Skip to content

MultiActionController with ParameterMethodNameResolver can result in stack overflow [SPR-1696] #6393

New issue
New issue
Closed
Closed
MultiActionController with ParameterMethodNameResolver can result in stack overflow [SPR-1696]#6393
Assignees
jhoeller
Labels
in: coreIssues in core modules (aop, beans, core, context, expression)type: bugA general bug
Milestone
1.2.7
@spring-projects-issues

Description

@spring-projects-issues
spring-projects-issues
opened on Feb 9, 2006

Erik Rozendaal opened SPR-1696 and commented

Using the following configuration:

<bean name="/view.html" class="day2.mvc.DoEverythingController">
	<property name="methodNameResolver" ref="methodNameResolver"/>
</bean>

<bean id="methodNameResolver" class="org.springframework.web.servlet.mvc.multiaction.ParameterMethodNameResolver">
	<property name="paramName" value="action"/>
</bean>

where DoEverythingController extends the MultiActionController, a user can cause a stack overflow by specifying an URL like: http://server/view.html?action=handleRequest. Maybe the handleRequest method should not be available when using the ParameterMethodNameResolver?

Affects: 1.2.6

Metadata

Metadata

Assignees

Labels

in: coreIssues in core modules (aop, beans, core, context, expression)type: bugA general bug

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions