IBM Support

PI41089: IF A % SIGN IS THE LAST CHARACTER IN A DATASTREAM RIGHT BEFORE THE CRLF STORAGE VIOLATIONS OCCUR DURING URLENCODE PROCESSING.

A fix is available

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • When a % sign is the last character in a data stream right
    before the CRLF during URLENCODE processing this caused module
    DFHCCNV4 to do a MVCL with a length of -2 x'FFFFFFFE'.
    
    Eventually this tries to overwrite storage it cannot access and
    the 0C4 occurs.  In the dump reg3 can be seen containing -2 and
    reg1 and regF are loaded from reg3 for the MVCL. CICS should not
    be attempting this disaterous MVCL based on bad user data. The
    problem can be avoided by ensuring the Client Application is
    sending in valid data.
    
    This problem can also occur when there is a % sign before the
    last character, in which case the length is -1 FFFFFFFF.
    
    MVCL treats the last 24 bits of the length as an unsigned
    binary value, therefore, the number of bytes to be moved is
    either FFFFFE (16MB-2) or FFFFFF (16MB-1).
    
    It is possible that no S0C4 occurs, and the customer may see
    CICS terminate for no apparent reason with:
    
    0S12I MAIN TASK TERMINATION
    0S00I SUB DFHSKTSK CANCELED
    

Local fix

Problem summary

  • ****************************************************************
    * USERS AFFECTED: All                                          *
    ****************************************************************
    * PROBLEM DESCRIPTION: A URL ending with an escape string of   *
    *                      only one character can cause a          *
    *                      DFHAP0001 indicating an 0C4 in DFHCCNV. *
    ****************************************************************
    * RECOMMENDATION:                                              *
    ****************************************************************
    CICS assumes that there should be always two or more characters
    following the start of an escaped string.  In an invalid escape
    string at the end of a URL, there may be only one character.
    This results in a negative length for the move of data to the
    output buffer, which can cause a storage violation.
    
    The same problem can occur for the value of an HTML FORMFIELD
    name/value pair.
    
    Although the normal result is an attempt to overlay the ERDSA,
    it is also possible that the overlay will result in the
    unexpected termination of CICS with messages:
    
    0S12I MAIN TASK TERMINATION
    0S00I SUB DFHSKTSK CANCELED
    
    Keywords: MSGDFHSM0101 MSGDFHAP0001 abend0C4 abendS0C4 S0C4
    MSGDFHSM0002 DFHSM0002 SM0002 MSGDFHSM0102 DFHSM0102 SM0102
    MSGDFHSR0622 DFHSR0622 SR0622 ERDSA MSG0S12I MSG0S00I
    

Problem conclusion

  • DFHCCNV has been modified to check that an escape string
    commences further than two characters from the end of the URL
    or HTML value.
    

Temporary fix

  • FIX AVAILABLE BY PTF ONLY
    

Comments

APAR Information

  • APAR number

    PI41089

  • Reported component name

    CICSTS FOR VSE

  • Reported component ID

    564805400

  • Reported release

    B0P

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2015-05-14

  • Closed date

    2015-05-21

  • Last modified date

    2015-05-27

  • APAR is sysrouted FROM one or more of the following:

    PQ60227

  • APAR is sysrouted TO one or more of the following:

Modules/Macros

  • DFHCCNV
    

Fix information

  • Fixed component name

    CICSTS FOR VSE

  • Fixed component ID

    564805400

Applicable component levels

  • RB0P PSY UI27869

       UP15/05/27 I 1000

Fix is available

  • Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.

[{"Business Unit":{"code":"BU011","label":"Systems - zSystems software"},"Product":{"code":"SSGMGV","label":"CICS Transaction Server"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"1.1.1","Edition":""}]

Document Information

Modified date:
27 May 2015