Add tests to not load files that are not valid/sane class names (from theorbtwo)

[catagits/Catalyst-Runtime.git] / lib / Catalyst / Utils.pm

diff --git a/lib/Catalyst/Utils.pm b/lib/Catalyst/Utils.pm
index 0598f53..fd23d95 100644 (file)
--- a/lib/Catalyst/Utils.pm
+++ b/lib/Catalyst/Utils.pm
@@ -233,10 +233,15 @@ sub request {
     return $request;
 }
 
-=head2 ensure_class_loaded($class_name)
+=head2 ensure_class_loaded($class_name, \%opts)
 
 Loads the class unless it already has been loaded.
 
+If $opts{ignore_loaded} is true always tries the require whether the package
+already exists or not. Only pass this if you're either (a) sure you know the
+file exists on disk or (b) have code to catch the file not found exception
+that will result if it doesn't.
+
 =cut
 
 sub ensure_class_loaded {
@@ -246,6 +251,12 @@ sub ensure_class_loaded {
     croak "Malformed class Name $class"
         if $class =~ m/(?:\b\:\b|\:{3,})/;
 
+    croak "Malformed class Name $class"
+        if $class =~ m/[^\w:]/;
+
+    croak "ensure_class_loaded should be given a classname, not a filename ($class)"
+        if $class =~ m/\.pm$/;
+
     return if !$opts->{ ignore_loaded }
         && Class::Inspector->loaded( $class ); # if a symbol entry exists we don't load again
 
@@ -253,7 +264,7 @@ sub ensure_class_loaded {
     my $error;
     {
         local $@;
-        eval "require $class";
+        eval "require $class;";
         $error = $@;
     }