Skip to content

Commit f7c7de9

Browse files
MarkRxMarkRx
committed
JENKINS-62708 PR changes
1 parent ee148dd commit f7c7de9

File tree

2 files changed

+6
-5
lines changed

2 files changed

+6
-5
lines changed

src/main/java/org/jenkinsci/plugins/scriptsecurity/scripts/ScriptApproval.java

Lines changed: 3 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -706,16 +706,14 @@ public synchronized String[] getAclApprovedSignatures() {
706706
public synchronized void setApprovedScriptHashes(String[] scriptHashes) throws IOException {
707707
Jenkins.getInstance().checkPermission(Jenkins.RUN_SCRIPTS);
708708
approvedScriptHashes.clear();
709-
List<String> goodScriptHashes = new ArrayList<>(scriptHashes.length);
710-
Pattern sha1Pattern = Pattern.compile("^[a-fA-F0-9]{40}$");
709+
Pattern sha1Pattern = Pattern.compile("[a-fA-F0-9]{40}");
711710
for (String scriptHash : scriptHashes) {
712711
if (scriptHash != null && sha1Pattern.matcher(scriptHash).matches()) {
713-
goodScriptHashes.add(scriptHash);
712+
approvedScriptHashes.add(scriptHash);
714713
} else {
715-
LOG.warning("Ignoring malformed script hash: " + scriptHash);
714+
LOG.warning(() -> "Ignoring malformed script hash: " + scriptHash);
716715
}
717716
}
718-
approvedScriptHashes.addAll(goodScriptHashes);
719717
save();
720718
reconfigure();
721719
}

src/test/java/org/jenkinsci/plugins/scriptsecurity/scripts/ScriptApprovalTest.java

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -172,6 +172,9 @@ public void upgradeSmokes() throws Exception {
172172
new SecureGroovyScript("jenkins.model.Jenkins.instance", true, null)));
173173
p.getPublishersList().add(new TestGroovyRecorder(
174174
new SecureGroovyScript("println(jenkins.model.Jenkins.instance.getLabels())", false, null)));
175+
r.assertLogNotContains("org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException: "
176+
+ "Scripts not permitted to use staticMethod jenkins.model.Jenkins getInstance",
177+
r.assertBuildStatus(Result.SUCCESS, p.scheduleBuild2(0).get()));
175178
r.assertLogNotContains("org.jenkinsci.plugins.scriptsecurity.scripts.UnapprovedUsageException: script not yet approved for use",
176179
r.assertBuildStatus(Result.SUCCESS, p.scheduleBuild2(0).get()));
177180
}

0 commit comments

Comments
 (0)