You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Kyle Lape (JIRA)" <ji...@apache.org> on 2013/12/06 01:22:35 UTC
[jira] [Updated] (CXF-5436) Poorly crafted response caused
NullPointerException when processing incoming message
[ https://issues.apache.org/jira/browse/CXF-5436?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Kyle Lape updated CXF-5436:
---------------------------
Description:
A CXF SOAP client is processing a response, and it gets a NPE:
{noformat}
2013-11-26 10:03:39,462 243006 WARNING [org.apache.cxf.phase.PhaseInterceptorChain] (pool-38-thread-1:) Interceptor for {http://REDACTED has thrown exception, unwinding now
java.lang.NullPointerException
at org.apache.cxf.staxutils.StaxUtils.toNextElement(StaxUtils.java:333)
at org.apache.cxf.interceptor.DocLiteralInInterceptor.handleMessage(DocLiteralInInterceptor.java:80)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:243)
at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:755)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:2408)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:2278)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:2121)
at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:66)
at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:695)
at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:243)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:516)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
at $Proxy1346.tenprintSearchResponse(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at my.application.ClassName.run(MessageRouterTask.java:44)
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.util.concurrent.FutureTask$Sync.innerRun(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(Unknown Source)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
{noformat}
The issue has been traced back to the {{StaxInInterceptor}} around this code:
{code:java}
if (contentType == null) {
//if contentType is null, this is likely a an empty post/put/delete/similar, lets see if it's
//detectable at all
Map<String, List<String>> m = CastUtils.cast((Map<?, ?>)message.get(Message.PROTOCOL_HEADERS));
if (m != null) {
List<String> contentLen = HttpHeaderHelper
.getHeader(m, HttpHeaderHelper.CONTENT_LENGTH);
List<String> contentTE = HttpHeaderHelper
.getHeader(m, HttpHeaderHelper.CONTENT_TRANSFER_ENCODING);
if ((StringUtils.isEmpty(contentLen) || "0".equals(contentLen.get(0)))
&& StringUtils.isEmpty(contentTE)) {
return;
}
}
}
{code}
The endpoint is responding with an empty {{Content-Type}} header and is using chunked encoding, so it's setting the {{Transfer-Encoding}} header and omitting the {{Content-Length}} header. These attributed combined cause the {{StaxInInterceptor}} to return before the {{XMLStreamReader}} is created and put in the {{Message}}, causing the NPE down the chain. While I certainly feel that the endpoint shouldn't respond in such a way, the NPE in CXF is probably not the best way to handle this odd response from the endpoint.
was:
A CXF SOAP client is processing a response, and it gets a NPE:
{noformat}
2013-11-26 10:03:39,462 243006 WARNING [org.apache.cxf.phase.PhaseInterceptorChain] (pool-38-thread-1:) Interceptor for {http://REDACTED has thrown exception, unwinding now
java.lang.NullPointerException
at org.apache.cxf.staxutils.StaxUtils.toNextElement(StaxUtils.java:333)
at org.apache.cxf.interceptor.DocLiteralInInterceptor.handleMessage(DocLiteralInInterceptor.java:80)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:243)
at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:755)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:2408)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:2278)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:2121)
at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:66)
at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:695)
at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:243)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:516)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
at $Proxy1346.tenprintSearchResponse(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at my.application.ClassName.run(MessageRouterTask.java:44)
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.util.concurrent.FutureTask$Sync.innerRun(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(Unknown Source)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
{noformat}
The issue has been traced back to the {{StaxInInterceptor}} around this code:
{code:java}
if (contentType == null) {
//if contentType is null, this is likely a an empty post/put/delete/similar, lets see if it's
//detectable at all
Map<String, List<String>> m = CastUtils.cast((Map<?, ?>)message.get(Message.PROTOCOL_HEADERS));
if (m != null) {
List<String> contentLen = HttpHeaderHelper
.getHeader(m, HttpHeaderHelper.CONTENT_LENGTH);
List<String> contentTE = HttpHeaderHelper
.getHeader(m, HttpHeaderHelper.CONTENT_TRANSFER_ENCODING);
if ((StringUtils.isEmpty(contentLen) || "0".equals(contentLen.get(0)))
&& StringUtils.isEmpty(contentTE)) {
return;
}
}
}
{code}
The endpoint is responding with an empty {{Content-Type}} header and is using chunked encoding, so it's setting the {{Transfer-Encoding}} header and omitting the {{Content-Length}} header. While I certainly feel that the endpoint shouldn't respond in such a way, the NPE in CXF is probably not the best way to handle this odd response from the endpoint.
> Poorly crafted response caused NullPointerException when processing incoming message
> ------------------------------------------------------------------------------------
>
> Key: CXF-5436
> URL: https://issues.apache.org/jira/browse/CXF-5436
> Project: CXF
> Issue Type: Bug
> Components: JAX-WS Runtime
> Reporter: Kyle Lape
>
> A CXF SOAP client is processing a response, and it gets a NPE:
> {noformat}
> 2013-11-26 10:03:39,462 243006 WARNING [org.apache.cxf.phase.PhaseInterceptorChain] (pool-38-thread-1:) Interceptor for {http://REDACTED has thrown exception, unwinding now
> java.lang.NullPointerException
> at org.apache.cxf.staxutils.StaxUtils.toNextElement(StaxUtils.java:333)
> at org.apache.cxf.interceptor.DocLiteralInInterceptor.handleMessage(DocLiteralInInterceptor.java:80)
> at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:243)
> at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:755)
> at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:2408)
> at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:2278)
> at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:2121)
> at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:66)
> at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:695)
> at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
> at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:243)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:516)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265)
> at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
> at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
> at $Proxy1346.tenprintSearchResponse(Unknown Source)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
> at java.lang.reflect.Method.invoke(Unknown Source)
> at my.application.ClassName.run(MessageRouterTask.java:44)
> at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
> at java.util.concurrent.FutureTask$Sync.innerRun(Unknown Source)
> at java.util.concurrent.FutureTask.run(Unknown Source)
> at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(Unknown Source)
> at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(Unknown Source)
> at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)
> at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
> at java.lang.Thread.run(Unknown Source)
> {noformat}
> The issue has been traced back to the {{StaxInInterceptor}} around this code:
> {code:java}
> if (contentType == null) {
> //if contentType is null, this is likely a an empty post/put/delete/similar, lets see if it's
> //detectable at all
> Map<String, List<String>> m = CastUtils.cast((Map<?, ?>)message.get(Message.PROTOCOL_HEADERS));
> if (m != null) {
> List<String> contentLen = HttpHeaderHelper
> .getHeader(m, HttpHeaderHelper.CONTENT_LENGTH);
> List<String> contentTE = HttpHeaderHelper
> .getHeader(m, HttpHeaderHelper.CONTENT_TRANSFER_ENCODING);
> if ((StringUtils.isEmpty(contentLen) || "0".equals(contentLen.get(0)))
> && StringUtils.isEmpty(contentTE)) {
> return;
> }
> }
> }
> {code}
> The endpoint is responding with an empty {{Content-Type}} header and is using chunked encoding, so it's setting the {{Transfer-Encoding}} header and omitting the {{Content-Length}} header. These attributed combined cause the {{StaxInInterceptor}} to return before the {{XMLStreamReader}} is created and put in the {{Message}}, causing the NPE down the chain. While I certainly feel that the endpoint shouldn't respond in such a way, the NPE in CXF is probably not the best way to handle this odd response from the endpoint.
--
This message was sent by Atlassian JIRA
(v6.1#6144)