[
http://jira.magnolia-cms.com/browse/MGNLCMNT-70?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jan Haderka reopened MGNLCMNT-70:
---------------------------------
Did you check saving params for XSS vulnerability when fixing this ? If yes,
you can close the issue. Thx.
> In the "Comments" module, you can get a null pointer exception when users
> enter only whitespace characters for a comment
> ------------------------------------------------------------------------------------------------------------------------
>
> Key: MGNLCMNT-70
> URL: http://jira.magnolia-cms.com/browse/MGNLCMNT-70
> Project: Magnolia Commenting Module
> Issue Type: Bug
> Security Level: Public
> Affects Versions: 1.2.2
> Environment: Apache Tomcat/6.0.32
> Reporter: Jeff Grover
> Assignee: Roman Kovařík
> Priority: Minor
> Fix For: 1.2.3
>
>
> To duplicate the problem:
> 1. Add the comments module to a page
> 2. Activate changes and navigate to the page
> 3. Enter a "space" for the comment, then anything for name & e-mail
> 4. Press "Send" and see stack trace report:
> The stack trace is:
> type Rapport d'exception
> message
> description Le serveur a rencontré une erreur interne () qui l'a empêché de
> satisfaire la requête.
> exception
> java.lang.RuntimeException: java.lang.NullPointerException
>
> info.magnolia.module.cache.filter.CacheFilter.doFilter(CacheFilter.java:165)
>
> info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:61)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
>
> info.magnolia.cms.i18n.I18nContentSupportFilter.doFilter(I18nContentSupportFilter.java:76)
>
> info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
>
> info.magnolia.cms.filters.RangeSupportFilter.doFilter(RangeSupportFilter.java:86)
>
> info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
>
> info.magnolia.cms.security.BaseSecurityFilter.doFilter(BaseSecurityFilter.java:60)
>
> info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
>
> info.magnolia.cms.security.SecurityCallbackFilter.doFilter(SecurityCallbackFilter.java:86)
>
> info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:61)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
> info.magnolia.cms.security.LogoutFilter.doFilter(LogoutFilter.java:93)
>
> info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:61)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
>
> info.magnolia.module.templatingkit.filters.SiteMergeFilter.doFilter(SiteMergeFilter.java:99)
>
> info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
>
> info.magnolia.cms.filters.MultiChannelFilter.doFilter(MultiChannelFilter.java:83)
>
> info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:61)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
>
> info.magnolia.module.cache.filter.GZipFilter.doFilter(GZipFilter.java:75)
>
> info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:61)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:85)
>
> info.magnolia.cms.security.auth.login.LoginFilter.doFilter(LoginFilter.java:93)
>
> info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:85)
>
> info.magnolia.cms.filters.CosMultipartRequestFilter.doFilter(CosMultipartRequestFilter.java:87)
>
> info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:61)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
>
> info.magnolia.module.devicedetection.filter.DeviceDetectionFilter.doFilter(DeviceDetectionFilter.java:73)
>
> info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:61)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
>
> info.magnolia.cms.filters.ContentTypeFilter.doFilter(ContentTypeFilter.java:102)
>
> info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
> info.magnolia.cms.filters.ContextFilter.doFilter(ContextFilter.java:131)
>
> info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
>
> info.magnolia.cms.filters.CompositeFilter.doFilter(CompositeFilter.java:67)
>
> info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
>
> info.magnolia.cms.filters.SafeDestroyMgnlFilterWrapper.doFilter(SafeDestroyMgnlFilterWrapper.java:108)
>
> info.magnolia.cms.filters.MgnlFilterDispatcher.doDispatch(MgnlFilterDispatcher.java:67)
>
> info.magnolia.cms.filters.MgnlMainFilter.doFilter(MgnlMainFilter.java:108)
>
> info.magnolia.cms.filters.MgnlMainFilter.doFilter(MgnlMainFilter.java:94)
> cause mère
> java.lang.NullPointerException
>
> info.magnolia.module.commenting.frontend.action.PageComments.executeEarly(PageComments.java:131)
>
> info.magnolia.rendering.model.ModelExecutionFilter.doFilter(ModelExecutionFilter.java:143)
>
> info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:61)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
>
> info.magnolia.cms.filters.InterceptFilter.doFilter(InterceptFilter.java:130)
>
> info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
>
> info.magnolia.cms.filters.AggregatorFilter.doFilter(AggregatorFilter.java:105)
>
> info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
>
> info.magnolia.cms.security.BaseSecurityFilter.doFilter(BaseSecurityFilter.java:60)
>
> info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
>
> info.magnolia.cms.filters.RepositoryMappingFilter.doFilter(RepositoryMappingFilter.java:101)
>
> info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
>
> info.magnolia.cms.filters.CompositeFilter.doFilter(CompositeFilter.java:67)
>
> info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:77)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:85)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:85)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:85)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:85)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:85)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:85)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:85)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:85)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:85)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:85)
>
> info.magnolia.cms.filters.CompositeFilter.doFilter(CompositeFilter.java:67)
>
> info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
>
> info.magnolia.cms.filters.VirtualUriFilter.doFilter(VirtualUriFilter.java:70)
>
> info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
>
> info.magnolia.module.cache.executor.Bypass.processCacheRequest(Bypass.java:58)
>
> info.magnolia.module.cache.executor.CompositeExecutor.processCacheRequest(CompositeExecutor.java:66)
>
> info.magnolia.module.cache.filter.CacheFilter.doFilter(CacheFilter.java:153)
>
> info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:61)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
>
> info.magnolia.cms.i18n.I18nContentSupportFilter.doFilter(I18nContentSupportFilter.java:76)
>
> info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
>
> info.magnolia.cms.filters.RangeSupportFilter.doFilter(RangeSupportFilter.java:86)
>
> info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
>
> info.magnolia.cms.security.BaseSecurityFilter.doFilter(BaseSecurityFilter.java:60)
>
> info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
>
> info.magnolia.cms.security.SecurityCallbackFilter.doFilter(SecurityCallbackFilter.java:86)
>
> info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:61)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
> info.magnolia.cms.security.LogoutFilter.doFilter(LogoutFilter.java:93)
>
> info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:61)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
>
> info.magnolia.module.templatingkit.filters.SiteMergeFilter.doFilter(SiteMergeFilter.java:99)
>
> info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
>
> info.magnolia.cms.filters.MultiChannelFilter.doFilter(MultiChannelFilter.java:83)
>
> info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:61)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
>
> info.magnolia.module.cache.filter.GZipFilter.doFilter(GZipFilter.java:75)
>
> info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:61)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:85)
>
> info.magnolia.cms.security.auth.login.LoginFilter.doFilter(LoginFilter.java:93)
>
> info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:85)
>
> info.magnolia.cms.filters.CosMultipartRequestFilter.doFilter(CosMultipartRequestFilter.java:87)
>
> info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:61)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
>
> info.magnolia.module.devicedetection.filter.DeviceDetectionFilter.doFilter(DeviceDetectionFilter.java:73)
>
> info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:61)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
>
> info.magnolia.cms.filters.ContentTypeFilter.doFilter(ContentTypeFilter.java:102)
>
> info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
> info.magnolia.cms.filters.ContextFilter.doFilter(ContextFilter.java:131)
>
> info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
>
> info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
>
> info.magnolia.cms.filters.CompositeFilter.doFilter(CompositeFilter.java:67)
>
> info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
>
> info.magnolia.cms.filters.SafeDestroyMgnlFilterWrapper.doFilter(SafeDestroyMgnlFilterWrapper.java:108)
>
> info.magnolia.cms.filters.MgnlFilterDispatcher.doDispatch(MgnlFilterDispatcher.java:67)
>
> info.magnolia.cms.filters.MgnlMainFilter.doFilter(MgnlMainFilter.java:108)
>
> info.magnolia.cms.filters.MgnlMainFilter.doFilter(MgnlMainFilter.java:94)
> note La trace complète de la cause mère de cette erreur est disponible dans
> les fichiers journaux de Apache Tomcat/6.0.32.
> Apache Tomcat/6.0.32
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.magnolia-cms.com/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
----------------------------------------------------------------
For list details, see: http://www.magnolia-cms.com/community/mailing-lists.html
Alternatively, use our forums: http://forum.magnolia-cms.com/
To unsubscribe, E-mail to: <[email protected]>
----------------------------------------------------------------
