You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Arnaud Jeansen (JIRA)" <ji...@apache.org> on 2017/01/18 07:59:26 UTC
[jira] [Comment Edited] (CXF-5436) Poorly crafted response caused
NullPointerException when processing incoming message
[ https://issues.apache.org/jira/browse/CXF-5436?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15825998#comment-15825998 ]
Arnaud Jeansen edited comment on CXF-5436 at 1/18/17 7:58 AM:
--------------------------------------------------------------
I got the same bug recently in 3.1.5, with the same combination of missing Content-Type header in a chunked response.
Symptom is different though, the NullPointerException occurs here (see redacted excerpt below):
{code}
2017-01-13 11:39:58.308 WARN [xxxxxxx.yy] [http-bio-8080-exec-2] [o.apache.cxf.phase.PhaseInterceptorChain.doLog] - Interceptor for {XXXXXXX has thrown exception, unwinding now
java.lang.NullPointerException: null
at org.apache.cxf.binding.soap.interceptor.StartBodyInterceptor.handleMessage(StartBodyInterceptor.java:59) ~[cxf-rt-bindings-soap-3.1.5.jar:3.1.5]
at org.apache.cxf.binding.soap.interceptor.StartBodyInterceptor.handleMessage(StartBodyInterceptor.java:37) ~[cxf-rt-bindings-soap-3.1.5.jar:3.1.5]
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308) [cxf-core-3.1.5.jar:3.1.5]
at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:798) [cxf-core-3.1.5.jar:3.1.5]
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1670) [cxf-rt-transports-http-3.1.5.jar:3.1.5]
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1551) [cxf-rt-transports-http-3.1.5.jar:3.1.5]
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1348) [cxf-rt-transports-http-3.1.5.jar:3.1.5]
[...]
{code}
My understanding is that the code in StaxInInterceptor should also test for presence of "Transfer-Encoding:chunked" when deciding whether to exit early or not.
Is my understanding correct?
was (Author: ajeans):
I got the same bug recently in 3.1.5, with the same combination of missing Content-Type header in a chunked response.
Symptom is different though, the NullPointerException occurs here (see redacted excerpt below):
{code}
2017-01-13 11:39:58.308 WARN [squbpy44.fo.qualif.transactis.fr] [http-bio-8080-exec-2] [o.apache.cxf.phase.PhaseInterceptorChain.doLog] - Interceptor for {XXXXXXX has thrown exception, unwinding now
java.lang.NullPointerException: null
at org.apache.cxf.binding.soap.interceptor.StartBodyInterceptor.handleMessage(StartBodyInterceptor.java:59) ~[cxf-rt-bindings-soap-3.1.5.jar:3.1.5]
at org.apache.cxf.binding.soap.interceptor.StartBodyInterceptor.handleMessage(StartBodyInterceptor.java:37) ~[cxf-rt-bindings-soap-3.1.5.jar:3.1.5]
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308) [cxf-core-3.1.5.jar:3.1.5]
at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:798) [cxf-core-3.1.5.jar:3.1.5]
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1670) [cxf-rt-transports-http-3.1.5.jar:3.1.5]
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1551) [cxf-rt-transports-http-3.1.5.jar:3.1.5]
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1348) [cxf-rt-transports-http-3.1.5.jar:3.1.5]
[...]
{code}
My understanding is that the code in StaxInInterceptor should also test for presence of "Transfer-Encoding:chunked" when deciding whether to exit early or not.
Is my understanding correct?
> Poorly crafted response caused NullPointerException when processing incoming message
> ------------------------------------------------------------------------------------
>
> Key: CXF-5436
> URL: https://issues.apache.org/jira/browse/CXF-5436
> Project: CXF
> Issue Type: Bug
> Components: JAX-WS Runtime
> Reporter: Kyle Lape
>
> A CXF SOAP client is processing a response, and it gets a NPE:
> {noformat}
> 2013-11-26 10:03:39,462 243006 WARNING [org.apache.cxf.phase.PhaseInterceptorChain] (pool-38-thread-1:) Interceptor for {http://REDACTED has thrown exception, unwinding now
> java.lang.NullPointerException
> at org.apache.cxf.staxutils.StaxUtils.toNextElement(StaxUtils.java:333)
> at org.apache.cxf.interceptor.DocLiteralInInterceptor.handleMessage(DocLiteralInInterceptor.java:80)
> at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:243)
> at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:755)
> at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:2408)
> at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:2278)
> at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:2121)
> at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:66)
> at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:695)
> at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
> at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:243)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:516)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265)
> at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
> at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
> at $Proxy1346.tenprintSearchResponse(Unknown Source)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
> at java.lang.reflect.Method.invoke(Unknown Source)
> at my.application.ClassName.run(MessageRouterTask.java:44)
> at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
> at java.util.concurrent.FutureTask$Sync.innerRun(Unknown Source)
> at java.util.concurrent.FutureTask.run(Unknown Source)
> at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(Unknown Source)
> at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(Unknown Source)
> at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)
> at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
> at java.lang.Thread.run(Unknown Source)
> {noformat}
> The issue has been traced back to the {{StaxInInterceptor}} around this code:
> {code:java}
> if (contentType == null) {
> //if contentType is null, this is likely a an empty post/put/delete/similar, lets see if it's
> //detectable at all
> Map<String, List<String>> m = CastUtils.cast((Map<?, ?>)message.get(Message.PROTOCOL_HEADERS));
> if (m != null) {
> List<String> contentLen = HttpHeaderHelper
> .getHeader(m, HttpHeaderHelper.CONTENT_LENGTH);
> List<String> contentTE = HttpHeaderHelper
> .getHeader(m, HttpHeaderHelper.CONTENT_TRANSFER_ENCODING);
> if ((StringUtils.isEmpty(contentLen) || "0".equals(contentLen.get(0)))
> && StringUtils.isEmpty(contentTE)) {
> return;
> }
> }
> }
> {code}
> The endpoint is responding with an empty {{Content-Type}} header and is using chunked encoding, so it's setting the {{Transfer-Encoding}} header and omitting the {{Content-Length}} header. These combined attributes cause the {{StaxInInterceptor}} to return before the {{XMLStreamReader}} is created and put in the {{Message}}, causing the NPE down the chain. While I certainly feel that the endpoint shouldn't respond in such a way, the NPE in CXF is probably not the best way to handle this odd response from the endpoint.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)