Validate Jiffle input variable names according to grammar, escape javadocs when including Jiffle sources in output

Author: aaime

jt-jiffle/jt-jiffle-language/src/main/java/it/geosolutions/jaiext/jiffle/Jiffle.java

@@ -128,7 +128,7 @@ public class Jiffle {
 
     public static final Logger LOGGER = Logger.getLogger(Jiffle.class.getName());
 
-    private static Pattern BLOCK_COMMENT_STRIPPER = Pattern.compile("(?:/\\*(?:[^*]|(?:\\*+[^*/]))*\\*+/)");
+    boolean includeScript;
 
     /** 
      * Constants for runtime model. Jiffle supports two runtime models:
@@ -272,7 +272,20 @@ public Jiffle(File scriptFile, Map<String, Jiffle.ImageRole> params)
         setImageParams(params);
         compile();
     }
-    
+
+    /**
+     * Returns true if the script is to be included in the output
+     *
+     * @return
+     */
+    public boolean isIncludeScript() {
+        return includeScript;
+    }
+
+    public void setIncludeScript(boolean includeScript) {
+        this.includeScript = includeScript;
+    }
+
     /**
      * Sets the script. Calling this method will clear any previous script
      * and runtime objects.
@@ -481,7 +494,7 @@ public JiffleDirectRuntime getRuntimeInstance() throws
      */
     public JiffleRuntime getRuntimeInstance(Jiffle.RuntimeModel model) throws
             it.geosolutions.jaiext.jiffle.JiffleException {
-        return createRuntimeInstance(model, getRuntimeBaseClass(model), false);
+        return createRuntimeInstance(model, getRuntimeBaseClass(model), includeScript);
     }
 
     /**
@@ -512,7 +525,7 @@ public <T extends JiffleRuntime> T getRuntimeInstance(Class<T> baseClass) throws
                     " does not implement a required Jiffle runtime interface");
         }
 
-        return (T) createRuntimeInstance(model, baseClass, false);
+        return (T) createRuntimeInstance(model, baseClass, includeScript);
     }
 
     private JiffleRuntime createRuntimeInstance(RuntimeModel model, Class<? extends JiffleRuntime> runtimeClass, boolean scriptInDocs) throws
@@ -558,7 +571,14 @@ private JiffleRuntime createRuntimeInstance(RuntimeModel model, Class<? extends
             return runtime;
 
         } catch (Exception ex) {
-            throw new it.geosolutions.jaiext.jiffle.JiffleException("Runtime source error for source: " + runtimeSource, ex);
+            // do not display the source code in indirect runtime exception messages
+            if (model == RuntimeModel.INDIRECT) {
+                if (LOGGER.isLoggable(Level.FINE)) {
+                    LOGGER.fine("Runtime source error for source: " + runtimeSource);
+                }
+                throw new JiffleException("Runtime source error", ex);
+            }
+            throw new JiffleException("Runtime source error for source: " + runtimeSource, ex);
         }
     }
 
@@ -613,22 +633,17 @@ private Class<? extends JiffleRuntime> getRuntimeBaseClass(RuntimeModel model) {
         return baseClass;
     }
 
-    private String createRuntimeSource(RuntimeModel model, String baseClassName, boolean scriptInDocs) {
+    private String createRuntimeSource(RuntimeModel model, String baseClassName,
+                                       boolean scriptInDocs) {
+        SourceWriter writer = new SourceWriter(model);
         if (scriptInDocs) {
-            throw new RuntimeException("Do no know how to clean the block comments yet");
+            writer.setScript(theScript);
         }
-
-        SourceWriter writer = new SourceWriter(model);
-        writer.setScript(stripComments(theScript));
         writer.setBaseClassName(baseClassName);
         scriptModel.write(writer);
         return writer.getSource();
     }
 
-    private String stripComments(String theScript) {
-        return BLOCK_COMMENT_STRIPPER.matcher(theScript).replaceAll("");
-    }
-
     /**
      * Initializes this object's name and runtime base class.
      */
@@ -648,6 +663,7 @@ private void clearCompiledObjects() {
 
     /**
      * Builds the parse tree from the script.
+     *
      * @param script
      */
     private static Jiffle.Result<ParseTree> parseScript(String script) {

jt-jiffle/jt-jiffle-language/src/main/java/it/geosolutions/jaiext/jiffle/parser/node/Script.java

@@ -52,13 +52,17 @@
 import it.geosolutions.jaiext.jiffle.parser.UndefinedOptionException;
 
 import java.util.Collections;
-import java.util.List;
 import java.util.Map;
 import java.util.Objects;
 import java.util.Set;
+import java.util.regex.Pattern;
 
 /** @author michael */
 public class Script implements Node {
+
+    /** <pre>ID      : (Letter) (Letter | UNDERSCORE | Digit | Dot)*</pre> */
+    private static final Pattern VALID_IDENTIFIER = Pattern.compile("^[a-zA-Z][_a-zA-Z0-9\\.]*$");
+
     private final StatementList stmts;
     private final RepeatedReadOptimizer readOptimizer;
     private Map<String, String> options;
@@ -79,6 +83,20 @@ public Script(
         this.globals = globals;
         this.stmts = stmts;
         this.readOptimizer = readOptimizer;
+        validate();
+    }
+
+    private void validate() {
+        for (String name : sourceImages) {
+            if (!VALID_IDENTIFIER.matcher(name).matches()) {
+                throw new JiffleParserException("Invalid source image name: " + name);
+            }
+        }
+        for (String name : destImages) {
+            if (!VALID_IDENTIFIER.matcher(name).matches()) {
+                throw new JiffleParserException("Invalid dest image name: " + name);
+            }
+        }
     }
 
     public void write(SourceWriter w) {
@@ -97,11 +115,13 @@ public void write(SourceWriter w) {
             String[] lines = script.split("\n");
             w.line("/**");
             w.line(" * Java runtime class generated from the following Jiffle script: ");
-            w.line(" *<code>");
+            w.line(" *<pre>");
             for (String line : lines) {
-                w.append(" * ").append(line).newLine();
+                // In case the script itself includes comments, they best to be escaped
+                String escaped = line.replace("*/", "*&#47;").replace("/*", "&#47;*");
+                w.append(" * ").append(escaped).newLine();
             }
-            w.line(" *</code>");
+            w.line(" *</pre>");
             w.line(" */");
         }
 

jt-jiffle/jt-jiffle-language/src/test/java/it/geosolutions/jaiext/jiffle/runtime/JiffleRuntimeTest.java

@@ -0,0 +1,61 @@
+/* JAI-Ext - OpenSource Java Advanced Image Extensions Library
+ *    http://www.geo-solutions.it/
+ *    Copyright 2018 GeoSolutions
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package it.geosolutions.jaiext.jiffle.runtime;
+
+import it.geosolutions.jaiext.jiffle.Jiffle;
+import it.geosolutions.jaiext.jiffle.JiffleException;
+import org.junit.Test;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+
+public class JiffleRuntimeTest {
+
+    @Test
+    public void testSkipSource() throws Exception {
+        Jiffle jiffle = getJiffleWithComment();
+        String source = jiffle.getRuntimeSource(false);
+
+        // by default, it does not contain the source
+        assertFalse(source.contains("This is a comment"));
+    }
+
+    @Test
+    public void testEscapeSource() throws Exception {
+        Jiffle jiffle = getJiffleWithComment();
+        String source = jiffle.getRuntimeSource(true);
+
+        // source is in the javadocs, and properly escaped
+        assertTrue(source.contains("* /* This is a comment */"));
+        assertTrue(source.contains("* dest=10;"));
+    }
+
+    private Jiffle getJiffleWithComment() throws JiffleException {
+        String script = "/* This is a comment */\ndest=10;";
+        Jiffle jiffle = new Jiffle();
+        jiffle.setScript(script);
+        Map<String, Jiffle.ImageRole> params = new HashMap<>();
+        params.put("dest", Jiffle.ImageRole.DEST);
+        jiffle.setImageParams(params);
+
+        jiffle.compile();
+        return jiffle;
+    }
+}

jt-jiffle/jt-jiffle-language/src/test/java/it/geosolutions/jaiext/jiffle/runtime/ScriptTest.java

@@ -0,0 +1,73 @@
+/* JAI-Ext - OpenSource Java Advanced Image Extensions Library
+ *    http://www.geo-solutions.it/
+ *    Copyright 2018 GeoSolutions
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package it.geosolutions.jaiext.jiffle.runtime;
+
+import it.geosolutions.jaiext.jiffle.Jiffle;
+import it.geosolutions.jaiext.jiffle.JiffleException;
+import it.geosolutions.jaiext.jiffle.parser.JiffleParserException;
+import org.junit.Assert;
+import org.junit.Test;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import static org.junit.Assert.assertEquals;
+
+public class ScriptTest {
+
+    @Test
+    public void testValidateSourceImages() throws Exception {
+        checkInvalidSourceName("a b");
+        checkInvalidSourceName("99a");
+        checkInvalidSourceName("#abc");
+        checkInvalidSourceName("/abc");
+        checkInvalidSourceName("{abc");
+    }
+
+    @Test
+    public void testValidateDestinationImages() throws Exception {
+        checkInvalidDestinationName("a b");
+        checkInvalidDestinationName("99a");
+        checkInvalidDestinationName("#abc");
+        checkInvalidDestinationName("/abc");
+        checkInvalidDestinationName("{abc");
+    }
+
+    private void checkInvalidSourceName(String name) throws JiffleException {
+        Jiffle jiffle = new Jiffle();
+        jiffle.setScript("dst=0;");
+        Map<String, Jiffle.ImageRole> params = new HashMap<>();
+        params.put(name, Jiffle.ImageRole.SOURCE);
+        jiffle.setImageParams(params);
+
+        JiffleParserException exception =
+                Assert.assertThrows(JiffleParserException.class, () -> jiffle.compile());
+        assertEquals("Invalid source image name: " + name, exception.getMessage());
+    }
+
+    private void checkInvalidDestinationName(String name) throws JiffleException {
+        Jiffle jiffle = new Jiffle();
+        jiffle.setScript("dst=0;");
+        Map<String, Jiffle.ImageRole> params = new HashMap<>();
+        params.put(name, Jiffle.ImageRole.DEST);
+        jiffle.setImageParams(params);
+
+        JiffleParserException exception =
+                Assert.assertThrows(JiffleParserException.class, () -> jiffle.compile());
+        assertEquals("Invalid dest image name: " + name, exception.getMessage());
+    }
+}