On 19/09/2016 11:13, Rémy Maucherat wrote: > 2016-08-24 12:26 GMT+02:00 <ma...@apache.org>: > >> Author: markt >> Date: Wed Aug 24 10:26:08 2016 >> New Revision: 1757487 >> >> URL: http://svn.apache.org/viewvc?rev=1757487&view=rev >> Log: >> Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=60030 >> Correct a potential infinite loop in the SNI parsing code triggered by >> failing to handle an end of stream condition. >> > > Following an email on the user list, I don't quite understand why it > doesn't return -1 to abort the handshake since it got an EOF from the > network read (so it's over after that). When returning 0, it proceeds with > a handshake while nothing is initialized (like the handshakeStatus, buffers > to their appropriate sizes, etc. > Did I miss something ?
I don't think so. >From what I recall, I was aiming to keep the SNI code as unobtrusive as possible so I went for the return value that would let processing continue as if the SNI code had never been called. I agree returning -1 and failing earlier would be better in this case. Mark <snip/> >> Modified: tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/SecureN >> ioChannel.java >> URL: http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/java/org/a >> pache/tomcat/util/net/SecureNioChannel.java?rev=1757487&r1= >> 1757486&r2=1757487&view=diff >> ============================================================ >> ================== >> --- >> tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/SecureNioChannel.java >> (original) >> +++ >> tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/SecureNioChannel.java >> Wed Aug 24 10:26:08 2016 >> @@ -257,7 +257,12 @@ public class SecureNioChannel extends Ni >> */ >> private int processSNI() throws IOException { >> // Read some data into the network input buffer so we can peek at >> it. >> - sc.read(netInBuffer); >> + int bytesRead = sc.read(netInBuffer); >> + if (bytesRead == -1) { >> + // Reached end of stream before SNI could be processed. Treat >> this >> + // as if no SNI was present. >> + return 0; >> + } >> TLSClientHelloExtractor extractor = new >> TLSClientHelloExtractor(netInBuffer); >> >> while (extractor.getResult() == ExtractorResult.UNDERFLOW && <snip/> --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
