Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Limit auto grow collection size when using SpEL [SPR-10229] #14862

Closed
spring-projects-issues opened this issue Jan 29, 2013 · 0 comments
Closed

Limit auto grow collection size when using SpEL [SPR-10229] #14862

spring-projects-issues opened this issue Jan 29, 2013 · 0 comments
Assignees
Labels
in: core type: enhancement
Milestone

Comments

@spring-projects-issues
Copy link
Collaborator

@spring-projects-issues spring-projects-issues commented Jan 29, 2013

Jakub Milkiewicz opened SPR-10229 and commented

Hi

Some time ago when working with Spring Webflow project i bumped into a nasty bug related to spring data binding when using Spring EL and setting SpelParserConfiguration#autoGrowCollections to true.
Since SpEL is used for data binding, malicious user can easily modify
HTML/intercept HTTP request so collection property in form bean will be extended to user provided value. It can easily result in OutOfMemory.
Originally i created a jira issue for SWF but since the root of the problem is SpEL i was asked to create jira here.
For more details please look at https://jira.springsource.org/browse/SWF-1566


Issue Links:

  • SWF-1566 Spring expression language auto grow collections size limit ("is depended on by")
  • #12498 DataBinder should be able to define a different strategy for BeanWrapperImpl how autogrowing should handle gaps in collection properties

Referenced from: commits 1cc58e0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
in: core type: enhancement
Projects
None yet
Development

No branches or pull requests

2 participants