>Number: 2922
>Category: mod_jserv
>Synopsis: JServ request crash with GET parameter %
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: jserv
>State: open
>Class: sw-bug
>Submitter-Id: apache
>Arrival-Date: Fri Aug 28 13:30:01 PDT 1998
>Last-Modified:
>Originator: [EMAIL PROTECTED]
>Organization:
apache
>Release: 1.2.6
>Environment:
Apache 1.2.6, GCC 2.8.1, HP/UX 10.20, JServ 0.9.11
>Description:
When passing a parameter to a JServ-managed page via GET,
with the parameter having the value %
as in, priority=%
JServ sends no output to browser, and logs the following:
java.lang.StringIndexOutOfBoundsException: String index out of range: 3
at java.lang.String.substring(Compiled Code)
at javax.servlet.http.HttpUtils.parseName(Compiled Code)
at javax.servlet.http.HttpUtils.parseQueryString(Compiled Code)
at org.apache.jserv.JServServletManager.getUrlSessionId(JServServletMana
ger.java:592)
at org.apache.jserv.JServConnection.run(JServConnection.java:287)
>How-To-Repeat:
Create form with an element sending % as value,
and GET a page through JServ.
>Fix:
Not at this time.
>Audit-Trail:
>Unformatted:
[In order for any reply to be added to the PR database, ]
[you need to include <[EMAIL PROTECTED]> in the Cc line ]
[and leave the subject line UNCHANGED. This is not done]
[automatically because of the potential for mail loops. ]
[If you do not include this Cc, your reply may be ig- ]
[nored unless you are responding to an explicit request ]
[from a developer. ]
[Reply only with text; DO NOT SEND ATTACHMENTS! ]
