[jira] [Updated] (CXF-7802) URI query parameter without value causing crash

Mon, 23 Jul 2018 05:05:17 -0700 


     [ 
https://issues.apache.org/jira/browse/CXF-7802?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated CXF-7802:
-------------------------------------
    Fix Version/s: 3.2.6

> URI query parameter without value causing crash
> -----------------------------------------------
>
>                 Key: CXF-7802
>                 URL: https://issues.apache.org/jira/browse/CXF-7802
>             Project: CXF
>          Issue Type: Bug
>          Components: JAX-RS
>    Affects Versions: 3.2.5
>         Environment: Mac OS X 10.13.6 (17G65)
> Tomcat 9.0.4
> JDK 8
>            Reporter: Thomas Iguchi
>            Assignee: Colm O hEigeartaigh
>            Priority: Major
>             Fix For: 3.2.6
>
>
> h2. Problem
> When sending a request with a mapped query parameter name without value 
> Apache CXF crashes with an IllegalArgumentException when the endpoint method 
> gets invoked. This happens with primitive type endpoint method arguments 
> mapped to a query parameter.
> h2. Example Code
>  
> {code:java}
> @GET
> @Produces(MediaType.APPLICATION_JSON)
> @Path("/admin/roles")
> public Stream<Role> searchRoles(@QueryParam("search") String search, 
> @QueryParam("page") @DefaultValue("1") int page, @QueryParam("limit") 
> @DefaultValue("30") short limit) throws SqlException {
>     ...do something...
> }
> {code}
>  
> h2. Web Request
> Following request containing the query parameter without value triggers the 
> exception
>  
> {code:java}
> GET /admin/roles?page {code}
>  
> h2. Exception 
> {code:java}
> java.lang.IllegalArgumentException: null
> at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native 
> Method)
> at 
> java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> at 
> java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.base/java.lang.reflect.Method.invoke(Method.java:564)
> at 
> org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:179)
> at 
> org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:96)
> at 
> org.apache.cxf.jaxrs.validation.JAXRSBeanValidationInvoker.invoke(JAXRSBeanValidationInvoker.java:51)
> at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:192)
> at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:103)
> at 
> org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:59)
> at 
> org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:96)
> at 
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308)
> at 
> org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
> at 
> org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:267)
> at 
> org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:234)
> at 
> org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:208)
> at 
> org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:160)
> at 
> org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:216)
> at 
> org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:301)
> at 
> org.apache.cxf.transport.servlet.AbstractHTTPServlet.doGet(AbstractHTTPServlet.java:225)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:634)
> at 
> org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:276)
> at 
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
> at 
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
> at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
> at 
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
> at 
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
> at 
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)
> at 
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
> at 
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502)
> at 
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)
> at 
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
> at 
> org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:651)
> at 
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
> at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
> at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:417)
> at 
> org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
> at 
> org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:754)
> at 
> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1376)
> at 
> org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
> at 
> java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1167)
> at 
> java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:641)
> at 
> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
> at java.base/java.lang.Thread.run(Thread.java:844)
> {code}
> h2. Expected Behavior
> I'm not sure what the JAX-RS standard says but I would assume that the 
> @DefaultValue annotation should be taken into account for such a scenario 
> when a query parameter without value is passed in. At least the request 
> router should not crash with an IllegalArgumentException and use the Java 
> default value for primitive types instead of trying to assign null.
>  
> My main problem is that @DefaultValue seems to be ignored when such a request 
> is passed in. This is evident when the argument type is an object type such 
> as String. Instead of using the declared default value the request router 
> passes in null instead.
> The default value only appears to be evaluated if the query parameter name is 
> undefined in the URI query parameters string. 
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to