From e4d4fcf0300d40ca3a2062eee63f9b03279483ef Mon Sep 17 00:00:00 2001 From: Yuri Nesterenko Date: Fri, 8 Apr 2022 14:06:47 +0200 Subject: [PATCH] 8284548: Invalid XPath expression causes StringIndexOutOfBoundsException Reviewed-by: bae Backport-of: e58378a58e91bd10fc60031148b558230d43686f --- .../apache/xpath/internal/compiler/Lexer.java | 3 +- .../javax/xml/jaxp/XPath/InvalidXPath.java | 53 +++++++++++++++++++ 2 files changed, 54 insertions(+), 2 deletions(-) create mode 100644 jdk/test/javax/xml/jaxp/XPath/InvalidXPath.java diff --git a/jaxp/src/com/sun/org/apache/xpath/internal/compiler/Lexer.java b/jaxp/src/com/sun/org/apache/xpath/internal/compiler/Lexer.java index fa42d1a4a6..5c3e64d3ac 100644 --- a/jaxp/src/com/sun/org/apache/xpath/internal/compiler/Lexer.java +++ b/jaxp/src/com/sun/org/apache/xpath/internal/compiler/Lexer.java @@ -27,7 +27,6 @@ import java.util.Vector; import com.sun.org.apache.xalan.internal.res.XSLMessages; import com.sun.org.apache.xml.internal.utils.PrefixResolver; import com.sun.org.apache.xpath.internal.res.XPATHErrorResources; -import java.util.Objects; import javax.xml.transform.TransformerException; import jdk.xml.internal.XMLSecurityManager; import jdk.xml.internal.XMLSecurityManager.Limit; @@ -450,7 +449,7 @@ class Lexer * @return the next char */ private char peekNext(String s, int index) { - if (index >= 0 && s.length() > index) { + if (index >= 0 && index < s.length() - 1) { return s.charAt(index + 1); } return 0; diff --git a/jdk/test/javax/xml/jaxp/XPath/InvalidXPath.java b/jdk/test/javax/xml/jaxp/XPath/InvalidXPath.java new file mode 100644 index 0000000000..478f4212d5 --- /dev/null +++ b/jdk/test/javax/xml/jaxp/XPath/InvalidXPath.java @@ -0,0 +1,53 @@ +/* + * Copyright (c) 2022, SAP SE. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 8284548 + * @summary Test whether the expected exception is thrown when + * trying to compile an invalid XPath expression. + * @run main InvalidXPath + */ + +import javax.xml.xpath.XPathExpressionException; +import javax.xml.xpath.XPathFactory; + +public class InvalidXPath { + + public static void main(String... args) { + // define an invalid XPath expression + final String invalidXPath = ">>"; + + // expect XPathExpressionException when the invalid XPath expression is compiled + try { + XPathFactory.newInstance().newXPath().compile(invalidXPath); + } catch (XPathExpressionException e) { + System.out.println("Caught expected exception: " + e.getClass().getName() + + "(" + e.getMessage() + ")."); + } catch (Exception e) { + System.out.println("Caught unexpected exception: " + e.getClass().getName() + + "(" + e.getMessage() + ")!"); + throw e; + } + } +}