[tomcat] branch main updated: Avoid potential IndexOutOfBoundsException when matching HTTP/2 preface. Submitted #551 by 刘文章.
This is an automated email from the ASF dual-hosted git repository.
lihan pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 74babb122c Avoid potential IndexOutOfBoundsException when matching
HTTP/2 preface. Submitted #551 by 刘文章.
74babb122c is described below
commit 74babb122c9d4ab6d212cda1cf458fd655a2c3a3
Author: lihan
AuthorDate: Wed Sep 7 14:40:51 2022 +0800
Avoid potential IndexOutOfBoundsException when matching HTTP/2 preface.
Submitted #551 by 刘文章.
---
java/org/apache/coyote/http11/Http11InputBuffer.java | 2 +-
webapps/docs/changelog.xml | 5 +
2 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/java/org/apache/coyote/http11/Http11InputBuffer.java
b/java/org/apache/coyote/http11/Http11InputBuffer.java
index 06ff079c34..6496d8c2b2 100644
--- a/java/org/apache/coyote/http11/Http11InputBuffer.java
+++ b/java/org/apache/coyote/http11/Http11InputBuffer.java
@@ -366,7 +366,7 @@ public class Http11InputBuffer implements InputBuffer,
ApplicationBufferHandler
// Switch to the socket timeout.
wrapper.setReadTimeout(connectionTimeout);
}
-if (!keptAlive && byteBuffer.position() == 0 &&
byteBuffer.limit() >= CLIENT_PREFACE_START.length - 1) {
+if (!keptAlive && byteBuffer.position() == 0 &&
byteBuffer.limit() >= CLIENT_PREFACE_START.length) {
boolean prefaceMatch = true;
for (int i = 0; i < CLIENT_PREFACE_START.length &&
prefaceMatch; i++) {
if (CLIENT_PREFACE_START[i] != byteBuffer.get(i)) {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 4860a2b309..09aab642b7 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -218,6 +218,11 @@
the maximum value to 255. Based on a PR 548 by Stefan Mayr.
(lihan)
+
+551: Avoid potential IndexOutOfBoundsException by fixing
+incorrect check when matching HTTP/2 preface. Submitted by 刘文章.
+(lihan)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 10.0.x updated: Avoid potential IndexOutOfBoundsException when matching HTTP/2 preface. Submitted #551 by 刘文章.
This is an automated email from the ASF dual-hosted git repository.
lihan pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.0.x by this push:
new c7c87bf131 Avoid potential IndexOutOfBoundsException when matching
HTTP/2 preface. Submitted #551 by 刘文章.
c7c87bf131 is described below
commit c7c87bf131390a516bb39bfcc42e546a4e09bf5e
Author: lihan
AuthorDate: Wed Sep 7 14:40:51 2022 +0800
Avoid potential IndexOutOfBoundsException when matching HTTP/2 preface.
Submitted #551 by 刘文章.
---
java/org/apache/coyote/http11/Http11InputBuffer.java | 2 +-
webapps/docs/changelog.xml | 5 +
2 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/java/org/apache/coyote/http11/Http11InputBuffer.java
b/java/org/apache/coyote/http11/Http11InputBuffer.java
index 06ff079c34..6496d8c2b2 100644
--- a/java/org/apache/coyote/http11/Http11InputBuffer.java
+++ b/java/org/apache/coyote/http11/Http11InputBuffer.java
@@ -366,7 +366,7 @@ public class Http11InputBuffer implements InputBuffer,
ApplicationBufferHandler
// Switch to the socket timeout.
wrapper.setReadTimeout(connectionTimeout);
}
-if (!keptAlive && byteBuffer.position() == 0 &&
byteBuffer.limit() >= CLIENT_PREFACE_START.length - 1) {
+if (!keptAlive && byteBuffer.position() == 0 &&
byteBuffer.limit() >= CLIENT_PREFACE_START.length) {
boolean prefaceMatch = true;
for (int i = 0; i < CLIENT_PREFACE_START.length &&
prefaceMatch; i++) {
if (CLIENT_PREFACE_START[i] != byteBuffer.get(i)) {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 69184a6f09..d13f69ee36 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -213,6 +213,11 @@
the maximum value to 255. Based on a PR 548 by Stefan Mayr.
(lihan)
+
+551: Avoid potential IndexOutOfBoundsException by fixing
+incorrect check when matching HTTP/2 preface. Submitted by 刘文章.
+(lihan)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Avoid potential IndexOutOfBoundsException when matching HTTP/2 preface. Submitted #551 by 刘文章.
This is an automated email from the ASF dual-hosted git repository.
lihan pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 979ac3b5f3 Avoid potential IndexOutOfBoundsException when matching
HTTP/2 preface. Submitted #551 by 刘文章.
979ac3b5f3 is described below
commit 979ac3b5f3587980d738b890b11e8c1458c0943c
Author: lihan
AuthorDate: Wed Sep 7 14:40:51 2022 +0800
Avoid potential IndexOutOfBoundsException when matching HTTP/2 preface.
Submitted #551 by 刘文章.
---
java/org/apache/coyote/http11/Http11InputBuffer.java | 2 +-
webapps/docs/changelog.xml | 5 +
2 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/java/org/apache/coyote/http11/Http11InputBuffer.java
b/java/org/apache/coyote/http11/Http11InputBuffer.java
index cd15853a3f..9192f964f6 100644
--- a/java/org/apache/coyote/http11/Http11InputBuffer.java
+++ b/java/org/apache/coyote/http11/Http11InputBuffer.java
@@ -366,7 +366,7 @@ public class Http11InputBuffer implements InputBuffer,
ApplicationBufferHandler
// Switch to the socket timeout.
wrapper.setReadTimeout(connectionTimeout);
}
-if (!keptAlive && byteBuffer.position() == 0 &&
byteBuffer.limit() >= CLIENT_PREFACE_START.length - 1) {
+if (!keptAlive && byteBuffer.position() == 0 &&
byteBuffer.limit() >= CLIENT_PREFACE_START.length) {
boolean prefaceMatch = true;
for (int i = 0; i < CLIENT_PREFACE_START.length &&
prefaceMatch; i++) {
if (CLIENT_PREFACE_START[i] != byteBuffer.get(i)) {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index f9abcee2bc..ec3a553daa 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -213,6 +213,11 @@
the maximum value to 255. Based on a PR 548 by Stefan Mayr.
(lihan)
+
+551: Avoid potential IndexOutOfBoundsException by fixing
+incorrect check when matching HTTP/2 preface. Submitted by 刘文章.
+(lihan)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Avoid potential IndexOutOfBoundsException when matching HTTP/2 preface. Submitted #551 by 刘文章.
This is an automated email from the ASF dual-hosted git repository.
lihan pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 0feed3deb8 Avoid potential IndexOutOfBoundsException when matching
HTTP/2 preface. Submitted #551 by 刘文章.
0feed3deb8 is described below
commit 0feed3deb8689082d1f153c164ee1e836d063328
Author: lihan
AuthorDate: Wed Sep 7 14:40:51 2022 +0800
Avoid potential IndexOutOfBoundsException when matching HTTP/2 preface.
Submitted #551 by 刘文章.
---
java/org/apache/coyote/http11/Http11InputBuffer.java | 2 +-
webapps/docs/changelog.xml | 5 +
2 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/java/org/apache/coyote/http11/Http11InputBuffer.java
b/java/org/apache/coyote/http11/Http11InputBuffer.java
index eef700d5f5..608e2b1fb6 100644
--- a/java/org/apache/coyote/http11/Http11InputBuffer.java
+++ b/java/org/apache/coyote/http11/Http11InputBuffer.java
@@ -381,7 +381,7 @@ public class Http11InputBuffer implements InputBuffer,
ApplicationBufferHandler
// Switch to the socket timeout.
wrapper.setReadTimeout(wrapper.getEndpoint().getConnectionTimeout());
}
-if (!keptAlive && byteBuffer.position() == 0 &&
byteBuffer.limit() >= CLIENT_PREFACE_START.length - 1) {
+if (!keptAlive && byteBuffer.position() == 0 &&
byteBuffer.limit() >= CLIENT_PREFACE_START.length) {
boolean prefaceMatch = true;
for (int i = 0; i < CLIENT_PREFACE_START.length &&
prefaceMatch; i++) {
if (CLIENT_PREFACE_START[i] != byteBuffer.get(i)) {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index b304535e52..0d65d7aeca 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -172,6 +172,11 @@
the maximum value to 255. Based on a PR 548 by Stefan Mayr.
