SEC-947: Added check on "before" and "after" values to make sure they don't overflow when decremented/incremented respectfully.
This commit is contained in:
parent
fbeb47d559
commit
3ee3591feb
|
@ -61,20 +61,24 @@ public class OrderedFilterBeanDefinitionDecorator implements BeanDefinitionDecor
|
|||
String position = elt.getAttribute(ATT_POSITION);
|
||||
|
||||
if(ConfigUtils.countNonEmpty(new String[] {after, before, position}) != 1) {
|
||||
pc.getReaderContext().error("A single '" + ATT_AFTER + "', '" + ATT_BEFORE + "', or '" +
|
||||
ATT_POSITION + "' attribute must be supplied", pc.extractSource(elt));
|
||||
pc.getReaderContext().error("A single '" + ATT_AFTER + "', '" + ATT_BEFORE + "', or '" +
|
||||
ATT_POSITION + "' attribute must be supplied", pc.extractSource(elt));
|
||||
}
|
||||
|
||||
if (StringUtils.hasText(position)) {
|
||||
return Integer.toString(FilterChainOrder.getOrder(position));
|
||||
return Integer.toString(FilterChainOrder.getOrder(position));
|
||||
}
|
||||
|
||||
if (StringUtils.hasText(after)) {
|
||||
return Integer.toString(FilterChainOrder.getOrder(after) + 1);
|
||||
int order = FilterChainOrder.getOrder(after);
|
||||
|
||||
return Integer.toString(order == Integer.MAX_VALUE ? order : order + 1);
|
||||
}
|
||||
|
||||
if (StringUtils.hasText(before)) {
|
||||
return Integer.toString(FilterChainOrder.getOrder(before) - 1);
|
||||
int order = FilterChainOrder.getOrder(before);
|
||||
|
||||
return Integer.toString(order == Integer.MIN_VALUE ? order : order - 1);
|
||||
}
|
||||
|
||||
return null;
|
||||
|
@ -121,12 +125,12 @@ public class OrderedFilterBeanDefinitionDecorator implements BeanDefinitionDecor
|
|||
return beanName;
|
||||
}
|
||||
|
||||
public String toString() {
|
||||
return "OrderedFilterDecorator[ delegate=" + delegate + "; order=" + getOrder() + "]";
|
||||
}
|
||||
public String toString() {
|
||||
return "OrderedFilterDecorator[ delegate=" + delegate + "; order=" + getOrder() + "]";
|
||||
}
|
||||
|
||||
Filter getDelegate() {
|
||||
return delegate;
|
||||
}
|
||||
Filter getDelegate() {
|
||||
return delegate;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue