[jira] [Commented] (CONFIGURATION-793) Error reading a list of complex objects from JSON after 2.3

Mon, 04 Jan 2021 07:20:08 -0800 


    [ 
https://issues.apache.org/jira/browse/CONFIGURATION-793?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17258275#comment-17258275
 ] 

Simon Billingsley commented on CONFIGURATION-793:
-------------------------------------------------

Hello,

There is now a NIST CVE report on my version (2.2): 
[https://nvd.nist.gov/vuln/detail/CVE-2020-1953] 

The report recommends upgrading to at least v2.7 but I cannot do that as I am 
affected by this bug.

> Error reading a list of complex objects from JSON after 2.3
> -----------------------------------------------------------
>
>                 Key: CONFIGURATION-793
>                 URL: https://issues.apache.org/jira/browse/CONFIGURATION-793
>             Project: Commons Configuration
>          Issue Type: Bug
>    Affects Versions: 2.3
>         Environment: JDK 11.0.4
>            Reporter: Cliff Evans
>            Priority: Major
>
> We have just attempted to move from version 2.2 to 2.7 and have encountered 
> and issue whilst attempting to read a List from a JSON formatted 
> configuration file.
> The issue appears to have been introduced in 2.3.
> Adding the following tests to 
> org.apache.commons.configuration2.TestJSONConfiguration will demonstrate the 
> change.  These tests will pass against 2.2 but fail agains 2.3 (and 2.7.)
> https://issues.apache.org/jira/browse/CONFIGURATION-686 appears to have fixed 
> access to lists of complex objects using the dot notation for strings (see 
> testGetProperty_dictionaryInList() in TestJSONConfiguration) but has broken 
> access to the list of complex objects.
>  
> {noformat}
> @Test
> public void testGetList_nested_with_list()
> {
>     assertEquals(Arrays.asList("col1", "col2"),
>                  jsonConfiguration.getList(String.class, "key4.key5"));
> }
> @Test
> public void testGetList() {
>     final List<Map> configList = jsonConfiguration.getList(Map.class, 
> "capitals");
>     assertEquals(configList.size(), 2);
>     assertEquals(configList.get(0).get("country"), "USA");
>     assertEquals(configList.get(0).get("capital"), "Washington");
>     assertEquals(configList.get(1).get("country"), "UK");
>     assertEquals(configList.get(1).get("capital"), "London");
> }
> {noformat}
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to