Mantis Bugtracker
  

Viewing Issue Advanced Details Jump to Notes ] View Simple ] Issue History ] Print ]
ID Category Severity Reproducibility Date Submitted Last Update
0006093 [Resin] major always 09-14-17 09:27 10-12-17 14:48
Reporter zhaown View Status public  
Assigned To ferg
Priority normal Resolution fixed Platform
Status closed   OS
Projection none   OS Version
ETA none Fixed in Version 4.0.55 Product Version 4.0.53
  Product Build
Summary 0006093: Failed to parse readRequest when HTTP GET request is too long.
Description If a HTTP GET request is larger than TCP MTU, then it will be split into several TCP segments. In some case, the code in com.caucho.server.http.HttpRequest#readRequest() will be malfunctioning:

Let's say a 3500 bytes HTTP request which is transmitted by 3 TCP segments, Resin accept the connection and read the 1st segment which contains 1500 bytes: 'GET /abc?def...', then start to readRequest().

In "read URI" part(line 1122 to 1141), it will found readTail <= readOffset, then invoke fillUrlTail() that will read the 2nd and the 3rd TCP segment(I guess while Resin handling the 1st segment, TCP stack fills all the rest segments in to SocketInputStream's buffer, so that Resin can read them all), which contains the other 2000 bytes: 'xyz HTTP/1.1...'.

After read the whole URI which end with 'xyz', the readTail and readOffset are around 19xx, but the readLength is 14xx, so in the "skip whitespace" part, Resin found (readLength <= readOffset), it then tries to read more bytes from through s.fillBuffer(), which will block Resin since there is nothing to read, until socket timeout.

I can reproduce this 100%, but didn't found the most appropriate fix, any info would be appreciated, thanks.
Steps To Reproduce
Additional Information
Attached Files

- Relationships

There are no notes attached to this issue.

- Issue History
Date Modified Username Field Change
09-14-17 09:27 zhaown New Issue
09-14-17 09:28 zhaown Issue Monitored: zhaown
10-12-17 14:48 ferg Assigned To  => ferg
10-12-17 14:48 ferg Status new => closed
10-12-17 14:48 ferg Resolution open => fixed
10-12-17 14:48 ferg Fixed in Version  => 4.0.55


Mantis 1.0.0rc3[^]
Copyright © 2000 - 2005 Mantis Group
28 total queries executed.
25 unique queries executed.
Powered by Mantis Bugtracker