This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 092b7e1 Add low effort null check in facade
092b7e1 is described below
commit 092b7e1092f3fca3ac6dc26753ccb1a4815ce9ce
Author: remm <[email protected]>
AuthorDate: Wed Jan 5 13:23:04 2022 +0100
Add low effort null check in facade
isReady is a likely target for uncontrolled async access, so add a check
for null there to throw a more informative ISE if possible, like is done
in Request/ResponseFacade for the most common calls.
As seen in BZ65780 (when faced with a NPE, users always assume it is a
Tomcat bug)
---
java/org/apache/catalina/connector/CoyoteInputStream.java | 3 +++
java/org/apache/catalina/connector/CoyoteOutputStream.java | 3 +++
java/org/apache/catalina/connector/LocalStrings.properties | 2 ++
webapps/docs/changelog.xml | 4 ++++
4 files changed, 12 insertions(+)
diff --git a/java/org/apache/catalina/connector/CoyoteInputStream.java
b/java/org/apache/catalina/connector/CoyoteInputStream.java
index 2f6f221..ac3ce2d 100644
--- a/java/org/apache/catalina/connector/CoyoteInputStream.java
+++ b/java/org/apache/catalina/connector/CoyoteInputStream.java
@@ -198,6 +198,9 @@ public class CoyoteInputStream extends ServletInputStream {
@Override
public boolean isReady() {
+ if (ib == null) {
+ throw new
IllegalStateException(sm.getString("coyoteInputStream.null"));
+ }
return ib.isReady();
}
diff --git a/java/org/apache/catalina/connector/CoyoteOutputStream.java
b/java/org/apache/catalina/connector/CoyoteOutputStream.java
index 646f52c..ee00538 100644
--- a/java/org/apache/catalina/connector/CoyoteOutputStream.java
+++ b/java/org/apache/catalina/connector/CoyoteOutputStream.java
@@ -159,6 +159,9 @@ public class CoyoteOutputStream extends ServletOutputStream
{
@Override
public boolean isReady() {
+ if (ob == null) {
+ throw new
IllegalStateException(sm.getString("coyoteOutputStream.null"));
+ }
return ob.isReady();
}
diff --git a/java/org/apache/catalina/connector/LocalStrings.properties
b/java/org/apache/catalina/connector/LocalStrings.properties
index e17773e..6726b4a 100644
--- a/java/org/apache/catalina/connector/LocalStrings.properties
+++ b/java/org/apache/catalina/connector/LocalStrings.properties
@@ -35,8 +35,10 @@ coyoteConnector.protocolHandlerStartFailed=Protocol handler
start failed
coyoteConnector.protocolHandlerStopFailed=Protocol handler stop failed
coyoteInputStream.nbNotready=In non-blocking mode you may not read from the
ServletInputStream until the previous read has completed and isReady() returns
true
+coyoteInputStream.null=The input buffer object has been recycled and is no
longer associated with this facade
coyoteOutputStream.nbNotready=In non-blocking mode you may not write to the
ServletOutputStream until the previous write has completed and isReady()
returns true
+coyoteOutputStream.null=The output buffer object has been recycled and is no
longer associated with this facade
coyoteRequest.alreadyAuthenticated=This request has already been authenticated
coyoteRequest.attributeEvent=Exception thrown by attributes event listener
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index fe1864e..683a49d 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -116,6 +116,10 @@
Add additional locking to <code>DataSourceUserDatabase</code> to
provide
improved protection for concurrent modifications. (markt)
</fix>
+ <fix>
+ Add recycling check in the input and output stream isReady to try to
+ give a more informative ISE when the facade has been recycled. (remm)
+ </fix>
</changelog>
</subsection>
<subsection name="Coyote">
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
