[5] Infinite loop potential in processing error in StandardWrapperValve.java??

Tim Funk Sun, 31 Aug 2003 17:22:49 +0000

When I added the code to use PropertyUtils.getProperty in determining the root cause, I noticed it can cause an infinite loop.

// Extra aggressive rootCause finding
do {
    try {
        rootCauseCheck = (Throwable)PropertyUtils.getProperty
                                    (rootCause, "rootCause");
        if (rootCauseCheck!=null)
            rootCause = rootCauseCheck;

    } catch (...) {
        rootCauseCheck = null;
    }
} while (rootCauseCheck != null);

------------------------------------------
If we have a malicious user who does this:
{
  ...
  ServletException e = new ServletException();
  throw new ServletException(e);
}

We can get a non-recursive infinite loop in the error handling logic.

Is this a cause for concern? I would guess so in shared environments but this is not a problem in tightly controlled (enterprise/private) environments.

Comments?

-Tim

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[5] Infinite loop potential in processing error in StandardWrapperValve.java??

Reply via email to