Mailing-List: contact dev-help@tomcat.apache.org; run by ezmlm
Precedence: bulk
Reply-To: "Tomcat Developers List" <dev@tomcat.apache.org>
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: svn commit: r1099556 - in /tomcat/trunk:
 java/org/apache/coyote/ajp/AjpAprProcessor.java
 java/org/apache/coyote/ajp/AjpProcessor.java
 java/org/apache/coyote/ajp/LocalStrings.properties webapps/docs/changelog.xml
Date: Wed, 04 May 2011 18:32:06 -0000
To: dev@tomcat.apache.org
From: markt@apache.org
Message-Id: <20110504183206.4B785238890A@eris.apache.org>

Author: markt
Date: Wed May  4 18:32:05 2011
New Revision: 1099556

URL: http://svn.apache.org/viewvc?rev=1099556&view=rev
Log:
Improve handling of too large packets in AJP connectors
- Explicitly check the packet size rather than waiting to see if it fails
- Provide a better debug message when it does fail
- Once we know we have a bad request, don't try to process it

Modified:
    tomcat/trunk/java/org/apache/coyote/ajp/AjpAprProcessor.java
    tomcat/trunk/java/org/apache/coyote/ajp/AjpProcessor.java
    tomcat/trunk/java/org/apache/coyote/ajp/LocalStrings.properties
    tomcat/trunk/webapps/docs/changelog.xml

Modified: tomcat/trunk/java/org/apache/coyote/ajp/AjpAprProcessor.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/ajp/AjpAprProcessor.java?rev=1099556&r1=1099555&r2=1099556&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/ajp/AjpAprProcessor.java (original)
+++ tomcat/trunk/java/org/apache/coyote/ajp/AjpAprProcessor.java Wed May  4 18:32:05 2011
@@ -263,17 +263,19 @@ public class AjpAprProcessor extends Abs
                 error = true;
             }
 
-            // Setting up filters, and parse some request headers
-            rp.setStage(org.apache.coyote.Constants.STAGE_PREPARE);
-            try {
-                prepareRequest();
-            } catch (Throwable t) {
-                ExceptionUtils.handleThrowable(t);
-                log.debug(sm.getString("ajpprocessor.request.prepare"), t);
-                // 400 - Internal Server Error
-                response.setStatus(400);
-                adapter.log(request, response, 0);
-                error = true;
+            if (!error) {
+                // Setting up filters, and parse some request headers
+                rp.setStage(org.apache.coyote.Constants.STAGE_PREPARE);
+                try {
+                    prepareRequest();
+                } catch (Throwable t) {
+                    ExceptionUtils.handleThrowable(t);
+                    log.debug(sm.getString("ajpprocessor.request.prepare"), t);
+                    // 400 - Internal Server Error
+                    response.setStatus(400);
+                    adapter.log(request, response, 0);
+                    error = true;
+                }
             }
 
             // Process the request in the adapter
@@ -621,6 +623,14 @@ public class AjpAprProcessor extends Abs
             return true;
         }
         else {
+            if (messageLength > message.getBuffer().length) {
+                // Message too long for the buffer
+                // Need to trigger a 400 response
+                throw new IllegalArgumentException(sm.getString(
+                        "ajpprocessor.header.tooLong",
+                        Integer.valueOf(messageLength),
+                        Integer.valueOf(message.getBuffer().length)));
+            }
             read(messageLength);
             inputBuffer.get(message.getBuffer(), headerLength, messageLength);
             return true;

Modified: tomcat/trunk/java/org/apache/coyote/ajp/AjpProcessor.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/ajp/AjpProcessor.java?rev=1099556&r1=1099555&r2=1099556&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/ajp/AjpProcessor.java (original)
+++ tomcat/trunk/java/org/apache/coyote/ajp/AjpProcessor.java Wed May  4 18:32:05 2011
@@ -274,17 +274,19 @@ public class AjpProcessor extends Abstra
                 error = true;
             }
 
-            // Setting up filters, and parse some request headers
-            rp.setStage(org.apache.coyote.Constants.STAGE_PREPARE);
-            try {
-                prepareRequest();
-            } catch (Throwable t) {
-                ExceptionUtils.handleThrowable(t);
-                log.debug(sm.getString("ajpprocessor.request.prepare"), t);
-                // 400 - Internal Server Error
-                response.setStatus(400);
-                adapter.log(request, response, 0);
-                error = true;
+            if (!error) {
+                // Setting up filters, and parse some request headers
+                rp.setStage(org.apache.coyote.Constants.STAGE_PREPARE);
+                try {
+                    prepareRequest();
+                } catch (Throwable t) {
+                    ExceptionUtils.handleThrowable(t);
+                    log.debug(sm.getString("ajpprocessor.request.prepare"), t);
+                    // 400 - Internal Server Error
+                    response.setStatus(400);
+                    adapter.log(request, response, 0);
+                    error = true;
+                }
             }
 
             if (endpoint.isPaused()) {
@@ -570,6 +572,14 @@ public class AjpProcessor extends Abstra
             return true;
         }
         else {
+            if (messageLength > buf.length) {
+                // Message too long for the buffer
+                // Need to trigger a 400 response
+                throw new IllegalArgumentException(sm.getString(
+                        "ajpprocessor.header.tooLong",
+                        Integer.valueOf(messageLength),
+                        Integer.valueOf(buf.length)));
+            }
             read(buf, headerLength, messageLength);
             return true;
         }

Modified: tomcat/trunk/java/org/apache/coyote/ajp/LocalStrings.properties
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/ajp/LocalStrings.properties?rev=1099556&r1=1099555&r2=1099556&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/ajp/LocalStrings.properties (original)
+++ tomcat/trunk/java/org/apache/coyote/ajp/LocalStrings.properties Wed May  4 18:32:05 2011
@@ -34,6 +34,7 @@ ajpprotocol.request.register=Error regis
 ajpprocessor.failedflush=Failed to flush AJP message
 ajpprocessor.failedsend=Failed to send AJP message
 ajpprocessor.header.error=Header message parsing failed
+ajpprocessor.header.tooLong=Header message of length [{0}] received but the packetSize is only [{1}]
 ajpprocessor.request.prepare=Error preparing request
 ajpprocessor.request.process=Error processing request
 ajpprocessor.certs.fail=Certificate conversion failed

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1099556&r1=1099555&r2=1099556&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Wed May  4 18:32:05 2011
@@ -147,6 +147,10 @@
         handshake fails with the HTTP-APR connector. Patch provided by Mike
         Glazer. (markt)
       </fix>
+      <fix>
+        Improve handling in AJP connectors of the case where too large a AJP
+        packet is received. (markt) 
+      </fix>
     </changelog>
   </subsection>
   <subsection name="Jasper">


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org