svn commit: r1726639 - /tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java

Mon, 25 Jan 2016 07:12:06 -0800 

Author: rjung
Date: Mon Jan 25 15:11:34 2016
New Revision: 1726639

URL: http://svn.apache.org/viewvc?rev=1726639&view=rev
Log:
Move instance variables packageTriggersDeny and
packageTriggersPermit from "Static Variables"
code block to "Instance Variables" block.

Make packageTriggersDeny and packageTriggersPermit
private. They are only used in our filter() method
which is already protected. People wanting to
overwrite filter() should not make their code
dependent on the implementation details
packageTriggersDeny and packageTriggersPermit.

Switch filter() from being synchronized on the
class loader instance to being synchronized
on a separate object packageTriggerLock which
synchronizes only access to the non-thread safe
Matchers packageTriggersDeny and
packageTriggersPermit.

Modified:
    tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java

Modified: 
tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java?rev=1726639&r1=1726638&r2=1726639&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java 
(original)
+++ tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java Mon 
Jan 25 15:11:34 2016
@@ -191,26 +191,6 @@ public abstract class WebappClassLoaderB
     // ------------------------------------------------------- Static Variables
 
     /**
-     * Regular expression of package names which are not allowed to be loaded
-     * from a webapp class loader without delegating first.
-     */
-    protected final Matcher packageTriggersDeny = Pattern.compile(
-            
"^(?:javax[./](?:el|security[./]auth[./]message|servlet|websocket)|" +
-            
"org[./]apache[./](?:catalina|coyote|el|jasper|juli|naming|tomcat))[./]"
-            ).matcher("");
-
-
-    /**
-     * Regular expression of package names which are allowed to be loaded from 
a
-     * webapp class loader without delegating first and override any set by
-     * {@link #packageTriggersDeny}.
-     */
-    protected final Matcher packageTriggersPermit =
-            Pattern.compile("^(?:javax[./]servlet[./]jsp[./]jstl|" +
-                    "org[./]apache[./]tomcat[./]jdbc)[./]").matcher("");
-
-
-    /**
      * The string manager for this package.
      */
     protected static final StringManager sm =
@@ -287,6 +267,33 @@ public abstract class WebappClassLoaderB
     // ----------------------------------------------------- Instance Variables
 
     /**
+     * Synchronization object for access to packageTriggersDeny
+     * and packageTriggersPermit; Matchers are not thread-safe.
+     */
+    private final Object packageTriggerLock = new Object();
+
+
+    /**
+     * Regular expression of package names which are not allowed to be loaded
+     * from a webapp class loader without delegating first.
+     */
+    private final Matcher packageTriggersDeny = Pattern.compile(
+            
"^(?:javax[./](?:el|security[./]auth[./]message|servlet|websocket)|" +
+            
"org[./]apache[./](?:catalina|coyote|el|jasper|juli|naming|tomcat))[./]"
+            ).matcher("");
+
+
+    /**
+     * Regular expression of package names which are allowed to be loaded from 
a
+     * webapp class loader without delegating first and override any set by
+     * {@link #packageTriggersDeny}.
+     */
+    private final Matcher packageTriggersPermit =
+            Pattern.compile("^(?:javax[./]servlet[./]jsp[./]jstl|" +
+                    "org[./]apache[./]tomcat[./]jdbc)[./]").matcher("");
+
+
+    /**
      * Associated web resources for this webapp.
      */
     protected WebResourceRoot resources = null;
@@ -2778,19 +2785,20 @@ public abstract class WebappClassLoaderB
      * @param name class name
      * @return <code>true</code> if the class should be filtered
      */
-    protected synchronized boolean filter(String name) {
+    protected boolean filter(String name) {
 
         if (name == null)
             return false;
 
-        packageTriggersPermit.reset(name);
-        if (packageTriggersPermit.lookingAt()) {
-            return false;
-        }
-
-        packageTriggersDeny.reset(name);
-        if (packageTriggersDeny.lookingAt()) {
-            return true;
+        synchronized(packageTriggerLock) {
+            packageTriggersPermit.reset(name);
+            if (packageTriggersPermit.lookingAt()) {
+                return false;
+            }
+            packageTriggersDeny.reset(name);
+            if (packageTriggersDeny.lookingAt()) {
+                return true;
+            }
         }
 
         return false;



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to