You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2016/11/16 22:48:34 UTC
[1/2] cxf git commit: [CXF-7139] Avoid BufferOverflowException for
trailing escape characters, patch from Michael Grant applied, This closes #201
Repository: cxf
Updated Branches:
refs/heads/master d68073bee -> 5c81fe0db
[CXF-7139] Avoid BufferOverflowException for trailing escape characters, patch from Michael Grant applied, This closes #201
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/314565cc
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/314565cc
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/314565cc
Branch: refs/heads/master
Commit: 314565ccb05c88ceb6f19605d1813cabac4fedbc
Parents: d68073b
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Wed Nov 16 23:37:45 2016 +0100
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Wed Nov 16 23:37:45 2016 +0100
----------------------------------------------------------------------
.../org/apache/cxf/common/util/UrlUtils.java | 2 +-
.../apache/cxf/common/util/UrlUtilsTest.java | 49 +++++++++++++++++---
2 files changed, 44 insertions(+), 7 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/314565cc/core/src/main/java/org/apache/cxf/common/util/UrlUtils.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/cxf/common/util/UrlUtils.java b/core/src/main/java/org/apache/cxf/common/util/UrlUtils.java
index 3b7dd23..0260445 100644
--- a/core/src/main/java/org/apache/cxf/common/util/UrlUtils.java
+++ b/core/src/main/java/org/apache/cxf/common/util/UrlUtils.java
@@ -87,7 +87,7 @@ public final class UrlUtils {
if (needDecode) {
final byte[] valueBytes = StringUtils.toBytes(value, enc);
ByteBuffer in = ByteBuffer.wrap(valueBytes);
- ByteBuffer out = ByteBuffer.allocate(in.capacity() - 2 * escapesCount);
+ ByteBuffer out = ByteBuffer.allocate(in.capacity() - (2 * escapesCount) + 1);
while (in.hasRemaining()) {
final int b = in.get();
if (!isPath && b == PLUS_CHAR) {
http://git-wip-us.apache.org/repos/asf/cxf/blob/314565cc/core/src/test/java/org/apache/cxf/common/util/UrlUtilsTest.java
----------------------------------------------------------------------
diff --git a/core/src/test/java/org/apache/cxf/common/util/UrlUtilsTest.java b/core/src/test/java/org/apache/cxf/common/util/UrlUtilsTest.java
index b0e25b7..7ae4015 100644
--- a/core/src/test/java/org/apache/cxf/common/util/UrlUtilsTest.java
+++ b/core/src/test/java/org/apache/cxf/common/util/UrlUtilsTest.java
@@ -42,14 +42,51 @@ public class UrlUtilsTest extends Assert {
assertEquals("!$&'()*,;=", UrlUtils.urlDecode("!$&'()*,;="));
}
- @Test (expected = IllegalArgumentException.class)
- public void testUrlDecodeIncompleteEscape() {
- UrlUtils.urlDecode("%2");
+ @Test
+ public void testUrlDecodeIncompleteEscapePatterns() {
+
+ try {
+ UrlUtils.urlDecode("%");
+ fail();
+ } catch (Throwable e) {
+ assertTrue(e instanceof IllegalArgumentException);
+ assertTrue(e.getMessage().startsWith("Invalid URL encoding"));
+ }
+
+ try {
+ UrlUtils.urlDecode("a%%%%");
+ fail();
+ } catch (Throwable e) {
+ assertTrue(e instanceof IllegalArgumentException);
+ assertTrue(e.getMessage().startsWith("Invalid URL encoding"));
+ }
+
+ try {
+ UrlUtils.urlDecode("a%2B%");
+ fail();
+ } catch (Throwable e) {
+ assertTrue(e instanceof IllegalArgumentException);
+ assertTrue(e.getMessage().startsWith("Invalid URL encoding"));
+ }
+
+ try {
+ UrlUtils.urlDecode("%2");
+ fail();
+ } catch (Throwable e) {
+ assertTrue(e instanceof IllegalArgumentException);
+ assertTrue(e.getMessage().startsWith("Invalid URL encoding"));
+ }
}
- @Test (expected = IllegalArgumentException.class)
- public void testUrlDecodeInvalidEscape() {
- UrlUtils.urlDecode("%2$");
+ @Test
+ public void testUrlDecodeInvalidEscapePattern() {
+ try {
+ UrlUtils.urlDecode("%2$");
+ fail();
+ } catch (Throwable e) {
+ assertTrue(e instanceof IllegalArgumentException);
+ assertTrue(e.getMessage().startsWith("Invalid URL encoding"));
+ }
}
@Test
[2/2] cxf git commit: [CXF-7140] Ensure AsyncResponse.cancel(...)
behaves the same when invoked twice, patch from Andy McCright applied,
This closes #202
Posted by se...@apache.org.
