108d1c64b3
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Findings Ledger CI / build-test (push) Has been cancelled
Findings Ledger CI / migration-validation (push) Has been cancelled
Scanner Analyzers / Discover Analyzers (push) Has been cancelled
Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled
AOC Guard CI / aoc-guard (push) Has been cancelled
Concelier Attestation Tests / attestation-tests (push) Has been cancelled
cryptopro-linux-csp / build-and-test (push) Has been cancelled
Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled
Signals CI & Image / signals-ci (push) Has been cancelled
sm-remote-ci / build-and-test (push) Has been cancelled
Findings Ledger CI / generate-manifest (push) Has been cancelled
AOC Guard CI / aoc-verify (push) Has been cancelled
Scanner Analyzers / Build Analyzers (push) Has been cancelled
Scanner Analyzers / Test Language Analyzers (push) Has been cancelled
Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled
Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled
30 lines
895 B
Java
30 lines
895 B
Java
package bench.reachability.springreflection;
|
|
|
|
import java.util.Map;
|
|
|
|
public class ReflectController {
|
|
// Reflection sink: user controls Class.forName target
|
|
public static Response run(Map<String, String> body) {
|
|
String className = body.get("class");
|
|
if (className == null || className.isBlank()) {
|
|
return new Response(400, "bad request");
|
|
}
|
|
try {
|
|
Class<?> type = Class.forName(className);
|
|
Object instance = type.getDeclaredConstructor().newInstance();
|
|
return new Response(200, instance.toString());
|
|
} catch (Exception ex) {
|
|
return new Response(500, ex.getClass().getSimpleName());
|
|
}
|
|
}
|
|
|
|
public record Response(int status, String body) {}
|
|
|
|
public static class Marker {
|
|
@Override
|
|
public String toString() {
|
|
return "marker";
|
|
}
|
|
}
|
|
}
|