struts-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alex Kaiser (Jira)" <j...@apache.org>
Subject [jira] [Comment Edited] (WW-5065) AbstractMatcher adds values to the map passed into replaceParameters
Date Wed, 08 Apr 2020 18:59:00 GMT

    [ https://issues.apache.org/jira/browse/WW-5065?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17078600#comment-17078600
] 

Alex Kaiser edited comment on WW-5065 at 4/8/20, 6:58 PM:
----------------------------------------------------------

Submitted a PR for this but I did notice two things.

1. This is only an issue if you use:
{code:java}
 <constant name="struts.patternMatcher" value="namedVariable"/>{code}
or
{code:java}
<constant name="struts.patternMatcher" value="regex"/>{code}
 
2. There is a possibility that this "bug" is being used as a "feature".  If you have the
following definition in your struts.xml file:
{code:java}
<package name="test" namespace="/test">
  <action name="\{bufferSize}/\{paramTwo} class="org.MyActionClass" method="execute">
    <result name="success" type="stream">
      <param name="inputName">random</param>
    </result>
  </action>
</package>{code}
Then this would allow you to set the bufferSize on the StreamResult object being returned
by just changing the URL request.  So a request to "/test/64/dos" would call setBufferSize(64)
on the StreamResult.  Not sure if this is intended or desired behavior, but my PR will break
that.{{}}


was (Author: alextkaiser):
Submitted a PR for this but I did notice two things.

1. This is only an issue if you use:
 <constant name="struts.patternMatcher" value="namedVariable"/>or
<constant name="struts.patternMatcher" value="regex"/>
 
2. There is a possibility that this "bug" is being used as a "feature".  If you have the
following definition in your struts.xml file:
<package name="test" namespace="/test">
  <action name="\{bufferSize}/\{paramTwo} class="org.MyActionClass" method="execute">
    <result name="success" type="stream">
      <param name="inputName">random</param>
    </result>
  </action>
</package>
Then this would allow you to set the bufferSize on the StreamResult object being returned
by just changing the URL request.  So a request to "/test/64/dos" would call setBufferSize(64)
on the StreamResult.  Not sure if this is intended or desired behavior, but my PR will break
that.{{}}

> AbstractMatcher adds values to the map passed into replaceParameters
> --------------------------------------------------------------------
>
>                 Key: WW-5065
>                 URL: https://issues.apache.org/jira/browse/WW-5065
>             Project: Struts 2
>          Issue Type: Bug
>    Affects Versions: 2.5.22
>            Reporter: Alex Kaiser
>            Priority: Minor
>             Fix For: 2.5.23, 2.6
>
>
> There is a bug with the AbstractMatcher#replaceParameters method in struts/core/src/main/java/com/opensymphony/xwork2/config/impl/AbstractMatcher.java
(currently lines 153-170). As the function currently works it will return a map that has more
keys than the "orig" map that is passed into it. For example, assume that I have the following
config defined in my struts.xml file:
> {code:java}
> <package name="test" namespace="/test">
>   <action name="{paramOne}/{paramTwo} class="org.MyActionClass" method="execute">
>     <result name="success" type="stream">
>       <param name="inputName">random</param>
>     </result>
>   </action>
> </package>{code}
> If you send a request to "/test/uno/dos", this will trigger code in ActionConfigMatcher
(lines 95-103) that will construct the ResultConfig objects to be used later on. At one point
you are going to be making a call to AbstractMatcher#replaceParameters with something that
looks like the following:
> orig:
>    "inputName" -> "random"
> vars:
>    "0" -> "uno/dos"
>    "paramOne" -> "uno"
>    "1" -> "uno"
>    "paramTwo" -> "dos"
>    "2" -> "dos"
> The result of this will be a map that looks like:
>    "inputName" -> "random"
>    "paramOne" -> "uno"
>    "paramTwo" -> "dos"
> The bug is that "paramOne" and "paramTwo" should not be in the return map.
> For the most part this but won't cause any problems but it will cause some performance
problems in certain situations when trying to set these parameters on the results objects
that aren't expecting them.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Mime
View raw message