In Server's ClientListener if the client sends a request with no comma in it, the server will attempt to access an array index out of bounds when using the split() method. This kills the thread without sending any response. #4
Brendan - March 5 at 7:12PM EST: @nathanfuller1 I think we can check the length the list returned by split and if its not exactly 2 we can throw some kind of invalid format message to the client, it's just something I missed when coding it up before.
Nate - March 5 at 3:24PM EST: Can you just check to see if the split didn't work and then return a response saying "incorrect formatting" or something? I'm not totally sure how it works so that might not even be possible =/
Fixed: The ClientListener now checks that the length of the array returned by "split(',')" is equal to 2, and returns invalid Username/Password otherwise.
Bug ported from Trello task management.
This bug was initially reported by @bpteich.
Correspondence:
Brendan - March 5 at 7:12PM EST: @nathanfuller1 I think we can check the length the list returned by split and if its not exactly 2 we can throw some kind of invalid format message to the client, it's just something I missed when coding it up before.
Nate - March 5 at 3:24PM EST: Can you just check to see if the split didn't work and then return a response saying "incorrect formatting" or something? I'm not totally sure how it works so that might not even be possible =/