Uploaded image for project: 'Hippo Repository'
  1. Hippo Repository
  2. REPO-2178

Throw MalformedPathException instead of StringIndexOutOfBoundException exception in case of invalid xpath

    XMLWordPrintable

    Details

    • Similar issues:
    • Flagged:
      Flagged

      Description

      calling url like https://localhost:8080/site/binaries/versions%5B'2%5D/file causes following error:

      ava.lang.StringIndexOutOfBoundsException: String index out of range: <some number>
      [INFO] [talledLocalContainer] 	at java.lang.String.substring(String.java:1963) ~[?:1.8.0_191]
      [INFO] [talledLocalContainer] 	at org.hippoecm.repository.jackrabbit.HippoPathParser.parse(HippoPathParser.java:397) ~[hippo-repository-engine-5.6.1.jar:5.6.1]
      [INFO] [talledLocalContainer] 	at org.hippoecm.repository.jackrabbit.HippoPathParser.parse(HippoPathParser.java:177) ~[hippo-repository-engine-5.6.1.jar:5.6.1]
      [INFO] [talledLocalContainer] 	at org.hippoecm.repository.jackrabbit.HippoPathParser.parse(HippoPathParser.java:149) ~[hippo-repository-engine-5.6.1.jar:5.6.1]
      [INFO] [talledLocalContainer] 	at org.hippoecm.repository.jackrabbit.HippoPathParser.parse(HippoPathParser.java:68) ~[hippo-repository-engine-5.6.1.jar:5.6.1]
      [INFO] [talledLocalContainer] 	at org.hippoecm.repository.jackrabbit.HippoCachingPathResolver.getQPath(HippoCachingPathResolver.java:53) ~[hippo-repository-engine-5.6.1.jar:5.6.1]
      [INFO] [talledLocalContainer] 	at org.hippoecm.repository.jackrabbit.HippoNamePathResolver.getQPath(HippoNamePathResolver.java:61) ~[hippo-repository-engine-5.6.1.jar:5.6.1]
      [INFO] [talledLocalContainer] 	at org.apache.jackrabbit.core.SessionImpl.getQPath(SessionImpl.java:654) ~[jackrabbit-core-2.16.2-h3.jar:2.16.2-h3]
      [INFO] [talledLocalContainer] 	at org.apache.jackrabbit.core.session.SessionContext.getQPath(SessionContext.java:338) ~[jackrabbit-core-2.16.2-h3.jar:2.16.2-h3]
      [INFO] [talledLocalContainer] 	at org.apache.jackrabbit.core.session.SessionItemOperation.perform(SessionItemOperation.java:185) ~[jackrabbit-core-2.16.2-h3.jar:2.16.2-h3]
      [INFO] [talledLocalContainer] 	at org.apache.jackrabbit.core.session.SessionState.perform(SessionState.java:216) ~[jackrabbit-core-2.16.2-h3.jar:2.16.2-h3]
      [INFO] [talledLocalContainer] 	at org.apache.jackrabbit.core.SessionImpl.perform(SessionImpl.java:367) ~[jackrabbit-core-2.16.2-h3.jar:2.16.2-h3]
      [INFO] [talledLocalContainer] 	at org.apache.jackrabbit.core.SessionImpl.getItem(SessionImpl.java:830) ~[jackrabbit-core-2.16.2-h3.jar:2.16.2-h3]
      [INFO] [talledLocalContainer] 	at org.hippoecm.repository.decorating.SessionDecorator.getItem(SessionDecorator.java:168) ~[hippo-repository-connector-5.6.1.jar:5.6.1]
      [INFO] [talledLocalContainer] 	at sun.reflect.GeneratedMethodAccessor220.invoke(Unknown Source) ~[?:?]
      [INFO] [talledLocalContainer] 	at sun.reflect.DelegatingMethodAccessorImpl.__invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_191]
      [INFO] [talledLocalContainer] 	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:45009) ~[?:1.8.0_191]
      [INFO] [talledLocalContainer] 	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:45012) ~[?:1.8.0_191]
      [INFO] [talledLocalContainer] 	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_191]
      [INFO] [talledLocalContainer] 	at org.hippoecm.hst.core.jcr.pool.util.ProxyFactory$ReflectionInvocation.proceed(ProxyFactory.java:199) ~[hst-session-pool-5.6.1.jar:5.6.1]
      [INFO] [talledLocalContainer] 	at 
      

      The reason is a single quote within square brackets that is not matched: ['2]

      We probably should "sanitize" url in those cases (in any case prevent index out of range exception)

        Attachments

          Activity

            People

            • Assignee:
              clientserviceteam Client Service Team
              Reporter:
              mmilicevic Marijan Milicevic
              Owner:
              Hippo Helpdesk
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: