[
https://issues.apache.org/jira/browse/JCR-3235?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Marcel Reutegger closed JCR-3235.
---------------------------------
> ArrayIndexOfOufBounds in TargetImportHandler$BufferedStringValue.append()
> -------------------------------------------------------------------------
>
> Key: JCR-3235
> URL: https://issues.apache.org/jira/browse/JCR-3235
> Project: Jackrabbit Content Repository
> Issue Type: Bug
> Components: jackrabbit-jcr2spi
> Affects Versions: 2.2.10, 2.4
> Reporter: Ingomar Otter
> Assignee: Claus Köll
> Labels: buffer-length
> Fix For: 2.6.6, 2.9
>
>
> I've encountered an ArrayIndexOutOfBounds in 2.2.10 when using
> Session.importXML of larger documents.
> It appears that buffer size calculation is wrong. That error should exist
> also in trunk and 2.4.0 as well.
> The problem seems to occur in
> TargetImportHandler$BufferedStringValue.append()
> when the string to append exceeds the existing buffer by more than
> BUFFER_INCREMENT characters as the buffer is only incremented by
> BUFFER_INCREMENT chars no matter how big the string to append really is.
> Afaik, the length of the destination buffer needs to be at least bufferPos
> (existing content) + length (as passed in).
> In my example is saw 15854 (bufferPos) and 16384 (length param to append())
> requiring at least 15854+ 16384=32238 bytes.
> In that case the existing buffer was 16384 and the new buffer is
> 16384+BUFFER_INCREMENT=16384+8192 = 24576.
> 32238 > 24576 => ArrayIndexOutOfBounds exception.
> Fix: I think the resizing of the buffer should observe the length.
> Today: new size = old size + BUFFER_INCREMENT
> New: new size = bufferPos + length
> and if one would like to avoid future copies on small appends even
> new size = bufferPos + length + BUFFER_INCREMENT
> So instead of
> char[] newBuffer = new char[buffer.length + BUFFER_INCREMENT];
> I changed it to
> char[] newBuffer = new char[ bufferPos +length + BUFFER_INCREMENT];
> This is line 326 of
> jackrabbit-jcr2spi: org/apache/jackrabbit/jcr2spi/xml/TargetImportHandler.java
> For completeness this is the stack trace:
> java.lang.ArrayIndexOutOfBoundsException: null
> at java.lang.System.arraycopy(Native Method) ~[na:1.7.0_04-ea]
> at
> org.apache.jackrabbit.jcr2spi.xml.TargetImportHandler$BufferedStringValue.append(TargetImportHandler.java:330)
> ~[jackrabbit-jcr2spi-2.2.10.jar:na]
> at
> org.apache.jackrabbit.jcr2spi.xml.SysViewImportHandler.characters(SysViewImportHandler.java:204)
> ~[jackrabbit-jcr2spi-2.2.10.jar:na]
> at
> org.apache.jackrabbit.jcr2spi.xml.ImportHandler.characters(ImportHandler.java:262)
> ~[jackrabbit-jcr2spi-2.2.10.jar:na]
> at
> com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.characters(AbstractSAXParser.java:543)
> ~[na:1.7.0_04-ea]
> at
> com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:441)
> ~[na:1.7.0_04-ea]
> at
> com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:835)
> ~[na:1.7.0_04-ea]
> at
> com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:764)
> ~[na:1.7.0_04-ea]
> at
> com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:123)
> ~[na:1.7.0_04-ea]
> at
> com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse(AbstractSAXParser.java:1210)
> ~[na:1.7.0_04-ea]
> at
> com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl$JAXPSAXParser.parse(SAXParserImpl.java:568)
> ~[na:1.7.0_04-ea]
> at
> com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl.parse(SAXParserImpl.java:302)
> ~[na:1.7.0_04-ea]
> at org.apache.jackrabbit.jcr2spi.SessionImpl.importXML(SessionImpl.java:400)
> ~[jackrabbit-jcr2spi-2.2.10.jar:na]
> --Ingomar
--
This message was sent by Atlassian JIRA
(v6.2#6252)
