Description of problem: Internal Server Erroris thrown when trying to access http://<URL>/ks/dist. In the past (on Satellite 4.x), this URL would at least give you a "page not found"..apparently it was protecting those areas of the tree...but, now it throws an ISE. It should handle the url more gracefully and display a readable page (permission denied etc.) instead of ISE + traceback with java.lang.ArrayIndexOutOfBoundsException catalina.out shows: 2010-05-24 17:04:18,936 [TP-Processor1] ERROR com.redhat.rhn.frontend.servlets.SessionFilter - Error during transaction. Rolling back javax.servlet.ServletException: Array index out of range: 2 at org.apache.struts.action.RequestProcessor.processException(RequestProcessor.java:535) at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:433) at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:237) at com.redhat.rhn.frontend.struts.RhnRequestProcessor.process(RhnRequestProcessor.java:82) at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196) ... Caused by: java.lang.ArrayIndexOutOfBoundsException: Array index out of range: 2 at com.redhat.rhn.frontend.action.common.DownloadFile.parseDistUrl(DownloadFile.java:158) at com.redhat.rhn.frontend.action.common.DownloadFile.handleKickstartDownload(DownloadFile.java:184) at com.redhat.rhn.frontend.action.common.DownloadFile.execute(DownloadFile.java:100) at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:431) ... 40 more 2010-05-24 17:04:18,943 [TP-Processor1] ERROR org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/rhn].[action] - Servlet.service() for servlet action threw exception java.lang.ArrayIndexOutOfBoundsException: Array index out of range: 2 at com.redhat.rhn.frontend.action.common.DownloadFile.parseDistUrl(DownloadFile.java:158) at com.redhat.rhn.frontend.action.common.DownloadFile.handleKickstartDownload(DownloadFile.java:184) at com.redhat.rhn.frontend.action.common.DownloadFile.execute(DownloadFile.java:100) at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:431) at ... Version-Release number of selected component (if applicable): Red Hat Network (RHN) Satellite 5.3.0 How reproducible: Always. Steps to Reproduce: 1. try to access http://<5.3 satellite fqdn>/ks/dist Actual results: ISE and traceback + above stacktrace in catalina.out Expected results: A readable page on UI explaining page cannot be accessed, no traceback or stacktrace in catalina.out Additional info:
Proposed fix is to add checks for url validity in spacewalk-java-0.5.44/code/src/com/redhat/rhn/frontend/action/common/DownloadFile.java below. For example /ks/dist would not have split[2], resulting in ArrayIndexOutOfBoundsException. ... public static Map<String, String> parseDistUrl(String url) { Map<String, String> ret = new HashMap<String, String>(); if (url.charAt(0) == '/') { url = url.substring(1); } String[] split = url.split("/"); int labelPos = 2; if (split[2].equals("org")) { ret.put("orgId", split[3]); labelPos = 4; } ..
Fixed in master: ff77e9b12ac95fb2bd0a31cc3ea07f1c03b3279b Throws a file not found error now.
verified in stage
The 5.4.0 RHN Satellite and RHN Proxy release has occurred. This issue has been resolved with this release. RHEA-2010:0801 - RHN Satellite Server 5.4.0 Upgrade https://rhn.redhat.com/rhn/errata/details/Details.do?eid=10332 RHEA-2010:0803 - RHN Tools enhancement update https://rhn.redhat.com/rhn/errata/details/Details.do?eid=10333 RHEA-2010:0802 - RHN Proxy Server 5.4.0 bug fix update https://rhn.redhat.com/rhn/errata/details/Details.do?eid=10334 RHEA-2010:0800 - RHN Satellite Server 5.4.0 https://rhn.redhat.com/rhn/errata/details/Details.do?eid=10335 Docs are available: http://docs.redhat.com/docs/en-US/Red_Hat_Network_Satellite/index.html Regards, Clifford