You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2022/08/18 16:33:30 UTC
[tomcat] branch main updated: Improve handling of stack overflow errors when parsing EL expressions.
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 05c2829fb9 Improve handling of stack overflow errors when parsing EL expressions.
05c2829fb9 is described below
commit 05c2829fb9c49475cb48f5e14ff400e65e2974da
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Thu Aug 18 17:33:01 2022 +0100
Improve handling of stack overflow errors when parsing EL expressions.
---
java/org/apache/el/ExpressionFactoryImpl.java | 5 +++
java/org/apache/el/lang/ExpressionBuilder.java | 6 ++-
java/org/apache/el/util/ExceptionUtils.java | 56 ++++++++++++++++++++++++++
webapps/docs/changelog.xml | 8 ++++
4 files changed, 73 insertions(+), 2 deletions(-)
diff --git a/java/org/apache/el/ExpressionFactoryImpl.java b/java/org/apache/el/ExpressionFactoryImpl.java
index 7f41d8c9d0..82f5cf123b 100644
--- a/java/org/apache/el/ExpressionFactoryImpl.java
+++ b/java/org/apache/el/ExpressionFactoryImpl.java
@@ -25,6 +25,7 @@ import jakarta.el.ValueExpression;
import org.apache.el.lang.ELSupport;
import org.apache.el.lang.ExpressionBuilder;
import org.apache.el.stream.StreamELResolverImpl;
+import org.apache.el.util.ExceptionUtils;
import org.apache.el.util.MessageFactory;
@@ -36,6 +37,10 @@ import org.apache.el.util.MessageFactory;
@aQute.bnd.annotation.spi.ServiceProvider(value=ExpressionFactory.class)
public class ExpressionFactoryImpl extends ExpressionFactory {
+ static {
+ ExceptionUtils.preload();
+ }
+
@Override
public <T> T coerceToType(Object obj, Class<T> type) {
return ELSupport.coerceToType(null, obj, type);
diff --git a/java/org/apache/el/lang/ExpressionBuilder.java b/java/org/apache/el/lang/ExpressionBuilder.java
index a98daac78a..b03b78cbf3 100644
--- a/java/org/apache/el/lang/ExpressionBuilder.java
+++ b/java/org/apache/el/lang/ExpressionBuilder.java
@@ -41,6 +41,7 @@ import org.apache.el.parser.ELParser;
import org.apache.el.parser.Node;
import org.apache.el.parser.NodeVisitor;
import org.apache.el.util.ConcurrentCache;
+import org.apache.el.util.ExceptionUtils;
import org.apache.el.util.MessageFactory;
/**
@@ -139,9 +140,10 @@ public final class ExpressionBuilder implements NodeVisitor {
n = n.jjtGetChild(0);
}
expressionCache.put(expr, n);
- } catch (Exception e) {
+ } catch (Throwable t) {
+ ExceptionUtils.handleThrowable(t);
throw new ELException(
- MessageFactory.get("error.parseFail", expr), e);
+ MessageFactory.get("error.parseFail", expr), t);
} finally {
if (parser != null) {
parserCache.push(parser);
diff --git a/java/org/apache/el/util/ExceptionUtils.java b/java/org/apache/el/util/ExceptionUtils.java
new file mode 100644
index 0000000000..d8a76ff184
--- /dev/null
+++ b/java/org/apache/el/util/ExceptionUtils.java
@@ -0,0 +1,56 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.el.util;
+
+/**
+ * Utilities for handling Throwables and Exceptions.
+ */
+/*
+ * Copied from o.a.t.u.ExceptionUtils
+ */
+public class ExceptionUtils {
+
+ /**
+ * Checks whether the supplied Throwable is one that needs to be
+ * rethrown and swallows all others.
+ * @param t the Throwable to check
+ */
+ public static void handleThrowable(Throwable t) {
+ if (t instanceof ThreadDeath) {
+ throw (ThreadDeath) t;
+ }
+ if (t instanceof StackOverflowError) {
+ // Swallow silently - it should be recoverable
+ return;
+ }
+ if (t instanceof VirtualMachineError) {
+ throw (VirtualMachineError) t;
+ }
+ // All other instances of Throwable will be silently swallowed
+ }
+
+
+ /**
+ * NO-OP method provided to enable simple pre-loading of this class. Since
+ * the class is used extensively in error handling, it is prudent to
+ * pre-load it to avoid any failure to load this class masking the true
+ * problem during error handling.
+ */
+ public static void preload() {
+ // NO-OP
+ }
+}
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index baebf6c075..cf06746507 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -164,6 +164,14 @@
</fix>
</changelog>
</subsection>
+ <subsection name="Jasper">
+ <changelog>
+ <fix>
+ Improve handling of stack overflow errors when parsing EL expressions.
+ (markt)
+ </fix>
+ </changelog>
+ </subsection>
<subsection name="Other">
<changelog>
<fix>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org