[richfaces-issues] [JBoss JIRA] Updated: (RF-1012) org.ajax4jsf.io.parser.FastHtmlParser enters infinite loop
Doug Chasman (JIRA)
jira-events at lists.jboss.org
Tue Sep 25 13:08:41 EDT 2007
[ http://jira.jboss.com/jira/browse/RF-1012?page=all ]
Doug Chasman updated RF-1012:
-----------------------------
Description:
The following check will never return false because of the incorrect cast to char (unsigned):
char c;
while ((c = (char)in.read()) > 0) {
...
}
The following is my proposed fix:
int nextChar;
while ((nextChar = in.read()) > 0) {
char c = (char)nextChar;
...
}
Also if the content being parsed does not include at least one tag a closing </html> is still appended. Ideally, <html> and <head></head> injection would function properly regardless of the lack of structure of the content.
was:
The following check will never return false because of the incorrect cast to char (unsigned):
char c;
while ((c = (char)in.read()) > 0) {
...
}
The following is my proposed fix:
int nextChar;
while ((nextChar = in.read()) > 0) {
char c = (char)nextChar;
...
}
Also if the content being parsed does not include <html> or <head> a closing </html> is still appended. Ideally, <html> and <head></head> injection would function properly regardless of the lack of structure of the content.
> org.ajax4jsf.io.parser.FastHtmlParser enters infinite loop
> ----------------------------------------------------------
>
> Key: RF-1012
> URL: http://jira.jboss.com/jira/browse/RF-1012
> Project: RichFaces
> Issue Type: Bug
> Affects Versions: 3.1.0
> Environment: RF 3.1 GA
> Reporter: Doug Chasman
>
> The following check will never return false because of the incorrect cast to char (unsigned):
> char c;
> while ((c = (char)in.read()) > 0) {
> ...
> }
> The following is my proposed fix:
> int nextChar;
> while ((nextChar = in.read()) > 0) {
> char c = (char)nextChar;
> ...
> }
> Also if the content being parsed does not include at least one tag a closing </html> is still appended. Ideally, <html> and <head></head> injection would function properly regardless of the lack of structure of the content.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the richfaces-issues
mailing list