Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Resteasy Reactive incorrectly handles broken accept header #36159

Closed
thomasdarimont opened this issue Sep 26, 2023 · 1 comment · Fixed by #36160
Closed

Resteasy Reactive incorrectly handles broken accept header #36159

thomasdarimont opened this issue Sep 26, 2023 · 1 comment · Fixed by #36160
Labels
area/rest kind/bug Something isn't working
Milestone

Comments

@thomasdarimont
Copy link
Contributor

Describe the bug

A "broken" MIME-type triggers an StringIndexOutOfBoundsException from MediaTypeHeaderDelegate.parse(..) instead of the more suitable IllegalArgumentException.

Example: "Accept: x; /x"

Expected behavior

IllegalArgumentExcpetion should be thrown for an input like "Accept: x; /x"

Actual behavior

StringIndexOutOfBoundsException is thrown for an input like "Accept: x; /x"

How to Reproduce?

See the code in this reproducer: https://gist.github.com/thomasdarimont/cd81991674357220510bbb732d5f517f

Output of uname -a or ver

Linux xxx 6.4.15-100.fc37.x86_64 #1 SMP PREEMPT_DYNAMIC Thu Sep 7 00:23:27 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux

Output of java -version

openjdk version "17.0.6" 2023-01-17 OpenJDK Runtime Environment Temurin-17.0.6+10 (build 17.0.6+10) OpenJDK 64-Bit Server VM Temurin-17.0.6+10 (build 17.0.6+10, mixed mode, sharing)

GraalVM version (if different from Java)

No response

Quarkus version or git rev

b815ca5

Build tool (ie. output of mvnw --version or gradlew --version)

Apache Maven 3.9.4

Additional information

No response

@thomasdarimont thomasdarimont added the kind/bug Something isn't working label Sep 26, 2023
@quarkus-bot
Copy link

quarkus-bot bot commented Sep 26, 2023

/cc @FroMage (resteasy-reactive), @geoand (resteasy-reactive), @stuartwdouglas (resteasy-reactive)

thomasdarimont added a commit to thomasdarimont/quarkus that referenced this issue Sep 26, 2023
…gate.parse(..) within resteasy-reactive

Previously, a "broken" MIME-type in an access header could trigger an StringIndexOutOfBoundsException during MediaTypeHeaderDelegate.parse(..) instead of the more suitable IllegalArgumentException.

Example: "Accept: x; /x"

This PR now throws an IllegalArgumentException in case of a broken MIME-type like in the example.

Fixes quarkusio#36159
thomasdarimont added a commit to thomasdarimont/quarkus that referenced this issue Sep 26, 2023
…gate.parse(..) within resteasy-reactive

Previously, a "broken" MIME-type in an access header could trigger an StringIndexOutOfBoundsException during MediaTypeHeaderDelegate.parse(..) instead of the more suitable IllegalArgumentException.

Example: "Accept: x; /x"

This PR now throws an IllegalArgumentException in case of a broken MIME-type like in the example.

Fixes quarkusio#36159
geoand added a commit that referenced this issue Sep 26, 2023
…ly-handle-broken-accept-header-resteasy-reactive

Improve handling of broken accept headers in MediaTypeHeaderDelegate
@quarkus-bot quarkus-bot bot added this to the 3.5 - main milestone Sep 26, 2023
@gsmet gsmet modified the milestones: 3.5 - main, 3.4.2 Oct 3, 2023
gsmet pushed a commit to gsmet/quarkus that referenced this issue Oct 3, 2023
…gate.parse(..) within resteasy-reactive

Previously, a "broken" MIME-type in an access header could trigger an StringIndexOutOfBoundsException during MediaTypeHeaderDelegate.parse(..) instead of the more suitable IllegalArgumentException.

Example: "Accept: x; /x"

This PR now throws an IllegalArgumentException in case of a broken MIME-type like in the example.

Fixes quarkusio#36159

(cherry picked from commit 84d6c5d)
gsmet pushed a commit to gsmet/quarkus that referenced this issue Oct 3, 2023
…gate.parse(..) within resteasy-reactive

Previously, a "broken" MIME-type in an access header could trigger an StringIndexOutOfBoundsException during MediaTypeHeaderDelegate.parse(..) instead of the more suitable IllegalArgumentException.

Example: "Accept: x; /x"

This PR now throws an IllegalArgumentException in case of a broken MIME-type like in the example.

Fixes quarkusio#36159

(cherry picked from commit 84d6c5d)
@aloubyansky aloubyansky modified the milestones: 3.4.2, 3.2.8.Final Nov 2, 2023
aloubyansky pushed a commit to aloubyansky/quarkus that referenced this issue Nov 2, 2023
…gate.parse(..) within resteasy-reactive

Previously, a "broken" MIME-type in an access header could trigger an StringIndexOutOfBoundsException during MediaTypeHeaderDelegate.parse(..) instead of the more suitable IllegalArgumentException.

Example: "Accept: x; /x"

This PR now throws an IllegalArgumentException in case of a broken MIME-type like in the example.

Fixes quarkusio#36159

(cherry picked from commit 84d6c5d)
holly-cummins pushed a commit to holly-cummins/quarkus that referenced this issue Feb 8, 2024
…gate.parse(..) within resteasy-reactive

Previously, a "broken" MIME-type in an access header could trigger an StringIndexOutOfBoundsException during MediaTypeHeaderDelegate.parse(..) instead of the more suitable IllegalArgumentException.

Example: "Accept: x; /x"

This PR now throws an IllegalArgumentException in case of a broken MIME-type like in the example.

Fixes quarkusio#36159
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
area/rest kind/bug Something isn't working
Projects
None yet
Development

Successfully merging a pull request may close this issue.

3 participants