You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@struts.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2022/10/19 10:23:00 UTC

[jira] [Commented] (WW-3529) NamedVariablePatternMatcher does not properly escape characters

    [ https://issues.apache.org/jira/browse/WW-3529?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17620181#comment-17620181 ] 

ASF subversion and git services commented on WW-3529:
-----------------------------------------------------

Commit 993c4c4cab21ace8970d094da03291b21547ab83 in struts's branch refs/heads/WW-3529-named-pattern from Lukasz Lenart
[ https://gitbox.apache.org/repos/asf?p=struts.git;h=993c4c4ca ]

WW-3529 Fixes using RegEx related characters in named pattern


> NamedVariablePatternMatcher does not properly escape characters
> ---------------------------------------------------------------
>
>                 Key: WW-3529
>                 URL: https://issues.apache.org/jira/browse/WW-3529
>             Project: Struts 2
>          Issue Type: Bug
>          Components: Other
>    Affects Versions: 2.2.1
>            Reporter: Richard Vermillion
>            Priority: Major
>             Fix For: 6.1.0
>
>         Attachments: NamedVariablePatternMatcher.patch
>
>
> The {{com.opensymphony.xwork2.util.NamedVariablePatternMatcher}} class has a bug in the {{compilePattern(String)}} method. The purpose of the method is to compile patterns such as {{"action/\{foo}"}} to a regular expression Pattern and extract the variable names that match each group in the regex. In the example given and the 2.2.1 code base, the pattern will be compiled as {{{}"action/([^/]+)"{}}}. However, if the pattern includes characters that have special meaning to Java's regular expression engine, they are currently not being escaped.
> For example, the pattern {{"action.\{format}"}} is being compiled to {{"action.([^/]{+})"{+}}} which correctly matches {{"action.html"}} but also {{"actionK.html"}} or any other character because the {{'.'}} is not escaped. The bug really bites when a pattern like {{"\{name}.\{format}"}} is used. This will be compiled to {{"([^/]).([^/]+)"}} which will match {{"cars.html"}} but not the way you expect. Because of greediness, it will set {{name = "cars.ht"}} and {{{}format = "l"{}}}.
> I will submit a patch to fix this behavior on the next screen.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)