axis-c-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Mitchell (JIRA)" <j...@apache.org>
Subject [jira] Updated: (AXIS2C-933) guththila parser does not handle incomplete messages well, leading to an infinite loop or seg fault
Date Mon, 04 Feb 2008 18:05:09 GMT

     [ https://issues.apache.org/jira/browse/AXIS2C-933?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Bill Mitchell updated AXIS2C-933:
---------------------------------

    Attachment: guththila_xml_parser.diff

For reference, in the attached guththila_xml_parser.diff is the patch to just the problems
described in this issue.  I will apply it shortly.  

> guththila parser does not handle incomplete messages well, leading to an infinite loop
or seg fault
> ---------------------------------------------------------------------------------------------------
>
>                 Key: AXIS2C-933
>                 URL: https://issues.apache.org/jira/browse/AXIS2C-933
>             Project: Axis2-C
>          Issue Type: Bug
>          Components: guththila
>    Affects Versions: Current (Nightly)
>         Environment: Windows XP, Visual Studio 2005, guththila, libcurl
>            Reporter: Bill Mitchell
>             Fix For: 1.3.0
>
>         Attachments: diff.txt, diff2.txt, guththila_xml_parser.diff
>
>
> The code in the guththila parser has a couple of problems when the first allocated buffer
fills up and it attempts to read more data.  First, when allocating another buffer it doubled
the size of all the buffers allocated to this point, but then recorded the new buffer size
as only equal to the size of all the previous buffers.  Second, after fixing the buffer allocation
issue, I discovered that the read into the buffer tried to read as much as all the buffers
to date, instead of just the amount remaining in the buffer just allocated.  There is also
a subtle problem in the guththila_next_no_char routine if last_start is not set, that it did
not assure that all the characters since next are moved to the newly allocated buffer.  
> While debugging this, because of other issues, I walked through the path of an unexpected
EOF in the middle of the incoming message, and discovered that several while loops in the
parser do not stop on EOF, but just keep reading and reading and reading...

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-dev-help@ws.apache.org


Mime
View raw message