RFR: JDK-8288207: Enhance MalformedURLException in Uri.parseCompat

Fri Jun 10 14:22:58 UTC 2022

On Fri, 10 Jun 2022 12:16:17 GMT, Matthias Baesken <mbaesken at openjdk.org> wrote:

> When trying to construct an LdapURL object with a bad input string (in this example the _ in ad_jbs is causing issues), and not using
> the backward compatibility flag -Dcom.sun.jndi.ldapURLParsing="legacy" we run into the exception below :
> 
> import com.sun.jndi.ldap.LdapURL;
>  ....
> String url = "ldap://ad_jbs.ttt.net:389/xyz"; // bad input string containing _
> LdapURL ldapUrl = new LdapURL(url);
> 
> 
> java --add-opens java.naming/com.sun.jndi.ldap=ALL-UNNAMED LdapParseUrlTest
> Exception in thread "main" javax.naming.NamingException: Cannot parse url: ldap://ad_jbs.ttt.net:389/xyz [Root exception is java.net.MalformedURLException: unsupported authority: ad_jbs.ttt.net:389]
> at java.naming/com.sun.jndi.ldap.LdapURL.<init>(LdapURL.java:115)
> at LdapParseUrlTest.main(LdapParseUrlTest.java:9)
> Caused by: java.net.MalformedURLException: unsupported authority: ad_jbs.ttt.net:389
> at java.naming/com.sun.jndi.toolkit.url.Uri.parseCompat(Uri.java:367)
> at java.naming/com.sun.jndi.toolkit.url.Uri.parse(Uri.java:230)
> at java.naming/com.sun.jndi.toolkit.url.Uri.init(Uri.java:174)
> at java.naming/com.sun.jndi.ldap.LdapURL.<init>(LdapURL.java:105)
> 
> I would like to add the host and port info to the exception (in the example it is host:port of URI:null:-1] ) so that it is directly visible that the input caused the construction of a URI
> with "special"/problematic host and port values.

`URISyntaxException`/`MalformedURLException` usually contains the whole URL - so in this case, because we're parsing a URL, I believe the added information would not leak more sensitive data - especially since I'd expect URI.getHost() to be always `null` and `URI.getPort()` to be always `-1` in this case. 
That is - this exception is thrown when the authority is parsed as a reg_name, as opposed to server-base, because the provided host name (or what looks like a host name) contains a character that is not allowed by java.net.URI in a host name.

jshell> URI.create("ldap://a_b.com:389/foo");
$1 ==> ldap://a_b.com:389/foo

jshell> $1.getAuthority()
$2 ==> "a_b.com:389"

jshell> $1.getHost()
$3 ==> null

As a point of comparison, here is what URISyntaxException looks like if the authority contains a character which is not legal at all in authority:

jshell> new URI("ldap://a_%b.com:389/foo");
|  Exception java.net.URISyntaxException: Malformed escape pair at index 9: ldap://a_%b.com:389/foo
|        at URI$Parser.fail (URI.java:2973)

I agree we should wait for someone from security-dev to chime in though.

I might question whether the added "null:-1" information is really helpful, or just as confusing however.

-------------

PR: https://git.openjdk.org/jdk/pull/9126