1: …… 2: public void f() { 3: Properties props = new Properties(); 4: .... 5: if ( in !=null && in.available() > 0 ) { 6: props.load(in); 7: if ( props == null || props.isEmpty() ) 8: return ; 9: } 10: String type = props.getProperty("type"); 11: Worker w; 12: 13: // 외부에서 입력된 type값의 유효성을 검증하지 않고 있다. 14: try { 15: Class workClass = Class.forName(type + "Worker"); 16: w = (Worker) workClass.newInstance(); 17: w.doAction(); 18: } catch (ClassNotFoundException e) { …… } 19: …… 20: } 21: 22: abstract class Worker { 23: String work = ""; 24: public abstract void doAction(); 25: }