You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2011/04/10 12:35:55 UTC

svn commit: r1090766 - in /tomcat/trunk: java/org/apache/jasper/compiler/JspUtil.java java/org/apache/jasper/compiler/Parser.java java/org/apache/jasper/resources/LocalStrings.properties webapps/docs/changelog.xml

Author: markt
Date: Sun Apr 10 10:35:55 2011
New Revision: 1090766

URL: http://svn.apache.org/viewvc?rev=1090766&view=rev
Log:
Check tag file attribute names are valid Java identifiers

Modified:
    tomcat/trunk/java/org/apache/jasper/compiler/JspUtil.java
    tomcat/trunk/java/org/apache/jasper/compiler/Parser.java
    tomcat/trunk/java/org/apache/jasper/resources/LocalStrings.properties
    tomcat/trunk/webapps/docs/changelog.xml

Modified: tomcat/trunk/java/org/apache/jasper/compiler/JspUtil.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/jasper/compiler/JspUtil.java?rev=1090766&r1=1090765&r2=1090766&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/jasper/compiler/JspUtil.java (original)
+++ tomcat/trunk/java/org/apache/jasper/compiler/JspUtil.java Sun Apr 10 10:35:55 2011
@@ -858,6 +858,31 @@ public class JspUtil {
         return false;
     }
 
+    public static boolean isJavaIdentifier(String key) {
+        // Should not be the case but check to be sure
+        if (key == null || key.length() == 0) {
+            return false;
+        }
+        
+        if (isJavaKeyword(key)) {
+            return false;
+        }
+
+        // Check the start character that has more restrictions
+        if (!Character.isJavaIdentifierStart(key.charAt(0))) {
+            return false;
+        }
+
+        // Check each remaining character used is permitted
+        for (int idx = 1; idx < key.length(); idx++) {
+            if (!Character.isJavaIdentifierPart(key.charAt(idx))) {
+                return false;
+            }
+        }
+        
+        return true;
+    }
+
     static InputStreamReader getReader(String fname, String encoding,
             JarFile jarFile, JspCompilationContext ctxt, ErrorDispatcher err)
             throws JasperException, IOException {

Modified: tomcat/trunk/java/org/apache/jasper/compiler/Parser.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/jasper/compiler/Parser.java?rev=1090766&r1=1090765&r2=1090766&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/jasper/compiler/Parser.java (original)
+++ tomcat/trunk/java/org/apache/jasper/compiler/Parser.java Sun Apr 10 10:35:55 2011
@@ -593,6 +593,18 @@ class Parser implements TagConstants {
      */
     private void parseAttributeDirective(Node parent) throws JasperException {
         Attributes attrs = parseAttributes();
+        // JSP.8.3 says the variable created for each attribute must have the
+        // same name as the attribute. Therefore, the names must be valid Java
+        // identifiers
+        if (attrs != null && attrs.getLength() > 0) {
+            for (int i = 0; i < attrs.getLength(); i++) {
+                if ("name".equals(attrs.getLocalName(i)) &&
+                        !JspUtil.isJavaIdentifier(attrs.getValue(i))) {
+                    err.jspError(start, "jsp.error.identifier",
+                            attrs.getValue(i));
+                }
+            }
+        }
         new Node.AttributeDirective(attrs, start, parent);
     }
 

Modified: tomcat/trunk/java/org/apache/jasper/resources/LocalStrings.properties
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/jasper/resources/LocalStrings.properties?rev=1090766&r1=1090765&r2=1090766&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/jasper/resources/LocalStrings.properties (original)
+++ tomcat/trunk/java/org/apache/jasper/resources/LocalStrings.properties Sun Apr 10 10:35:55 2011
@@ -486,4 +486,6 @@ jsp.message.jsp_removed_excess=Removing 
 jsp.message.jsp_removed_idle=Removing idle JSP for path [{0}] in context [{1}] after {2} seconds");
 jsp.message.jsp_unload_check=Checking JSPs for unload in context [{0}], JSP count: {1} queue length: {2}
 
+jsp.error.identifier=The attribute name [{0}] is invalid since it is not a valid Java identifier
+
 xmlParser.skipBomFail=Failed to skip BOM when parsing XML input stream

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1090766&r1=1090765&r2=1090766&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Sun Apr 10 10:35:55 2011
@@ -77,6 +77,10 @@
         Label JSP/tag file line and column numbers when reporting errors since
         it may not be immediately obvious what the numbers represent. (markt)
       </add>
+      <fix>
+        <bug>36362</bug>: Check that tag file attribute names are valid Java
+        identifiers. (markt)
+      </fix>
     </changelog>
   </subsection>
   <subsection name="Web applications">



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org