https://bz.apache.org/bugzilla/show_bug.cgi?id=64771
--- Comment #8 from Remy Maucherat <r...@apache.org> ---
That doesn't look good, it seems the state of the destination buffer is
changing concurrently (suddenly, no remaining bytes although the capacity is
still there), which then breaks the algorithm. Maybe this loop should be safer,
but it probably means there's missing sync somewhere else [given the report the
threading could be funky, async does not allow to do *anything*]. It could be a
good idea to add a safety check in unwrap, but then the data read is already
corrupted and that request is not going to end well.
--- a/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
+++ b/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
@@ -600,6 +600,10 @@
}
if (capacity == 0) {
break;
+ } else if (idx == endOffset) {
+ // Avoid loop which could be caused by an unexpected state
+ // change of the destination buffers and report an error
+ throw new IllegalArgumentException("BAAAAAAAD");
} else if (pendingApp == 0) {
pendingApp = pendingReadableBytesInSSL();
}
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
