diff --git a/tools/aegis4j/build.gradle b/tools/aegis4j/build.gradle index b179618b11..411e4517c8 100644 --- a/tools/aegis4j/build.gradle +++ b/tools/aegis4j/build.gradle @@ -1,5 +1,6 @@ plugins { id 'java' + id 'kotlin' id 'jacoco' id 'eclipse' id 'signing' @@ -32,6 +33,7 @@ dependencies { } testImplementation "com.google.guava:guava:$guava_version" testImplementation "org.yaml:snakeyaml:1.33" + testImplementation "org.jetbrains.kotlin:kotlin-stdlib-jdk8:$kotlin_version" } sourceCompatibility = 8 diff --git a/tools/aegis4j/src/test/java/net/gredler/aegis4j/CVE_2020_29582.java b/tools/aegis4j/src/test/java/net/gredler/aegis4j/CVE_2020_29582.java new file mode 100644 index 0000000000..d4be994185 --- /dev/null +++ b/tools/aegis4j/src/test/java/net/gredler/aegis4j/CVE_2020_29582.java @@ -0,0 +1,41 @@ +/* Copyright (c) 2022, Daniel Gredler. All rights reserved. */ + +package net.gredler.aegis4j; + +import org.junit.jupiter.api.AfterAll; +import org.junit.jupiter.api.Test; + +import static org.junit.jupiter.api.Assertions.assertEquals; +import static org.junit.jupiter.api.Assertions.fail; + +/** + * Tests Kotlin blocking. + */ +public class CVE_2020_29582 { + @AfterAll + public static void uninstallAgent() throws Exception { + System.clearProperty("aegis4j.additional.args"); + } + + @Test + public void testDir() throws Exception { + TestUtils.installAgent("path=../resources/test/kotlin-mods.properties"); + try { + new KotlinStdLibUtils().kotlinCreateTempDir(); + fail("Exception expected"); + } catch (RuntimeException e) { + assertEquals("Kotlin createTempDir blocked by aegis4j", e.getMessage()); + } + } + + @Test + public void testFile() throws Exception { + TestUtils.installAgent("path=../resources/test/kotlin-mods.properties"); + try { + new KotlinStdLibUtils().kotlinCreateTempFile(); + fail("Exception expected"); + } catch (RuntimeException e) { + assertEquals("Kotlin createTempFile blocked by aegis4j", e.getMessage()); + } + } +} diff --git a/tools/aegis4j/src/test/kotlin/net/gredler/aegis4j/KotlinStdLibUtils.kt b/tools/aegis4j/src/test/kotlin/net/gredler/aegis4j/KotlinStdLibUtils.kt new file mode 100644 index 0000000000..c107d1a2b3 --- /dev/null +++ b/tools/aegis4j/src/test/kotlin/net/gredler/aegis4j/KotlinStdLibUtils.kt @@ -0,0 +1,12 @@ +package net.gredler.aegis4j + +class KotlinStdLibUtils { + + fun kotlinCreateTempDir() { + createTempDir() + } + + fun kotlinCreateTempFile() { + createTempFile() + } +} \ No newline at end of file diff --git a/tools/aegis4j/src/test/resources/kotlin-mods.properties b/tools/aegis4j/src/test/resources/kotlin-mods.properties new file mode 100644 index 0000000000..0121644cd1 --- /dev/null +++ b/tools/aegis4j/src/test/resources/kotlin-mods.properties @@ -0,0 +1,4 @@ +# format: ..= +# CVE-2020-29582 +KOTLIN.kotlin.io.FilesKt__UtilsKt.createTempDir=throw new java.lang.RuntimeException("Kotlin createTempDir blocked by aegis4j"); +KOTLIN.kotlin.io.FilesKt__UtilsKt.createTempFile=throw new java.lang.RuntimeException("Kotlin createTempFile blocked by aegis4j"); diff --git a/tools/aegis4j/src/test/resources/snakeyaml-mods.properties b/tools/aegis4j/src/test/resources/snakeyaml-mods.properties index fb117c1956..b584183290 100644 --- a/tools/aegis4j/src/test/resources/snakeyaml-mods.properties +++ b/tools/aegis4j/src/test/resources/snakeyaml-mods.properties @@ -1,8 +1,3 @@ # format: ..= # CVE-2022-1471 SNAKEYAML.org.yaml.snakeyaml.constructor.Constructor.Constructor=throw new java.lang.RuntimeException("SnakeYAML Constructor blocked by aegis4j"); -# CVE-2020-29582 -#KOTLIN.kotlin.io.FilesKt__UtilsKt.createTempDir=throw new java.lang.RuntimeException("Kotlin createTempDir blocked by aegis4j"); -#KOTLIN.kotlin.io.FilesKt__UtilsKt.createTempFile=throw new java.lang.RuntimeException("Kotlin createTempFile blocked by aegis4j"); -# CVE-2020-8908 -#GUAVA.com.google.common.io.Files.createTempDir=throw new java.lang.RuntimeException("Guava createTempDir blocked by aegis4j"); \ No newline at end of file