jersey
  1. jersey
  2. JERSEY-924

When "*" accesses an included resource path, the java.lang.StringIndexOutOfBoundsException occurs

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 1.8
    • Fix Version/s: 2.0-m07, 2.0
    • Component/s: core
    • Labels:
      None

      Description

      Following, "*" an included resource path,
      When access to the http://localhost:8080/hello/* , the java.lang.StringIndexOutOfBoundsException occurs.

      server.Hello
      @Path("*")
      public class Hello {
          @GET
          public String sayHello() {
              return "Hello, World!";
          }
      }
      
      java.lang.StringIndexOutOfBoundsException
      java.lang.StringIndexOutOfBoundsException: String index out of range: -1
      	at java.lang.String.substring(String.java:1937)
      	at com.sun.jersey.server.impl.application.WebApplicationContext.pushRightHandPathLength(WebApplicationContext.java:282)
      	at com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:130)
      	at com.sun.jersey.server.impl.uri.rules.RootResourceClassesRule.accept(RootResourceClassesRule.java:84)
      	at com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1469)
      	at com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1400)
      	at com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1349)
      	at com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1339)
      	at com.sun.jersey.spi.container.servlet.WebComponent.service(WebComponent.java:416)
      	at com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletContainer.java:537)
      	at com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletContainer.java:699)
      	at javax.servlet.http.HttpServlet.service(HttpServlet.java:847)
      	at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1539)
      	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:281)
      	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
      	at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
      	at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
      	at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:98)
      	at com.sun.enterprise.web.PESessionLockingStandardPipeline.invoke(PESessionLockingStandardPipeline.java:91)
      	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:162)
      	at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:330)
      	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
      	at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:174)
      	at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:828)
      	at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:725)
      	at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1019)
      	at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:225)
      	at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
      	at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
      	at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
      	at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
      	at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
      	at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
      	at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
      	at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
      	at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
      	at java.lang.Thread.run(Thread.java:662)
      

      The following sources are code escaping a string of URI template.
      Why is not "*" included in RESERVED_REGEX_CHARACTERS ?

      By the way, the java.lang.StringIndexOutOfBoundsException does not occur if "*" is included in RESERVED_REGEX_CHARACTERS.

      com.sun.jersey.api.uri.UriTemplateParser
          private static final Set<Character> RESERVED_REGEX_CHARACTERS = initReserved();
      
          private static Set<Character> initReserved() {
              // TODO need to escape all regex characters present
              char[] reserved = {
                  '.',
                  '?',
                  '(',
                  ')'};
      
              Set<Character> s = new HashSet<Character>(reserved.length);
              for (char c : reserved) {
                  s.add(c);
              }
              return s;
          }
      
          ...
      
          private void processLiteralCharacters() {
              if (literalCharactersBuffer.length() > 0) {
                  literalCharacters += literalCharactersBuffer.length();
      
                  String s = encodeLiteralCharacters(literalCharactersBuffer.toString());
      
                  normalizedTemplate.append(s);
      
                  // Escape if reserved regex character
                  for (int i = 0; i < s.length(); i++) {
                      char c = s.charAt(i);
                      if (RESERVED_REGEX_CHARACTERS.contains(c)) {
                          regex.append("\\");
                      }
                      regex.append(c);
                  }
      
                  literalCharactersBuffer.setLength(0);
              }
          }
      

        Activity

        Hide
        Jakub Podlesak added a comment -

        Setting fix verison to 2.0.

        Show
        Jakub Podlesak added a comment - Setting fix verison to 2.0.

          People

          • Assignee:
            Miroslav Fuksa
            Reporter:
            hosamu
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Time Tracking

              Estimated:
              Original Estimate - 3 hours
              3h
              Remaining:
              Remaining Estimate - 0 minutes
              0m
              Logged:
              Time Spent - 1 hour Time Not Required
              1h