[CXF-7140] Ensure AsyncResponse.cancel(...) behaves the same when invoked twice, patch from Andy McCright applied, This closes #202
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/5c81fe0d
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/5c81fe0d
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/5c81fe0d
Branch: refs/heads/master
Commit: 5c81fe0db480afefe3c1cffebe1e401d6d7fada6
Parents: 314565c
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Wed Nov 16 23:48:13 2016 +0100
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Wed Nov 16 23:48:13 2016 +0100
----------------------------------------------------------------------
.../cxf/jaxrs/impl/AsyncResponseImpl.java | 7 +-
.../cxf/jaxrs/impl/AsyncResponseImplTest.java | 162 +++++++++++++++++++
2 files changed, 166 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/5c81fe0d/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AsyncResponseImpl.java
----------------------------------------------------------------------
diff --git a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AsyncResponseImpl.java b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AsyncResponseImpl.java
index c25f770..f1606c9 100644
--- a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AsyncResponseImpl.java
+++ b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AsyncResponseImpl.java
@@ -116,12 +116,13 @@ public class AsyncResponseImpl implements AsyncResponse, ContinuationCallback {
}
private boolean doCancel(String retryAfterHeader) {
- if (!isSuspended()) {
- return false;
- }
if (cancelled) {
return true;
}
+ if (!isSuspended()) {
+ return false;
+ }
+
cancelled = true;
ResponseBuilder rb = Response.status(503);
if (retryAfterHeader != null) {
http://git-wip-us.apache.org/repos/asf/cxf/blob/5c81fe0d/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/impl/AsyncResponseImplTest.java
----------------------------------------------------------------------
diff --git a/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/impl/AsyncResponseImplTest.java b/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/impl/AsyncResponseImplTest.java
new file mode 100644
index 0000000..953d3b6
--- /dev/null
+++ b/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/impl/AsyncResponseImplTest.java
@@ -0,0 +1,162 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.jaxrs.impl;
+
+import java.util.Date;
+
+import javax.servlet.AsyncContext;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.ws.rs.container.AsyncResponse;
+
+import org.apache.cxf.continuations.ContinuationProvider;
+import org.apache.cxf.message.ExchangeImpl;
+import org.apache.cxf.message.Message;
+import org.apache.cxf.message.MessageImpl;
+import org.apache.cxf.transport.http.Servlet3ContinuationProvider;
+import org.easymock.EasyMock;
+import org.easymock.IMocksControl;
+
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+
+public class AsyncResponseImplTest extends Assert {
+
+ private IMocksControl control;
+
+ @Before
+ public void setUp() {
+ control = EasyMock.createNiceControl();
+ }
+
+ /**
+ * According to the spec, subsequent calls to cancel the same AsyncResponse should
+ * have the same behavior as the first call.
+ */
+ @Test
+ public void testCancelBehavesTheSameWhenInvokedMultipleTimes() {
+ HttpServletRequest req = control.createMock(HttpServletRequest.class);
+ HttpServletResponse resp = control.createMock(HttpServletResponse.class);
+ AsyncContext asyncCtx = control.createMock(AsyncContext.class);
+ Message msg = new MessageImpl();
+ msg.setExchange(new ExchangeImpl());
+ msg.put(ContinuationProvider.class.getName(), new Servlet3ContinuationProvider(req, resp, msg));
+
+ req.startAsync();
+ EasyMock.expectLastCall().andReturn(asyncCtx);
+ control.replay();
+
+ AsyncResponse impl = new AsyncResponseImpl(msg);
+
+ // cancel the AsyncResponse for the first time
+ assertTrue("Unexpectedly returned false when canceling the first time", impl.cancel());
+
+ // check the state of the AsyncResponse
+ assertTrue("AsyncResponse was canceled but is reporting that it was not canceled", impl.isCancelled());
+ boolean isDone = impl.isDone();
+ boolean isSuspended = impl.isSuspended();
+
+ // cancel the AsyncResponse a second time
+ assertTrue("Unexpectedly returned false when canceling the second time", impl.cancel());
+
+ // verify that the state is the same as before the second cancel
+ assertTrue("AsyncResponse was canceled (twice) but is reporting that it was not canceled", impl.isCancelled());
+ assertEquals("AsynchResponse.isDone() returned a different response after canceling a second time",
+ isDone, impl.isDone());
+ assertEquals("AsynchResponse.isSuspended() returned a different response after canceling a second time",
+ isSuspended, impl.isSuspended());
+ }
+
+ /**
+ * Similar to testCancelBehavesTheSameWhenInvokedMultipleTimes, but using the cancel(int) signature.
