santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ArunaGanesan <aruna...@gmail.com>
Subject RE: Infinite Loop due to inconsistent hashmap, in ApacheXMLSecurityJava XMLUtil.class
Date Tue, 12 Jan 2010 13:31:12 GMT

When is the next release? We are using this jar in a production system and it
would be easier for us to download it from a stable release, than applying
the patch and getting it reviewed.

Aruna

Colm O hEigeartaigh wrote:
> 
> This has already been fixed and will be in the next release:
> 
> https://issues.apache.org/bugzilla/show_bug.cgi?id=47779
> 
> Colm.
> 
> -----Original Message-----
> From: ArunaGanesan [mailto:arunagan@gmail.com] 
> Sent: 12 January 2010 11:07
> To: security-dev@xml.apache.org
> Subject: Infinite Loop due to inconsistent hashmap, in
> ApacheXMLSecurityJava XMLUtil.class
> 
> 
> We are using WSS4J, AxisJ and ApacheXMLSecurityJava for contacting a
> webservice using SOAP. One of our tool makes parallel SOAP requests to
> this
> web service. This tool runs on a m/c with 32 virtual processors.
> 
> We were running into a process block a way too often.We did a jstack on
> the
> process and the process seem to be doing this. 
> at java.util.HashMap.get(HashMap.java:303)
> at
> org.apache.xml.security.utils.XMLUtils.createElementInSignatureSpace(Unk
> nown
> Source)
> 
> Everytime we get the same jstack when the process stops making progress.
> 
> At this point, the process stops and the CPU starts spiking.
> 
> When we looked at the XMLUtils code, we found that the class is not
> thread
> safe.
> There is a hashmap namePrefixes that is used without synchronization.
> It
> seems that a hashmap without synchronization can cause infinite loop
>  http://lightbody.net/blog/2005/07/hashmapget_can_cause_an_infini.html
> 
> Since the hash map used in the class is a static object, we guess the
> hash
> map is left in an inconsistent state. 
> 
> Is there any solution available so that we can get rid of this infinite
> loop.
> -- 
> View this message in context:
> http://old.nabble.com/Infinite-Loop-due-to-inconsistent-hashmap%2C-in-Ap
> acheXMLSecurityJava-XMLUtil.class-tp27125974p27125974.html
> Sent from the Apache XML - Security - Dev mailing list archive at
> Nabble.com.
> 
> 
> 

-- 
View this message in context: http://old.nabble.com/Infinite-Loop-due-to-inconsistent-hashmap%2C-in-ApacheXMLSecurityJava-XMLUtil.class-tp27125974p27127568.html
Sent from the Apache XML - Security - Dev mailing list archive at Nabble.com.


Mime
View raw message