Reject unbalanced parentheses in profile expressions

ProfilesParser.parseTokens() silently accepts unbalanced parentheses
in profile expressions such as "dev)" or "(dev", treating them as
valid. This can lead to unexpected behavior where malformed @Profile
annotations are silently interpreted instead of being rejected.

This commit tightens the validation in parseTokens() to reject:
- Unmatched closing parenthesis at the top level
- Unmatched opening parenthesis when tokens are exhausted

Also fixes an existing test that inadvertently relied on this lenient
behavior by using "spring&framework)" instead of "(spring&framework)".

Fixes gh-36540

Author: daguimu

spring-core/src/main/java/org/springframework/core/env/ProfilesParser.java

@@ -88,13 +88,10 @@ private static Profiles parseTokens(String expression, StringTokenizer tokens, C
 				}
 				case "!" -> elements.add(not(parseTokens(expression, tokens, Context.NEGATE)));
 				case ")" -> {
-					Profiles merged = merge(expression, elements, operator);
 					if (context == Context.PARENTHESIS) {
-						return merged;
+						return merge(expression, elements, operator);
 					}
-					elements.clear();
-					elements.add(merged);
-					operator = null;
+					assertWellFormed(expression, false);
 				}
 				default -> {
 					Profiles value = equals(token);
@@ -105,6 +102,7 @@ private static Profiles parseTokens(String expression, StringTokenizer tokens, C
 				}
 			}
 		}
+		assertWellFormed(expression, context != Context.PARENTHESIS);
 		return merge(expression, elements, operator);
 	}
 

spring-core/src/test/java/org/springframework/core/env/ProfilesTests.java

@@ -155,7 +155,7 @@ void ofAndExpression() {
 
 	@Test
 	void ofAndExpressionWithoutSpaces() {
-		Profiles profiles = Profiles.of("spring&framework)");
+		Profiles profiles = Profiles.of("(spring&framework)");
 		assertAndExpression(profiles);
 	}
 
@@ -292,6 +292,15 @@ void malformedExpressions() {
 		assertMalformed(() -> Profiles.of("a & b | c"));
 	}
 
+	@Test
+	void malformedExpressionsWithUnbalancedParentheses() {
+		assertMalformed(() -> Profiles.of("dev)"));
+		assertMalformed(() -> Profiles.of("(dev"));
+		assertMalformed(() -> Profiles.of("spring&framework)"));
+		assertMalformed(() -> Profiles.of("((dev)"));
+		assertMalformed(() -> Profiles.of("(dev))"));
+	}
+
 	@Test
 	void sensibleToString() {
 		assertThat(Profiles.of("spring")).hasToString("spring");