santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From katoy <youichi_k...@justsystem.co.jp>
Subject Canonicalizer gets exception in meny namespaces.
Date Wed, 15 Feb 2006 02:45:10 GMT
Hi,
I am using java xml-security 1.3.0.
I found one problem, show my solution.

I hope fixed binary will be released at the official site.
Has anyone other solution?

Problem:
--------
Xml data has many namespaces, then Canonicalizer#canonicalizeSubtree()
gets exception.

For example,
java code:
public static String toString(final Node n) throws Exception {
ByteArrayOutputStream baos = new ByteArrayOutputStream();
Canonicalizer c14n =
Canonicalizer.getInstance(Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS);
byte[] serBytes = c14n.canonicalizeSubtree(n);
...
}

using XML data:
<?xml version="1.0"?>
<wiki
xmlns:generated-command="http://foo.com/command"
xmlns:generated-event="http://foo.com/event"
xmlns:command="http://foo.com/command"
xmlns:ui="http://foo.com/ui"
xmlns:event="http://foo.com/event"
xmlns:instruction="http://foo/instruction"
xmlns:directory="http://foo.com/io/directory"
xmlns:function="http://foo.com/function"
xmlns="http://www.w3.org/1999/xhtml"
xmlns:ctrl="http://foo.com/controls"
xmlns:wiki="http://foo.com/samples/wiki">
<wiki:content>
<wiki:paragraph />
</wiki:content>
</wiki>

gets exception:
java.lang.ArrayIndexOutOfBoundsException: 23
at org.apache.xml.security.c14n.implementations.SymbMap.index(Unknown
Source)
at org.apache.xml.security.c14n.implementations.SymbMap.get(Unknown Source)
at
org.apache.xml.security.c14n.implementations.NameSpaceSymbTable.addMappingAndRender(Unknown
Source)
at
org.apache.xml.security.c14n.implementations.Canonicalizer20010315.handleAttributesSubtree(Unknown
Source)
at
org.apache.xml.security.c14n.implementations.CanonicalizerBase.canonicalizeSubTree(Unknown
Source)
at
org.apache.xml.security.c14n.implementations.CanonicalizerBase.engineCanonicalizeSubTree(Unknown
Source)
at
org.apache.xml.security.c14n.implementations.CanonicalizerBase.engineCanonicalizeSubTree(Unknown
Source)
at
org.apache.xml.security.c14n.Canonicalizer.canonicalizeSubtree(Unknown
Source)
...

My Solution:
------------
I quick fixed,
In
xml-security-1_3_0\src\org\apache\xml\security\c14n\implementations\NameSpaceSymbTable.java
line 359,

protected int index(Object obj) {
Object[] set = keys;
int length = set.length;
//abs of index
int index = (obj.hashCode() & 0x7fffffff) % length;
Object cur = set[index];

if (cur == null || (cur.equals( obj))) {
return index;
}
do {
// index=index==length? 0:++index; // <---Original
index = (index + 1) % length; // <--------Fix kato,
cur = set[index];
} while (cur != null && (!cur.equals(obj)));
return index;
}
in original code,
when "index == length-1", "index==length? 0:++index" has index, it is
outofbounds!
I edited the code to "(index+1) % length" , it works good.

Best Regards,
katoy


Mime
View raw message