A fix is available
APAR status
Closed as program error.
Error description
You have converted CICS TS 2.3 to TS 3.1. You have one web applicaton that does not work. You're getting the following errors, . Web Readnext, RESP=LENGERR 5 REC ID= READ APPL , RESP=NOTFND 80 . Your WS-RESP is 22 Your WS-RESP2 is 5 . The trace shows the following, WBAP EXIT - FUNCTION(READ_NEXT) RESPONSE(EXCEPTION) REASON(FORMFLD_VALUE_LENGTH_ERROR) HTTP_BUFFER_NAME(1211EED9 , 00000008 , 00000050) HTTP_BUFFER_VALUE(9211EF2D , 6B408994 , 00007EF4) . Firstly, the forms data (i.e. the querystring) in this request is NOT valid. It is just the token used by the security analyzer. There is NO equals sign after the name. This invalid data causes CICS to useresidual data when returning the formfield value to the application. . This may result in a very large value length and a LENGERR condition. What should happen is for the STARTBROWSE to indicate that the forms data is invalid.
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: All. * **************************************************************** * PROBLEM DESCRIPTION: EXEC CICS WEB READNEXT FORMFIELD gets * * LENGERR when reading data from a * * querystring which does not have a * * valid forms structure. * **************************************************************** * RECOMMENDATION: * **************************************************************** Formfield data input via an HTTP request for processing by a web-aware application should be in the form of name/value pairs where the name and value are separated by '=' and the pairs are separated by '&'. Even if a name field has no value it should still be delimited by '='. In this case an inbound HTTP type GET request had a querystring which contained a security token. This was taken as input by a web-aware program which issued a FORMFIELD BROWSE against it. The security token was taken as the name of the first field, but as it was not delimited by a '=' a corrupt name/value structure was built by the WEB STARTBROWSE FORMFIELD request, leading to a LENGERR condition being invalidly returned on the subsequent WEB READNEXT FORMFIELD command. Instead of the LENGERR, the invalid formfield data structure should be diagnosed during WEB STARTBROWSE FORMFIELD processing. This also applies if the WEB READ FORMFIELD command is used instead of a browse. If the same data is used as formfield data on a POST type these commands will cause an abend AEXZ to the web-aware application. Additional keywords: AbendAEXZ disaster AEIV abendAEIV FORMFIELD_STRUCT_FORM_ERR NAMESTRU
Problem conclusion
DFHEIWB and DFHWBRQF have been altered so that if invalid formfield data causes an attempt to overwrite storage past the end of the getmained name/value structure during a WEB STARTBROWSE FORMFIELD or a WEB READ FORMFIELD request, the application will receive an exception response of INVREQ with EIBRESP2 = 17, FORMFIELD_STRUCT_FORM_ERR, to denote that the forms data structure is invalid. In the case of a POST request, any FORMFIELD_STRUCT_FORM_ERR detected by CICS will now return an exception response with EIBRESP2 = 17, instead of an abendAEXZ disaster response as before. The CICS Transaction Server for z/OS Application Programming Reference, Version 3 Release 1, SC34-6434-00, will be updated with a new RESP2 value under the INVREQ condition for both the WEB STARTBROWSE FORMFIELD and the WEB READ FORMFIELD commands: ' 17 Invalid forms data was found in the input message.'
Temporary fix
FIX AVAILABLE BY PTF ONLY
Comments
APAR Information
APAR number
PK44625
Reported component name
CICSTS 3.X Z/OS
Reported component ID
5655M1500
Reported release
400
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2007-05-04
Closed date
2007-06-18
Last modified date
2007-07-03
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
UK26304
Modules/Macros
DESEIWB DESWBAP DESWBDM DESWBRQ DESWBRQF DESWBSR DESWBXM DFHEIWB DFHWBAP DFHWBAPA DFHWBAPF DFHWBAPJ DFHWBAPM DFHWBAPT DFHWBAPV DFHWBDM DFHWBRQD DFHWBRQS DFHWBSR DFHWBSRA DFHWBSRM DFHWBSRT DFHWBXM DFHWBXMA DFHWBXMT
SC34643400 |
Fix information
Fixed component name
CICSTS 3.X Z/OS
Fixed component ID
5655M1500
Applicable component levels
R400 PSY UK26304
UP07/06/22 P F706
Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.
[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSGMGV","label":"CICS Transaction Server"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"3.1","Edition":"","Line of Business":{"code":"LOB35","label":"Mainframe SW"}},{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG19M","label":"APARs - z\/OS environment"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"3.1","Edition":"","Line of Business":{"code":"","label":""}}]
Document Information
Modified date:
03 July 2007