axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andreas Veithen (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (AXIS2-5125) JSONOMBuilder drives system to an indefinite loop
Date Wed, 14 Nov 2012 17:04:14 GMT

     [ https://issues.apache.org/jira/browse/AXIS2-5125?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Andreas Veithen updated AXIS2-5125:
-----------------------------------

    Fix Version/s: 1.6.3
    
> JSONOMBuilder drives system to an indefinite loop
> -------------------------------------------------
>
>                 Key: AXIS2-5125
>                 URL: https://issues.apache.org/jira/browse/AXIS2-5125
>             Project: Axis2
>          Issue Type: Bug
>          Components: json
>    Affects Versions: 1.5.5
>         Environment: Mac OS X 10.6.8, JVM 1.6.0_26
>            Reporter: Han Gun
>            Assignee: Shameera Rathnayaka
>            Priority: Critical
>              Labels: axis2, json
>             Fix For: 1.7.0, 1.6.3
>
>         Attachments: Client.java, jsonEmptyStringInfiniteLoop.patch, JsonInfinteLoop&JSONOMBuilderTest.patch,
JsonService.java, services.xml
>
>
> processDocument method in JSONOMBuilder has the following loop:
> char temp = inputStream.read();
> while (temp != ':') {
> ...             
> }
> This will lead to an indefinite loop in case a non-json or empty json {} payload is posted
to the servlet. Actually any payload without colon character ':' should reproduce the same
problem.
> I fixed it by changing the variable type temp into int and checking if the stream has
more elements as a guard condition.
> int temp = inputStream.read();
>             while (temp > -1 && temp != ':') {
>                 if (temp != ' ' && temp != '{') {
>                     localName += (char)temp;
>                 }
>                 temp = inputStream.read();
>             }

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org


Mime
View raw message