You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2011/04/10 12:35:55 UTC
svn commit: r1090766 - in /tomcat/trunk:
java/org/apache/jasper/compiler/JspUtil.java
java/org/apache/jasper/compiler/Parser.java
java/org/apache/jasper/resources/LocalStrings.properties
webapps/docs/changelog.xml
Author: markt
Date: Sun Apr 10 10:35:55 2011
New Revision: 1090766
URL: http://svn.apache.org/viewvc?rev=1090766&view=rev
Log:
Check tag file attribute names are valid Java identifiers
Modified:
tomcat/trunk/java/org/apache/jasper/compiler/JspUtil.java
tomcat/trunk/java/org/apache/jasper/compiler/Parser.java
tomcat/trunk/java/org/apache/jasper/resources/LocalStrings.properties
tomcat/trunk/webapps/docs/changelog.xml
Modified: tomcat/trunk/java/org/apache/jasper/compiler/JspUtil.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/jasper/compiler/JspUtil.java?rev=1090766&r1=1090765&r2=1090766&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/jasper/compiler/JspUtil.java (original)
+++ tomcat/trunk/java/org/apache/jasper/compiler/JspUtil.java Sun Apr 10 10:35:55 2011
@@ -858,6 +858,31 @@ public class JspUtil {
return false;
}
+ public static boolean isJavaIdentifier(String key) {
+ // Should not be the case but check to be sure
+ if (key == null || key.length() == 0) {
+ return false;
+ }
+
+ if (isJavaKeyword(key)) {
+ return false;
+ }
+
+ // Check the start character that has more restrictions
+ if (!Character.isJavaIdentifierStart(key.charAt(0))) {
+ return false;
+ }
+
+ // Check each remaining character used is permitted
+ for (int idx = 1; idx < key.length(); idx++) {
+ if (!Character.isJavaIdentifierPart(key.charAt(idx))) {
+ return false;
+ }
+ }
+
+ return true;
+ }
+
static InputStreamReader getReader(String fname, String encoding,
JarFile jarFile, JspCompilationContext ctxt, ErrorDispatcher err)
throws JasperException, IOException {
Modified: tomcat/trunk/java/org/apache/jasper/compiler/Parser.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/jasper/compiler/Parser.java?rev=1090766&r1=1090765&r2=1090766&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/jasper/compiler/Parser.java (original)
+++ tomcat/trunk/java/org/apache/jasper/compiler/Parser.java Sun Apr 10 10:35:55 2011
@@ -593,6 +593,18 @@ class Parser implements TagConstants {
*/
private void parseAttributeDirective(Node parent) throws JasperException {
Attributes attrs = parseAttributes();
+ // JSP.8.3 says the variable created for each attribute must have the
+ // same name as the attribute. Therefore, the names must be valid Java
+ // identifiers
+ if (attrs != null && attrs.getLength() > 0) {
+ for (int i = 0; i < attrs.getLength(); i++) {
+ if ("name".equals(attrs.getLocalName(i)) &&
+ !JspUtil.isJavaIdentifier(attrs.getValue(i))) {
+ err.jspError(start, "jsp.error.identifier",
+ attrs.getValue(i));
+ }
+ }
+ }
new Node.AttributeDirective(attrs, start, parent);
}
Modified: tomcat/trunk/java/org/apache/jasper/resources/LocalStrings.properties
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/jasper/resources/LocalStrings.properties?rev=1090766&r1=1090765&r2=1090766&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/jasper/resources/LocalStrings.properties (original)
+++ tomcat/trunk/java/org/apache/jasper/resources/LocalStrings.properties Sun Apr 10 10:35:55 2011
@@ -486,4 +486,6 @@ jsp.message.jsp_removed_excess=Removing
jsp.message.jsp_removed_idle=Removing idle JSP for path [{0}] in context [{1}] after {2} seconds");
jsp.message.jsp_unload_check=Checking JSPs for unload in context [{0}], JSP count: {1} queue length: {2}
+jsp.error.identifier=The attribute name [{0}] is invalid since it is not a valid Java identifier
+
xmlParser.skipBomFail=Failed to skip BOM when parsing XML input stream
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1090766&r1=1090765&r2=1090766&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Sun Apr 10 10:35:55 2011
@@ -77,6 +77,10 @@
Label JSP/tag file line and column numbers when reporting errors since
it may not be immediately obvious what the numbers represent. (markt)
</add>
+ <fix>
+ <bug>36362</bug>: Check that tag file attribute names are valid Java
+ identifiers. (markt)
+ </fix>
</changelog>
</subsection>
<subsection name="Web applications">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org