[MGNLCMNT-70] In the "Comments" module, you can get a null pointer exception when users enter only whitespace characters for a comment Created: 30/Jul/12  Updated: 06/Dec/13  Resolved: 28/Nov/12

Status: Closed
Project: Commenting (closed)
Component/s: None
Affects Version/s: 1.2.2
Fix Version/s: 1.2.3

Type: Bug Priority: Minor
Reporter: Jeff Grover Assignee: Roman Kovařík
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Apache Tomcat/6.0.32


Template:
Acceptance criteria:
Empty
Date of First Response:

 Description   

To duplicate the problem:

1. Add the comments module to a page
2. Activate changes and navigate to the page
3. Enter a "space" for the comment, then anything for name & e-mail
4. Press "Send" and see stack trace report:

The stack trace is:

type Rapport d'exception

message

description Le serveur a rencontré une erreur interne () qui l'a empêché de satisfaire la requête.

exception

java.lang.RuntimeException: java.lang.NullPointerException
info.magnolia.module.cache.filter.CacheFilter.doFilter(CacheFilter.java:165)
info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:61)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.i18n.I18nContentSupportFilter.doFilter(I18nContentSupportFilter.java:76)
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.filters.RangeSupportFilter.doFilter(RangeSupportFilter.java:86)
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.security.BaseSecurityFilter.doFilter(BaseSecurityFilter.java:60)
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.security.SecurityCallbackFilter.doFilter(SecurityCallbackFilter.java:86)
info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:61)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.security.LogoutFilter.doFilter(LogoutFilter.java:93)
info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:61)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.module.templatingkit.filters.SiteMergeFilter.doFilter(SiteMergeFilter.java:99)
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.filters.MultiChannelFilter.doFilter(MultiChannelFilter.java:83)
info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:61)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.module.cache.filter.GZipFilter.doFilter(GZipFilter.java:75)
info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:61)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:85)
info.magnolia.cms.security.auth.login.LoginFilter.doFilter(LoginFilter.java:93)
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:85)
info.magnolia.cms.filters.CosMultipartRequestFilter.doFilter(CosMultipartRequestFilter.java:87)
info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:61)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.module.devicedetection.filter.DeviceDetectionFilter.doFilter(DeviceDetectionFilter.java:73)
info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:61)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.filters.ContentTypeFilter.doFilter(ContentTypeFilter.java:102)
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.filters.ContextFilter.doFilter(ContextFilter.java:131)
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.filters.CompositeFilter.doFilter(CompositeFilter.java:67)
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
info.magnolia.cms.filters.SafeDestroyMgnlFilterWrapper.doFilter(SafeDestroyMgnlFilterWrapper.java:108)
info.magnolia.cms.filters.MgnlFilterDispatcher.doDispatch(MgnlFilterDispatcher.java:67)
info.magnolia.cms.filters.MgnlMainFilter.doFilter(MgnlMainFilter.java:108)
info.magnolia.cms.filters.MgnlMainFilter.doFilter(MgnlMainFilter.java:94)
cause mère

java.lang.NullPointerException
info.magnolia.module.commenting.frontend.action.PageComments.executeEarly(PageComments.java:131)
info.magnolia.rendering.model.ModelExecutionFilter.doFilter(ModelExecutionFilter.java:143)
info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:61)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.filters.InterceptFilter.doFilter(InterceptFilter.java:130)
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.filters.AggregatorFilter.doFilter(AggregatorFilter.java:105)
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.security.BaseSecurityFilter.doFilter(BaseSecurityFilter.java:60)
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.filters.RepositoryMappingFilter.doFilter(RepositoryMappingFilter.java:101)
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.filters.CompositeFilter.doFilter(CompositeFilter.java:67)
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:77)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:85)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:85)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:85)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:85)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:85)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:85)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:85)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:85)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:85)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:85)
info.magnolia.cms.filters.CompositeFilter.doFilter(CompositeFilter.java:67)
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.filters.VirtualUriFilter.doFilter(VirtualUriFilter.java:70)
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.module.cache.executor.Bypass.processCacheRequest(Bypass.java:58)
info.magnolia.module.cache.executor.CompositeExecutor.processCacheRequest(CompositeExecutor.java:66)
info.magnolia.module.cache.filter.CacheFilter.doFilter(CacheFilter.java:153)
info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:61)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.i18n.I18nContentSupportFilter.doFilter(I18nContentSupportFilter.java:76)
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.filters.RangeSupportFilter.doFilter(RangeSupportFilter.java:86)
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.security.BaseSecurityFilter.doFilter(BaseSecurityFilter.java:60)
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.security.SecurityCallbackFilter.doFilter(SecurityCallbackFilter.java:86)
info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:61)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.security.LogoutFilter.doFilter(LogoutFilter.java:93)
info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:61)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.module.templatingkit.filters.SiteMergeFilter.doFilter(SiteMergeFilter.java:99)
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.filters.MultiChannelFilter.doFilter(MultiChannelFilter.java:83)
info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:61)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.module.cache.filter.GZipFilter.doFilter(GZipFilter.java:75)
info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:61)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:85)
info.magnolia.cms.security.auth.login.LoginFilter.doFilter(LoginFilter.java:93)
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:85)
info.magnolia.cms.filters.CosMultipartRequestFilter.doFilter(CosMultipartRequestFilter.java:87)
info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:61)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.module.devicedetection.filter.DeviceDetectionFilter.doFilter(DeviceDetectionFilter.java:73)
info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:61)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.filters.ContentTypeFilter.doFilter(ContentTypeFilter.java:102)
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.filters.ContextFilter.doFilter(ContextFilter.java:131)
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
info.magnolia.cms.filters.CompositeFilter.doFilter(CompositeFilter.java:67)
info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
info.magnolia.cms.filters.SafeDestroyMgnlFilterWrapper.doFilter(SafeDestroyMgnlFilterWrapper.java:108)
info.magnolia.cms.filters.MgnlFilterDispatcher.doDispatch(MgnlFilterDispatcher.java:67)
info.magnolia.cms.filters.MgnlMainFilter.doFilter(MgnlMainFilter.java:108)
info.magnolia.cms.filters.MgnlMainFilter.doFilter(MgnlMainFilter.java:94)
note La trace complète de la cause mère de cette erreur est disponible dans les fichiers journaux de Apache Tomcat/6.0.32.

Apache Tomcat/6.0.32



 Comments   
Comment by Jan Haderka [ 27/Nov/12 ]

Did you check saving params for XSS vulnerability when fixing this ? If yes, you can close the issue. Thx.

Generated at Mon Feb 12 00:02:52 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.