[Bug 60232] New: HTTP/2 connector stuck when parsing big http header

Mon, 10 Oct 2016 07:28:14 -0700 

https://bz.apache.org/bugzilla/show_bug.cgi?id=60232

            Bug ID: 60232
           Summary: HTTP/2 connector stuck when parsing big http header
           Product: Tomcat 8
           Version: 8.5.5
          Hardware: PC
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Catalina
          Assignee: dev@tomcat.apache.org
          Reporter: barney...@gmail.com

HTTP/2 connector of tomcat 8.5.5 is getting stuck (endless busy loop) when
parsing a big (e.g. 30kb) http header.

Steps to reproduce using apache-tomcat-8.5.5-windows-x86.zip on windows 7 (64)
and jre 1.8.0_102 (32):
1.) configure a https connector including http2 upgrade, e.g.
    <Connector port="8443"
protocol="org.apache.coyote.http11.Http11AprProtocol"
               maxThreads="150" SSLEnabled="true">
        <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
        <SSLHostConfig>
            <Certificate certificateKeyFile="key.key"
                         certificateFile="cert.crt"
                         />
        </SSLHostConfig>
    </Connector>

2.) Point Firefox to https://localhost:8443/, verify HTTP/2 is used using
Network View in Developer Tools
3.) For the verified request, use 'Edit and Resend' to add a big http header,
e.g.
X-Big-Header: <put 30kb of text here>
and send that request
4.) The request never returns, and Windows Task Manager shows that tomcat's
java vm now fully uses one core
5.) Stacktrace of the stuck thread looks like this:

Name: https-openssl-apr-8443-exec-6
State: RUNNABLE
Total blocked: 0  Total waited: 1

Stack trace: 
org.apache.coyote.http2.HPackHuffman.decode(HPackHuffman.java:383)
org.apache.coyote.http2.HpackDecoder.readHuffmanString(HpackDecoder.java:215)
org.apache.coyote.http2.HpackDecoder.readHpackString(HpackDecoder.java:204)
org.apache.coyote.http2.HpackDecoder.readHeaderName(HpackDecoder.java:188)
org.apache.coyote.http2.HpackDecoder.decode(HpackDecoder.java:116)
org.apache.coyote.http2.Http2Parser.readHeaderBlock(Http2Parser.java:404)
org.apache.coyote.http2.Http2Parser.readHeadersFrame(Http2Parser.java:246)
org.apache.coyote.http2.Http2Parser.readFrame(Http2Parser.java:96)
org.apache.coyote.http2.Http2Parser.readFrame(Http2Parser.java:68)
org.apache.coyote.http2.Http2UpgradeHandler.upgradeDispatch(Http2UpgradeHandler.java:314)
org.apache.coyote.http11.upgrade.UpgradeProcessorInternal.dispatch(UpgradeProcessorInternal.java:54)
org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:53)
org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:802)
org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.doRun(AprEndpoint.java:2241)
org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
   - locked org.apache.tomcat.util.net.AprEndpoint$AprSocketWrapper@cd6eb
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
java.lang.Thread.run(Thread.java:745)


In case you're wondering what the use-case for such big headers is: they
actually occur when using SPNEGO/Kerberos. The 'Negotiate'-Header can easily be
dozens of KB long.

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to