Re: Candidate binaries for 6.0.12

2007-04-30 Thread Remy Maucherat 

Mladen Turk wrote:

Remy Maucherat wrote:
The candidates binaries in which I suppose a horrible bug will be 
found in about 5 minutes are available here:

http://people.apache.org/~remm/tomcat-6/v6.0.12/



Tested on all windows versions and linux.
Works fine. Will you propose a vote?


I don't know, there are some issues with the comet stuff.

Rémy

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 42298] New: - Malformed request causes CPU overload

2007-04-30 Thread bugzilla 
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=42298

   Summary: Malformed request causes CPU overload
   Product: Tomcat 5
   Version: 5.5.17
  Platform: Other
OS/Version: Linux
Status: NEW
  Severity: critical
  Priority: P2
 Component: Catalina
AssignedTo: [EMAIL PROTECTED]
ReportedBy: [EMAIL PROTECTED]


I was posting some XML to a servlet running under Tomcat as part of some junit
testing. Unfortunately, I got the content-length parameter of the request wrong
(too short) in all the junit test posts.

This wouldn't be anything to worry about except that it caused one thread of the
Tomcat server to go to 100% CPU usage and stay there until I did a shutdown.sh
on Tomcat (over an hour). This would be ideal for a DoS attack.

>From the access log (fast common access valve version) the overhang of the
content of one post was being taken as the beginning of the next post so I had
posts which started with odd things (URL encoded XML tags in this case). I am
not sure if this is what caused the problem (i.e. URL encoded <,>  or /
characters at the beginning of the post content).

Of course it could just be that my servlet went into an infinite loop, but I
couldn't see any evidence of that.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Candidate binaries for 6.0.12

2007-04-30 Thread Filip Hanik - Dev Lists 

Remy Maucherat wrote:

Mladen Turk wrote:

Remy Maucherat wrote:
The candidates binaries in which I suppose a horrible bug will be 
found in about 5 minutes are available here:

http://people.apache.org/~remm/tomcat-6/v6.0.12/



Tested on all windows versions and linux.
Works fine. Will you propose a vote?


I don't know, there are some issues with the comet stuff.
you're the RM, your decision, and version numbers are cheap, so if you 
think we got it under control, lets wait a little longer and maybe do a .13

Filip


Rémy

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]






-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 42298] - Malformed request causes CPU overload

2007-04-30 Thread bugzilla 
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=42298


[EMAIL PROTECTED] changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution||INVALID




--- Additional Comments From [EMAIL PROTECTED]  2007-04-30 08:50 ---
We will look into this problem if you can provide a test case.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Candidate binaries for 6.0.12

2007-04-30 Thread Remy Maucherat 

Filip Hanik - Dev Lists wrote:
you're the RM, your decision, and version numbers are cheap, so if you 
think we got it under control, lets wait a little longer and maybe do a .13


I know. At the moment I would like some testing of the comet event 
changes I committed. I thought you had a proposal to make, also (?).


Rémy

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 40668] - MailSessionFactory is missing in Tomcat 5.5.23

2007-04-30 Thread bugzilla 
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=40668


[EMAIL PROTECTED] changed:

   What|Removed |Added

 CC||[EMAIL PROTECTED]




-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Candidate binaries for 6.0.12

2007-04-30 Thread Filip Hanik - Dev Lists 

Remy Maucherat wrote:

Filip Hanik - Dev Lists wrote:
you're the RM, your decision, and version numbers are cheap, so if 
you think we got it under control, lets wait a little longer and 
maybe do a .13


I know. At the moment I would like some testing of the comet event 
changes I committed. I thought you had a proposal to make, also (?).

I wanna save any new stuff until we have a stable release out,
once we have a stable vote, we can move on.
Filip


Rémy

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]






-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r533881 - /tomcat/tc6.0.x/trunk/webapps/examples/WEB-INF/classes/chat/ChatServlet.java

2007-04-30 Thread remm 
Author: remm
Date: Mon Apr 30 16:36:10 2007
New Revision: 533881

URL: http://svn.apache.org/viewvc?view=rev&rev=533881
Log:
- New read loop (much more conventional using the more accurate 
InputStream.available() method).

Modified:
tomcat/tc6.0.x/trunk/webapps/examples/WEB-INF/classes/chat/ChatServlet.java

Modified: 
tomcat/tc6.0.x/trunk/webapps/examples/WEB-INF/classes/chat/ChatServlet.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/examples/WEB-INF/classes/chat/ChatServlet.java?view=diff&rev=533881&r1=533880&r2=533881
==
--- tomcat/tc6.0.x/trunk/webapps/examples/WEB-INF/classes/chat/ChatServlet.java 
(original)
+++ tomcat/tc6.0.x/trunk/webapps/examples/WEB-INF/classes/chat/ChatServlet.java 
Mon Apr 30 16:36:10 2007
@@ -149,16 +149,18 @@
 throws IOException, ServletException {
 InputStream is = request.getInputStream();
 byte[] buf = new byte[512];
-do {
+while (is.available() > 0) {
+log("Available: " + is.available());
 int n = is.read(buf);
 if (n > 0) {
 log("Read " + n + " bytes: " + new String(buf, 0, n) 
 + " for session: " + request.getSession(true).getId());
 } else if (n < 0) {
-error(event, request, response);
+log("End of file: " + n);
+end(event, request, response);
 return;
 }
-} while (is.available() > 0);
+}
 }
 
 protected void service(HttpServletRequest request, HttpServletResponse 
response)



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r533882 - /tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/InputBuffer.java

2007-04-30 Thread remm 
Author: remm
Date: Mon Apr 30 16:39:41 2007
New Revision: 533882

URL: http://svn.apache.org/viewvc?view=rev&rev=533882
Log:
- Obvious typo in didRead. Ooops. Maybe Eclipse did that.
- Return 1 for available when using a Comet read and no real read was done 
(actually, it could well be good enough
  to only use didRead to get an "accurate" available() method, but it could 
probably be useful for blocking IO).

Modified:
tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/InputBuffer.java

Modified: 
tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/InputBuffer.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/InputBuffer.java?view=diff&rev=533882&r1=533881&r2=533882
==
--- tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/InputBuffer.java 
(original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/connector/InputBuffer.java 
Mon Apr 30 16:39:41 2007
@@ -101,7 +101,7 @@
 /**
  * Flag which if a read was performed.
  */
-private boolean didRead = false;
+private boolean didRead = true;
 
 
 /**
@@ -274,12 +274,20 @@
 coyoteRequest.action(ActionCode.ACTION_AVAILABLE, null);
 available = (coyoteRequest.getAvailable() > 0) ? 1 : 0;
 }
+if ((available == 0) && !didRead) {
+// This is a comet read and no read was done: at least one
+// read can be made without blocking (in very rare cases, it will
+// reach the end of the stream, for example if the bytes sent 
+// were from a next request, or if the request content-length is
+// wrong)
+available = 1;
+}
 return available;
 }
 
 
 public boolean didRead() {
-return didRead();
+return didRead;
 }
 
 



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 40668] - MailSessionFactory is missing in Tomcat 5.5.23

2007-04-30 Thread bugzilla 
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=40668


[EMAIL PROTECTED] changed:

   What|Removed |Added

 CC||[EMAIL PROTECTED]




--- Additional Comments From [EMAIL PROTECTED]  2007-04-30 19:44 ---
add cc

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]