Reject null and empty SpEL expressions #30373
Assignees
Labels
in: core
Issues in core modules (aop, beans, core, context, expression)
type: backport
An issue that is a backport of another issue to a maintenance branch
type: enhancement
A general enhancement
Milestone
Comments
github-actions
bot
added
in: core
sbrannen
added a commit
that referenced
this issue
Apr 25, 2023
Prior to gh-30325, supplying a null reference for a SpEL expression was effectively equivalent to supplying the String "null" as the expression. Consequently, evaluation of a null reference expression always evaluated to a null reference. However, that was accidental rather than by design. Due to the introduction of the checkExpressionLength(String) method in InternalSpelExpressionParser (in conjunction with gh-30325), an attempt to evaluate a null reference as a SpEL expression now results in a NullPointerException. To address both of these issues, TemplateAwareExpressionParser.parseExpression() and SpelExpressionParser.parseRaw() now reject null and empty SpEL expressions. See gh-30371 Closes gh-30373
|
Closed via 964950a |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Backport of gh-30371
The text was updated successfully, but these errors were encountered: