Marcos Rivas created CXF-8217:
---------------------------------
Summary: StackOverflow if double quotes present
Key: CXF-8217
URL: https://issues.apache.org/jira/browse/CXF-8217
Project: CXF
Issue Type: Bug
Components: Core
Affects Versions: 3.2.7
Reporter: Marcos Rivas
When a double quote is present in a HTTP header, a StackOverflow is thrown by
CXF.
If this header is passed:
{code:java}
Forwarded=[for=192.168.0.1;host=localhost;proto=http;proto-version=""],{code}
It will cause a StackOverflow error:
{code:java}
08:14:03.035 [XNIO-2 task-2] WARN o.a.cxf.phase.PhaseInterceptorChain -
Interceptor for
{http://www.mytest.com/services/business/logOn/v1}logOnServicePortService#{http://www.mytest.com/services/business/logOn/v1}logOnService
has thrown exception, unwinding now08:14:03.035 [XNIO-2 task-2] WARN
o.a.cxf.phase.PhaseInterceptorChain - Interceptor for
{http://www.mytest.com/services/business/logOn/v1}logOnServicePortService#{http://www.mytest.com/services/business/logOn/v1}logOnService
has thrown exception, unwinding noworg.apache.cxf.interceptor.Fault: null at
org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:144)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308)
at
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
at
org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:267)
at
org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:234)
at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:208)
at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:160)
at
org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:216)
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:301)
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:220)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:706) at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:276)
at
io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:74)
at
io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129)
at
org.springframework.boot.web.filter.ApplicationContextHeaderFilter.doFilterInternal(ApplicationContextHeaderFilter.java:55)
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) at
io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
at
org.springframework.boot.actuate.trace.WebRequestTraceFilter.doFilterInternal(WebRequestTraceFilter.java:111)
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) at
io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
at
org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99)
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) at
io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
at
org.springframework.web.filter.HttpPutFormContentFilter.doFilterInternal(HttpPutFormContentFilter.java:109)
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) at
io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
at
org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:93)
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) at
io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
at
org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:197)
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) at
io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
at
org.springframework.boot.actuate.autoconfigure.MetricsFilter.doFilterInternal(MetricsFilter.java:103)
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) at
io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
at
io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
at
io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
at
io.undertow.servlet.handlers.ServletChain$1.handleRequest(ServletChain.java:68)
at
io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
at
io.undertow.servlet.handlers.RedirectDirHandler.handleRequest(RedirectDirHandler.java:68)
at
io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:132)
at
io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at
io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
at
io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
at
io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
at
io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
at
io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at
io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:269)
at
io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:78)
at
io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:133)
at
io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:130)
at
io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
at
io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
at
io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:249)
at
io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:78)
at
io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:99)
at io.undertow.server.Connectors.executeRootHandler(Connectors.java:376) at
io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:830) at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)Caused by:
java.lang.StackOverflowError: null at
java.util.regex.Pattern$LazyLoop.match(Pattern.java:4857) at
java.util.regex.Pattern$GroupTail.match(Pattern.java:4731) at
java.util.regex.Pattern$BranchConn.match(Pattern.java:4582) at
java.util.regex.Pattern$CharProperty.match(Pattern.java:3791) at
java.util.regex.Pattern$Branch.match(Pattern.java:4618) at
java.util.regex.Pattern$GroupHead.match(Pattern.java:4672) at
java.util.regex.Pattern$LazyLoop.match(Pattern.java:4861) at
java.util.regex.Pattern$GroupTail.match(Pattern.java:4731) at
java.util.regex.Pattern$BranchConn.match(Pattern.java:4582) at
java.util.regex.Pattern$CharProperty.match(Pattern.java:3791) at
java.util.regex.Pattern$Branch.match(Pattern.java:4618) at
java.util.regex.Pattern$GroupHead.match(Pattern.java:4672) at
java.util.regex.Pattern$LazyLoop.match(Pattern.java:4861) at
java.util.regex.Pattern$GroupTail.match(Pattern.java:4731) at
java.util.regex.Pattern$BranchConn.match(Pattern.java:4582) at
java.util.regex.Pattern$CharProperty.match(Pattern.java:3791) at
java.util.regex.Pattern$Branch.match(Pattern.java:4618) at
java.util.regex.Pattern$GroupHead.match(Pattern.java:4672) at
java.util.regex.Pattern$LazyLoop.match(Pattern.java:4861) at
java.util.regex.Pattern$GroupTail.match(Pattern.java:4731) at
java.util.regex.Pattern$BranchConn.match(Pattern.java:4582) at
java.util.regex.Pattern$CharProperty.match(Pattern.java:3791) at
java.util.regex.Pattern$Branch.match(Pattern.java:4618) at
java.util.regex.Pattern$GroupHead.match(Pattern.java:4672) at
java.util.regex.Pattern$LazyLoop.match(Pattern.java:4861) at
java.util.regex.Pattern$GroupTail.match(Pattern.java:4731) at
java.util.regex.Pattern$BranchConn.match(Pattern.java:4582) at
java.util.regex.Pattern$CharProperty.match(Pattern.java:3791)
{code}
If the header is passed without double quotes:
{code:java}
Forwarded=[for=192.168.0.1;host=localhost;proto=http;proto-version=],{code}
The service works correctly.
This issue is caused by the bug in the Openshift router
[#8|[https://github.com/openshift/router/pull/8]], however the presence of
double quotes should not cause a StackOverfow error.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