(lihan)
+
+551: Avoid potential IndexOutOfBoundsException by fixing
+incorrect check when matching HTTP/2 preface. Submitted by 刘文章.
+(lihan)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] aooohan commented on pull request #551: Update Http11InputBuffer.java
aooohan commented on PR #551: URL: https://github.com/apache/tomcat/pull/551#issuecomment-1239031095 Merge manually. Thanks for the PR. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] aooohan closed pull request #551: Update Http11InputBuffer.java
aooohan closed pull request #551: Update Http11InputBuffer.java URL: https://github.com/apache/tomcat/pull/551 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 62312] Add Proxy Authentication support to websocket client
https://bz.apache.org/bugzilla/show_bug.cgi?id=62312 --- Comment #9 from radhika.j...@veritas.com --- We need the proxy basic authentication support for websocket connection as we are using the tomcat websocket client library. Any possibility of this getting it bundled with the 9.0.x version of Tomcat? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] markt-asf commented on pull request #550: Http11Processor's keep alive state and input buffer's swallow state must be synchronized
markt-asf commented on PR #550: URL: https://github.com/apache/tomcat/pull/550#issuecomment-1239284952 I suspect the call in `Http11Processor.ack()` can also be removed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Apache Tomcat migration tool for Jakarta EE 1.0.3
On 06/09/2022 15:30, Mark Thomas wrote: The proposed Apache Tomcat migration tool for Jakarta EE 1.0.3 is now available for voting. The significant changes since 1.0.1 are: - Issue #26 - bad CRC checksums - Issue #32 - Manifests in exploded JARs It can be obtained from: https://dist.apache.org/repos/dist/dev/tomcat/jakartaee-migration/v1.0.3/ The Maven staging repo is: https://repository.apache.org/content/repositories/orgapachetomcat-1387/ The tag is: https://github.com/apache/tomcat-jakartaee-migration/tree/1.0.3 a5e9028e610b7b2ac1ef6fbef8a96dc3d97d7a45 The proposed 1.0.3 release is: [ ] -1: Broken. Do not release because... [X] +1: Acceptable. Go ahead and release. Tested by deploying Tomcat 9.0.x examples web application to Tomcat 10.1.x Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Apache Tomcat migration tool for Jakarta EE 1.0.3
On Tue, Sep 6, 2022 at 4:30 PM Mark Thomas wrote: > > The proposed Apache Tomcat migration tool for Jakarta EE 1.0.3 is now > available for voting. > > The significant changes since 1.0.1 are: > > - Issue #26 - bad CRC checksums > - Issue #32 - Manifests in exploded JARs > > It can be obtained from: > https://dist.apache.org/repos/dist/dev/tomcat/jakartaee-migration/v1.0.3/ > > The Maven staging repo is: > https://repository.apache.org/content/repositories/orgapachetomcat-1387/ > > The tag is: > https://github.com/apache/tomcat-jakartaee-migration/tree/1.0.3 > a5e9028e610b7b2ac1ef6fbef8a96dc3d97d7a45 > > The proposed 1.0.3 release is: > > [ ] -1: Broken. Do not release because... > [X] +1: Acceptable. Go ahead and release. Remy > Thanks, > > Mark > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] malaysf commented on pull request #550: Http11Processor's keep alive state and input buffer's swallow state must be synchronized
malaysf commented on PR #550: URL: https://github.com/apache/tomcat/pull/550#issuecomment-1239848521 Are you referring to the call to `inputBuffer.setSwallowInput(true);` in `Http11Processor.ack`? That does appear to be unnecessary now. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] markt-asf commented on pull request #550: Http11Processor's keep alive state and input buffer's swallow state must be synchronized
markt-asf commented on PR #550: URL: https://github.com/apache/tomcat/pull/550#issuecomment-1240278052 > Are you referring to the call to `inputBuffer.setSwallowInput(true);` in `Http11Processor.ack`? That does appear to be unnecessary now. Yes. That was the one. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
