From jira-events at lists.jboss.org Tue Sep 25 13:08:41 2007 Content-Type: multipart/mixed; boundary="===============4836601585667977034==" MIME-Version: 1.0 From: Doug Chasman (JIRA) To: richfaces-issues at lists.jboss.org Subject: [richfaces-issues] [JBoss JIRA] Updated: (RF-1012) org.ajax4jsf.io.parser.FastHtmlParser enters infinite loop Date: Tue, 25 Sep 2007 13:08:41 -0400 Message-ID: <14461489.1190740121068.JavaMail.jira@cloud.prod.atl2.jboss.com> In-Reply-To: 28342948.1190739771402.JavaMail.jira@cloud.prod.atl2.jboss.com --===============4836601585667977034== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable [ http://jira.jboss.com/jira/browse/RF-1012?page=3Dall ] Doug Chasman updated RF-1012: ----------------------------- Description: = The following check will never return false because of the incorrect cast t= o char (unsigned): char c; while ((c =3D (char)in.read()) > 0) { ... } The following is my proposed fix: int nextChar; while ((nextChar =3D in.read()) > 0) { char c =3D (char)nextChar; ... } Also if the content being parsed does not include at least one tag a closin= g is still appended. Ideally, and injection wo= uld function properly regardless of the lack of structure of the content. was: The following check will never return false because of the incorrect cast t= o char (unsigned): char c; while ((c =3D (char)in.read()) > 0) { ... } The following is my proposed fix: int nextChar; while ((nextChar =3D in.read()) > 0) { char c =3D (char)nextChar; ... } Also if the content being parsed does not include or a closin= g is still appended. Ideally, and injection wo= uld function properly regardless of the lack of structure of the content. > org.ajax4jsf.io.parser.FastHtmlParser enters infinite loop > ---------------------------------------------------------- > > Key: RF-1012 > URL: http://jira.jboss.com/jira/browse/RF-1012 > Project: RichFaces > Issue Type: Bug > Affects Versions: 3.1.0 > Environment: RF 3.1 GA > Reporter: Doug Chasman > > The following check will never return false because of the incorrect cast= to char (unsigned): > char c; > while ((c =3D (char)in.read()) > 0) { > ... > } > The following is my proposed fix: > int nextChar; > while ((nextChar =3D in.read()) > 0) { > char c =3D (char)nextChar; > ... > } > Also if the content being parsed does not include at least one tag a clos= ing is still appended. Ideally, and injection = would function properly regardless of the lack of structure of the content. -- = This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: htt= p://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira =20 --===============4836601585667977034==--