[camel] branch master updated: CAMEL-12355: simple - Body.ognl function should validate that OGNL starts with a dot

[da...@apache.org]

This is an automated email from the ASF dual-hosted git repository.

davsclaus pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/camel.git


The following commit(s) were added to refs/heads/master by this push:
     new 38318ed  CAMEL-12355: simple - Body.ognl function should validate that OGNL starts with a dot
38318ed is described below

commit 38318ed4c4f2410aceafed08e808e415aba8d4bd
Author: Claus Ibsen <cl...@gmail.com>
AuthorDate: Fri Mar 16 09:57:31 2018 +0100

    CAMEL-12355: simple - Body.ognl function should validate that OGNL starts with a dot
---
 .../language/simple/ast/SimpleFunctionExpression.java      |  4 +++-
 .../java/org/apache/camel/language/simple/SimpleTest.java  | 14 ++++++++++++++
 .../java/org/apache/camel/catalog/CamelCatalogTest.java    |  7 +++++++
 3 files changed, 24 insertions(+), 1 deletion(-)

diff --git a/camel-core/src/main/java/org/apache/camel/language/simple/ast/SimpleFunctionExpression.java b/camel-core/src/main/java/org/apache/camel/language/simple/ast/SimpleFunctionExpression.java
index 7c4caf3..b3c5674 100644
--- a/camel-core/src/main/java/org/apache/camel/language/simple/ast/SimpleFunctionExpression.java
+++ b/camel-core/src/main/java/org/apache/camel/language/simple/ast/SimpleFunctionExpression.java
@@ -306,7 +306,9 @@ public class SimpleFunctionExpression extends LiteralExpression {
             remainder = ifStartsWithReturnRemainder("in.body", function);
         }
         if (remainder != null) {
-            boolean invalid = OgnlHelper.isInvalidValidOgnlExpression(remainder);
+            // OGNL must start with a . ? or [
+            boolean ognlStart = remainder.startsWith(".") || remainder.startsWith("?") || remainder.startsWith("[");
+            boolean invalid = !ognlStart || OgnlHelper.isInvalidValidOgnlExpression(remainder);
             if (invalid) {
                 throw new SimpleParserException("Valid syntax: ${body.OGNL} was: " + function, token.getIndex());
             }
diff --git a/camel-core/src/test/java/org/apache/camel/language/simple/SimpleTest.java b/camel-core/src/test/java/org/apache/camel/language/simple/SimpleTest.java
index 0f1e357..71ccc22 100644
--- a/camel-core/src/test/java/org/apache/camel/language/simple/SimpleTest.java
+++ b/camel-core/src/test/java/org/apache/camel/language/simple/SimpleTest.java
@@ -40,6 +40,7 @@ import org.apache.camel.impl.JndiRegistry;
 import org.apache.camel.language.bean.RuntimeBeanExpressionException;
 import org.apache.camel.language.simple.types.SimpleIllegalSyntaxException;
 import org.apache.camel.spi.Language;
+
 /**
  * @version
  */
@@ -154,6 +155,19 @@ public class SimpleTest extends LanguageTestSupport {
         assertNotNull(exp);
     }
 
+    public void testBodyOgnlExpression() throws Exception {
+        Expression exp = SimpleLanguage.simple("${body.xxx}");
+        assertNotNull(exp);
+        
+        // must start with a dot
+        try {
+            SimpleLanguage.simple("${bodyxxx}");
+            fail("Should throw exception");
+        } catch (SimpleIllegalSyntaxException e) {
+            // expected
+        }
+    }
+
     public void testBodyExpressionUsingAlternativeStartToken() throws Exception {
         Expression exp = SimpleLanguage.simple("$simple{body}");
         assertNotNull(exp);
diff --git a/platforms/camel-catalog/src/test/java/org/apache/camel/catalog/CamelCatalogTest.java b/platforms/camel-catalog/src/test/java/org/apache/camel/catalog/CamelCatalogTest.java
index b825e90..bb9173d 100644
--- a/platforms/camel-catalog/src/test/java/org/apache/camel/catalog/CamelCatalogTest.java
+++ b/platforms/camel-catalog/src/test/java/org/apache/camel/catalog/CamelCatalogTest.java
@@ -983,6 +983,13 @@ public class CamelCatalogTest {
         assertTrue(result.getError().startsWith("expected symbol functionEnd but was eol at location 5"));
         assertEquals("expected symbol functionEnd but was eol", result.getShortError());
         assertEquals(5, result.getIndex());
+
+        result = catalog.validateSimpleExpression(null, "${bodyxxx}");
+        assertFalse(result.isSuccess());
+        assertEquals("${bodyxxx}", result.getSimple());
+        LOG.info(result.getError());
+        assertEquals("Valid syntax: ${body.OGNL} was: bodyxxx", result.getShortError());
+        assertEquals(0, result.getIndex());
     }
 
     @Test

-- 
To stop receiving notification emails like this one, please contact
davsclaus@apache.org.