Re: (tomcat) branch main updated: Set context CL before calling XMLInputFactory.newFactory
On Mon, Mar 25, 2024 at 2:09 PM Christopher Schultz
wrote:
>
> Rémy,
>
> On 3/25/24 05:45, r...@apache.org wrote:
> > This is an automated email from the ASF dual-hosted git repository.
> >
> > remm pushed a commit to branch main
> > in repository https://gitbox.apache.org/repos/asf/tomcat.git
> >
> >
> > The following commit(s) were added to refs/heads/main by this push:
> > new 510c71b009 Set context CL before calling
> > XMLInputFactory.newFactory
> > 510c71b009 is described below
> >
> > commit 510c71b009085f94122bc18501d1981322846540
> > Author: remm
> > AuthorDate: Mon Mar 25 10:45:28 2024 +0100
> >
> > Set context CL before calling XMLInputFactory.newFactory
> >
> > Passing the CL to XMLInputFactory.newFactory does not work because it
> > needs an id (basically the concrete class to load).
> > Try the context CL instead.
> > The class is preloaded for previous Tomcat versions so it shouldn't be
> > a
> > security manager issue.
>
> Ugh, sorry about that. Thanks for fixing it.
>
> Setting the ContextClassLoader seems like the wrong approach. Isn't
> there a ClassLoader parameter to newFactory for a reason?
Yes, but there's no way to use the default factory (which is
"com.sun.xml.internal.stream.XMLInputFactoryImpl") with that call
which allows specifying the classloader. Setting null for the factory
doesn't work, same as the interface name. I read the JVM code, but I
could not find a way to make it work.
It seems the user gave you some advice but without testing it ;)
Rémy
> -chris
>
> > ---
> > java/org/apache/jasper/compiler/EncodingDetector.java | 11 +--
> > 1 file changed, 9 insertions(+), 2 deletions(-)
> >
> > diff --git a/java/org/apache/jasper/compiler/EncodingDetector.java
> > b/java/org/apache/jasper/compiler/EncodingDetector.java
> > index cf3b623104..fb7795ca16 100644
> > --- a/java/org/apache/jasper/compiler/EncodingDetector.java
> > +++ b/java/org/apache/jasper/compiler/EncodingDetector.java
> > @@ -35,8 +35,15 @@ class EncodingDetector {
> >
> > private static final XMLInputFactory XML_INPUT_FACTORY;
> > static {
> > -XML_INPUT_FACTORY =
> > XMLInputFactory.newFactory(XMLInputFactory.class.getName(),
> > -EncodingDetector.class.getClassLoader());
> > +ClassLoader oldCl = Thread.currentThread().getContextClassLoader();
> > +try {
> > +
> > Thread.currentThread().setContextClassLoader(EncodingDetector.class.getClassLoader());
> > +XML_INPUT_FACTORY = XMLInputFactory.newFactory();
> > +} finally {
> > +if (oldCl != null) {
> > +Thread.currentThread().setContextClassLoader(oldCl);
> > +}
> > +}
> > }
> >
> > private final String encoding;
> >
> >
> > -
> > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> > For additional commands, e-mail: dev-h...@tomcat.apache.org
> >
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: (tomcat) branch main updated: Set context CL before calling XMLInputFactory.newFactory
Rémy,
On 3/25/24 05:45, r...@apache.org wrote:
This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 510c71b009 Set context CL before calling XMLInputFactory.newFactory
510c71b009 is described below
commit 510c71b009085f94122bc18501d1981322846540
Author: remm
AuthorDate: Mon Mar 25 10:45:28 2024 +0100
Set context CL before calling XMLInputFactory.newFactory
Passing the CL to XMLInputFactory.newFactory does not work because it
needs an id (basically the concrete class to load).
Try the context CL instead.
The class is preloaded for previous Tomcat versions so it shouldn't be a
security manager issue.
Ugh, sorry about that. Thanks for fixing it.
Setting the ContextClassLoader seems like the wrong approach. Isn't
there a ClassLoader parameter to newFactory for a reason?
-chris
---
java/org/apache/jasper/compiler/EncodingDetector.java | 11 +--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/java/org/apache/jasper/compiler/EncodingDetector.java
b/java/org/apache/jasper/compiler/EncodingDetector.java
index cf3b623104..fb7795ca16 100644
--- a/java/org/apache/jasper/compiler/EncodingDetector.java
+++ b/java/org/apache/jasper/compiler/EncodingDetector.java
@@ -35,8 +35,15 @@ class EncodingDetector {
private static final XMLInputFactory XML_INPUT_FACTORY;
static {
-XML_INPUT_FACTORY =
XMLInputFactory.newFactory(XMLInputFactory.class.getName(),
-EncodingDetector.class.getClassLoader());
+ClassLoader oldCl = Thread.currentThread().getContextClassLoader();
+try {
+
Thread.currentThread().setContextClassLoader(EncodingDetector.class.getClassLoader());
+XML_INPUT_FACTORY = XMLInputFactory.newFactory();
+} finally {
+if (oldCl != null) {
+Thread.currentThread().setContextClassLoader(oldCl);
+}
+}
}
private final String encoding;
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat) branch main updated: Set context CL before calling XMLInputFactory.newFactory
This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 510c71b009 Set context CL before calling XMLInputFactory.newFactory
510c71b009 is described below
commit 510c71b009085f94122bc18501d1981322846540
Author: remm
AuthorDate: Mon Mar 25 10:45:28 2024 +0100
Set context CL before calling XMLInputFactory.newFactory
Passing the CL to XMLInputFactory.newFactory does not work because it
needs an id (basically the concrete class to load).
Try the context CL instead.
The class is preloaded for previous Tomcat versions so it shouldn't be a
security manager issue.
---
java/org/apache/jasper/compiler/EncodingDetector.java | 11 +--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/java/org/apache/jasper/compiler/EncodingDetector.java
b/java/org/apache/jasper/compiler/EncodingDetector.java
index cf3b623104..fb7795ca16 100644
--- a/java/org/apache/jasper/compiler/EncodingDetector.java
+++ b/java/org/apache/jasper/compiler/EncodingDetector.java
@@ -35,8 +35,15 @@ class EncodingDetector {
private static final XMLInputFactory XML_INPUT_FACTORY;
static {
-XML_INPUT_FACTORY =
XMLInputFactory.newFactory(XMLInputFactory.class.getName(),
-EncodingDetector.class.getClassLoader());
+ClassLoader oldCl = Thread.currentThread().getContextClassLoader();
+try {
+
Thread.currentThread().setContextClassLoader(EncodingDetector.class.getClassLoader());
+XML_INPUT_FACTORY = XMLInputFactory.newFactory();
+} finally {
+if (oldCl != null) {
+Thread.currentThread().setContextClassLoader(oldCl);
+}
+}
}
private final String encoding;
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
