Date: Tue, 21 Mar 2023 07:40:02 -0500 Subject: [PATCH 11/16] Disable broken JDK19 test Signed-off-by: Joakim Erdfelt --- .../org/eclipse/jetty/nosql/mongodb/AttributeNameTest.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/test-sessions/test-mongodb-sessions/src/test/java/org/eclipse/jetty/nosql/mongodb/AttributeNameTest.java b/tests/test-sessions/test-mongodb-sessions/src/test/java/org/eclipse/jetty/nosql/mongodb/AttributeNameTest.java index 1a5a819ab6ec..6e23ff624b57 100644 --- a/tests/test-sessions/test-mongodb-sessions/src/test/java/org/eclipse/jetty/nosql/mongodb/AttributeNameTest.java +++ b/tests/test-sessions/test-mongodb-sessions/src/test/java/org/eclipse/jetty/nosql/mongodb/AttributeNameTest.java @@ -31,6 +31,7 @@ import org.eclipse.jetty.util.NanoTime; import org.junit.jupiter.api.AfterAll; import org.junit.jupiter.api.BeforeAll; +import org.junit.jupiter.api.Tag; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.condition.DisabledForJreRange; import org.junit.jupiter.api.condition.JRE; @@ -45,7 +46,7 @@ * See bug: https://bugs.eclipse.org/bugs/show_bug.cgi?id=444595 */ @Testcontainers(disabledWithoutDocker = true) -@DisabledForJreRange(min = JRE.JAVA_19) // mongo fails on JDK 19 +@Tag("flaky") public class AttributeNameTest { @BeforeAll From 6cbdb0cc1897afe344c869d40258604cc535ad23 Mon Sep 17 00:00:00 2001 From: Joakim Erdfelt Date: Tue, 21 Mar 2023 07:46:16 -0500 Subject: [PATCH 12/16] Use latest node.jar to run stCarlos/setup-maven Signed-off-by: Joakim Erdfelt --- .github/workflows/codeql-analysis.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index a3f3d2659125..a26b6541b280 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -24,7 +24,7 @@ jobs: strategy: fail-fast: false matrix: - language: [ 'java'] + language: ['java'] # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support @@ -71,7 +71,7 @@ jobs: # queries: security-extended,security-and-quality - name: Set up Maven - uses: stCarolas/setup-maven@v4 + uses: stCarolas/setup-maven@v4.5 with: maven-version: 3.8.6 From 2e936feec3a58070509d16739d8a456b75b1ea43 Mon Sep 17 00:00:00 2001 From: Joakim Erdfelt Date: Tue, 21 Mar 2023 07:55:58 -0500 Subject: [PATCH 13/16] Correct usages of matrix.languages Signed-off-by: Joakim Erdfelt --- .github/workflows/codeql-analysis.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index a26b6541b280..8c3c89f38ee1 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -24,7 +24,8 @@ jobs: strategy: fail-fast: false matrix: - language: ['java'] + languages: + - java # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support @@ -62,7 +63,7 @@ jobs: - name: Initialize CodeQL uses: github/codeql-action/init@v2 with: - languages: ${{ matrix.language }} + languages: ${{ matrix.languages }} # If you wish to specify custom queries, you can do so here or in a config file. # By default, queries listed here will override any specified in a config file. # Prefix the list here with "+" to use these queries and those in the config file. From 515b1a89dee983cac814b06df0dc8492baf1d762 Mon Sep 17 00:00:00 2001 From: Joakim Erdfelt Date: Thu, 23 Mar 2023 12:15:03 -0500 Subject: [PATCH 14/16] Rename RUN_CMD to RUN_ARGS Signed-off-by: Joakim Erdfelt --- jetty-home/src/main/resources/bin/jetty.sh | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/jetty-home/src/main/resources/bin/jetty.sh b/jetty-home/src/main/resources/bin/jetty.sh index eea2ff1f3dd0..ebcf0f43296c 100755 --- a/jetty-home/src/main/resources/bin/jetty.sh +++ b/jetty-home/src/main/resources/bin/jetty.sh @@ -171,7 +171,7 @@ dumpEnv() echo "JETTY_STATE = $JETTY_STATE" echo "JETTY_START_TIMEOUT = $JETTY_START_TIMEOUT" echo "JETTY_SYS_PROPS = $JETTY_SYS_PROPS" - echo "RUN_CMD = ${RUN_CMD[*]}" + echo "RUN_ARGS = ${RUN_ARGS[*]}" } @@ -432,8 +432,9 @@ case "`uname`" in CYGWIN*) JETTY_START="`cygpath -w $JETTY_START`";; esac -RUN_ARGS=$("$JAVA" -jar "$JETTY_START" --dry-run=opts,path,main,args ${JETTY_ARGS[*]} ${JAVA_OPTIONS[*]}) -RUN_CMD=($JETTY_SYS_PROPS ${RUN_ARGS[@]}) +# Collect the dry-run (of opts,path,main,args) from the jetty.base configuration +JETTY_DRY_RUN=$("$JAVA" -jar "$JETTY_START" --dry-run=opts,path,main,args ${JETTY_ARGS[*]} ${JAVA_OPTIONS[*]}) +RUN_ARGS=($JETTY_SYS_PROPS ${JETTY_DRY_RUN[@]}) ##################################################### # Comment these out after you're happy with what @@ -464,7 +465,7 @@ case "$ACTION" in CH_USER="--chuid $JETTY_USER" fi - echo ${RUN_CMD[@]} start-log-file="$JETTY_START_LOG" | xargs start-stop-daemon \ + echo ${RUN_ARGS[@]} start-log-file="$JETTY_START_LOG" | xargs start-stop-daemon \ --start $CH_USER \ --pidfile "$JETTY_PID" \ --chdir "$JETTY_BASE" \ @@ -494,11 +495,11 @@ case "$ACTION" in # FIXME: Broken solution: wordsplitting, pathname expansion, arbitrary command execution, etc. su - "$JETTY_USER" $SU_SHELL -c " cd \"$JETTY_BASE\" - echo ${RUN_CMD[*]} start-log-file=\"$JETTY_START_LOG\" | xargs ${JAVA} > /dev/null & + echo ${RUN_ARGS[*]} start-log-file=\"$JETTY_START_LOG\" | xargs ${JAVA} > /dev/null & disown \$! echo \$! > \"$JETTY_PID\"" else - echo ${RUN_CMD[*]} | xargs ${JAVA} > /dev/null & + echo ${RUN_ARGS[*]} | xargs ${JAVA} > /dev/null & disown $! echo $! > "$JETTY_PID" fi @@ -583,7 +584,7 @@ case "$ACTION" in # Under control of daemontools supervise monitor which # handles restarts and shutdowns via the svc program. # - echo ${RUN_CMD[*]} | xargs ${JAVA} > /dev/null & + echo ${RUN_ARGS[*]} | xargs ${JAVA} > /dev/null & ;; @@ -596,7 +597,7 @@ case "$ACTION" in exit 1 fi - echo ${RUN_CMD[*]} | xargs ${JAVA} > /dev/null & + echo ${RUN_ARGS[*]} | xargs ${JAVA} > /dev/null & ;; check|status) From 054d11e13c607ba791c26d9617a4fcc4d5cc5f3c Mon Sep 17 00:00:00 2001 From: Joakim Erdfelt Date: Thu, 23 Mar 2023 12:44:07 -0500 Subject: [PATCH 15/16] toQuotedString() simplified Signed-off-by: Joakim Erdfelt --- .../org/eclipse/jetty/start/CommandLineBuilder.java | 5 ++--- .../src/main/java/org/eclipse/jetty/start/Main.java | 3 ++- .../eclipse/jetty/start/CommandLineBuilderTest.java | 10 +++++----- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/jetty-start/src/main/java/org/eclipse/jetty/start/CommandLineBuilder.java b/jetty-start/src/main/java/org/eclipse/jetty/start/CommandLineBuilder.java index 7ba9eeb01808..bccedcd28102 100644 --- a/jetty-start/src/main/java/org/eclipse/jetty/start/CommandLineBuilder.java +++ b/jetty-start/src/main/java/org/eclipse/jetty/start/CommandLineBuilder.java @@ -167,17 +167,16 @@ public String toString(String delim) /** * A version of {@link #toString()} where every arg is evaluated for potential {@code '} (single-quote tick) wrapping. * - * @param delim the delimiter between args, use {@code ' '} (space) for shell executable command line. * @return the toString but each arg that has spaces is surrounded by {@code '} (single-quote tick) */ - public String toQuotedString(String delim) + public String toQuotedString() { StringBuilder buf = new StringBuilder(); for (String arg : args) { if (buf.length() > 0) - buf.append(delim); + buf.append(' '); boolean needsQuotes = (arg.contains(" ")); if (needsQuotes) buf.append("'"); diff --git a/jetty-start/src/main/java/org/eclipse/jetty/start/Main.java b/jetty-start/src/main/java/org/eclipse/jetty/start/Main.java index 0ae45242fd0c..425805d8e50e 100644 --- a/jetty-start/src/main/java/org/eclipse/jetty/start/Main.java +++ b/jetty-start/src/main/java/org/eclipse/jetty/start/Main.java @@ -440,7 +440,8 @@ public void start(StartArgs args) throws IOException, InterruptedException if (args.isDryRun()) { CommandLineBuilder cmd = args.getMainArgs(args.getDryRunParts()); - System.out.println(cmd.toQuotedString(StartLog.isDebugEnabled() ? " \\\n" : " ")); + cmd.debug(); + System.out.println(cmd.toQuotedString()); } if (args.isStopCommand()) diff --git a/jetty-start/src/test/java/org/eclipse/jetty/start/CommandLineBuilderTest.java b/jetty-start/src/test/java/org/eclipse/jetty/start/CommandLineBuilderTest.java index 387a492d65a0..06753229e7e9 100644 --- a/jetty-start/src/test/java/org/eclipse/jetty/start/CommandLineBuilderTest.java +++ b/jetty-start/src/test/java/org/eclipse/jetty/start/CommandLineBuilderTest.java @@ -26,7 +26,7 @@ public void testSimpleCommandline() CommandLineBuilder cmd = new CommandLineBuilder("java"); cmd.addEqualsArg("-Djava.io.tmpdir", "/home/java/temp dir/"); cmd.addArg("--version"); - assertThat(cmd.toQuotedString(" "), is("java '-Djava.io.tmpdir=/home/java/temp dir/' --version")); + assertThat(cmd.toQuotedString(), is("java '-Djava.io.tmpdir=/home/java/temp dir/' --version")); } @Test @@ -34,7 +34,7 @@ public void testSimpleHomeNoSpace() { CommandLineBuilder cmd = new CommandLineBuilder("java"); cmd.addEqualsArg("-Djetty.home", "/opt/jetty"); - assertThat(cmd.toQuotedString(" "), is("java -Djetty.home=/opt/jetty")); + assertThat(cmd.toQuotedString(), is("java -Djetty.home=/opt/jetty")); } @Test @@ -42,7 +42,7 @@ public void testSimpleHomeWithSpace() { CommandLineBuilder cmd = new CommandLineBuilder("java"); cmd.addEqualsArg("-Djetty.home", "/opt/jetty 10/home"); - assertThat(cmd.toQuotedString(" "), is("java '-Djetty.home=/opt/jetty 10/home'")); + assertThat(cmd.toQuotedString(), is("java '-Djetty.home=/opt/jetty 10/home'")); } @Test @@ -51,7 +51,7 @@ public void testEscapedFormattingString() CommandLineBuilder cmd = new CommandLineBuilder("java"); cmd.addEqualsArg("-Djetty.home", "/opt/jetty"); cmd.addEqualsArg("jetty.requestlog.formatter", "%{client}a - %u %{dd/MMM/yyyy:HH:mm:ss ZZZ|GMT}t \"%r\" %s %O \"%{Referer}i\" \"%{User-Agent}i\""); - assertThat(cmd.toQuotedString(" "), is("java -Djetty.home=/opt/jetty 'jetty.requestlog.formatter=%{client}a - %u %{dd/MMM/yyyy:HH:mm:ss ZZZ|GMT}t \"%r\" %s %O \"%{Referer}i\" \"%{User-Agent}i\"'")); + assertThat(cmd.toQuotedString(), is("java -Djetty.home=/opt/jetty 'jetty.requestlog.formatter=%{client}a - %u %{dd/MMM/yyyy:HH:mm:ss ZZZ|GMT}t \"%r\" %s %O \"%{Referer}i\" \"%{User-Agent}i\"'")); } @Test @@ -60,6 +60,6 @@ public void testEscapeUnicode() CommandLineBuilder cmd = new CommandLineBuilder("java"); cmd.addEqualsArg("-Djetty.home", "/opt/jetty"); cmd.addEqualsArg("monetary.symbol", "€"); - assertThat(cmd.toQuotedString(" "), is("java -Djetty.home=/opt/jetty monetary.symbol=€")); + assertThat(cmd.toQuotedString(), is("java -Djetty.home=/opt/jetty monetary.symbol=€")); } } From 20c9b02a8ff99743e767b66ad169763e33f56f38 Mon Sep 17 00:00:00 2001 From: Joakim Erdfelt Date: Thu, 23 Mar 2023 15:19:32 -0500 Subject: [PATCH 16/16] Fix broken javadoc Signed-off-by: Joakim Erdfelt --- .../main/java/org/eclipse/jetty/start/CommandLineBuilder.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/jetty-start/src/main/java/org/eclipse/jetty/start/CommandLineBuilder.java b/jetty-start/src/main/java/org/eclipse/jetty/start/CommandLineBuilder.java index bccedcd28102..7020159ec1fe 100644 --- a/jetty-start/src/main/java/org/eclipse/jetty/start/CommandLineBuilder.java +++ b/jetty-start/src/main/java/org/eclipse/jetty/start/CommandLineBuilder.java @@ -59,7 +59,7 @@ public static String findJavaBin() * * @param arg the argument to quote * @return the quoted and escaped argument - * @deprecated no replacement, quoting is done by {@link #toQuotedString(String)} now. + * @deprecated no replacement, quoting is done by {@link #toQuotedString()} now. */ @Deprecated public static String quote(String arg)