You are viewing a plain text version of this content. The canonical link for it is here.

Posted to java-dev@axis.apache.org by "Shameera Rathnayaka (Updated) (JIRA)" <ji...@apache.org> on 2012/01/20 20:14:41 UTC

[jira] [Updated] (AXIS2-5125) JSONOMBuilder drives system to an indefinite loop

     [ https://issues.apache.org/jira/browse/AXIS2-5125?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Shameera Rathnayaka updated AXIS2-5125:
---------------------------------------

    Attachment: jsonEmptyStringInfiniteLoop.patch

Hi devs , 
I have fixed this issue for current trunk. You can find patch with this. Please verify and commit it. 

Thanks 
Shameera
                
> JSONOMBuilder drives system to an indefinite loop
> -------------------------------------------------
>
>                 Key: AXIS2-5125
>                 URL: https://issues.apache.org/jira/browse/AXIS2-5125
>             Project: Axis2
>          Issue Type: Bug
>          Components: json
>    Affects Versions: 1.5.5
>         Environment: Mac OS X 10.6.8, JVM 1.6.0_26
>            Reporter: Han Gun
>            Priority: Critical
>              Labels: axis2, json
>         Attachments: Client.java, JsonService.java, jsonEmptyStringInfiniteLoop.patch, services.xml
>
>
> processDocument method in JSONOMBuilder has the following loop:
> char temp = inputStream.read();
> while (temp != ':') {
> ...             
> }
> This will lead to an indefinite loop in case a non-json or empty json {} payload is posted to the servlet. Actually any payload without colon character ':' should reproduce the same problem.
> I fixed it by changing the variable type temp into int and checking if the stream has more elements as a guard condition.
> int temp = inputStream.read();
>             while (temp > -1 && temp != ':') {
>                 if (temp != ' ' && temp != '{') {
>                     localName += (char)temp;
>                 }
>                 temp = inputStream.read();
>             }

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org