From jira-events at lists.jboss.org Sun May 13 21:00:12 2007 Content-Type: multipart/mixed; boundary="===============5513500704322963924==" MIME-Version: 1.0 From: Shane Bryzak (JIRA) To: seam-issues at lists.jboss.org Subject: [jbossseam-issues] [JBoss JIRA] Assigned: (JBSEAM-1323) MultipartRequest class incorrectly parses form post when field boundary occurs near end of internal buffer Date: Sun, 13 May 2007 21:02:02 -0400 Message-ID: <29539570.1179104522373.JavaMail.jira@cloud.prod.atl2.jboss.com> In-Reply-To: 14431784.1179101812214.JavaMail.jira@cloud.prod.atl2.jboss.com --===============5513500704322963924== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable [ http://jira.jboss.com/jira/browse/JBSEAM-1323?page=3Dall ] Shane Bryzak reassigned JBSEAM-1323: ------------------------------------ Assignee: Shane Bryzak > MultipartRequest class incorrectly parses form post when field boundary o= ccurs near end of internal buffer > -------------------------------------------------------------------------= --------------------------------- > > Key: JBSEAM-1323 > URL: http://jira.jboss.com/jira/browse/JBSEAM-1323 > Project: JBoss Seam > Issue Type: Bug > Components: Core > Affects Versions: 1.2.1.GA, 1.2.0.GA > Environment: Windows Vista, Firefox 2.0.0, Java 1.6u1, JBoss AS 4= .0.5.GA, JBoss Seam 1.2.1 > Reporter: ROB b > Assigned To: Shane Bryzak > Fix For: 1.3.0.BETA1 > > > When a form post is processed by a MultipartRequest class and it has a fi= eld boundary that occurs near the end of the internal buffer of the Multipa= rtRequest class, it fails to recognize the field boundary and interprets th= e field boundary and the following header to be a part of the previous fiel= d's contents. > This bug can most easily be reproduced by creating a form of enctype=3D"m= ultipart/form-data" with 30 fields. The fields should be subm= itted empty. This provides form post data with lots of field boundaries and= little in between. One of the field boundaries is likely to be near the en= d of the 2KB class buffer. When the bug occurs, one of the blank fields wil= l be shown to contain part of the form boundary text. The form may have to = be submitted 5 or 10 times, before the bug occurs. > This same technique also occasionally causes the JBSEAM-1322 bug to occur= (rarely, though). > Sorry, I don't have a suggested fix. The class has been kind of hard for = me to debug. > Submitting the following XHTML source multiple times can be used to demon= strate the bug: > "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitiona= l.dtd"> > xmlns:s=3D"http://jboss.com/products/seam/taglib" > xmlns:ui=3D"http://java.sun.com/jsf/facelets" > xmlns:f=3D"http://java.sun.com/jsf/core" > xmlns:h=3D"http://java.sun.com/jsf/html" > xmlns:rich=3D"http://richfaces.ajax4jsf.org/rich" > > > = > > > > > > > > > > > > > > > > > > > > > > > > > > -- = This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: htt= p://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira =20 --===============5513500704322963924==--