Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.
Bug 362065 - StringIndexOutOfBoundsException translating documents with empty event handler attributes
Summary: StringIndexOutOfBoundsException translating documents with empty event handle...
Status: RESOLVED FIXED
Alias: None
Product: JSDT
Classification: WebTools
Component: Web (show other bugs)
Version: 3.2.5   Edit
Hardware: All All
: P3 major (vote)
Target Milestone: 3.2.5   Edit
Assignee: Nitin Dahyabhai CLA
QA Contact: Nitin Dahyabhai CLA
URL:
Whiteboard: PMC_approved
Keywords:
Depends on:
Blocks:
 
Reported: 2011-10-26 09:34 EDT by Nitin Dahyabhai CLA
Modified: 2011-10-27 10:12 EDT (History)
4 users (show)

See Also:
david_williams: pmc_approved+
thatnitind: pmc_approved? (raghunathan.srinivasan)
thatnitind: pmc_approved? (naci.dai)
thatnitind: pmc_approved? (deboer)
neil.hauge: pmc_approved+
thatnitind: pmc_approved? (kaloyan)
cbridgha: pmc_approved+
cmjaun: review+


Attachments
proposed patch with unit test (2.67 KB, patch)
2011-10-26 09:34 EDT, Nitin Dahyabhai CLA
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Nitin Dahyabhai CLA 2011-10-26 09:34:40 EDT
Created attachment 205982 [details]
proposed patch with unit test

Some intended cleverness for appending semicolons to the translated content from event handler attributes, e.g. onload="", causes a SIOOBE if the value is empty.  This can happen quickly if the attribute was inserted by content assist or the user just hasn't filled it in, yet.  It prevents most JS support in web pages from working properly.

java.lang.StringIndexOutOfBoundsException: String index out of range: -1
	at java.lang.String.charAt(String.java:686)
	at org.eclipse.wst.jsdt.web.core.javascript.JsTranslator.translateInlineJSNode(JsTranslator.java:402)
	at org.eclipse.wst.jsdt.web.core.javascript.JsTranslator.translate(JsTranslator.java:326)
	at org.eclipse.wst.jsdt.web.core.javascript.JsTranslator.reset(JsTranslator.java:275)
	at org.eclipse.wst.jsdt.web.core.javascript.JsTranslator.<init>(JsTranslator.java:171)
	at org.eclipse.wst.jsdt.web.core.javascript.JsTranslation.getTranslator(JsTranslation.java:100)
	at org.eclipse.wst.jsdt.web.core.javascript.JsTranslation.getJsText(JsTranslation.java:378)
...
Comment 1 Nitin Dahyabhai CLA 2011-10-26 11:38:27 EDT
*Explain why you believe this is a stop-ship defect. Or, if it is a "hotbug" (requested by an adopter) please document it as such.

The exception derails the translation on perfectly harmless files, preventing most JavaScript support in web pages from working.

*Is there a work-around? If so, why do you believe the work-around is insufficient?

The user has to fill in a value.  It's not obvious, though, as we don't report this necessity through validation or other means.

*How has the fix been tested? Is there a test case attached to the bugzilla record? Has a JUnit Test been added?

Ad-hoc and with attached unit test.

*Give a brief technical overview. Who has reviewed this fix?

The translator was checking if the last character of the event handler value was a ';', after stripping off any surrounding quotes.  It did not properly check to see whether there were _any_ characters in the value (non-zero length), first.  We're proposing to roll back that one line.  Reviewed by Chris.

*What is the risk associated with this fix?

Very low.  The semicolon goes back to always being inserted.
Comment 2 David Williams CLA 2011-10-26 12:57:47 EDT
This sounds like an important fix, and I could not object to the fix proposed in the patch, but using "charAt" is generally not recommended by "NL enablement" experts, as its doesn't support some of the more unusual languages (16 or 32 bit?) ... I'm not sure we support those esoteric languages in general, but, if there was an ICU equivalent (codePointAt?) it would be a slightly better fix.
Comment 3 Nitin Dahyabhai CLA 2011-10-26 13:01:16 EDT
(In reply to comment #2)
> This sounds like an important fix, and I could not object to the fix proposed
> in the patch, but using "charAt" is generally not recommended by "NL
> enablement" experts, as its doesn't support some of the more unusual languages
> (16 or 32 bit?) ... I'm not sure we support those esoteric languages in
> general, but, if there was an ICU equivalent (codePointAt?) it would be a
> slightly better fix.

It was used handling JavaScript source code, not natural language, and is removed by the patch anyway.
Comment 4 David Williams CLA 2011-10-26 13:05:49 EDT
Oh, thanks for clarifying that I was readying the patch "backwards".
Comment 5 Chuck Bridgham CLA 2011-10-26 13:30:02 EDT
Seems like a bad problem with safe fix.. approve
Comment 6 Neil Hauge CLA 2011-10-26 18:16:42 EDT
+1.
Comment 7 Nitin Dahyabhai CLA 2011-10-26 19:04:50 EDT
Released.