Author: markt
Date: Wed May 4 18:32:05 2011
New Revision: 1099556
URL: http://svn.apache.org/viewvc?rev=1099556&view=rev
Log:
Improve handling of too large packets in AJP connectors
- Explicitly check the packet size rather than waiting to see if it fails
- Provide a better debug message when it does fail
- Once we know we have a bad request, don't try to process it
Modified:
tomcat/trunk/java/org/apache/coyote/ajp/AjpAprProcessor.java
tomcat/trunk/java/org/apache/coyote/ajp/AjpProcessor.java
tomcat/trunk/java/org/apache/coyote/ajp/LocalStrings.properties
tomcat/trunk/webapps/docs/changelog.xml
Modified: tomcat/trunk/java/org/apache/coyote/ajp/AjpAprProcessor.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/ajp/AjpAprProcessor.java?rev=1099556&r1=1099555&r2=1099556&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/ajp/AjpAprProcessor.java (original)
+++ tomcat/trunk/java/org/apache/coyote/ajp/AjpAprProcessor.java Wed May 4
18:32:05 2011
@@ -263,17 +263,19 @@ public class AjpAprProcessor extends Abs
error = true;
}
- // Setting up filters, and parse some request headers
- rp.setStage(org.apache.coyote.Constants.STAGE_PREPARE);
- try {
- prepareRequest();
- } catch (Throwable t) {
- ExceptionUtils.handleThrowable(t);
- log.debug(sm.getString("ajpprocessor.request.prepare"), t);
- // 400 - Internal Server Error
- response.setStatus(400);
- adapter.log(request, response, 0);
- error = true;
+ if (!error) {
+ // Setting up filters, and parse some request headers
+ rp.setStage(org.apache.coyote.Constants.STAGE_PREPARE);
+ try {
+ prepareRequest();
+ } catch (Throwable t) {
+ ExceptionUtils.handleThrowable(t);
+ log.debug(sm.getString("ajpprocessor.request.prepare"), t);
+ // 400 - Internal Server Error
+ response.setStatus(400);
+ adapter.log(request, response, 0);
+ error = true;
+ }
}
// Process the request in the adapter
@@ -621,6 +623,14 @@ public class AjpAprProcessor extends Abs
return true;
}
else {
+ if (messageLength > message.getBuffer().length) {
+ // Message too long for the buffer
+ // Need to trigger a 400 response
+ throw new IllegalArgumentException(sm.getString(
+ "ajpprocessor.header.tooLong",
+ Integer.valueOf(messageLength),
+ Integer.valueOf(message.getBuffer().length)));
+ }
read(messageLength);
inputBuffer.get(message.getBuffer(), headerLength, messageLength);
return true;
Modified: tomcat/trunk/java/org/apache/coyote/ajp/AjpProcessor.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/ajp/AjpProcessor.java?rev=1099556&r1=1099555&r2=1099556&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/ajp/AjpProcessor.java (original)
+++ tomcat/trunk/java/org/apache/coyote/ajp/AjpProcessor.java Wed May 4
18:32:05 2011
@@ -274,17 +274,19 @@ public class AjpProcessor extends Abstra
error = true;
}
- // Setting up filters, and parse some request headers
- rp.setStage(org.apache.coyote.Constants.STAGE_PREPARE);
- try {
- prepareRequest();
- } catch (Throwable t) {
- ExceptionUtils.handleThrowable(t);
- log.debug(sm.getString("ajpprocessor.request.prepare"), t);
- // 400 - Internal Server Error
- response.setStatus(400);
- adapter.log(request, response, 0);
- error = true;
+ if (!error) {
+ // Setting up filters, and parse some request headers
+ rp.setStage(org.apache.coyote.Constants.STAGE_PREPARE);
+ try {
+ prepareRequest();
+ } catch (Throwable t) {
+ ExceptionUtils.handleThrowable(t);
+ log.debug(sm.getString("ajpprocessor.request.prepare"), t);
+ // 400 - Internal Server Error
+ response.setStatus(400);
+ adapter.log(request, response, 0);
+ error = true;
+ }
}
if (endpoint.isPaused()) {
@@ -570,6 +572,14 @@ public class AjpProcessor extends Abstra
return true;
}
else {
+ if (messageLength > buf.length) {
+ // Message too long for the buffer
+ // Need to trigger a 400 response
+ throw new IllegalArgumentException(sm.getString(
+ "ajpprocessor.header.tooLong",
+ Integer.valueOf(messageLength),
+ Integer.valueOf(buf.length)));
+ }
read(buf, headerLength, messageLength);
return true;
}
Modified: tomcat/trunk/java/org/apache/coyote/ajp/LocalStrings.properties
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/ajp/LocalStrings.properties?rev=1099556&r1=1099555&r2=1099556&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/ajp/LocalStrings.properties (original)
+++ tomcat/trunk/java/org/apache/coyote/ajp/LocalStrings.properties Wed May 4
18:32:05 2011
@@ -34,6 +34,7 @@ ajpprotocol.request.register=Error regis
ajpprocessor.failedflush=Failed to flush AJP message
ajpprocessor.failedsend=Failed to send AJP message
ajpprocessor.header.error=Header message parsing failed
+ajpprocessor.header.tooLong=Header message of length [{0}] received but the
packetSize is only [{1}]
ajpprocessor.request.prepare=Error preparing request
ajpprocessor.request.process=Error processing request
ajpprocessor.certs.fail=Certificate conversion failed
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1099556&r1=1099555&r2=1099556&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Wed May 4 18:32:05 2011
@@ -147,6 +147,10 @@
handshake fails with the HTTP-APR connector. Patch provided by Mike
Glazer. (markt)
</fix>
+ <fix>
+ Improve handling in AJP connectors of the case where too large a AJP
+ packet is received. (markt)
+ </fix>
</changelog>
</subsection>
<subsection name="Jasper">
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
