No subject

        //We just ran out of characters.  We have to dump any last matches
        //on the tree and the rest of the characters.
        if (s != null) {
            fsb.append(s);
        //If this node is root - just dump the character.
        //If there was a match further up the tree.
        } else if (lastMatch != null) {

            fsb.append(lastMatch.getReplacementString());
            if (mark < input.length && mark != -1) {
                //... ORIGINAL
                //fsb.append(input, mark, input.length - mark + 1);
                //... NEW
                fsb.append(input, mark + 1, input.length - mark - 1);
            }
        //False alarm, append everything that has been in this tree.
        } else {
            if (mark != -1) {
                fsb.append(input,mark, input.length - mark);
            }
        }

The changed line near 138:

                //... ORIGINAL
                //fsb.append(input, mark, input.length - mark + 1);
                //... NEW
                fsb.append(input, mark + 1, input.length - mark - 1);


In general, this particular logic branch (the first 'else if') isn't often
reached.  It appears to be reached when a partial replacement string (eg,
"&QUOT", "&GT", instead of "&QUOT;", "&GT;" ) is encountered.

Please let me know if you have any feedback on this, expecially if you find my
fix to be misplaced or incomplete.


-  Corey Snipes
   Programmer
   Seurat Company
   www.seurat.com
   P: +1-303-448-4800
   F: +1-303-448-4883






