You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@santuario.apache.org by bu...@apache.org on 2007/02/08 20:48:38 UTC
DO NOT REPLY [Bug 41573] New: - XMLCipher StackOverflowError
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=41573>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=41573
Summary: XMLCipher StackOverflowError
Product: Security
Version: unspecified
Platform: PC
OS/Version: other
Status: NEW
Severity: normal
Priority: P2
Component: Encryption
AssignedTo: security-dev@xml.apache.org
ReportedBy: mjablon@wp.pl
When encrypt xml documents large then 5MB
using org.apache.xml.security.encryption.XMLCipher
Exception in thread "main" java.lang.StackOverflowError
> at org.apache.xerces.dom.ParentNode.internalRemoveChild(Unknown Source)
> at org.apache.xerces.dom.ParentNode.removeChild(Unknown Source)
> at org.apache.xml.security.encryption.XMLCipher.removeContent(Unknown So
> urce)
> at org.apache.xml.security.encryption.XMLCipher.removeContent(Unknown So
then bag is in implementation : (recursive invocation)
private void removeContent(Node node) {
NodeList list = node.getChildNodes();
if (list.getLength() > 0) {
Node n = list.item(0);
if (null != n) {
n.getParentNode().removeChild(n);
}
removeContent(node);
}
}
I'm sugesting change it, for example:
private void removeContent(Node node) {
NodeList list = node.getChildNodes();
while(list.getLength() > 0) {
Node n = list.item(0);
if (null != n) {
n.getParentNode().removeChild(n);
}
}
}
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
DO NOT REPLY [Bug 41573] - XMLCipher StackOverflowError
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=41573>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=41573
byby123452000@yahoo.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|CLOSED |REOPENED
Resolution|FIXED |
------- Additional Comments From byby123452000@yahoo.com 2008-02-16 14:41 -------
removeContent doesn't work reliably in 1.4.1
it does not remove all children.
the loop finishes to early
I've found this buggy code
private void removeContent(Node node) {
NodeList list = node.getChildNodes();
for (int i=0; i<list.getLength(); i++) {
Node n = list.item(i);
if (n != null) {
n.getParentNode().removeChild(n);
}
}
}
example: if you have two childs, the first is removed, getLength is changed, the
second child isn't removed
Try the suggestion from the first poster
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
DO NOT REPLY [Bug 41573] - XMLCipher StackOverflowError
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=41573>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=41573
sean.mullan@sun.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
------- Additional Comments From sean.mullan@sun.com 2007-09-19 12:29 -------
Closing old bugs. Fixed in 1.4.1
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
DO NOT REPLY [Bug 41573] - XMLCipher StackOverflowError
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=41573>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=41573
sean.mullan@sun.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
------- Additional Comments From sean.mullan@sun.com 2007-02-12 11:27 -------
Fixed.
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
DO NOT REPLY [Bug 41573] - XMLCipher StackOverflowError
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=41573>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=41573
sean.mullan@sun.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|REOPENED |RESOLVED
Resolution| |DUPLICATE
------- Additional Comments From sean.mullan@sun.com 2008-02-19 07:01 -------
(In reply to comment #3)
> removeContent doesn't work reliably in 1.4.1
> it does not remove all children.
This is a dup of bug #42886, which will be fixed in 1.4.2.
*** This bug has been marked as a duplicate of 42886 ***
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.