https://issues.apache.org/bugzilla/show_bug.cgi?id=57132
Konstantin Kolinko <knst.koli...@gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
OS| |All
--- Comment #2 from Konstantin Kolinko <knst.koli...@gmail.com> ---
The first (main) reported issue fixed by r1633769 and will be in Tomcat 8.0.15.
>
> BTW, there is no control that the class name argument in resolveClass() is
> actually a simple name without a package. JavaEE javadoc says that it should
> be simple name, but there is no control of that fact. JavaEE does not say
> whether it is ELException or IAE to be thrown if such a check were added. I
> think it is an ELException. [1]
>
> [1] http://docs.oracle.com/javaee/7/api/javax/el/ImportHandler.html
The above second issue is still pending. BTW, it can simply return "null"
without reporting any errors.
Also noted the third issue:
ImportHandler.importClass() does not allow to import the exactly same class
twice.
I think that such imports shall be silently swallowed. It boils down to adding
a check whether conflicting Class instances are the same, (conflict == clazz).
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
