Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

xmlParse doesn't work and then kills Lucee server instance

Description

Affects Version 5.3.1.95

I am using the following code on a CF11 server with no problems at all. The code merely parses out a returned set of cxml and places the contents into a database. However, the code in Lucee fails to parse the code with an error in the xmlparse function.

The XML I am trying to parse is:
<?xml version="1.0" encoding="UTF-8"?><!DOCTYPE cXML SYSTEM "http://xml.cXML.org/schemas/cXML/1.2.011/cXML.dtd"><cXML payloadID="7c92b177-5a6c-418c-b847-b7a4a7c79210@b2bweb" timestamp="2013-08-27T16:52:09-CDT" version="1.0"><Header><From><Credential domain="DUNS"><Identity>159148746</Identity><SharedSecret/></Credential></From><To><Credential domain="NetworkId"><Identity>Burgoon42709</Identity><SharedSecret/></Credential></To><Sender><Credential domain="NetworkId"><Identity>Burgoon</Identity><SharedSecret/></Credential><UserAgent/></Sender></Header><Message><PunchOutOrderMessage><BuyerCookie>385500</BuyerCookie><PunchOutOrderMessageHeader operationAllowed="edit"><Total><Money currency="USD">26.82</Money></Total><Shipping><Money currency="USD">0.00</Money><Description xml:lang="en">shipping charges</Description></Shipping><Tax><Money currency="USD">0.00</Money><Description xml:lang="en">tax charges</Description></Tax></PunchOutOrderMessageHeader><ItemIn lineNumber="1" quantity="1"><ItemID><SupplierPartID>49JN37</SupplierPartID><SupplierPartAuxiliaryID>WWG49JN37</SupplierPartAuxiliaryID></ItemID><ItemDetail><UnitPrice><Money currency="USD">26.82</Money></UnitPrice><Description xml:lang="en-US">TK28227971T Slip Hook Material Alloy Steel Grade 80 Hook Attachment Type Clevis Trade Size 38 In. Working Load Limit 7100 lb. Hook Opening 1-14 In. Hook Reach Length 3-1332 In. Clevis Pin Diameter 716 In. Clevis Inside Width 12 In. Orange Finish Powder Co</Description><UnitOfMeasure>EA</UnitOfMeasure><Classification domain="UNSPSC">31162611</Classification><Classification domain="Hazmat">N</Classification><ManufacturerPartID>4403515</ManufacturerPartID><ManufacturerName>CAMPBELL</ManufacturerName><LeadTime>38</LeadTime><Extrinsic name="Vendor_Min_Quantity">1</Extrinsic><Extrinsic name="FreightClassCode">18</Extrinsic><Extrinsic name="ListPrice">26.82</Extrinsic></ItemDetail><Shipping><Money currency="USD">0.00</Money><Description xml:lang="en">shipping charges</Description></Shipping><Tax><Money currency="USD">0.00</Money><Description xml:lang="en">tax charges</Description></Tax></ItemIn></PunchOutOrderMessage></Message></cXML>

I am successfully putting it into a variable called "punchout_reply".

<cfsavecontent variable="punchout_reply"><cfoutput>#trim(cxmlout)#</cfoutput></cfsavecontent>

<cfset myDoc=XMLParse("#punchout_reply#",false, "http://xml.cXML.org/schemas/cXML/1.2.011/cXML.dtd")>

Everything works well up to this point, and getting normal xml elements out of it returns good results. For example: #myDoc.cXML.Message.PunchOutOrderMessage.PunchOutOrderMessageHeader.Total.Money.xmlText#

However, when I try to parse out nodes from there, Lucee not only throws and errow, but the entire server crashes.

When I try to get the following, code the server crashes.

<cfset ItemNodes = xmlSearch(myDoc,'/cXML/Message/PunchOutOrderMessage/ItemIn')>

Loop over Item Rows

<cfloop from="1" to="#arraylen(ItemNodes)#" index="i">
<!--- The array contents need to parsed so you can easily get at the child nodes children and attributes. --->
<cfset ItemXML = xmlparse(ItemNodes[i]) />

<cfset ClassNodes = XmlSearch(ItemXML,"/ItemIn/ItemDetail/Classification") />

<cfdump var="#ClassNodes#">

</cfloop>

The error that comes back is:
cvc-elt.1.a: Cannot find the declaration of element 'ItemIn'. <br>The error occurred on line 563 in file D:\virtualwww\site_effects\clients\mis_splash\CXMLConnect\gateway\data_dumps_MIS\retrieve_grainger_cxml_order.cfm.

