1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/samples/cloneproblem/test/org/apidesign/cloneproblem/ExploitTest.java Thu Oct 30 21:30:10 2014 +0100
1.3 @@ -0,0 +1,44 @@
1.4 +package org.apidesign.cloneproblem;
1.5 +
1.6 +import java.util.Date;
1.7 +import junit.framework.TestCase;
1.8 +
1.9 +/** Test that would be written by the API hacker.
1.10 + *
1.11 + * @author Jaroslav Tulach <jaroslav.tulach@apidesign.org>
1.12 + */
1.13 +public class ExploitTest extends TestCase {
1.14 + public ExploitTest(String name) {
1.15 + super(name);
1.16 + }
1.17 +
1.18 + public void testExploitOverridableClone() {
1.19 + try {
1.20 + HackedDate now = new HackedDate();
1.21 + HackedDate later = new HackedDate(now.getTime() + 1000);
1.22 +
1.23 + Interval interval = new Interval(now, later);
1.24 + assertEquals("1s", 1000, interval.getLength());
1.25 +
1.26 + fail("And I hoped NullPointerException will be thrown!");
1.27 + } catch (NullPointerException ex) {
1.28 + // success, the quest is to generate NullPointerException!
1.29 + }
1.30 + }
1.31 +
1.32 + // BEGIN: interval.exploit
1.33 + private static class HackedDate extends Date {
1.34 + public HackedDate() {
1.35 + }
1.36 +
1.37 + public HackedDate(long date) {
1.38 + super(date);
1.39 + }
1.40 +
1.41 + @Override
1.42 + public Object clone() {
1.43 + return null;
1.44 + }
1.45 + }
1.46 + // END: interval.exploit
1.47 +}