Closed
Bug 13546
Opened 25 years ago
Closed 24 years ago
JDAPFilterOpers.java throws StringIndexOutOfBoundsException
Categories
(Directory :: LDAP Java SDK, defect, P3)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: thiel, Assigned: miodrag)
References
()
Details
The PhoneList servlet queries our LDAP server using the text in the "Find" box to create the filter. When the filter includes a backslash character, the JDAPFilterOpers.getByteValues method tries to covert the characters after the backslash as a hex value. If the filter ends with a backslash character, the getByteValues method throws: [Fri Sep 10 10:39:57 EDT 1999] (default) : ServletExec: the service method of PhoneList threw an exception: java.lang.StringIndexOutOfBoundsException: String index out of range: 6 [Fri Sep 10 10:39:57 EDT 1999] (default) : java.lang.StringIndexOutOfBoundsException: String index out of range: 6 [Fri Sep 10 10:39:57 EDT 1999] (default) : at java.lang.Throwable.(Compiled Code) [Fri Sep 10 10:39:57 EDT 1999] (default) : at java.lang.Exception.(Compiled Code) [Fri Sep 10 10:39:57 EDT 1999] (default) : at java.lang.RuntimeException.(Compiled Code) [Fri Sep 10 10:39:57 EDT 1999] (default) : at java.lang.IndexOutOfBoundsException.(IndexOutOfBoundsException.java:47) [Fri Sep 10 10:39:57 EDT 1999] (default) : at java.lang.StringIndexOutOfBoundsException.(StringIndexOutOfBoundsException.java: 59) [Fri Sep 10 10:39:57 EDT 1999] (default) : at java.lang.String.substring(Compiled Code) [Fri Sep 10 10:39:57 EDT 1999] (default) : at netscape.ldap.client.JDAPFilterOpers.getByteValues(Compiled Code) [Fri Sep 10 10:39:57 EDT 1999] (default) : at netscape.ldap.client.JDAPFilterOpers.getOctetString(Compiled Code) [Fri Sep 10 10:39:57 EDT 1999] (default) : at netscape.ldap.client.JDAPFilterSubString.getBERElement(Compiled Code) [Fri Sep 10 10:39:57 EDT 1999] (default) : at netscape.ldap.client.JDAPFilterSet.getBERElement(Compiled Code) [Fri Sep 10 10:39:57 EDT 1999] (default) : at netscape.ldap.client.opers.JDAPSearchRequest.getBERElement(Compiled Code) [Fri Sep 10 10:39:57 EDT 1999] (default) : at netscape.ldap.client.JDAPMessage.write(Compiled Code) [Fri Sep 10 10:39:57 EDT 1999] (default) : at netscape.ldap.LDAPConnThread.sendRequest(Compiled Code) [Fri Sep 10 10:39:57 EDT 1999] (default) : at netscape.ldap.LDAPConnection.sendRequest(Compiled Code) [Fri Sep 10 10:39:57 EDT 1999] (default) : at netscape.ldap.LDAPConnection.search(Compiled Code) [Fri Sep 10 10:39:57 EDT 1999] (default) : at netscape.ldap.LDAPConnection.search(Compiled Code) [Fri Sep 10 10:39:57 EDT 1999] (default) : at PhoneList.service(Compiled Code) [Fri Sep 10 10:39:57 EDT 1999] (default) : at javax.servlet.http.HttpServlet.service(Compiled Code) I believe that since the substring method calls in the getByteValues method do not check for any index being beyond the length of the string, the exception is thrown.
Updated•25 years ago
|
Assignee: mcs → miodrag
JDAPFilterOpers.getByteValues(String str) is now catching the StringIndexOutOfBoundsException and converting it into IllegalArgumentException("Bad search filter"). The IllegalArgumentException is in turn caught by LDAPConnection.sendRequest() and returned to the user as LDAPException.PARAM_ERROR. The fix has been checked in 05-06-00. Checking in ldapjdk/netscape/ldap/client/JDAPFilterOpers.java; /cvsroot/mozilla/directory/java-sdk/ldapjdk/netscape/ldap/client/JDAPFilterOpers .java,v <-- JDAPFilterOpers.java new revision: 1.4; previous revision: 1.3
Status: ASSIGNED → RESOLVED
Closed: 24 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•