Uploaded image for project: 'CXF'
  1. CXF
  2. CXF-7139

BufferOverflowException when decoding a parameter values with a trailing %

          Details

          • Type: Bug
          • Status: Closed
          • Priority: Minor
          • Resolution: Fixed
          • Affects Version/s: 3.0.4, 3.1
          • Fix Version/s: 3.1.9, 3.0.12, 3.2.0
          • Component/s: Core
          • Labels:
            None
          • Estimated Complexity:
            Unknown

            Description

            When a parameter value contains a trailing %, a BufferOverflowException is thrown.

            e.g. a query to our service containing http://localhost:8080/test/?parameter=test% 

            java.nio.BufferOverflowException
        at java.nio.Buffer.nextPutIndex(Buffer.java:521)
        at java.nio.HeapByteBuffer.put(HeapByteBuffer.java:169)
        at org.apache.cxf.common.util.UrlUtils.urlDecode(UrlUtils.java:102)
        at org.apache.cxf.common.util.UrlUtils.urlDecode(UrlUtils.java:67)
        at org.apache.cxf.common.util.UrlUtils.urlDecode(UrlUtils.java:122)
        at org.apache.cxf.jaxrs.utils.HttpUtils.urlDecode(HttpUtils.java:97)
        at org.apache.cxf.jaxrs.utils.JAXRSUtils.getStructuredParams(JAXRSUtils.java:1262)
        at org.apache.cxf.jaxrs.utils.JAXRSUtils.getStructuredParams(JAXRSUtils.java:1236)
        at org.apache.cxf.jaxrs.impl.UriInfoImpl.getQueryParameters(UriInfoImpl.java:115)
        at org.apache.cxf.jaxrs.impl.UriInfoImpl.getQueryParameters(UriInfoImpl.java:109)
        at org.apache.cxf.jaxrs.impl.RequestPreprocessor.preprocess(RequestPreprocessor.java:74)
        at org.apache.cxf.jaxrs.interceptor.JAXRSInInterceptor.processRequest(JAXRSInInterceptor.java:102)
        at org.apache.cxf.jaxrs.interceptor.JAXRSInInterceptor.handleMessage(JAXRSInInterceptor.java:77)
        at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308)
        at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
        at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:254)
        at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:234)
        at org.apache.cxf.transport.servlet.ServletController.invoke(Servlet
        at org.apache.cxf.transport.servlet.ServletController.invoke(Servlet
        at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNo
        at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleReques
        at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doGet(Abstra
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:622)
        at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(Abst
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(Applicat
        at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.jav
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(Applicat
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrap
        at org.apache.catalina.core.StandardContextValve.invoke(StandardCont
        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authen
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostVal
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportVal
        at org.apache.catalina.valves.AbstractAccessLogValve.invoke(Abstract
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngin
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter
        at org.apache.coyote.http11.AbstractHttp11Processor.process(Abstract
        at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.proc
        at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioE
        at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEnd
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecu
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExec
        at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(Ta
        at java.lang.Thread.run(Thread.java:745)

              Attachments

                Issue Links

                relates to

                Bug - A problem which impairs or prevents the functions of the product. CXF-6189 Improve memory usage of UrlUtils

                • Major - Major loss of function.
                • Closed

                Bug - A problem which impairs or prevents the functions of the product. CXF-7015 Invalid URL encoding causes error 500

                • Major - Major loss of function.
                • Closed
                links to

                Web Link GitHub Pull Request #201

                  Activity

                    People

                    • Assignee:
                      sergey_beryozkin Sergey Beryozkin
                      Reporter:
                      michaelgrant Michael Grant
                    • Votes:
                      0 Vote for this issue
                      Watchers:
                      3 Start watching this issue

                      Dates

                      • Created:
                        Updated:
                        Resolved: