You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by Tim Funk <fu...@joedog.org> on 2003/08/31 17:14:23 UTC
[5] Infinite loop potential in processing error in StandardWrapperValve.java
??
When I added the code to use PropertyUtils.getProperty in determining the
root cause, I noticed it can cause an infinite loop.
// Extra aggressive rootCause finding
do {
try {
rootCauseCheck = (Throwable)PropertyUtils.getProperty
(rootCause, "rootCause");
if (rootCauseCheck!=null)
rootCause = rootCauseCheck;
} catch (...) {
rootCauseCheck = null;
}
} while (rootCauseCheck != null);
------------------------------------------
If we have a malicious user who does this:
{
...
ServletException e = new ServletException();
throw new ServletException(e);
}
We can get a non-recursive infinite loop in the error handling logic.
Is this a cause for concern? I would guess so in shared environments but this
is not a problem in tightly controlled (enterprise/private) environments.
Comments?
-Tim
Re: [5] Infinite loop potential in processing error in StandardWrapperValve.java
??
Posted by Remy Maucherat <re...@apache.org>.
Tim Funk wrote:
> When I added the code to use PropertyUtils.getProperty in determining
> the root cause, I noticed it can cause an infinite loop.
>
> // Extra aggressive rootCause finding
> do {
> try {
> rootCauseCheck = (Throwable)PropertyUtils.getProperty
> (rootCause, "rootCause");
> if (rootCauseCheck!=null)
> rootCause = rootCauseCheck;
>
> } catch (...) {
> rootCauseCheck = null;
> }
> } while (rootCauseCheck != null);
>
> ------------------------------------------
> If we have a malicious user who does this:
> {
> ...
> ServletException e = new ServletException();
> throw new ServletException(e);
> }
>
> We can get a non-recursive infinite loop in the error handling logic.
>
>
> Is this a cause for concern? I would guess so in shared environments but
> this is not a problem in tightly controlled (enterprise/private)
> environments.
>
> Comments?
Yes, well, I had seen that flaw in the code. However, if there's a
"malicious" user out there, he can just add while (true) {
doSomethingStupid(); } in his code ;-) So I chose not to care about it.
Anyway, +1 to add a max recursion int (there are a few places that use
this type of code).
Remy