You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Sanjay Patel (JIRA)" <ji...@apache.org> on 2016/08/19 10:46:20 UTC

[jira] [Created] (CXF-7015) Invalid URL encoding causes error 500

Sanjay Patel created CXF-7015:
---------------------------------

             Summary: Invalid URL encoding causes error 500
                 Key: CXF-7015
                 URL: https://issues.apache.org/jira/browse/CXF-7015
             Project: CXF
          Issue Type: Bug
          Components: JAX-RS
    Affects Versions: 3.0.4
            Reporter: Sanjay Patel


When using Apache CXF JAX RS Client 3.0.3
We would get a 400 Response with URLDecoder: Incomplete trailing escape (%) pattern.

Using Apache CXF JAX RS Client 3.0.4 and above we see the below issue.

If we make a request using JAX RS to Spring with an invalid URL encoding, such as %3, we are getting a 500 Response, and an BufferUnderflowException. As seen below.

{code}
java.nio.BufferUnderflowException at java.nio.Buffer.nextGetIndex(Buffer.java:500) at java.nio.HeapByteBuffer.get(HeapByteBuffer.java:135) at org.apache.cxf.common.util.UrlUtils.urlDecode(UrlUtils.java:96) at org.apache.cxf.common.util.UrlUtils.urlDecode(UrlUtils.java:67) at org.apache.cxf.common.util.UrlUtils.urlDecode(UrlUtils.java:122) at org.apache.cxf.jaxrs.utils.HttpUtils.urlDecode(HttpUtils.java:97) at org.apache.cxf.jaxrs.utils.JAXRSUtils.getStructuredParams(JAXRSUtils.java:1262) at org.apache.cxf.jaxrs.utils.JAXRSUtils.getStructuredParams(JAXRSUtils.java:1236) at org.apache.cxf.jaxrs.impl.UriInfoImpl.getQueryParameters(UriInfoImpl.java:115) at org.apache.cxf.jaxrs.impl.UriInfoImpl.getQueryParameters(UriInfoImpl.java:109) at org.apache.cxf.jaxrs.impl.RequestPreprocessor.preprocess(RequestPreprocessor.java:74) at org.apache.cxf.jaxrs.interceptor.JAXRSInInterceptor.processRequest(JAXRSInInterceptor.java:102) at org.apache.cxf.jaxrs.interceptor.JAXRSInInterceptor.handleMessage(JAXRSInInterceptor.java:77) at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308) at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121) at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:254) at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:234) at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:208) at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:160) at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:180) at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:298) at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doGet(AbstractHTTPServlet.java:222) at javax.servlet.http.HttpServlet.service(HttpServlet.java:622) at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:273) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:292) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79) at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:616) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:528) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1099) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:672) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1520) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1476) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:745)
{code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)