[ICE-3043] dispatcher forwarding loop - ICEsoft JIRA Issue Tracker

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 1.7
Fix Version/s: 1.7.1
Component/s: Framework
Labels:
None
Environment:
ICEfaces

Description

Fetching the URL

http://localhost:8080/auctionMonitor/auctionMonitor.jspx

causes extremely hight CPU consumption, possibly until the maximum stack depth is reached.

This could be used as a denial of service attack. Other DOS attacks on ICEfaces are possible, but this one is particularly inexpensive for the attacker because a single HTTP request causes significant CPU load.

Activity

Ascending order - Click to sort in descending order

Ted Goddard created issue - 01/May/08 4:11 PM

Ted Goddard made changes - 01/May/08 4:29 PM

Field	Original Value	New Value
Assignee		Ken Fyten [ ken.fyten ]

Ken Fyten made changes - 02/May/08 4:03 PM

Fix Version/s		1.7.1 [ 10122 ]
Assignee Priority		P2
Assignee	Ken Fyten [ ken.fyten ]	Mircea Toma [ mircea.toma ]
Priority	Major [ 3 ]	Critical [ 2 ]

Hide

Permalink

Mircea Toma added a comment - 06/May/08 12:11 PM

It looks like D2DViewHandler will delegate *.jspx pages to Sun RI handler which triggers a forward to the same page, thus going into an infinite loop.

Show

Mircea Toma added a comment - 06/May/08 12:11 PM It looks like D2DViewHandler will delegate *.jspx pages to Sun RI handler which triggers a forward to the same page, thus going into an infinite loop.

Repository	Revision	Date	User	Message
ICEsoft Public SVN Repository	#16643	Wed May 14 15:24:05 MDT 2008	mircea.toma	Stop overridding the JSP compiler for *.jspx pages because Sun RI's ViewHandler relies on the JSP compiler to execute them. ~~ICE-3043~~
				Files Changed
				MODIFY /icefaces/branches/icefaces-1.7/icefaces/samples/tutorial/dragdrop2/web/WEB-INF/web.xml MODIFY /icefaces/branches/icefaces-1.7/icefaces/samples/tutorial/basicInputText/web/WEB-INF/web.xml MODIFY /icefaces/branches/icefaces-1.7/icefaces/samples/auctionMonitor/config/web.sunri.icefaces.ce.xml MODIFY /icefaces/branches/icefaces-1.7/icefaces/core/src/com/icesoft/faces/application/ProductInfo.java MODIFY /icefaces/branches/icefaces-1.7/icefaces/samples/tutorial/dragdrop1/web/WEB-INF/web.xml MODIFY /icefaces/branches/icefaces-1.7/icefaces/samples/tutorial/effects1/web/WEB-INF/web.xml MODIFY /icefaces/branches/icefaces-1.7/icefaces/samples/tutorial/effects2/web/WEB-INF/web.xml

Hide

Permalink

Mircea Toma added a comment - 14/May/08 4:26 PM

Stop overridding the JSP compiler for *.jspx pages because Sun RI's ViewHandler relies on the JSP compiler to execute them.

Commit #16642 for the trunk.

Show

Mircea Toma added a comment - 14/May/08 4:26 PM Stop overridding the JSP compiler for *.jspx pages because Sun RI's ViewHandler relies on the JSP compiler to execute them. Commit #16642 for the trunk.

Mircea Toma made changes - 14/May/08 4:26 PM

Status	Open [ 1 ]	Resolved [ 5 ]
Resolution		Fixed [ 1 ]

Ken Fyten made changes - 11/Jun/08 4:11 PM

Security

Private [ 10001 ]

Ken Fyten made changes - 11/Jun/08 4:48 PM

Priority

Critical [ 2 ]

Major [ 3 ]

Ken Fyten made changes - 07/Jul/08 12:40 PM

Status	Resolved [ 5 ]	Closed [ 6 ]
Assignee Priority	P2
Assignee	Mircea Toma [ mircea.toma ]

People

Assignee:

Unassigned

Reporter:

Ted Goddard

Votes:

0 Vote for this issue

Watchers:

0 Start watching this issue

Dates

Created:

01/May/08 4:11 PM

Updated:

07/Jul/08 12:40 PM

Resolved:

14/May/08 4:26 PM