Bug#745897: fixed in libstruts1.2-java 1.2.9-9
Hideki Yamane
henrich at debian.or.jp
Sun Jun 15 06:35:34 UTC 2014
Hi,
On Sun, 1 Jun 2014 15:03:20 +0900
Nobuhiro Ban <ban.nobuhiro at gmail.com> wrote:
> >+ protected static final Pattern CLASS_ACCESS_PATTERN = Pattern
> >+ .compile("(.*\\.|^|.*|\\[('|\"))class(\\.|('|\")]|\\[).*",
> >+ Pattern.CASE_INSENSITIVE);
>
> It's very strange regexp. Because we know (P1|.*|P2) == .* .
> This pattern will match to words other than "class", eg. "fooClass".
Any class should be accepted, maybe it'd cause some
trouble but non-class should not named as *class, IMHO.
--
Hideki Yamane <henrich at debian.or.jp>
More information about the pkg-java-maintainers
mailing list