+ */
+ @Test
+ public void testCancelIntBehavesTheSameWhenInvokedMultipleTimes() {
+ HttpServletRequest req = control.createMock(HttpServletRequest.class);
+ HttpServletResponse resp = control.createMock(HttpServletResponse.class);
+ AsyncContext asyncCtx = control.createMock(AsyncContext.class);
+ Message msg = new MessageImpl();
+ msg.setExchange(new ExchangeImpl());
+ msg.put(ContinuationProvider.class.getName(), new Servlet3ContinuationProvider(req, resp, msg));
+
+ req.startAsync();
+ EasyMock.expectLastCall().andReturn(asyncCtx);
+ control.replay();
+
+ AsyncResponse impl = new AsyncResponseImpl(msg);
+
+ // cancel the AsyncResponse for the first time
+ assertTrue("Unexpectedly returned false when canceling the first time", impl.cancel(10));
+
+ // check the state of the AsyncResponse
+ assertTrue("AsyncResponse was canceled but is reporting that it was not canceled", impl.isCancelled());
+ boolean isDone = impl.isDone();
+ boolean isSuspended = impl.isSuspended();
+
+ // cancel the AsyncResponse a second time
+ assertTrue("Unexpectedly returned false when canceling the second time", impl.cancel(25));
+
+ // verify that the state is the same as before the second cancel
+ assertTrue("AsyncResponse was canceled (twice) but is reporting that it was not canceled", impl.isCancelled());
+ assertEquals("AsynchResponse.isDone() returned a different response after canceling a second time",
+ isDone, impl.isDone());
+ assertEquals("AsynchResponse.isSuspended() returned a different response after canceling a second time",
+ isSuspended, impl.isSuspended());
+ }
+
+ /**
+ * Similar to testCancelBehavesTheSameWhenInvokedMultipleTimes, but using the cancel(Date) signature.
+ */
+ @Test
+ public void testCancelDateBehavesTheSameWhenInvokedMultipleTimes() {
+ HttpServletRequest req = control.createMock(HttpServletRequest.class);
+ HttpServletResponse resp = control.createMock(HttpServletResponse.class);
+ AsyncContext asyncCtx = control.createMock(AsyncContext.class);
+ Message msg = new MessageImpl();
+ msg.setExchange(new ExchangeImpl());
+ msg.put(ContinuationProvider.class.getName(), new Servlet3ContinuationProvider(req, resp, msg));
+
+ req.startAsync();
+ EasyMock.expectLastCall().andReturn(asyncCtx);
+ control.replay();
+
+ AsyncResponse impl = new AsyncResponseImpl(msg);
+
+ // cancel the AsyncResponse for the first time
+ Date d = new Date(System.currentTimeMillis() + 60000);
+ assertTrue("Unexpectedly returned false when canceling the first time", impl.cancel(d));
+
+ // check the state of the AsyncResponse
+ assertTrue("AsyncResponse was canceled but is reporting that it was not canceled", impl.isCancelled());
+ boolean isDone = impl.isDone();
+ boolean isSuspended = impl.isSuspended();
+
+ // cancel the AsyncResponse a second time
+ d = new Date(System.currentTimeMillis() + 120000);
+ assertTrue("Unexpectedly returned false when canceling the second time", impl.cancel(d));
+
+ // verify that the state is the same as before the second cancel
+ assertTrue("AsyncResponse was canceled (twice) but is reporting that it was not canceled", impl.isCancelled());
+ assertEquals("AsynchResponse.isDone() returned a different response after canceling a second time",
+ isDone, impl.isDone());
+ assertEquals("AsynchResponse.isSuspended() returned a different response after canceling a second time",
+ isSuspended, impl.isSuspended());
+ }
+}