This is an automated email from the ASF dual-hosted git repository.
garydgregory pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/commons-beanutils.git
The following commit(s) were added to refs/heads/master by this push:
new 93a7809c Do not initialize arbitrary classes in EnumConverter (#398)
93a7809c is described below
commit 93a7809c9058d821c5277486bc3f0abc950fbe11
Author: Digiscrypt Technologies <[email protected]>
AuthorDate: Sat Jun 27 20:16:10 2026 +0530
Do not initialize arbitrary classes in EnumConverter (#398)
Co-authored-by: digi-scrypt <[email protected]>
---
.../commons/beanutils2/converters/EnumConverter.java | 2 +-
.../beanutils2/converters/EnumConverterTest.java | 18 ++++++++++++++++++
2 files changed, 19 insertions(+), 1 deletion(-)
diff --git
a/src/main/java/org/apache/commons/beanutils2/converters/EnumConverter.java
b/src/main/java/org/apache/commons/beanutils2/converters/EnumConverter.java
index 09c9cdb6..252a305c 100644
--- a/src/main/java/org/apache/commons/beanutils2/converters/EnumConverter.java
+++ b/src/main/java/org/apache/commons/beanutils2/converters/EnumConverter.java
@@ -73,7 +73,7 @@ public final class EnumConverter<E extends Enum<E>> extends
AbstractConverter<En
final String enumValue = stringValue.substring(Math.max(lastHash,
lastDot) + 1);
final String className = stringValue.substring(0,
stringValue.length() - enumValue.length() - 1);
try {
- final Class classForName = Class.forName(className);
+ final Class classForName = Class.forName(className, false,
getClass().getClassLoader());
if (!classForName.isEnum()) {
throw new IllegalArgumentException("Value isn't an
enumerated type.");
}
diff --git
a/src/test/java/org/apache/commons/beanutils2/converters/EnumConverterTest.java
b/src/test/java/org/apache/commons/beanutils2/converters/EnumConverterTest.java
index 5374518b..260d9196 100644
---
a/src/test/java/org/apache/commons/beanutils2/converters/EnumConverterTest.java
+++
b/src/test/java/org/apache/commons/beanutils2/converters/EnumConverterTest.java
@@ -18,6 +18,7 @@
package org.apache.commons.beanutils2.converters;
import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
import static org.junit.jupiter.api.Assertions.assertThrows;
import java.time.DayOfWeek;
@@ -38,6 +39,16 @@ class EnumConverterTest {
ORDERED, READY, DELIVERED;
}
+ /** Set from {@link StaticInitProbe}'s static initializer; read without
touching the probe class. */
+ static volatile boolean probeInitialized;
+
+ /** Non-enum helper whose static initializer records that it ran. */
+ public static final class StaticInitProbe {
+ static {
+ probeInitialized = true;
+ }
+ }
+
private Converter<Enum<PizzaStatus>> converter;
protected Class<?> getExpectedType() {
@@ -108,4 +119,11 @@ class EnumConverterTest {
void testNonExistingClasses() {
assertThrows(ConversionException.class, () ->
converter.convert(Enum.class, "java.lang.does.not.exist#MONDAY"));
}
+
+ @Test
+ void testNonEnumClassIsNotInitialized() {
+ final String name = StaticInitProbe.class.getName() + "#VALUE";
+ assertThrows(ConversionException.class, () ->
converter.convert(Enum.class, name));
+ assertFalse(probeInitialized, "Resolving a non-enum class must not run
its static initializer");
+ }
}
