Title:
Bug 84546:(Watson Migration Closure)If you use curl to send a malformed post to a CFM file, specifically, a name w/o a = sign:curl -d test http://someserver/some
| View in TrackerStatus/Resolution/Reason: Closed/Won't Fix/LowImpact
Reporter/Name(from Bugbase): Raymond Camden / Raymond Camden (Raymond Camden)
Created: 10/05/2010
Components: General Server
Versions: 9.0.1
Failure Type: Unspecified
Found In Build/Fixed In Build: 0000 /
Priority/Frequency: Minor / Unknown
Locale/System: English / Platforms All
Vote Count: 1
Problem:
If you use curl to send a malformed post to a CFM file, specifically, a name w/o a = sign:curl -d test http://someserver/some.cfmThen CF will bomb. There is no way (that I could find) to check for this error and prevent. CF just barfs on it. Now this may not be to spec (it should be test=something), but other servers handle this more gracefully. CF should probably just set form.test to an empty string.
Method:
1.Install Curl.
2.run the following command :
curl -d test http://someserver/some.cfm
Result:
500 level error
[GT 19 Nov 2010] : Getting the following exception:
C:\>curl -d test http://localhost:8500/ozeetee/test/test.cfm
<html><head><title>Apache Tomcat/7.0.2 - Error report</title><style><!--H1 {font-family:Tahoma,Arial
,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-
serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;
color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;colo
r:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color
:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {co
lor : black;}A.name {color : black;}HR {color : #525D76;}--></style> </head><body><h1>HTTP Status 50
0 - </h1><HR size="1" noshade="noshade"><p><b>type</b> Exception report</p><p><b>message</b> <u></u>
</p><p><b>description</b> <u>The server encountered an internal error () that prevented it from fulf
illing this request.</u></p><p><b>exception</b> <pre>javax.servlet.ServletException: ROOT CAUSE:
java.lang.IllegalArgumentException
at coldfusion.filter.FormScope.parseQueryString(FormScope.java:373)
at coldfusion.filter.FormScope.parsePostData(FormScope.java:345)
at coldfusion.filter.FormScope.fillForm(FormScope.java:295)
at coldfusion.filter.FusionContext.SymTab_initForRequest(FusionContext.java:377)
at coldfusion.filter.GlobalsFilter.invoke(GlobalsFilter.java:33)
at coldfusion.filter.DatasourceFilter.invoke(DatasourceFilter.java:22)
at coldfusion.filter.CachingFilter.invoke(CachingFilter.java:62)
at coldfusion.filter.RequestThrottleFilter.invoke(RequestThrottleFilter.java:126)
at coldfusion.CfmServlet.service(CfmServlet.java:200)
at coldfusion.bootstrap.BootstrapServlet.service(BootstrapServlet.java:89)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.j
ava:303)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at coldfusion.monitor.event.MonitoringServletFilter.doFilter(MonitoringServletFilter.java:42
)
at coldfusion.bootstrap.BootstrapFilter.doFilter(BootstrapFilter.java:46)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.j
ava:242)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:243)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:201)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:163)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:108)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:556)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:422)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:242)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.ja
va:267)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.ja
va:245)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:260)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
at java.lang.Thread.run(Thread.java:619)
coldfusion.monitor.event.MonitoringServletFilter.doFilter(MonitoringServletFilter.java:70)
coldfusion.bootstrap.BootstrapFilter.doFilter(BootstrapFilter.java:46)
</pre></p><p><b>note</b> <u>The full stack trace of the root cause is available in the Apache Tomcat
/7.0.2 logs.</u></p><HR size="1" noshade="noshade"><h3>Apache Tomcat/7.0.2</h3></body></html>
----------------------------- Additional Watson Details -----------------------------
Watson Bug ID: 3042374
External Customer Info:
External Company:
External Customer Name: Raymond Camden
External Customer Email: 5FBC41E943BD265C992015D5
External Test Config: 10/05/2010
Attachments:
Comments: