Details

    • Type: Language-Specification
    • Status: Deprecated
    • Resolution: Unresolved
    • Labels:
      None
    • Impact:
      Unknown 'null' severity
    • Likelihood:
      Unknown 'null' severity

      Description

      Questionable Code Example

      // === javax.xml.xpath.XPath ===
      import javax.xml.namespace.QName;
      import javax.xml.xpath.XPath;
      
      import org.xml.sax.InputSource;
      
      class M {
          void foo(XPath xpath, String expression, InputSource source, QName returnType, Object item) throws Exception {
              xpath.compile(expression); // Questionable
              xpath.evaluate(expression, source); // Questionable
              xpath.evaluate(expression, source, returnType); // Questionable
              xpath.evaluate(expression, item); // Questionable
              xpath.evaluate(expression, item, returnType); // Questionable
          }
      }
      
      // === Apache XML Security ===
      import org.apache.xml.utils.PrefixResolver;
      import org.apache.xml.security.utils.XPathAPI;
      import org.w3c.dom.Node;
      
      class M {
          void foo(XPathAPI api, Node contextNode, String str, Node namespaceNode, PrefixResolver prefixResolver,
                  Node xpathnode) throws Exception {
              api.evaluate(contextNode, xpathnode, str, namespaceNode); // Questionable
              api.selectNodeList(contextNode, xpathnode, str, namespaceNode); // Questionable
          }
      }
      
      // === Apache Xalan ===
      import org.apache.xml.utils.PrefixResolver;
      import org.apache.xpath.XPathAPI;
      import org.w3c.dom.Node;
      
      class M {
          void foo(XPathAPI api, Node contextNode, String str, Node namespaceNode, PrefixResolver prefixResolver)
                  throws Exception {
              XPathAPI.eval(contextNode, str); // Questionable
              XPathAPI.eval(contextNode, str, namespaceNode); // Questionable
              XPathAPI.eval(contextNode, str, prefixResolver); // Questionable
              XPathAPI.selectNodeIterator(contextNode, str); // Questionable
              XPathAPI.selectNodeIterator(contextNode, str, namespaceNode); // Questionable
              XPathAPI.selectNodeList(contextNode, str); // Questionable
              XPathAPI.selectNodeList(contextNode, str, namespaceNode); // Questionable
              XPathAPI.selectSingleNode(contextNode, str); // Questionable
              XPathAPI.selectSingleNode(contextNode, str, namespaceNode); // Questionable
          }
      }
      
      // === org.apache.commons.jxpath ===
      import org.apache.commons.jxpath.JXPathContext;
      
      abstract class A extends JXPathContext{
          A(JXPathContext compilationContext, Object contextBean) {
              super(compilationContext, contextBean);
          }
      
      
          void foo(JXPathContext context, String str, Object obj, Class<?> requiredType) {
              JXPathContext.compile(str); // Questionable
              this.compilePath(str); // Questionable
              context.createPath(str); // Questionable
              context.createPathAndSetValue(str, obj); // Questionable
              context.getPointer(str); // Questionable
              context.getValue(str); // Questionable
              context.getValue(str, requiredType); // Questionable
              context.iterate(str); // Questionable
              context.iteratePointers(str); // Questionable
              context.removeAll(str); // Questionable
              context.removePath(str); // Questionable
              context.selectNodes(str); // Questionable
              context.selectSingleNode(str); // Questionable
              context.setValue(str, obj); // Questionable
          }
      }
      

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              nicolas.harraudeau Nicolas Harraudeau
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated: