[
https://issues.apache.org/jira/browse/WW-4146?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13718186#comment-13718186
]
Maurizio Cucchiara commented on WW-4146:
----------------------------------------
-1
It reverses the whole architecture of Struts.
Struts needs to compile the expressions in order to resolve the target property
(f.e. expression like foo.name need to be converted in ChainExpression).
We could avoid to cache invalid expressions such that an eventual DOS attack
cannot overfill the memory.
WDYT?
> cache attack at OgnlUtil.expressions
> -------------------------------------
>
> Key: WW-4146
> URL: https://issues.apache.org/jira/browse/WW-4146
> Project: Struts 2
> Issue Type: Bug
> Components: Expression Language
> Affects Versions: 2.3.15.1
> Reporter: bruce liu
> Fix For: 2.3.17
>
>
> in class com.opensymphony.xwork2.ognl.OgnlUtil, code :
> {code:java}
> tree = expressions.get(expression);
> if (tree == null) {
> tree = Ognl.parseExpression(expression);
> expressions.putIfAbsent(expression, tree);
> }
> {code}
> every parameter in the request cached in field expressions which is an
> instances of ConcurrentMap<String, Object>, use parameterName as key. so i
> construct huge different parameters that has different name (like "abc[123],
> abc[124]" ), they all cached in expressions, this cause outofmemory error,
> and let map acted like a list .
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
