1600900 – [GSS](6.4.z) StackOverflowError due to the bug XERCESJ-589

Bug 1600900 - [GSS](6.4.z) StackOverflowError due to the bug XERCESJ-589

Summary: [GSS](6.4.z) StackOverflowError due to the bug XERCESJ-589

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	JBoss Enterprise Application Platform 6
Classification:	JBoss
Component:	XML Frameworks
Sub Component:
Version:	6.4.20
Hardware:	All
OS:	All
Priority:	unspecified
Severity:	high
Target Milestone:	CR1
Target Release:	EAP 6.4.21
Assignee:	jboss-set
QA Contact:	Peter Mackay
Docs Contact:	eap-docs
URL:
Whiteboard:
Depends On:
Blocks:	eap6421-payload 1602226 1602536
TreeView+	depends on / blocked

Reported:	2018-07-13 10:29 UTC by Lami Akagwu
Modified:	2021-12-10 16:38 UTC (History)
CC List:	6 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Clones:	1602536 (view as bug list)
Environment:
Last Closed:	2019-08-19 12:43:06 UTC
Type:	Bug
Embargoed:

Attachments	(Terms of Use)
reproducer (16.53 KB, application/zip) 2018-07-13 10:29 UTC, Lami Akagwu	no flags	Details
View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Issue Tracker	JBPAPP-9156	0	Major	Closed	Fix XERCESJ-589 in JBoss EAP 5.1.x	2020-04-01 02:55:14 UTC
Red Hat Knowledge Base (Solution)	3528391	0	None	None	None	2018-07-13 10:31:08 UTC

Description Lami Akagwu 2018-07-13 10:29:15 UTC

Created attachment 1458695 [details]
reproducer

Description of problem:
 application server crashes with a StackOverflowError due to a bug in the xerces library  (xercesImpl-2.9.1.redhat-6.jar) which is integrated into 
The issue is well known as XERCESJ-589 (https://issues.apache.org/jira/browse/XERCESJ-589) and  arises  during validation of XML data containing long strings.  

Version-Release number of selected component (if applicable):
EAP 6.4.20.

How reproducible:

Always

Steps to Reproduce:
1. Deploy attachment in EAP 6.4.x instance
2. Boot up EAP 6.4.x
3.

Actual results:
EAP logs contains
11:20:17,546 INFO  [org.jboss.as.ejb3.deployment.processors.EjbJndiBindingsDeploymentUnitProcessor] (MSC service thread 1-5) JNDI bindings for session bean named XMLValidationTest in deployment unit subdeployment "ejb_pack_1.jar" of deployment "Reproducer.ear" are as follows:

	java:global/testApp/ejb_pack_1/XMLValidationTest!framework.application.XMLValidationTest
	java:app/ejb_pack_1/XMLValidationTest!framework.application.XMLValidationTest
	java:module/XMLValidationTest!framework.application.XMLValidationTest
	java:global/testApp/ejb_pack_1/XMLValidationTest
	java:app/ejb_pack_1/XMLValidationTest
	java:module/XMLValidationTest

11:20:17,806 FATAL [framework.application.XMLValidationTest] (ServerService Thread Pool -- 50) Error: java.lang.StackOverflowError
	at org.apache.xerces.impl.xpath.regex.REUtil.isHighSurrogate(REUtil.java:40)
	at org.apache.xerces.impl.xpath.regex.RegularExpression.matchString(RegularExpression.java:1667)
	at org.apache.xerces.impl.xpath.regex.RegularExpression.matchString(RegularExpression.java:1879)
	at org.apache.xerces.impl.xpath.regex.RegularExpression.matchString(RegularExpression.java:1905)
	at org.apache.xerces.impl.xpath.regex.RegularExpression.matchString(RegularExpression.java:1879)
	at org.apache.xerces.impl.xpath.regex.RegularExpression.matchString(RegularExpression.java:1905)


Expected results:
Successful validation

Additional info:

Works in EAP 7.1.3
Initially fixed in EAP 5.2. ref https://issues.jboss.org/browse/JBPAPP-9156

Note You need to log in before you can comment on or make changes to this bug.