jaxrpc xml parser can corrupt map entries
Opened this issue · 4 comments
The InputEntity.java class processes the input XML using 2k buffers. If the XML map value spans a buffer boundary then duplicate characters can be introduced leader to data corruption and very difficult to diagnose bugs in client applications.
If the XML looks like this:
com.sun.identity.agents.config.notenforced.uri [0]=and the value is [0]=, this bug will mean the map entry value will end up looking like this [[0]=. If the XML example ends up in the buffer like this:
1]">serviceType=iPlanetAMWebAgentService|class=com.sun.identity.policy.plugins.HttpURLResourceName|wildcard=*|delimiter=/|caseSensitive=falsecom.sun.identity.agents.config.logout.url.probe.timeout2000com.sun.identity.agents.config.audit.accesstypeLOG_NONEcom.sun.identity.agents.config.webservice.autherror.contentWSAuthErrorContent.txtcom.sun.identity.agents.config.logout.url.prioritizedtruecom.sun.identity.agents.config.fqdn.defaultamers1.mydetails.login.cp.reutest.netcom.sun.identity.idm.remote.notification.enabledtruecom.sun.identity.agents.config.bypass.principal[0]=com.sun.identity.agents.config.notenforced.uri[0]
Notice the value spans the buffer boundary. The problem is due to the processing starting at 0 rather than 1 when the buffer is switched. Fix is attached. This is a diff on InputEntity.java from the tag JAXRPC_1_1_3_01_PKG_041406, but the issue is still present in trunk
Affected Versions
[current]
- Issue Imported From: https://github.com/javaee/jax-rpc-ri/issues/48
- Original Issue Raised By:@glassfishrobot
- Original Issue Assigned To: @glassfishrobot
@glassfishrobot Commented
Reported by sjferris
@glassfishrobot Commented
File: jaxrpc.bug.diff
Attached By: sjferris
@glassfishrobot Commented
This issue was imported from java.net JIRA JAX_RPC-48