You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@santuario.apache.org by bu...@apache.org on 2008/03/17 14:36:48 UTC

DO NOT REPLY [Bug 44617] New: Regression when processing XPath transform

https://issues.apache.org/bugzilla/show_bug.cgi?id=44617

           Summary: Regression when processing XPath transform
           Product: Security
           Version: Java 1.4.1
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: regression
          Priority: P2
         Component: Signature
        AssignedTo: security-dev@xml.apache.org
        ReportedBy: sean.mullan@sun.com


org.apache.xml.security.exceptions.XMLSecurityRuntimeException: Current Node:
[#text:
YWBCmDfU8JQVl3odJ358jqjZn5YCRkBN8D//t+Kd2YIVJvwCMO8uv9B1+t1sJkMjgF5R4fJbVRj4
bXW54pSR3n1nKeUSz27HavigQs7oK+UAIDrNPHkW/5ybOtYzOJftHak0IGDTehFiYOVGPNTiuzG3
WKui1eRbw/V4N0n89AE=], type: 3
Original Exception was java.lang.RuntimeException: Could not resolve the node
to a handle
        at
org.apache.xml.security.transforms.implementations.TransformXPath$XPathNodeFilter.isNodeInclude(Unknown
Source)
        at
org.apache.xml.security.c14n.implementations.CanonicalizerBase.isVisible(Unknown
Source)
        at
org.apache.xml.security.c14n.implementations.CanonicalizerBase.canonicalizeXPathNodeSet(Unknown
Source)
        at
org.apache.xml.security.c14n.implementations.CanonicalizerBase.engineCanonicalizeXPathNodeSetInternal(Unknown
Source)
        at
org.apache.xml.security.c14n.implementations.CanonicalizerBase.engineCanonicalize(Unknown
Source)
        at
org.apache.xml.security.transforms.implementations.TransformC14NWithComments.enginePerformTransform(Unknown
Source)
        at
org.apache.xml.security.transforms.Transform.performTransform(Unknown Source)
        at
org.apache.xml.security.transforms.Transforms.performTransforms(Unknown Source)
        at
org.apache.xml.security.signature.Reference.getContentsAfterTransformation(Unknown
Source)
        at
org.apache.xml.security.signature.Reference.dereferenceURIandPerformTransforms(Unknown
Source)
        at org.apache.xml.security.signature.Reference.calculateDigest(Unknown
Source)
        at org.apache.xml.security.signature.Reference.verify(Unknown Source)
        at org.apache.xml.security.signature.Manifest.verifyReferences(Unknown
Source)
        at org.apache.xml.security.signature.SignedInfo.verify(Unknown Source)
        at
org.apache.xml.security.signature.XMLSignature.checkSignatureValue(Unknown
Source)


-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

DO NOT REPLY [Bug 44617] Regression when processing XPath transform

Posted by bu...@apache.org.

https://issues.apache.org/bugzilla/show_bug.cgi?id=44617





--- Comment #2 from sean.mullan@sun.com  2008-03-24 13:08:52 PST ---
An additional, similar problem was discovered by Frank and the problem was in
ElementProxy.addBase64Text. I have also fixed this and the fix will be
available in 1.4.2 beta 2.


-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

DO NOT REPLY [Bug 44617] Regression when processing XPath transform

Posted by bu...@apache.org.

https://issues.apache.org/bugzilla/show_bug.cgi?id=44617


sean.mullan@sun.com changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |FIXED




--- Comment #1 from sean.mullan@sun.com  2008-03-17 06:57:43 PST ---
Fixed in Head. A new regression test case has been added (thanks to Frank
Cornelis). 

The problem was caused by the fix for 42061 (Method to disable
XMLUtils.addReturnToElement). In that fix, the DOM tree was modified to add
return characters after the XPath transform had been processed when generating
the signature. When the XPath transform was processed when validating the
signature, an XMLSecurityRuntime exception was thrown because the XPath
implementation had cached references to the nodes the first time it was
processed and now they no longer resolved to the same objects.


-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.