You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Description
class: org.eclipse.jetty.util.CharsetStringBuilder.Iso88591StringBuilder
method: public void append(CharSequence chars, int offset, int length)
The Iso88591StringBuilder.append method:
@Override
public void append(CharSequence chars, int offset, int length)
{
_builder.append(chars, offset, length);
}
calls _builder.append(chars, offset, length) where _builder is a java java.lang.StringBuilder.
The formal parameters to StringBuilder.append are:
* @param s the sequence to append.
* @param start the starting index of the subsequence to be appended.
* @param end the end index of the subsequence to be appended.
Note that the end parameter is not correct. It expects offset + length instead of length.
This creates an java.lang.IndexOutOfBoundsException: start 109, end 0, length 241 (for example)
So the Iso88591StringBuilder.append method should be fixed to:
_builder.append(chars, offset, offset + length);
This is called by
class: org.eclipse.jetty.util.UrlEncoded
method: public static String decodeString(String encoded, int offset, int length, Charset charset)
line: 800 (and many others)
buffer = CharsetStringBuilder.forCharset(charset); // line 799
buffer.append(encoded, offset, i); // line 800
Line 799 instantiates a Iso88591StringBuilder.
Line 800 calls buffer.append
The actual parameters to buffer.append are:
encoded: the string
offset: start position in encoded
i: the character index after offset (i.e. 0, 1, 2 ...)
How to reproduce?
Any url encoded request using Iso88591
The text was updated successfully, but these errors were encountered:
cquezel
changed the title
UrlEncoded.decodeString seems to have a logic error
Iso88591StringBuilderappend seems to have a logic error
Aug 24, 2023
cquezel
changed the title
Iso88591StringBuilderappend seems to have a logic error
Iso88591StringBuilder.append seems to have a logic error
Aug 24, 2023
Jetty version(s)
10.0.5, 11.0.5, 12.0.0
Jetty Environment
all
Java version/vendor
N/A
OS type/version
N/A
Description
class: org.eclipse.jetty.util.CharsetStringBuilder.Iso88591StringBuilder
method: public void append(CharSequence chars, int offset, int length)
The Iso88591StringBuilder.append method:
calls _builder.append(chars, offset, length) where _builder is a java java.lang.StringBuilder.
The formal parameters to StringBuilder.append are:
Note that the end parameter is not correct. It expects offset + length instead of length.
This creates an java.lang.IndexOutOfBoundsException: start 109, end 0, length 241 (for example)
So the Iso88591StringBuilder.append method should be fixed to:
This is called by
class: org.eclipse.jetty.util.UrlEncoded
method: public static String decodeString(String encoded, int offset, int length, Charset charset)
line: 800 (and many others)
Line 799 instantiates a Iso88591StringBuilder.
Line 800 calls buffer.append
The actual parameters to buffer.append are:
encoded: the string
offset: start position in encoded
i: the character index after offset (i.e. 0, 1, 2 ...)
How to reproduce?
Any url encoded request using Iso88591
The text was updated successfully, but these errors were encountered: