Jetty
  1. Jetty
  2. JETTY-1314

UrlEncoded.decodeString throw StringIndexOutOfBoundsException

    Details

    • Type: Bug Bug
    • Status: Resolved Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 6.1.26
    • Fix Version/s: 6.1.27, 7.4.1
    • Component/s: None
    • Labels:
      None
    • Testcase included:
      yes
    • Number of attachments :
      2

      Description

      When invalid data was input to org.mortbay.util.UrlEncoded#decodeString , throw StringIndexOutOfBoundsException

      url_encoded.decode("Name15=xx%zz", "UTF-8"); // <- throw StringIndexOutOfBoundsException

      java.lang.StringIndexOutOfBoundsException: String index out of range: 12
      at java.lang.String.charAt(Unknown Source)
      at org.mortbay.util.UrlEncoded.decodeString(UrlEncoded.java:657)
      at org.mortbay.util.UrlEncoded.decodeTo(UrlEncoded.java:227)
      at org.mortbay.util.UrlEncoded.decode(UrlEncoded.java:82)
      at org.mortbay.util.URLEncodedTest.testUrlEncoded(URLEncodedTest.java:150)

      There was a problem in the processing of the invalid data.

      $ svn diff
      Index: UrlEncoded.java
      ===================================================================
      — UrlEncoded.java (revision 6311)
      +++ UrlEncoded.java (working copy)
      @@ -653,7 +653,7 @@
      catch(NumberFormatException nfe)

      { buffer.getStringBuffer().append('%'); - for(char next; ((next=encoded.charAt(++i+offset))!='%');) + for(char next; ( ((++i)+offset < encoded.length()) && (next=encoded.charAt(i+offset))!='%');) buffer.getStringBuffer().append((next=='+' ? ' ' : next)); }
      1. diff.txt
        0.6 kB
        Kenji Kitamura
      2. URLEncodedTest.java
        8 kB
        Kenji Kitamura

        Activity

        Hide
        Greg Wilkins added a comment -

        applied to both jetty-6 and jetty-7.
        thanks

        Show
        Greg Wilkins added a comment - applied to both jetty-6 and jetty-7. thanks

          People

          • Assignee:
            Unassigned
            Reporter:
            Kenji Kitamura
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: