[WW-4146] cache attack at OgnlUtil.expressions - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 2.3.15.1
Fix Version/s: 2.3.20
Component/s: Expression Language
Labels:
None

Description

in class com.opensymphony.xwork2.ognl.OgnlUtil, code :

tree = expressions.get(expression);
if (tree == null) {
	tree = Ognl.parseExpression(expression);
	expressions.putIfAbsent(expression, tree);
}

every parameter in the request cached in field expressions which is an instances of ConcurrentMap<String, Object>, use parameterName as key. so i construct huge different parameters that has different name (like "abc[123], abc[124]" ), they all cached in expressions, this cause outofmemory error, and let map acted like a list .

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

WW-4146.patch
24/Jul/13 15:16
12 kB
Maurizio Cucchiara

Activity

People

Assignee:: Lukasz Lenart

Reporter:: bruce liu

Votes:: 0 Vote for this issue

Watchers:: 8 Start watching this issue

Dates

Created:: 19/Jul/13 08:23

Updated:: 13/Jan/15 11:58

Resolved:: 18/Jun/14 08:33