root
/
spring-framework
mirror of https://github.com/spring-projects/spring-framework.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Defensively use Class.forName instead of ClassLoader.loadClass 

Issue: SPR-17333
This commit is contained in:
Juergen Hoeller 2018-10-09 23:14:05 +02:00
parent d9e7253532
commit fdf340306d
2 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
spring-core/src/main/java/org/springframework/util/ClassUtils.java
View File

@ -272,7 +272,7 @@ public abstract class ClassUtils {
clToUse = getDefaultClassLoader(); clToUse = getDefaultClassLoader();
} }
try { try {
return (clToUse != null ? clToUse.loadClass(name) : Class.forName(name)); return Class.forName(name, false, clToUse);
} }
catch (ClassNotFoundException ex) { catch (ClassNotFoundException ex) {
int lastDotIndex = name.lastIndexOf(PACKAGE_SEPARATOR); int lastDotIndex = name.lastIndexOf(PACKAGE_SEPARATOR);
@ -280,7 +280,7 @@ public abstract class ClassUtils {
String innerClassName = String innerClassName =
name.substring(0, lastDotIndex) + INNER_CLASS_SEPARATOR + name.substring(lastDotIndex + 1); name.substring(0, lastDotIndex) + INNER_CLASS_SEPARATOR + name.substring(lastDotIndex + 1);
try { try {
return (clToUse != null ? clToUse.loadClass(innerClassName) : Class.forName(innerClassName)); return Class.forName(innerClassName, false, clToUse);
} }
catch (ClassNotFoundException ex2) { catch (ClassNotFoundException ex2) {
// Swallow - let original exception get through // Swallow - let original exception get through

6
spring-jcl/src/main/java/org/apache/commons/logging/LogAdapter.java
View File

@ -42,19 +42,19 @@ final class LogAdapter {
ClassLoader cl = LogAdapter.class.getClassLoader(); ClassLoader cl = LogAdapter.class.getClassLoader();
try { try {
// Try Log4j 2.x API // Try Log4j 2.x API
cl.loadClass("org.apache.logging.log4j.spi.ExtendedLogger"); Class.forName("org.apache.logging.log4j.spi.ExtendedLogger", false, cl);
logApi = LogApi.LOG4J; logApi = LogApi.LOG4J;
} }
catch (ClassNotFoundException ex1) { catch (ClassNotFoundException ex1) {
try { try {
// Try SLF4J 1.7 SPI // Try SLF4J 1.7 SPI
cl.loadClass("org.slf4j.spi.LocationAwareLogger"); Class.forName("org.slf4j.spi.LocationAwareLogger", false, cl);
logApi = LogApi.SLF4J_LAL; logApi = LogApi.SLF4J_LAL;
} }
catch (ClassNotFoundException ex2) { catch (ClassNotFoundException ex2) {
try { try {
// Try SLF4J 1.7 API // Try SLF4J 1.7 API
cl.loadClass("org.slf4j.Logger"); Class.forName("org.slf4j.Logger", false, cl);
logApi = LogApi.SLF4J; logApi = LogApi.SLF4J;
} }
catch (ClassNotFoundException ex3) { catch (ClassNotFoundException ex3) {