You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sling.apache.org by "Radu Cotescu (Jira)" <ji...@apache.org> on 2020/08/04 12:36:00 UTC
[jira] [Closed] (SLING-9613) java.lang.StackOverflowError in
XSSFilterImpl.filter for long URLs
[ https://issues.apache.org/jira/browse/SLING-9613?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Radu Cotescu closed SLING-9613.
-------------------------------
> java.lang.StackOverflowError in XSSFilterImpl.filter for long URLs
> ------------------------------------------------------------------
>
> Key: SLING-9613
> URL: https://issues.apache.org/jira/browse/SLING-9613
> Project: Sling
> Issue Type: Bug
> Components: XSS Protection API
> Affects Versions: XSS Protection API 2.0.8, XSS Protection API 2.1.0, XSS Protection API 2.2.0
> Reporter: Radu Cotescu
> Assignee: Radu Cotescu
> Priority: Major
> Fix For: XSS Protection API 2.2.6
>
>
> Attempting to filter the following HTML snippet results in a {{StackOverflowError}}:
> {code:html}
> <a href="https://google.com/t/r/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"> Click here to access replay webcast</a>
> {code}
> {code:java}
> java.lang.StackOverflowError
> at java.base/java.util.regex.Pattern$CharProperty.match(Pattern.java:3939)
> at java.base/java.util.regex.Pattern$GroupHead.match(Pattern.java:4804)
> at java.base/java.util.regex.Pattern$Branch.match(Pattern.java:4749)
> at java.base/java.util.regex.Pattern$GroupHead.match(Pattern.java:4804)
> at java.base/java.util.regex.Pattern$Loop.match(Pattern.java:4941)
> at java.base/java.util.regex.Pattern$GroupTail.match(Pattern.java:4863)
> at java.base/java.util.regex.Pattern$BranchConn.match(Pattern.java:4713)
> at java.base/java.util.regex.Pattern$BmpCharProperty.match(Pattern.java:3964)
> at java.base/java.util.regex.Pattern$BmpCharProperty.match(Pattern.java:3964)
> at java.base/java.util.regex.Pattern$BmpCharProperty.match(Pattern.java:3964)
> at java.base/java.util.regex.Pattern$Branch.match(Pattern.java:4749)
> at java.base/java.util.regex.Pattern$GroupHead.match(Pattern.java:4804)
> at java.base/java.util.regex.Pattern$Loop.match(Pattern.java:4941)
> at java.base/java.util.regex.Pattern$GroupTail.match(Pattern.java:4863)
> at java.base/java.util.regex.Pattern$BranchConn.match(Pattern.java:4713)
> at java.base/java.util.regex.Pattern$GroupTail.match(Pattern.java:4863)
> at java.base/java.util.regex.Pattern$CharPropertyGreedy.match(Pattern.java:4306)
> at java.base/java.util.regex.Pattern$CharProperty.match(Pattern.java:3940)
> at java.base/java.util.regex.Pattern$GroupHead.match(Pattern.java:4804)
> at java.base/java.util.regex.Pattern$Branch.match(Pattern.java:4749)
> at java.base/java.util.regex.Pattern$GroupHead.match(Pattern.java:4804)
> ...
> {code}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)