Loading ...
Sorry, an error occurred while loading the content.

expat parse error causes call stack corruption

Expand Messages
  • kgoess
    We ve just run into this problem using SOAP::Lite 0.60 on Apache 1.33 on Perl 5.8.6 using SOAP::Transport::HTTP::Apache and dispatch_with handlers. When our
    Message 1 of 2 , May 3 5:29 PM
    • 0 Attachment
      We've just run into this problem using SOAP::Lite 0.60 on Apache
      1.33 on Perl 5.8.6 using SOAP::Transport::HTTP::Apache and
      dispatch_with handlers.

      When our application receives a POST with malformed XML it returns a
      soap fault with a "not well-formed (invalid token)" error from
      XML::Parser.

      But when the next hit comes in to that apache process, our method
      call is given the parameters from the SOAP call we got *before* the
      one with the bad xml.

      So if the client hits our server with

      mymethod('tiger','woods')
      mymethod(junk xml ...)
      mymethod('arnold','palmer')

      our logs clearly show "arnold palmer" in the incoming xml, but our
      function is called with "tiger woods".

      Has anybody else seen this? Is it a known problem? Is there a
      workaround?
    • kgoess
      It s a definite bug in 0.60 and 0.60a and I see it s been fixed in 0.65_3. If a parse failure occurs the SOAP::Parser doesn t clear its state before the next
      Message 2 of 2 , May 4 4:59 PM
      • 0 Attachment
        It's a definite bug in 0.60 and 0.60a and I see it's been fixed in
        0.65_3.

        If a parse failure occurs the SOAP::Parser doesn't clear its state
        before the next parse, so you're going to get the results of the
        previous parse.

        Below is the fix for 0.60a and demonstration code.


        --- lib/SOAP/Lite.pm.orig 2005-05-04 16:52:00.810619056 -0700
        +++ lib/SOAP/Lite.pm 2005-05-04 16:52:33.903588160 -0700
        @@ -1283,21 +1283,28 @@
        sub decode { SOAP::Trace::trace('()');
        my $self = shift;

        $self->parser->setHandlers(
        Final => sub { shift; $self->final(@_) },
        Start => sub { shift; $self->start(@_) },
        End => sub { shift; $self->end(@_) },
        Char => sub { shift; $self->char(@_) },
        ExternEnt => sub { shift; die "External entity (pointing to
        '$_[1]') is not allowed" },
        );
        - my $parsed = $self->parser->parse($_[0]);
        + #my $parsed = $self->parser->parse($_[0]);
        + #need to clear values on parse failure
        + my $parsed;
        + eval { $parsed = $self->parser->parse($_[0])};
        + if ($@) {
        + undef $self->{_values};
        + }
        +
        return $parsed;
        }


        -----------------------------------------
        use SOAP::Lite;

        package MySOAPServer;

        sub myMethod {
        print "got '$_[1]'\n";
        }

        package main;

        my $s = SOAP::Server->new-> dispatch_with(
        { 'urn:kgtest' => 'MySOAPServer',});

        my $xml = <<EOL;
        <Envelope>
        <Body>
        <namesp1:myMethod xmlns:namesp1="urn:kgtest">
        <delivery>tiger woods</delivery>
        </namesp1:myMethod>
        </Body>
        </Envelope>
        EOL

        $s->handle($xml); #prints "got 'tiger woods'"

        $s->handle('<junk><<');

        $xml =~ s/tiger woods/arnold palmer/;

        $s->handle($xml); #prints "got 'tiger woods'" *again*
      Your message has been successfully submitted and would be delivered to recipients shortly.