Axis2-C
  1. Axis2-C
  2. AXIS2C-796

SOAP response message with leading XML comment is treated as invalid envelope

    Details

    • Type: Bug Bug
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 1.1.0
    • Fix Version/s: 1.2.0
    • Component/s: xml/om
    • Labels:
      None
    • Environment:
      Windows XP, Visual Studio 2005

      Description

      In sending a SOAP request to a particular service, I receive a response of the following form:
      <?xml version="1.0" encoding="UTF-8" ?>
      <!-- SOAP 1.1 Message - Powered by Xcentrisity™ Frameware -->
      <env:Envelope xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
      <env:Body>
      ...
      </env:Body>
      </env:Envelope>
      Unfortunately, when this response is received by Axis2C, it is diagnosed as invalid, error 187, SOAP message does not contain a SOAP envelope element.

      Stepping through the code reveals that axiom_stax_builder_create_om_comment() treats a leading comment before the root node as discardable and returns a null pointer. Then in axiom_stax_builder_next_with_token(), a null pointer returned is treated as always being an error.

      My suggested fix is that axiom_stax_builder_next_with_token() should complete the comment element only if one is created, but should always return it as valid and keep scanning. In particular, the comment portion of the switch statement that reads:
      case AXIOM_XML_READER_COMMENT:
      val = axiom_stax_builder_create_om_comment(om_builder, env);
      if (!val)

      { return -1; }

      axiom_stax_builder_end_element(om_builder, env);
      break;
      should read instead:
      case AXIOM_XML_READER_COMMENT:
      val = axiom_stax_builder_create_om_comment(om_builder, env);
      if (val)

      { axiom_stax_builder_end_element(om_builder, env); }

      break;

      In my particular situation, I have verified that making this change allows the returned SOAP response to be processed correctly. I have not tested the other case, of a malformed comment that runs off the document. I hope that the subsequent read for more tokens will terminate nicely when it finds the document empty.

      1. diff.txt
        1.0 kB
        Senaka Fernando

        Activity

        Hide
        Senaka Fernando added a comment -

        Hi Bill,

        Well, axiom_stax_builder simply discards all comments and processing instructions, as they have nothing to do with a SOAP message. That's why a NULL is returned.

        As you say, in axiom_stax_builder_next_with_token(), we should simply continue the scanning instead of returning an invalid token.

        I have tested second scenario, which will yield a "Comment not terminated" error. This error will be logged in your server's log file. However, there are still some issues when you comment out various sections of the SOAP envelope which returns a non-useful "NULL parameter was passed when a non NULL parameter was expected" error, due to some param checks, which I'm looking forward to fix.

        I have tested your suggestion and also added some additional modifications so that processing instructions are also ignored.

        Regards,
        Senaka

        P.S. refer diff.txt for proposed patch.

        Show
        Senaka Fernando added a comment - Hi Bill, Well, axiom_stax_builder simply discards all comments and processing instructions, as they have nothing to do with a SOAP message. That's why a NULL is returned. As you say, in axiom_stax_builder_next_with_token(), we should simply continue the scanning instead of returning an invalid token. I have tested second scenario, which will yield a "Comment not terminated" error. This error will be logged in your server's log file. However, there are still some issues when you comment out various sections of the SOAP envelope which returns a non-useful "NULL parameter was passed when a non NULL parameter was expected" error, due to some param checks, which I'm looking forward to fix. I have tested your suggestion and also added some additional modifications so that processing instructions are also ignored. Regards, Senaka P.S. refer diff.txt for proposed patch.
        Hide
        Dinesh Weerapurage added a comment -

        Patch applied ! Thanks Bill and Senaka for the Input.

        Show
        Dinesh Weerapurage added a comment - Patch applied ! Thanks Bill and Senaka for the Input.
        Hide
        Bill Mitchell added a comment -

        When I tried to test this today, after waiting for other issues to be repaired in op_stax_builder.c, I discovered that the fix was lost, when rev 600441 was applied.

        Show
        Bill Mitchell added a comment - When I tried to test this today, after waiting for other issues to be repaired in op_stax_builder.c, I discovered that the fix was lost, when rev 600441 was applied.
        Hide
        Bill Mitchell added a comment -

        When I tested this today, I discovered that the fix was lost when rev 600441 was applied.

        Show
        Bill Mitchell added a comment - When I tested this today, I discovered that the fix was lost when rev 600441 was applied.
        Hide
        Sanjaya Ratnaweera added a comment -

        Hi bill, I applied the patch again. Please check svn head.

        Show
        Sanjaya Ratnaweera added a comment - Hi bill, I applied the patch again. Please check svn head.
        Hide
        Sanjaya Ratnaweera added a comment -

        Applied the patch again.

        Show
        Sanjaya Ratnaweera added a comment - Applied the patch again.
        Hide
        Bill Mitchell added a comment -

        After updating through svn rev 601466, I have verified that the fix is applied and the behavior is correct.

        Show
        Bill Mitchell added a comment - After updating through svn rev 601466, I have verified that the fix is applied and the behavior is correct.

          People

          • Assignee:
            Dinesh Weerapurage
            Reporter:
            Bill Mitchell
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development