> -----Original Message-----
> From: opensource-admin at jcorporate.com
> [mailto:opensource-admin at jcorporate.com]On Behalf Of
> wbchmura at Ensign-BickfordInd.com
> Sent: Tuesday, May 07, 2002 9:34 AM
> To: opensource at jcorporate.com
> Subject: RE: [Opensource] RE: Problem with Error Filtering Field -
> update - FilterTree.java
>
>
>
> Okay, I am still pursing this problem and hoping that at some point
> someone will know something...
>
> At this point, someone very familiar with the FilterTree code would be a
> great help...
>
> * I've checked out all the core.security.filters updates from CVS.
> * If you add a&b and a&amp;b to the filtertree tests the unit test will
> now fail
>
> The problem is now that the FilterTree.ReplaceFilter method is having an
> issue and sending offsets to the FastStringBuffer which then attempts to
> do a System.ArrayCopy with the information, carreening out of the array
> bounds and silently dying in the production version (causing a problem
> way up the exception chain)
>
> If you enclose the FastStringBuffer.append (char, str, int, int) in a
> try catch block, you can grab the exception.  Catching it there allows
> the overall request to complete, with incorrect data
>
> For example:  w&g in the data will produce w&amp;  (missing g)
>
> Any help or thoughts would be appreciated, as this could be used as a
> security related attack.
>
>
> -----Original Message-----
> From: William B. Chmura
> Sent: Friday, May 03, 2002 4:32 PM
> To: opensource
> Subject: [Opensource] RE: Problem with Error Filtering Field - update
>
>
>
> I have been beating my head against this for a long time now...  I've
> made some progress...
>
> When the field B&G gets passed down and worked on by the
> standardFilter...  It makes it all the way into the ReplaceFilter()
> where the c.tCharValue is king off an ArrayIndexOutOfBoundsException.
> Normally this code does not catch at all so it must have been just
> working its way up before...
>
> So now, how to fix this?
>
> If anyone knows, pls copy me at Bill at Explosivo.com
>
> Thx
>
>
>
>
> -----Original Message-----
> From:	William B. Chmura
> Sent:	Friday, May 03, 2002 2:01 PM
> To:	'opensource'
> Subject:	Problem with Error Filtering Field
>
>
> Hi All,
>
> I cannot figure out what is happening here...  I am going against an
> Oracle database.   Everything works swimmingly - approx 28 tables, but
> there is one that gives me the error listed below:
>
> *note* If I do try to get that field the whole thing runs fine...  Its
> something in that column.
>
> #1 - That field is exactly the same as three other field definitions
> that work.  They are identical on the oracle side, and on the Expresso
> side
> #2 - The only difference I can see is that the other fields will return
> a " " if they are empty... this field contains some records that return
> "null"
>
> The definition for the field is: addfield("ORGLEVEL4NAME", "varchar",
> 100, false, "ORGLEVEL4NAME");
>
> I changed the catch to display in () the fieldcontents and the filter
> for the field below:
>
> I am thinking it does not like the & for some reason...
>
>
> ---------------- This is the error
> -----------------------------------------------------------------
>
> The Controller object called
> "com.ebind.twizard.controller.WIZARD_ORGANIZATIONCntrl" reported a
> problem.
> The problem reported was "Nested exception
> message:com.ebind.twizard.controller.WIZARD_ORGANIZATIONCntrl.browse(Con
> trollerRequest,
> ControllerResponse)(com.ebind.twizard.dbobj.WIZARD_ORGANIZATION) Error
> Filtering Field: ORGLEVEL4NAME(B&G|standardFilter):null"
> No error number was specified.
>
> com.jcorporate.expresso.core.controller.ControllerException: Nested
> exception
> message:com.ebind.twizard.controller.WIZARD_ORGANIZATIONCntrl.browse(Con
> trollerRequest,
> ControllerResponse)(com.ebind.twizard.dbobj.WIZARD_ORGANIZATION) Error
> Filtering Field: ORGLEVEL4NAME(B&G|standardFilter):null at
> com.jcorporate.expresso.core.controller.Controller.newState(Controller.j
> ava:567) at
> com.jcorporate.expresso.core.controller.Controller.perform(Controller.ja
> va:703) at
> org.apache.struts.action.ActionServlet.processActionPerform(ActionServle
> t.java:1786) at
> org.apache.struts.action.ActionServlet.process(ActionServlet.java:1585)
> at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:491)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:740) at
> javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Unknown
>
> Source) at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(Unknown Source)
>
> at org.apache.catalina.core.StandardWrapperValve.invoke(Unknown Source)
> at org.apache.catalina.core.StandardPipeline.invokeNext(Unknown Source)
> at org.apache.catalina.core.StandardPipeline.invoke(Unknown Source) at
> org.apache.catalina.core.ContainerBase.invoke(Unknown Source) at
> org.apache.catalina.core.StandardContextValve.invoke(Unknown Source) at
> org.apache.catalina.core.StandardPipeline.invokeNext(Unknown Source) at
> org.apache.catalina.core.StandardPipeline.invoke(Unknown Source) at
> org.apache.catalina.core.ContainerBase.invoke(Unknown Source) at
> org.apache.catalina.core.StandardContext.invoke(Unknown Source) at
> org.apache.catalina.core.StandardHostValve.invoke(Unknown Source) at
> org.apache.catalina.core.StandardPipeline.invokeNext(Unknown Source) at
> org.apache.catalina.valves.AccessLogValve.invoke(Unknown Source) at
> org.apache.catalina.core.StandardPipeline.invokeNext(Unknown Source) at
> org.apache.catalina.core.StandardPipeline.invoke(Unknown Source) at
> org.apache.catalina.core.ContainerBase.invoke(Unknown Source) at
> org.apache.catalina.core.StandardEngineValve.invoke(Unknown Source) at
> org.apache.catalina.core.StandardPipeline.invokeNext(Unknown Source) at
> org.apache.catalina.core.StandardPipeline.invoke(Unknown Source) at
> org.apache.catalina.core.ContainerBase.invoke(Unknown Source) at
> org.apache.catalina.connector.http.HttpProcessor.process(Unknown Source)
>
> at org.apache.catalina.connector.http.HttpProcessor.run(Unknown Source)
> at java.lang.Thread.run(Thread.java:484)
> com.jcorporate.expresso.core.controller.ControllerException:
> com.ebind.twizard.controller.WIZARD_ORGANIZATIONCntrl.browse(ControllerR
> equest, ControllerResponse)(com.ebind.twizard.dbobj.WIZARD_ORGANIZATION)
>
> Error Filtering Field: ORGLEVEL4NAME(B&G|standardFilter):null at
> com.ebind.twizard.controller.WIZARD_ORGANIZATIONCntrl.browse(WIZARD_ORGA
> NIZATIONCntrl.java:738) at
> com.ebind.twizard.controller.WIZARD_ORGANIZATIONCntrl.runPromptBrowseWIZ
> ARD_ORGANIZATIONState(WIZARD_ORGANIZATIONCntrl.java:609) at
> java.lang.reflect.Method.invoke(Native Method) at
> com.jcorporate.expresso.core.controller.Controller.newState(Controller.j
> ava:540) at
> com.jcorporate.expresso.core.controller.Controller.perform(Controller.ja
> va:703) at
> org.apache.struts.action.ActionServlet.processActionPerform(ActionServle
> t.java:1786) at
> org.apache.struts.action.ActionServlet.process(ActionServlet.java:1585)
> at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:491)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:740) at
> javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Unknown
>
> Source) at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(Unknown Source)
>
> at org.apache.catalina.core.StandardWrapperValve.invoke(Unknown Source)
> at org.apache.catalina.core.StandardPipeline.invokeNext(Unknown Source)
> at org.apache.catalina.core.StandardPipeline.invoke(Unknown Source) at
> org.apache.catalina.core.ContainerBase.invoke(Unknown Source) at
> org.apache.catalina.core.StandardContextValve.invoke(Unknown Source) at
> org.apache.catalina.core.StandardPipeline.invokeNext(Unknown Source) at
> org.apache.catalina.core.StandardPipeline.invoke(Unknown Source) at
> org.apache.catalina.core.ContainerBase.invoke(Unknown Source) at
> org.apache.catalina.core.StandardContext.invoke(Unknown Source) at
> org.apache.catalina.core.StandardHostValve.invoke(Unknown Source) at
> org.apache.catalina.core.StandardPipeline.invokeNext(Unknown Source) at
> org.apache.catalina.valves.AccessLogValve.invoke(Unknown Source) at
> org.apache.catalina.core.StandardPipeline.invokeNext(Unknown Source) at
> org.apache.catalina.core.StandardPipeline.invoke(Unknown Source) at
> org.apache.catalina.core.ContainerBase.invoke(Unknown Source) at
> org.apache.catalina.core.StandardEngineValve.invoke(Unknown Source) at
> org.apache.catalina.core.StandardPipeline.invokeNext(Unknown Source) at
> org.apache.catalina.core.StandardPipeline.invoke(Unknown Source) at
> org.apache.catalina.core.ContainerBase.invoke(Unknown Source) at
> org.apache.catalina.connector.http.HttpProcessor.process(Unknown Source)
>
> at org.apache.catalina.connector.http.HttpProcessor.run(Unknown Source)
> at java.lang.Thread.run(Thread.java:484)
>
>
>
>
>
> _______________________________________________
> Opensource mailing list
> Opensource at jcorporate.com
> http://mail.jcorporate.com/mailman/listinfo/opensource
> Archives: http://mail.jcorporate.com/pipermail/opensource/
>
> _______________________________________________
> Opensource mailing list
> Opensource at jcorporate.com
> http://mail.jcorporate.com/mailman/listinfo/opensource
> Archives: http://mail.jcorporate.com/pipermail/opensource/
>