414507 AnnotationParser should skip classes in hidden dirs or with . name prefix

This commit is contained in:
Jan Bartel 2013-08-08 12:09:29 +10:00
parent f3f2bce36c
commit f983629434
4 changed files with 78 additions and 4 deletions

View File

@ -59,6 +59,11 @@
<artifactId>junit</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.eclipse.jetty.toolchain</groupId>
<artifactId>jetty-test-helper</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-jndi</artifactId>

View File

@ -526,7 +526,7 @@ public class AnnotationParser
public void parse (Resource dir, ClassNameResolver resolver)
throws Exception
{
if (!dir.isDirectory() || !dir.exists())
if (!dir.isDirectory() || !dir.exists() || dir.getName().startsWith("."))
return;
@ -539,7 +539,7 @@ public class AnnotationParser
if (res.isDirectory())
parse(res, resolver);
String name = res.getName();
if (name.endsWith(".class"))
if (isValidClassFileName(name))
{
if ((resolver == null)|| (!resolver.isExcluded(name) && (!isParsed(name) || resolver.shouldOverride(name))))
{
@ -581,8 +581,12 @@ public class AnnotationParser
{
try
{
//skip directories
if (entry.isDirectory())
return;
String name = entry.getName();
if (name.toLowerCase(Locale.ENGLISH).endsWith(".class"))
if (isValidClassFileName(name))
{
String shortName = name.replace('/', '.').substring(0,name.length()-6);
if ((resolver == null)
@ -625,8 +629,14 @@ public class AnnotationParser
{
try
{
//skip directories
if (entry.isDirectory())
return;
String name = entry.getName();
if (name.toLowerCase(Locale.ENGLISH).endsWith(".class"))
//skip any class files that are in a hidden directory (ie dirname starts with .)
if (isValidClassFileName(name))
{
String shortName = name.replace('/', '.').substring(0,name.length()-6);
@ -650,6 +660,14 @@ public class AnnotationParser
scanner.scan(null, uris, true);
}
/**
* Parse a single jar file for classes.
*
* @param uri
* @param resolver
* @throws Exception
*/
public void parse (URI uri, final ClassNameResolver resolver)
throws Exception
{
@ -659,10 +677,49 @@ public class AnnotationParser
parse(uris, resolver);
}
/**
* Scan a class for annotations.
*
* @param is
* @throws IOException
*/
private void scanClass (InputStream is)
throws IOException
{
ClassReader reader = new ClassReader(is);
reader.accept(new MyClassVisitor(), ClassReader.SKIP_CODE|ClassReader.SKIP_DEBUG|ClassReader.SKIP_FRAMES);
}
/**
* Check that the given path represents a valid class file name.
* The check is fairly cursory, checking that:
* <ul>
* <li> the name ends with .class</li>
* <li> it isn't a dot file or in a hidden directory </li>
* <li> the name of the class at least begins with a valid identifier for a class name </li>
* </ul>
* @param path
* @return
*/
private boolean isValidClassFileName (String path)
{
//skip anything that is not a class file
if (!path.toLowerCase(Locale.ENGLISH).endsWith(".class"))
return false;
//skip any classfiles that are not a valid name
int c0 = 0;
int ldir = path.lastIndexOf('/', path.length()-6);
c0 = (ldir > -1 ? ldir+1 : c0);
if (!Character.isJavaIdentifierStart(path.charAt(c0)))
return false;
//skip any classfiles that are in a hidden directory
if (path.startsWith(".") || path.contains("/."))
return false;
return true;
}
}

View File

@ -18,11 +18,13 @@
package org.eclipse.jetty.annotations;
import java.io.File;
import java.util.Arrays;
import java.util.List;
import org.eclipse.jetty.annotations.AnnotationParser.DiscoverableAnnotationHandler;
import org.eclipse.jetty.annotations.AnnotationParser.Value;
import org.eclipse.jetty.toolchain.test.MavenTestingUtils;
import org.junit.Test;
import static org.junit.Assert.assertEquals;
@ -145,4 +147,14 @@ public class TestAnnotationParser
parser.registerAnnotationHandler("org.eclipse.jetty.annotations.Multi", new MultiAnnotationHandler());
parser.parse(classNames, null);
}
@Test
public void testHiddenFilesInJar () throws Exception
{
File badClassesJar = MavenTestingUtils.getTestResourceFile("bad-classes.jar");
AnnotationParser parser = new AnnotationParser();
parser.parse(badClassesJar.toURI(), null);
//only the valid classes inside bad-classes.jar should be parsed. If any invalid classes are parsed and exception would be thrown here
}
}

Binary file not shown.