SAXParseException
class org.xml.sax.SAXParseException
constructors
interface exceptions
<init>(java.lang.String, java.lang.String, java.lang.String, int, int, java.lang.Exception)
<init>(java.lang.String, java.lang.String, java.lang.String, int, int)
<init>(java.lang.String, org.xml.sax.Locator, java.lang.Exception)
<init>(java.lang.String, org.xml.sax.Locator)
methods
return interface exceptions
java.lang.String toString()
int getLineNumber()
int getColumnNumber()
java.lang.String getPublicId()
java.lang.String getSystemId()
java.lang.Throwable getCause()
java.lang.String getMessage()
java.lang.Exception getException()
void printStackTrace()
void printStackTrace(java.io.PrintWriter)
void printStackTrace(java.io.PrintStream)
java.lang.Throwable fillInStackTrace()
java.lang.Throwable initCause(java.lang.Throwable)
void addSuppressed(java.lang.Throwable)
java.lang.String getLocalizedMessage()
java.lang.StackTraceElement[] getStackTrace()
java.lang.Throwable[] getSuppressed()
void setStackTrace(java.lang.StackTraceElement[])
Methods inherited from java.lang.Object
wait, wait, wait, equals, hashCode, getClass, notify, notifyAll

The following is proof that the ItemNodes variable I set contains the element ItemIn. I did a dump of ItemNodes variable and got the following.

Then when I try to get into the Lucee Administator, I get the following at the login screen in red:
cvc-elt.1: Cannot find the declaration of element 'cfLuceeConfiguration'.

Then when I try to login, I get the following error and nothing else.
We're sorry - An Error Occurred

From here, I have to completely restart the Lucee service and instance to get back to a normal login screen.

Something in the xmlparse function is completely taking down the Lucee instance and causing tons of headaches. It works fine in CF11 but doesn't in Lucee 5.3.1.95.

There has to be something wrong with parser in the Lucee engine and something wrong that makes the server crash when any xml functions are performed.

Thanks in advance for your help. I can't migrate to Lucee until I can get this resolved, as I have tons of xml parsing code functions in our code.

Environment

Windows Server

Attachments

6
  • 25 Apr 2019, 10:20 am
  • 24 Apr 2019, 06:55 pm
  • 23 Apr 2019, 05:38 pm
  • 23 Apr 2019, 05:38 pm
  • 23 Apr 2019, 05:38 pm
  • 23 Apr 2019, 05:38 pm

Activity

Show:

Justin Carter 12 July 2019 at 00:26

I’ve just hit this issue as well on Lucee 5.2.9.31. It’s a regression in 5.2.x? Should we back port the bug fix to 5.2.x for those relying on validating XML? We’re unable to move to 5.3.x at the present time so rolling forward isn’t an option yet, and the manual workaround / patch check isn’t practical to insert into a common code base that might have many calls to xmlParse() with a single argument, a bug fixed release would be better?

Michael Offner 13 June 2019 at 12:00
Edited

Workaround when you cannot update yet to the version fixing the issue:

 

add the following code to your Application.cfc|.cfm so it is executed before the first xmlParse

// initialize the patch to memory if(isNull(server.patch2253)) server.patch2253=createObject('java','com.rasia.patch.Patch2253',["path/to/my/patch-2253.jar"]); server.patch2253.fix(); // fixes it (not necessary here but does not hurt)


the jar defined with createObject ("path/to/my/patch-2253.jar"), you can find here http://download.lucee.org/patch-2253.jar

THen after every XMLParse that uses 3 arguments (xmlParse(xml,false,dtd))
you need to do the following afterwards

server.patch2253.fix();

THis patch need no restart of Lucee.

As soon you update Lucee to 5.3.3.53-SNAPSHOT or higher, that has fixed the issue, will this patch do nothing anymore, but also throw no error. But you should remove it anyway.

 

 

 

Michael Offner 13 June 2019 at 11:24

Michael Offner 13 June 2019 at 07:51

this issue was indroduced with 5.2.4.36-SNAPSHOT

Brandon Wood 26 April 2019 at 20:39

I just updated our Lucee instance to 5.3.1.102 and am having the same issue. The latest update hasn’t fixed the issue.

Fixed

Details

Assignee

Reporter

Priority

Labels

Fix versions

New Issue warning screen

Before you create a new Issue, please post to the mailing list first https://dev.lucee.org

Once the issue has been verified, one of the Lucee team will ask you to file an issue

Sprint

Affects versions

Created 23 April 2019 at 17:42
Updated 8 May 2020 at 19:07
Resolved 14 June 2019 at 12:22