2 Replies Latest reply on Jun 23, 2005 2:07 PM by solver

Bug Report

solver Jun 23, 2005 12:04 PM

Hi

I dont know where to post formal bugs or suspected bugs, so here goes:

I am using JBoss JMX Agent View, in version 4.0.2RC1 for Win XP Pro.

In the filter string text box, I simply typed:

*jb*.*ad*

And got this result when I pressed ApplyFilter:

type Exception report

message

description The server encountered an internal error () that prevented it from fulfilling this request.

exception

java.lang.ArrayIndexOutOfBoundsException: 10
org.jboss.mx.util.ObjectNamePatternHelper.patternMatch(ObjectNamePatternHelper.java:104)
org.jboss.mx.util.ObjectNamePatternHelper.patternMatch(ObjectNamePatternHelper.java:99)
org.jboss.mx.util.ObjectNamePatternHelper.patternMatch(ObjectNamePatternHelper.java:59)
org.jboss.mx.server.registry.BasicMBeanRegistry.findEntries(BasicMBeanRegistry.java:630)
org.jboss.mx.server.MBeanServerImpl.queryNames(MBeanServerImpl.java:492)
org.jboss.jmx.adaptor.control.Server.getDomainData(Server.java:52)
org.jboss.jmx.adaptor.html.HtmlAdaptorServlet.displayMBeans(HtmlAdaptorServlet.java:160)
org.jboss.jmx.adaptor.html.HtmlAdaptorServlet.processRequest(HtmlAdaptorServlet.java:73)
org.jboss.jmx.adaptor.html.HtmlAdaptorServlet.doPost(HtmlAdaptorServlet.java:61)
javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:75)

Although far from serious, it does indicate a weakness that could lead to server failure under various circumstances, and possibly offers an opportunity to a malicious attacker.

Incidentally, it would be nice if the JMX Agent View page had a little section near the top that listed the version number etc of JBoss and perhaps Tomcat? that is running?

Hugh

1. Re: Bug Report

adrian.brock Jun 23, 2005 1:32 PM (in response to solver)

"Solver" wrote:
Hi

I dont know where to post formal bugs or suspected bugs, so here goes:

Guess you didn't "READ THIS FIRST" at the top of the forum then?

I am using JBoss JMX Agent View, in version 4.0.2RC1 for Win XP Pro.

In the filter string text box, I simply typed:

*jb*.*ad*

Bug report (thanks):
http://jira.jboss.com/jira/browse/JBAS-1952

Although far from serious, it does indicate a weakness that could lead to server failure under various circumstances, and possibly offers an opportunity to a malicious attacker.

You've got bigger problems if somebody malicious has access to this management
tool :-)

Incidentally, it would be nice if the JMX Agent View page had a little section near the top that listed the version number etc of JBoss and perhaps Tomcat? that is running?

Hugh

If there isn't one already (use search to check).
Raise a separate feature request for this and vote for it.
Even better, provide a patch.
Actions
2. Re: Bug Report

solver Jun 23, 2005 2:07 PM (in response to solver)

Well you will have to excuse me, but I didnt see any "READ THIS FIRST" I either missed it or it is not obvious to me, just let me know what you are referring to and I will do so.

You've got bigger problems if somebody malicious has access to this management
tool :-)

Yes you have, but the flawed logic or component might not be confined either now or in the future, to this user interface.

If there isn't one already (use search to check).
Raise a separate feature request for this and vote for it.
Even better, provide a patch.

Well I am trying to evaluate JBoss for building a web app here, I am not inclined to start working on its source code, that isnt in my plan, fascinating though it might be :)

Regarding posting a feature request, please advise on how this is done and I will.

Rgds
Hugh
Actions

Go to original post