Skip to content

FlashMapManager throws StringIndexOutOfBoundsException for empty target URL path #23240

New issue
New issue
Closed
Closed
FlashMapManager throws StringIndexOutOfBoundsException for empty target URL path#23240
Assignees
sbrannen
Labels
in: webIssues in web modules (web, webmvc, webflux, websocket)status: backportedAn issue that has been backported to maintenance branchestype: bugA general bug
Milestone
5.1.9
@pbluong

Description

@pbluong
pbluong
opened on Jul 5, 2019

Hello,

My project is currently using Spring MVC version 5.0.8.

Incidentally, I found a technical error relating to the library.

It is about the method decodeAndNormalizePath of the AbstractFlashMapManager class. If you look at the implementation, you can easily see that it is wrong. An empty path will pass the null check but fail to get the first character.

private String decodeAndNormalizePath(@Nullable String path, HttpServletRequest request) {
/* 231 */       if(path != null) {
/* 232 */          path = this.getUrlPathHelper().decodeRequestString(request, path);
/* 233 */          if(path.charAt(0) != 47) {
/* 234 */             String requestUri = this.getUrlPathHelper().getRequestUri(request);
/* 235 */             path = requestUri.substring(0, requestUri.lastIndexOf(47) + 1) + path;
/* 236 */             path = StringUtils.cleanPath(path);
/*     */          }      }
/*     */ 
/* 239 */       return path;
/*     */    }
org.apache.catalina.core.ApplicationDispatcher.invoke Servlet.service() for servlet [tnjs-servlet] threw exception
 java.lang.StringIndexOutOfBoundsException: String index out of range: 0
	at java.base/java.lang.StringLatin1.charAt(StringLatin1.java:44)
	at java.base/java.lang.String.charAt(String.java:704)
	at org.springframework.web.servlet.support.AbstractFlashMapManager.decodeAndNormalizePath(AbstractFlashMapManager.java:233)
	at org.springframework.web.servlet.support.AbstractFlashMapManager.saveOutputFlashMap(AbstractFlashMapManager.java:204)
	at org.springframework.web.servlet.support.RequestContextUtils.saveOutputFlashMap(RequestContextUtils.java:281)
	at org.springframework.web.servlet.view.RedirectView.renderMergedOutputModel(RedirectView.java:311)
	at org.springframework.web.servlet.view.AbstractView.render(AbstractView.java:314)
	at org.springframework.web.servlet.DispatcherServlet.render(DispatcherServlet.java:1325)
	at org.springframework.web.servlet.DispatcherServlet.processDispatchResult(DispatcherServlet.java:1069)
	at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1008)
	at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:925)
	at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:974)
	at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:866)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:635)
	at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:851)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)

Metadata

Metadata

Assignees

Labels

in: webIssues in web modules (web, webmvc, webflux, websocket)status: backportedAn issue that has been backported to maintenance branchestype: bugA general bug

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions