https://bz.apache.org/bugzilla/show_bug.cgi?id=61948
Bug ID: 61948
Summary: BufferUnderflowException and IllegalArgumentException
in TLSClientHelloExtractor
Product: Tomcat 9
Version: 9.0.2
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Util
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: -----
I found two similar exceptions in system journal.
1:22:10 org.apache.tomcat.util.net.NioEndpoint$SocketProcessor doRun
SEVERE:
java.nio.BufferUnderflowException
at java.base/java.nio.Buffer.nextGetIndex(Buffer.java:634)
at java.base/java.nio.HeapByteBuffer.getChar(HeapByteBuffer.java:299)
at
org.apache.tomcat.util.net.TLSClientHelloExtractor.<init>(TLSClientHelloExtractor.java:110)
at
org.apache.tomcat.util.net.SecureNioChannel.processSNI(SecureNioChannel.java:282)
at
org.apache.tomcat.util.net.SecureNioChannel.handshake(SecureNioChannel.java:175)
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1353)
at
org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at
java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1167)
at
java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:641)
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.base/java.lang.Thread.run(Thread.java:844)
1:22:11 org.apache.tomcat.util.net.NioEndpoint$SocketProcessor doRun
SEVERE:
java.lang.IllegalArgumentException: newPosition > limit: (34392 > 248)
at java.base/java.nio.Buffer.createPositionException(Buffer.java:313)
at java.base/java.nio.Buffer.position(Buffer.java:288)
at java.base/java.nio.ByteBuffer.position(ByteBuffer.java:1079)
at java.base/java.nio.ByteBuffer.position(ByteBuffer.java:260)
at
org.apache.tomcat.util.net.TLSClientHelloExtractor.skipBytes(TLSClientHelloExtractor.java:250)
at
org.apache.tomcat.util.net.TLSClientHelloExtractor.<init>(TLSClientHelloExtractor.java:141)
at
org.apache.tomcat.util.net.SecureNioChannel.processSNI(SecureNioChannel.java:282)
at
org.apache.tomcat.util.net.SecureNioChannel.handshake(SecureNioChannel.java:175)
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1353)
at
org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at
java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1167)
at
java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:641)
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.base/java.lang.Thread.run(Thread.java:844)
It seems that TLSClientHelloExtractor doesn't have enough checks for sanity of
received client hello message.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
