Merge remote-tracking branch 'origin/master-1.19-lts' into master-1.20-lts

rubensworks · rubensworks · commit 8f00932a0c30 · 2025-02-21T16:03:10.000+01:00
diff --git a/resources/changelog/1.19.2-1.0.10.txt b/resources/changelog/1.19.2-1.0.10.txt
@@ -0,0 +1,6 @@
+As always, don't forget to backup your world before updating!
+Requires CyclopsCore version 1.19.0 or higher.
+
+Changes:
+* Restrict access to parts of the Java API
+  They can still be enabled if desired by the server admin.
diff --git a/src/main/java/org/cyclops/integratedscripting/GeneralConfig.java b/src/main/java/org/cyclops/integratedscripting/GeneralConfig.java
@@ -22,20 +22,40 @@ public class GeneralConfig extends DummyConfig {
     @ConfigurableProperty(category = "general", comment = "The minimum number of ticks inbetween sending a script change packet from client to server.", minimalValue = 0, configLocation = ModConfig.Type.SERVER)
     public static int terminalScriptingClientSyncTickInterval = 20;
 
-    @ConfigurableProperty(category = "general", comment = "If new processes can be created from guest languages.", configLocation = ModConfig.Type.SERVER)
+    @ConfigurableProperty(category = "general", comment = "If new processes can be created from guest languages. Only enable this on private servers and if you know what you are doing.", configLocation = ModConfig.Type.SERVER)
     public static boolean graalAllowCreateProcess = false;
-    @ConfigurableProperty(category = "general", comment = "If new threads can be created from guest languages.", configLocation = ModConfig.Type.SERVER)
+    @ConfigurableProperty(category = "general", comment = "If new threads can be created from guest languages. Only enable this on private servers and if you know what you are doing.", configLocation = ModConfig.Type.SERVER)
     public static boolean graalAllowCreateThread = false;
-    @ConfigurableProperty(category = "general", comment = "If IO is allowed from guest languages.", configLocation = ModConfig.Type.SERVER)
+    @ConfigurableProperty(category = "general", comment = "If IO is allowed from guest languages. Only enable this on private servers and if you know what you are doing.", configLocation = ModConfig.Type.SERVER)
     public static boolean graalAllowIo = false;
-    @ConfigurableProperty(category = "general", comment = "If host class loading is allowed from guest languages.", configLocation = ModConfig.Type.SERVER)
+    @ConfigurableProperty(category = "general", comment = "If host class loading is allowed from guest languages. Only enable this on private servers and if you know what you are doing.", configLocation = ModConfig.Type.SERVER)
     public static boolean graalAllowHostClassLoading = false;
-    @ConfigurableProperty(category = "general", comment = "If experimental options can be used in guest languages.", configLocation = ModConfig.Type.SERVER)
+    @ConfigurableProperty(category = "general", comment = "If experimental options can be used in guest languages. Only enable this on private servers and if you know what you are doing.", configLocation = ModConfig.Type.SERVER)
     public static boolean graalAllowExperimentalOptions = false;
-    @ConfigurableProperty(category = "general", comment = "If environment variables can be accessed from guest languages.", configLocation = ModConfig.Type.SERVER)
+    @ConfigurableProperty(category = "general", comment = "If environment variables can be accessed from guest languages. Only enable this on private servers and if you know what you are doing.", configLocation = ModConfig.Type.SERVER)
     public static boolean graalAllowEnvironment = false;
-    @ConfigurableProperty(category = "general", comment = "If the native interface can be accessed from guest languages.", configLocation = ModConfig.Type.SERVER)
+    @ConfigurableProperty(category = "general", comment = "If the native interface can be accessed from guest languages. Only enable this on private servers and if you know what you are doing.", configLocation = ModConfig.Type.SERVER)
     public static boolean graalAllowNative = false;
+    @ConfigurableProperty(category = "general", comment = "If all Java public constructors should be accessible. Only enable this on private servers and if you know what you are doing.", configLocation = ModConfig.Type.SERVER)
+    public static boolean graalAllowHostPublicAccess = false;
+    @ConfigurableProperty(category = "general", comment = "Allow guest languages to implement any Java interface. Only enable this on private servers and if you know what you are doing.", configLocation = ModConfig.Type.SERVER)
+    public static boolean graalAllowHostAllImplementations = false;
+    @ConfigurableProperty(category = "general", comment = "Allow guest languages to implement (extend) any Java class. Only enable this on private servers and if you know what you are doing.", configLocation = ModConfig.Type.SERVER)
+    public static boolean graalAllowHostAllClassImplementations = false;
+    @ConfigurableProperty(category = "general", comment = "Allows the guest application to access arrays as values with array elements.", configLocation = ModConfig.Type.SERVER)
+    public static boolean graalAllowHostArrayAccess = true;
+    @ConfigurableProperty(category = "general", comment = "Allows the guest application to access lists as values with array elements and iterators.", configLocation = ModConfig.Type.SERVER)
+    public static boolean graalAllowHostListAccess = true;
+    @ConfigurableProperty(category = "general", comment = "Allows the guest application to access java. nio. ByteBuffers as values with buffer elements.", configLocation = ModConfig.Type.SERVER)
+    public static boolean graalAllowHostBufferAccess = true;
+    @ConfigurableProperty(category = "general", comment = "Allows the guest application to access iterables as values with iterators.", configLocation = ModConfig.Type.SERVER)
+    public static boolean graalAllowHostIterableAccess = true;
+    @ConfigurableProperty(category = "general", comment = "Allows the guest application to access iterators as iterator values.", configLocation = ModConfig.Type.SERVER)
+    public static boolean graalAllowHostIteratorAccess = true;
+    @ConfigurableProperty(category = "general", comment = "Allows the guest application to access map as hash values.", configLocation = ModConfig.Type.SERVER)
+    public static boolean graalAllowHostMapAccess = true;
+    @ConfigurableProperty(category = "general", comment = "Allows the guest application to inherit access to allowed methods, i. e. implementations of allowed abstract and interface methods and overrides of allowed concrete methods. Only enable this on private servers and if you know what you are doing.", configLocation = ModConfig.Type.SERVER)
+    public static boolean graalAllowHostAccessInheritance = false;
     @ConfigurableProperty(category = "general", comment = "The maximum number of statements that can be executed in one evaluation. This is to avoid infinite loops or very complex programs. Set to -1 to disable limit (not recommended).", configLocation = ModConfig.Type.SERVER, minimalValue = -1)
     public static int graalStatementLimit = 16384;
     @ConfigurableProperty(category = "general", comment = "The maximum number of lines in stdout and stderr script log files. Set to -1 to disable limit.", minimalValue = -1, configLocation = ModConfig.Type.SERVER)
diff --git a/src/main/java/org/cyclops/integratedscripting/evaluate/ScriptHelpers.java b/src/main/java/org/cyclops/integratedscripting/evaluate/ScriptHelpers.java
@@ -8,12 +8,7 @@
 import org.cyclops.integratedscripting.GeneralConfig;
 import org.cyclops.integratedscripting.api.evaluate.translation.IEvaluationExceptionFactory;
 import org.cyclops.integratedscripting.evaluate.translation.ValueTranslators;
-import org.graalvm.polyglot.Context;
-import org.graalvm.polyglot.Engine;
-import org.graalvm.polyglot.EnvironmentAccess;
-import org.graalvm.polyglot.HostAccess;
-import org.graalvm.polyglot.ResourceLimits;
-import org.graalvm.polyglot.Value;
+import org.graalvm.polyglot.*;
 
