Stackoverflow error in LiferayPortlet/MVCPortlet
Activity
Show:
Paul Piao July 30, 2012 at 7:28 PM
PASSED Manual Testing following the steps in the description.
Reproduced on:
Tomcat 7.0 + MySQL 5. 6.1.10 CE GA1.
Console throw error message.
Fixed on:
Tomcat 7.0 + MySQL 5. Portal 6.0.x EE GIT ID: 05d66de1e08730a5b33f0d066471f6f46b141c49.
Tomcat 7.0 + MySQL 5. Portal 6.1.x EE GIT ID: de55549384cf5d422a63b06a90834e6c54b9542f.
Tomcat 7.0 + MySQL 5. Portal 6.2.x GIT ID: c28caac5659c75dcb1b629b006ba4de191584ea1.
Console can not throw error message.
Lawrence Lee July 5, 2012 at 2:55 PMEdited
Committed on:
Portal 6.0.x GIT ID: d109002a2fd40c74de98bc16894492f83dcc1f9a.
Portal 6.1.x EE GIT ID: 6a1708e399aa738bf6ba7ecb6c909f9dc644c13a.
Portal 6.2.x GIT ID: d6e6a2035761db80288a0ad4a3f8b28cabe6c9c5.
Fixed
Details
Assignee
Paul PiaoPaul Piao(Deactivated)Reporter
Amos FongAmos FongBranch Version/s
6.1.x6.0.xBackported to Branch
CommittedFix Priority
4Git Pull Request
Components
Affects versions
Priority
Medium
Details
Details
Assignee
Paul PiaoReporter
Amos FongBranch Version/s
6.1.x
6.0.x
Backported to Branch
Committed
Fix Priority
4
Git Pull Request
Components
Affects versions
Priority
MediumZendesk Support
Linked Tickets
Zendesk Support
Linked Tickets
Zendesk Support
Linked Tickets
Created June 14, 2012 at 3:43 AM
Updated June 24, 2023 at 3:53 PM
Resolved August 6, 2012 at 11:33 PM
1. Deploy KB portlet
2. Go to add an article, view source and get the actionURL and change the action to "processAction". Something like so:
http://localhost/group/control_panel/manage?p_auth=LHy8X8UI&p_p_id=1_WAR_knowledgebaseportlet&p_p_lifecycle=1&p_p_state=maximized&p_p_mode=view&doAsGroupId=14&refererPlid=8440537&_1_WAR_knowledgebaseportlet_jspPage=%2Fadmin%2Fedit_article.jsp&_1_WAR_knowledgebaseportlet_redirect=%2Fgroup%2Fcontrol_panel%2Fmanage%3Fp_p_id%3D1_WAR_knowledgebaseportlet%26p_p_lifecycle%3D0%26p_p_state%3Dmaximized%26p_p_mode%3Dview%26doAsGroupId%3D14%26refererPlid%3D8440537&_1_WAR_knowledgebaseportlet_resourcePrimKey=0&_1_WAR_knowledgebaseportlet_status=-1&_1_WAR_knowledgebaseportlet_javax.portlet.action=processAction
Result: 30mb stackoverflow error
Enough concurrent hits should be able to DOS the server