[jira] [Commented] (CXF-7139) BufferOverflowException when decoding a parameter values with a trailing %

Wed, 16 Nov 2016 13:33:17 -0800 

    [ 
https://issues.apache.org/jira/browse/CXF-7139?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15671705#comment-15671705
 ] 

ASF GitHub Bot commented on CXF-7139:
-------------------------------------

GitHub user iammichaelgrant opened a pull request:

    https://github.com/apache/cxf/pull/201

    [CXF-7139] Avoid BufferOverflowException for trailing escape characters

    

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/iammichaelgrant/cxf master

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/cxf/pull/201.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #201
    
----
commit d8d28b2e62c09b63cab4dcb5794712806826113d
Author: Michael Grant <michael.gr...@youview.com>
Date:   2016-11-16T21:30:45Z

    [CXF-7139] Avoid BufferOverflowException for trailing escape characters

----


> BufferOverflowException when decoding a parameter values with a trailing %
> --------------------------------------------------------------------------
>
>                 Key: CXF-7139
>                 URL: https://issues.apache.org/jira/browse/CXF-7139
>             Project: CXF
>          Issue Type: Bug
>          Components: Core
>    Affects Versions: 3.0.4, 3.1.0
>            Reporter: Michael Grant
>            Priority: Minor
>
> When a parameter value contains a trailing {{%}}, a 
> {{BufferOverflowException}} is thrown.
> e.g. a query to our service containing 
> {{http://localhost:8080/test/?parameter=test%}} 
> {code}
> java.nio.BufferOverflowException
>         at java.nio.Buffer.nextPutIndex(Buffer.java:521)
>         at java.nio.HeapByteBuffer.put(HeapByteBuffer.java:169)
>         at org.apache.cxf.common.util.UrlUtils.urlDecode(UrlUtils.java:102)
>         at org.apache.cxf.common.util.UrlUtils.urlDecode(UrlUtils.java:67)
>         at org.apache.cxf.common.util.UrlUtils.urlDecode(UrlUtils.java:122)
>         at org.apache.cxf.jaxrs.utils.HttpUtils.urlDecode(HttpUtils.java:97)
>         at 
> org.apache.cxf.jaxrs.utils.JAXRSUtils.getStructuredParams(JAXRSUtils.java:1262)
>         at 
> org.apache.cxf.jaxrs.utils.JAXRSUtils.getStructuredParams(JAXRSUtils.java:1236)
>         at 
> org.apache.cxf.jaxrs.impl.UriInfoImpl.getQueryParameters(UriInfoImpl.java:115)
>         at 
> org.apache.cxf.jaxrs.impl.UriInfoImpl.getQueryParameters(UriInfoImpl.java:109)
>         at 
> org.apache.cxf.jaxrs.impl.RequestPreprocessor.preprocess(RequestPreprocessor.java:74)
>         at 
> org.apache.cxf.jaxrs.interceptor.JAXRSInInterceptor.processRequest(JAXRSInInterceptor.java:102)
>         at 
> org.apache.cxf.jaxrs.interceptor.JAXRSInInterceptor.handleMessage(JAXRSInInterceptor.java:77)
>         at 
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308)
>         at 
> org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
>         at 
> org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:254)
>         at 
> org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:234)
>         at org.apache.cxf.transport.servlet.ServletController.invoke(Servlet
>         at org.apache.cxf.transport.servlet.ServletController.invoke(Servlet
>         at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNo
>         at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleReques
>         at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doGet(Abstra
>         at javax.servlet.http.HttpServlet.service(HttpServlet.java:622)
>         at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(Abst
>         at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(
>         at org.apache.catalina.core.ApplicationFilterChain.doFilter(Applicat
>         at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.jav
>         at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(
>         at org.apache.catalina.core.ApplicationFilterChain.doFilter(Applicat
>         at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrap
>         at org.apache.catalina.core.StandardContextValve.invoke(StandardCont
>         at org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authen
>         at org.apache.catalina.core.StandardHostValve.invoke(StandardHostVal
>         at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportVal
>         at org.apache.catalina.valves.AbstractAccessLogValve.invoke(Abstract
>         at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngin
>         at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter
>         at org.apache.coyote.http11.AbstractHttp11Processor.process(Abstract
>         at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.proc
>         at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioE
>         at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEnd
>         at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecu
>         at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExec
>         at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(Ta
>         at java.lang.Thread.run(Thread.java:745)
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to