Uploaded image for project: 'DeltaSpike'
  1. DeltaSpike
  2. DELTASPIKE-828

Infinite recursive loop navigating through annoations

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 1.2.1
    • 1.3.0
    • JSF-Module
    • None
    • Irrelavant for this bug - Windows 7, maven 3.0.4 and eclipse as well

    Description

      Recursive algorithm under org.apache.deltaspike.security.impl.util.SecurityUtils.getAllAnnotations suffers from the potential of entering an infinite loop, as demonstrated in the following stack trace.

      In Our case, we have an annotation called Versionprops that is present in every class. The annotation is itself annotated with it.

      For example:
      @Target(

      { ElementType.TYPE, ElementType.PACKAGE }

      )
      @Retention(RetentionPolicy.RUNTIME)
      @Documented
      @Versionprops ( url = "javaDocURL)
      public @interface Versionprops {
      String url() default "htpp://whatever";
      }

      Here the cyclic recusion is obvious in a single class.
      More complicated scenarios could be if Annotaiton A uses annotation B.
      Annotation B uses annotation C and annotation C uses A again.
      Does not really matter, as long as their is a cycic annotation dependency it seems that the following algorithm will go to infinite loop.

      public static List<Annotation> getAllAnnotations(Annotation[] annotations)
      {
      List<Annotation> result = new ArrayList<Annotation>();

      String annotationName;
      for (Annotation annotation : annotations)
      {
      annotationName = annotation.annotationType().getName();
      if (annotationName.startsWith("java.") || annotationName.startsWith("javax."))

      { continue; }

      result.add(annotation);
      result.addAll(getAllAnnotations(annotation.annotationType().getAnnotations()));
      }

      return result;
      }

      Here is a slice of an infinite recursive stack.
      at org.apache.deltaspike.security.impl.util.SecurityUtils.getAllAnnotations(SecurityUtils.java:134)
      at org.apache.deltaspike.security.impl.util.SecurityUtils.getAllAnnotations(SecurityUtils.java:134)
      at org.apache.deltaspike.security.impl.util.SecurityUtils.getAllAnnotations(SecurityUtils.java:134)
      at org.apache.deltaspike.security.impl.util.SecurityUtils.getAllAnnotations(SecurityUtils.java:134)
      at org.apache.deltaspike.security.impl.util.SecurityUtils.getAllAnnotations(SecurityUtils.java:134)
      at org.apache.deltaspike.security.impl.util.SecurityUtils.getAllAnnotations(SecurityUtils.java:134)
      at org.apache.deltaspike.security.impl.util.SecurityUtils.getAllAnnotations(SecurityUtils.java:134)
      at org.apache.deltaspike.security.impl.util.SecurityUtils.getAllAnnotations(SecurityUtils.java:134)
      at org.apache.deltaspike.security.impl.util.SecurityUtils.getAllAnnotations(SecurityUtils.java:134)
      at org.apache.deltaspike.security.impl.util.SecurityUtils.getAllAnnotations(SecurityUtils.java:134)
      at org.apache.deltaspike.security.impl.util.SecurityUtils.getAllAnnotations(SecurityUtils.java:134)
      at org.apache.deltaspike.security.impl.util.SecurityUtils.getAllAnnotations(SecurityUtils.java:134)
      at org.apache.deltaspike.security.impl.util.SecurityUtils.getAllAnnotations(SecurityUtils.java:134)
      at org.apache.deltaspike.security.impl.util.SecurityUtils.getAllAnnotations(SecurityUtils.java:134)
      at org.apache.deltaspike.security.impl.util.SecurityUtils.getAllAnnotations(SecurityUtils.java:134)
      at org.apache.deltaspike.security.impl.util.SecurityUtils.getAllAnnotations(SecurityUtils.java:134)
      at org.apache.deltaspike.security.impl.util.SecurityUtils.getAllAnnotations(SecurityUtils.java:134)
      at org.apache.deltaspike.security.impl.util.SecurityUtils.getAllAnnotations(SecurityUtils.java:134)
      at org.apache.deltaspike.security.impl.util.SecurityUtils.getAllAnnotations(SecurityUtils.java:134)

      at org.jboss.weld.bootstrap.events.AbstractDefinitionContainerEvent.fire(AbstractDefinitionContainerEvent.java:40)
      at org.jboss.weld.bootstrap.events.ProcessAnnotatedTypeImpl.fire(ProcessAnnotatedTypeImpl.java:41)
      at org.jboss.weld.bootstrap.BeanDeployer.addClass(BeanDeployer.java:81)
      at org.jboss.weld.bootstrap.BeanDeployer.addClasses(BeanDeployer.java:135)
      at org.jboss.weld.bootstrap.BeanDeployment.createBeans(BeanDeployment.java:184)
      at org.jboss.weld.bootstrap.WeldBootstrap.deployBeans(WeldBootstrap.java:357)
      at org.jboss.weld.bootstrap.api.helpers.ForwardingBootstrap.deployBeans(ForwardingBootstrap.java:70)
      at org.jboss.weld.environment.se.Weld.initialize(Weld.java:137)
      at com.somePackage.test.WeldJUnit4Runner.<init>(WeldJUnit4Runner.java:70)
      at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
      at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
      at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
      at java.lang.reflect.Constructor.newInstance(Constructor.java:526)
      at org.junit.internal.builders.AnnotatedBuilder.buildRunner(AnnotatedBuilder.java:31)
      at org.junit.internal.builders.AnnotatedBuilder.runnerForClass(AnnotatedBuilder.java:24)
      at org.junit.runners.model.RunnerBuilder.safeRunnerForClass(RunnerBuilder.java:57)
      at org.junit.internal.builders.AllDefaultPossibilitiesBuilder.runnerForClass(AllDefaultPossibilitiesBuilder.java:29)
      at org.junit.runners.model.RunnerBuilder.safeRunnerForClass(RunnerBuilder.java:57)
      at org.junit.internal.requests.ClassRequest.getRunner(ClassRequest.java:24)
      at org.apache.maven.surefire.junit4.JUnit4Provider.execute(JUnit4Provider.java:250)
      at org.apache.maven.surefire.junit4.JUnit4Provider.executeTestSet(JUnit4Provider.java:141)
      at org.apache.maven.surefire.junit4.JUnit4Provider.invoke(JUnit4Provider.java:112)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      at java.lang.reflect.Method.invoke(Method.java:606)
      at org.apache.maven.surefire.util.ReflectionUtils.invokeMethodWithArray(ReflectionUtils.java:189)
      at org.apache.maven.surefire.booter.ProviderFactory$ProviderProxy.invoke(ProviderFactory.java:165)
      at org.apache.maven.surefire.booter.ProviderFactory.invokeProvider(ProviderFactory.java:85)
      at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:115)
      at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:75)

      Attachments

        Activity

          People

            gpetracek Gerhard Petracek
            ngdem Nuno G. de M
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: