Execute Java code that is stored in the database

Question

I have Java code that is regularly pushed to the database (it is too complicated to explain why it is in the database, and that would just turn the focus away from the main question).

During runtime I query the database. Can I execute the code I get from the database? I am only storing the content of the main method in the code. The server on which the database runs is an HTTP server.

Example code from the database (just for reference):

int i = 10;
int j = 2;
int k = i*j;
System.out.println("Result is " + k);

Expected output:

Result is 20

So does your db include the source code or/and the bytecode? — msrd0, Oct 06 '14 at 13:32
You could dynamically build a java class with the code from db then run it. — brso05, Oct 06 '14 at 13:37
@user3760419 Do you store complete classes? Or only the content if the main method? And do you access your database using an HTTP Server or how? — msrd0, Oct 06 '14 at 13:51
@msrd0, I am storing only content of the main method and it's a HTTP server — user3760419, Oct 06 '14 at 14:05
possible duplicate of [Is there an eval() function in Java?](http://stackoverflow.com/questions/2605032/is-there-an-eval-function-in-java) — Dan Bechard, Oct 06 '14 at 14:06
possible duplicate of [Run piece of code contained in a String](http://stackoverflow.com/questions/4389232/run-piece-of-code-contained-in-a-string) — Juru, Oct 06 '14 at 14:13

Ιναη ßαbαηιη · Accepted Answer · 2014-10-06T14:13:16.987

Any Java program is correct Groovy program. So you can add Groovy dependency to your project and then using GroovyShell execute your code:

GroovyShell shell = new GroovyShell();
shell.evaluate(code);

So in your case:

GroovyShell shell = new GroovyShell();
shell.evaluate("int i = 10;\n" +
        "int j = 2;\n" +
        "int k = i*j;\n" +
        "System.out.println(\"Result is \" + k);");

And output:

Result is 20

Or you can use ScriptEngineManager (more common way):

ScriptEngineManager manager = new ScriptEngineManager();
ScriptEngine engine = manager.getEngineByName("groovy");
engine.eval("int i = 10;\n" +
        "int j = 2;\n" +
        "int k = i*j;\n" +
         "System.out.println(\"Result is \" + k);");

But anyway, you need to add Groovy to your depedencies.

score 0 · Answer 2 · answered Oct 06 '14 at 14:25

You could build the java source code and then load the java class using reflection. Therefore, add a new Servlet to your HTTP Server, call it getJar, and put the following in the doGet method (assuming you have already created the DB connection):

File tmp = File.createTempFile("java-code-", ".java");
PrintWriter out = new PrintWriter(new FileWriter(tmp), true);
String classname = tmp.getName().substring(0, tmp.getName().length()-5);
out.println("public class " + classname);
out.println("{");
out.println("    public static void executeCode ()");
out.println("    {");
out.println(connection.executeQuery("SELECT java-code FROM yourDb WHERE name='"
        + request.getParameter("name").replace("'", "''") + "';");
out.println("    }");
out.println("}");
out.close();
Runtime.getRuntime().exec("javac \"" + tmp.getAbsolutePath() + "\"").waitFor();
Runtime.getRuntime().exec("jar cfe \"" + tmp.getAbsolutePath() + ".jar\" \""
         + classname + "\" \"" + tmp.getAbsolutePath() + "\"");
InputStream in = new InputStream(new FileInputStream(tmp.getAbsolutePath() + ".jar"));
int read; byte[] buf = new byte[4096];
while ((read = in.read(buf)) != null)
    response.getOutputStream().write(buf, 0, read);
in.close();

Now, you can receive it and create a ClassLoader for it, and then execute it:

ClassLoader cl = new URLClassLoader("http://localhost/getJar?name=whatever");
Class c = cl.loadClass(classname);
c.getMethod("executeCode").invoke(null);

Execute Java code that is stored in the database

2 Answers2

Linked