 import javax.annotation.Nullable;
 import java.nio.file.Path;
@@ -42,7 +37,18 @@ public static Context createBaseContext(@Nullable Function<Context.Builder, Cont
                 .allowExperimentalOptions(GeneralConfig.graalAllowExperimentalOptions)
                 .allowEnvironmentAccess(GeneralConfig.graalAllowEnvironment ? EnvironmentAccess.INHERIT : EnvironmentAccess.NONE)
                 .allowNativeAccess(GeneralConfig.graalAllowNative)
-                .allowHostAccess(HostAccess.ALL)
+                .allowHostAccess(HostAccess.newBuilder()
+                        .allowPublicAccess(GeneralConfig.graalAllowHostPublicAccess)
+                        .allowAllImplementations(GeneralConfig.graalAllowHostAllImplementations)
+                        .allowAllClassImplementations(GeneralConfig.graalAllowHostAllClassImplementations)
+                        .allowArrayAccess(GeneralConfig.graalAllowHostArrayAccess)
+                        .allowListAccess(GeneralConfig.graalAllowHostListAccess)
+                        .allowBufferAccess(GeneralConfig.graalAllowHostBufferAccess)
+                        .allowIterableAccess(GeneralConfig.graalAllowHostIterableAccess)
+                        .allowIteratorAccess(GeneralConfig.graalAllowHostIteratorAccess)
+                        .allowMapAccess(GeneralConfig.graalAllowHostMapAccess)
+                        .allowAccessInheritance(GeneralConfig.graalAllowHostAccessInheritance)
+                        .build())
                 .allowInnerContextOptions(false);
         if (GeneralConfig.graalStatementLimit > 0) {
             contextBuilder = contextBuilder.resourceLimits(ResourceLimits.newBuilder()
