You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@sling.apache.org by "Carsten Ziegeler (JIRA)" <ji...@apache.org> on 2019/08/08 11:00:00 UTC

[jira] [Updated] (SLING-8622) Incorrect OSGi configuration ID leads to StringIndexOutOfBoundException

     [ https://issues.apache.org/jira/browse/SLING-8622?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Carsten Ziegeler updated SLING-8622:
------------------------------------
    Fix Version/s: Installer Configuration Factory 1.2.6

> Incorrect OSGi configuration ID leads to StringIndexOutOfBoundException
> -----------------------------------------------------------------------
>
>                 Key: SLING-8622
>                 URL: https://issues.apache.org/jira/browse/SLING-8622
>             Project: Sling
>          Issue Type: Bug
>          Components: Installer
>    Affects Versions: Installer Configuration Factory 1.2.4
>            Reporter: Arek Kita
>            Assignee: Carsten Ziegeler
>            Priority: Major
>             Fix For: Installer Configuration Factory 1.2.6
>
>         Attachments: BugRunner.java
>
>
> The {{ConfigUpdateHandler}} class and mostly [2 methods|https://github.com/apache/sling-org-apache-sling-installer-factory-configuration/blob/2a16c35dc1ec5f60c437853535c843121e706bf4/src/main/java/org/apache/sling/installer/factories/configuration/impl/ConfigUpdateHandler.java#L94-L13] inside seems to be not safe enough and they lead to runtime exception like this:
> {noformat:title=Runtime Exception}
> Exception in thread "main" java.lang.StringIndexOutOfBoundsException: String index out of range: 43
> 	at java.base/java.lang.StringLatin1.charAt(StringLatin1.java:47)
> 	at java.base/java.lang.String.charAt(String.java:693)
> 	at com.adobe.empty.Main.getFactoryPidAndPid(Main.java:34)
> 	at com.adobe.empty.Main.run(Main.java:64)
> 	at com.adobe.empty.Main.main(Main.java:59)
> {noformat}
> which prevents Installer to be working correctly. The exception on a *faulty input* can be reproduced using the simple main class as a POC:  [^BugRunner.java] 
> h4. Actual behavior 
> The whole update handler is aborted due to one faulty name of the OSGi config and the update and installer thread is stopped
> h4. Expected behavior 
> The wrong configuration name should be either skipped or converted if possible to the correct name not leading to stop in update thread.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)