Uploaded image for project: 'Spring Web Services'
  1. Spring Web Services
  2. SWS-750

SaajSoapMessageFactory's checkForUtf8ByteOrderMark is corrupting input stream


    • Type: Bug
    • Status: Closed
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: 1.5.8, 1.5.9
    • Fix Version/s: 2.0.4
    • Component/s: Core
    • Labels:


      There appears to be a bug in the implementation of "checkForUtf8ByteOrderMark" in org.springframework.ws.soap.saaj.SaajSoapMessageFactory.

      Under certain circumstances, the call to pushbackInputStream.read(bom) will read less than the required 3 bytes into bom. Then, since the byte order mark isn't found, unread(bom) is called which results in some invalid bytes being added to the stream.

      The contract for PushbackInputStream.read(byte[] b, int off, int len) says "Reads up to len bytes of data." In our case, using Tomcat (versions 6 and 7) with recent releases of Chrome and IE, the call to inputstream.available() in BufferedInputStream's implementation of read returns 0. This is because no more data can be read without blocking. It seems to be just an unfortunate coincidence caused by the size of the header sent by the newest version of chrome and IE. The end result is that our soap envelope is corrupted and our system is unusable.

        Issue Links


          Transition Time In Source Status Execution Times Last Executer Last Execution Date
          Open Open In Progress In Progress
          4d 6h 17m 1 Arjen Poutsma 24/Jan/12 6:43 AM
          In Progress In Progress Resolved Resolved
          32m 51s 1 Arjen Poutsma 24/Jan/12 7:16 AM
          Resolved Resolved Closed Closed
          100d 23h 47m 1 Arjen Poutsma 04/May/12 7:03 AM


            • Assignee:
              arjen.poutsma Arjen Poutsma
              zakvandermerwe Zak van der Merwe
            • Votes:
              1 Vote for this issue
              2 Start watching this issue


              • Created:

                Time Tracking

                Original Estimate - Not Specified
                Not Specified
                Remaining Estimate - Not Specified
                Not Specified
                Time Spent - 31m