StringIndexOutOfBoundsException or IllegalArgumentException on EAP 7 from io.undertow.util.URLUtils.decode
Issue
We see some POST requests fail with "UT005023 Exception handling request" due to StringIndexOutOfBoundsException
or IllegalArgumentException
after moving to EAP 7 from EAP 6 or Tomcat.
For example: when sending the request like:
$ curl -v http://localhost:8080/test/ -d "foo=%"
The following StringIndexOutOfBoundsException
happens in EAP 7.2.2 or before:
java.lang.StringIndexOutOfBoundsException: String index out of range: 1
at java.lang.String.charAt(String.java:658)
at io.undertow.util.URLUtils.decode(URLUtils.java:132)
at io.undertow.util.URLUtils.decode(URLUtils.java:78)
at io.undertow.server.handlers.form.FormEncodedDataDefinition$FormEncodedDataParser.doParse(FormEncodedDataDefinition.java:186)
at io.undertow.server.handlers.form.FormEncodedDataDefinition$FormEncodedDataParser.parseBlocking(FormEncodedDataDefinition.java:252)
at io.undertow.servlet.spec.HttpServletRequestImpl.parseFormData(HttpServletRequestImpl.java:832)
at io.undertow.servlet.spec.HttpServletRequestImpl.getParameterMap(HttpServletRequestImpl.java:785)
and the following IllegalArgumentException
happens in EAP 7.2.3 and 7.2.4:
Caused by: java.lang.IllegalArgumentException: UT000072: Failed to decode url % to charset ISO-8859-1
at io.undertow.util.URLUtils.decode(URLUtils.java:139)
at io.undertow.util.URLUtils.decode(URLUtils.java:83)
at io.undertow.server.handlers.form.FormEncodedDataDefinition$FormEncodedDataParser.doParse(FormEncodedDataDefinition.java:202)
at io.undertow.server.handlers.form.FormEncodedDataDefinition$FormEncodedDataParser.parseBlocking(FormEncodedDataDefinition.java:252)
at io.undertow.servlet.spec.HttpServletRequestImpl.parseFormData(HttpServletRequestImpl.java:835)
at io.undertow.servlet.spec.HttpServletRequestImpl.getParameterNames(HttpServletRequestImpl.java:734)
at org.apache.jsp.index_jsp._jspService(index_jsp.java:223)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:791)
at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:433)
... 46 more
Environment
- JBoss Enterprise Application Platform (EAP) 7.x
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.