0

I'm working on a Java Sandboxing system with Play Framework. I've to deal with users who are going to upload a jar file (which can contain malicious code) on a server thanks to Play. The Play controller uploads the jar file in a "upload" directory and loads it into my Sandbox :

public static Result upload(){
        // Get the form
        MultipartFormData body = request().body().asMultipartFormData();

        // Get all files parts
        List<FilePart> fileparts = body.getFiles();

        for(FilePart filepart : fileparts)
        {
            if (filepart != null) {
                String fileName = filepart.getFilename();
                File file = filepart.getFile();
                String pathToJar = Play.application().path() + "/upload/" + fileName;
                file.renameTo(new File(pathToJar));
                // Load the Bot in a sandboxed environment
                Referee.loadJarBot("file:/" + pathToJar);
            }
        }
        // Debug message
        return ok("Uploaded");
    }

This code works pretty well. The Referee class will open the Jar file and instanciate a BotSample class from this Jar. BotSample implements a MyrmesPlayer interface.

public class BotSample implements MyrmesPlayer

Here's the code which open the Jar file and create a new instance of BotSample :

public static void loadJarBot(String pathToJar){
        try
        {
            // Load the Jar file
            URL url = new URL(pathToJar);
            URLClassLoader cl = new URLClassLoader(new URL[] { url });


            // Load the bot class
            Class<?> botClass = cl.loadClass("myrmes.bot.app.BotSample");

            /* Problem comes here */
            final MyrmesPlayer myrmesPlayer = (MyrmesPlayer) botClass.newInstance();


            /* ... */

        } 
        catch (Exception e)
        {
            e.printStackTrace();
        }
    }

The cast from BotSample to MyrmesPlayer throws a ClassCastException although MyrmesPlayer is higher than BotSample in the class hierarchy, why ? O_o

    java.lang.ClassCastException: myrmes.bot.app.BotSample cannot be cast to myrmes.
    bot.api.MyrmesPlayer
            at myrmes.referee.app.Referee.loadJarBot(Referee.java:31)
            at controllers.Application.upload(Application.java:40)
            at Routes$$anonfun$routes$1$$anonfun$applyOrElse$3$$anonfun$apply$3.appl
    y(routes_routing.scala:81)
            at Routes$$anonfun$routes$1$$anonfun$applyOrElse$3$$anonfun$apply$3.appl
    y(routes_routing.scala:81)
            at play.core.Router$HandlerInvoker$$anon$6$$anon$2.invocation(Router.sca
    la:164)
            at play.core.Router$Routes$$anon$1.invocation(Router.scala:345)
        at play.core.j.JavaAction$$anon$1.call(JavaAction.scala:31)
        at play.core.j.JavaAction$$anon$2.apply(JavaAction.scala:74)
        at play.core.j.JavaAction$$anon$2.apply(JavaAction.scala:73)
        at play.libs.F$Promise$PromiseActor.onReceive(F.java:420)
        at akka.actor.UntypedActor$$anonfun$receive$1.applyOrElse(UntypedActor.s
cala:159)
        at akka.actor.ActorCell.receiveMessage(ActorCell.scala:425)
        at akka.actor.ActorCell.invoke(ActorCell.scala:386)
        at akka.dispatch.Mailbox.processMailbox(Mailbox.scala:230)
        at akka.dispatch.Mailbox.run(Mailbox.scala:212)
        at akka.dispatch.ForkJoinExecutorConfigurator$MailboxExecutionTask.exec(
AbstractDispatcher.scala:502)
        at scala.concurrent.forkjoin.ForkJoinTask.doExec(ForkJoinTask.java:262)
        at scala.concurrent.forkjoin.ForkJoinPool$WorkQueue.runTask(ForkJoinPool
.java:975)
        at scala.concurrent.forkjoin.ForkJoinPool.runWorker(ForkJoinPool.java:14
78)
        at scala.concurrent.forkjoin.ForkJoinWorkerThread.run(ForkJoinWorkerThre
ad.java:104)

Moreover, if I use this loadJarBot method in a standalone application (ie pure Java without Play), this code works perfectly.

Thanks in advance for your help

ulrich
  • 1
  • The usual suspect would be that you have the `play` jar duplicated in your classpath – SJuan76 Jun 17 '13 at 21:28
  • To load the class, you are using a different classloader than the current one (you use cl to load the bot, but MyrmesPlayer is loaded with `Referee.class.getClassLoader()`) – Nulano Dec 22 '14 at 14:27

2 Answers2

0

I've found why it didn't work. Play uses is own Classloader and i tried to cast a class on an instance called by an other Classloader. Classes loaded by different classloaders are completly differents.

I've to use Java Reflection to call methods according to : cast across classloader?

Community
  • 1
  • 1
ulrich
  • 1
0

For casting across classloader (or rather replicating objects between different classloaders) have a look at the Transloader library. As for sandboxing, you might take a look at the recent java-sandbox project. May I ask, how you implemented your sandbox?

Arno Mittelbach
  • 952
  • 5
  • 12