]
Shane Bryzak reassigned JBSEAM-1323:
------------------------------------
Assignee: Shane Bryzak
MultipartRequest class incorrectly parses form post when field
boundary occurs near end of internal buffer
----------------------------------------------------------------------------------------------------------
Key: JBSEAM-1323
URL:
http://jira.jboss.com/jira/browse/JBSEAM-1323
Project: JBoss Seam
Issue Type: Bug
Components: Core
Affects Versions: 1.2.1.GA, 1.2.0.GA
Environment: Windows Vista, Firefox 2.0.0, Java 1.6u1, JBoss AS 4.0.5.GA, JBoss
Seam 1.2.1
Reporter: ROB b
Assigned To: Shane Bryzak
Fix For: 1.3.0.BETA1
When a form post is processed by a MultipartRequest class and it has a field boundary
that occurs near the end of the internal buffer of the MultipartRequest class, it fails to
recognize the field boundary and interprets the field boundary and the following header to
be a part of the previous field's contents.
This bug can most easily be reproduced by creating a form of
enctype="multipart/form-data" with 30 <h:inputText> fields. The fields
should be submitted empty. This provides form post data with lots of field boundaries and
little in between. One of the field boundaries is likely to be near the end of the 2KB
class buffer. When the bug occurs, one of the blank fields will be shown to contain part
of the form boundary text. The form may have to be submitted 5 or 10 times, before the bug
occurs.
This same technique also occasionally causes the JBSEAM-1322 bug to occur (rarely,
though).
Sorry, I don't have a suggested fix. The class has been kind of hard for me to
debug.
Submitting the following XHTML source multiple times can be used to demonstrate the bug:
<!DOCTYPE composition PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html
xmlns="http://www.w3.org/1999/xhtml"
xmlns:s="http://jboss.com/products/seam/taglib"
xmlns:ui="http://java.sun.com/jsf/facelets"
xmlns:f="http://java.sun.com/jsf/core"
xmlns:h="http://java.sun.com/jsf/html"
xmlns:rich="http://richfaces.ajax4jsf.org/rich" >
<h:form enctype="multipart/form-data">
<h:inputText />
<h:inputText />
<h:inputText />
<h:inputText />
<h:inputText />
<h:inputText />
<h:inputText />
<h:inputText />
<h:inputText />
<h:inputText />
<h:inputText />
<h:inputText />
<h:inputText />
<h:inputText />
<h:inputText />
<h:inputText />
<h:inputText />
<h:inputText />
<h:inputText />
<h:inputText />
<h:inputText />
<h:inputText />
<h:inputText />
<h:commandButton />
</h:form>
</html>
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: