Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

On Java8Shim class, better to catch Throwable instead of Error #338

Open
JuanMiguelBG-Ticarum opened this issue Apr 18, 2024 · 1 comment
Open

On Java8Shim class, better to catch Throwable instead of Error #338

JuanMiguelBG-Ticarum opened this issue Apr 18, 2024 · 1 comment

Comments

@JuanMiguelBG-Ticarum
Copy link

JuanMiguelBG-Ticarum commented Apr 18, 2024
edited
Loading

We working with PrimeFaces v13.0.8, that has a dependency with owasp-java-html-sanitizer.

With the 0240325.1 version, it has two new dependencies:

  • Java 8 Shim
  • Java 10 Shim

We working with Weblogic 12.2 and JDK 8.

When the application starts and process the class org.owasp.shim.Java8Shim, loading the static initializer block (line 21), with code

_instance = Class.forName("org.owasp.shim.ForJava9AndLater").newInstance();

The classloader returns a java.lang.ClassNotFoundException intead a java.lang.Error (or subclasses).

java.lang.ClassNotFoundException: Class, org.owasp.shim.ForJava9AndLater, was compiled with an incompatible version of Java. Make sure that all the classes needed by the application have been compiled with a compatible java version.

The originally error it's a java.lang.UnsupportedClassVersionError but the servers filters it and returns the exception that isn't catched, resulting in an application deploy error.

<18-abr-2024 11H59' CEST> <Error> <Class Loaders> <BEA-2162500> <Class, org.owasp.shim.ForJava9AndLater, was compiled with an incompatible version of Java. Ensure that all the classes needed by the application have been compiled with a compatible java version. java.lang.UnsupportedClassVersionError: org/owasp/shim/ForJava9AndLater has been compiled by a more recent version of the Java Runtime (class file version 54.0), this version of the Java Runtime only recognizes class file versions up to 52.0
java.lang.UnsupportedClassVersionError: org/owasp/shim/ForJava9AndLater has been compiled by a more recent version of the Java Runtime (class file version 54.0), this version of the Java Runtime only recognizes class file versions up to 52.0
	at java.lang.ClassLoader.defineClass1(Native Method)
	at java.lang.ClassLoader.defineClass(ClassLoader.java:756)
	at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
	at weblogic.utils.classloaders.GenericClassLoader.defineClassInternal(GenericClassLoader.java:1113)
	at weblogic.utils.classloaders.GenericClassLoader.defineClass(GenericClassLoader.java:1046)
	Truncated.
@csware csware mentioned this issue Aug 21, 2024
Open
@jlp01eprinsa
Copy link

Same problem here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@JuanMiguelBG-Ticarum @jlp01eprinsa