This is an automated email from the ASF dual-hosted git repository.
markap14 pushed a commit to branch support/nifi-1.x
in repository https://gitbox.apache.org/repos/asf/nifi.git
The following commit(s) were added to refs/heads/support/nifi-1.x by this push:
new 65436cb829 NIFI-11680 Corrected Buffer Size Calculation for Connection
Balancing (#7370)
65436cb829 is described below
commit 65436cb829472f1d2e9f4cb84ab87cf807c33825
Author: exceptionfactory <[email protected]>
AuthorDate: Tue Jun 13 10:01:27 2023 -0500
NIFI-11680 Corrected Buffer Size Calculation for Connection Balancing
(#7370)
- Resolved BufferOverflowException in PeerChannel with Bouncy Castle
Provider
- Changed prepareForWrite() to use Destination Buffer remaining instead of
Application Buffer Size
- Changed encrypt() to Packet Buffer Size instead of Application Buffer Size
---
.../clustered/client/async/nio/PeerChannel.java | 20 +++++++++++---------
1 file changed, 11 insertions(+), 9 deletions(-)
diff --git
a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/controller/queue/clustered/client/async/nio/PeerChannel.java
b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/controller/queue/clustered/client/async/nio/PeerChannel.java
index 5bee319089..abb69a3e87 100644
---
a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/controller/queue/clustered/client/async/nio/PeerChannel.java
+++
b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/controller/queue/clustered/client/async/nio/PeerChannel.java
@@ -162,12 +162,13 @@ public class PeerChannel implements Closeable {
while (plaintext.hasRemaining()) {
encrypt(plaintext);
- final int bytesRemaining = prepared.capacity() -
prepared.position();
- if (bytesRemaining < destinationBuffer.remaining()) {
- final ByteBuffer temp =
ByteBuffer.allocate(prepared.capacity() +
sslEngine.getSession().getApplicationBufferSize());
+ final int destinationBufferRemaining =
destinationBuffer.remaining();
+ if (prepared.remaining() < destinationBufferRemaining) {
+ // Expand Prepared Buffer to hold current bytes plus remaining
size of Destination Buffer
+ final ByteBuffer expanded =
ByteBuffer.allocate(prepared.capacity() + destinationBufferRemaining);
prepared.flip();
- temp.put(prepared);
- prepared = temp;
+ expanded.put(prepared);
+ prepared = expanded;
}
prepared.put(destinationBuffer);
@@ -289,11 +290,12 @@ public class PeerChannel implements Closeable {
case CLOSED:
throw new IOException("Failed to encrypt data to write to
Peer " + peerDescription + " because Peer unexpectedly closed connection");
case BUFFER_OVERFLOW:
- // destinationBuffer is not large enough. Need to increase
the size.
- final ByteBuffer tempBuffer =
ByteBuffer.allocate(destinationBuffer.capacity() +
sslEngine.getSession().getApplicationBufferSize());
+ // Expand Destination Buffer using current capacity plus
encrypted Packet Buffer Size
+ final int packetBufferSize =
sslEngine.getSession().getPacketBufferSize();
+ final ByteBuffer expanded =
ByteBuffer.allocate(destinationBuffer.capacity() + packetBufferSize);
destinationBuffer.flip();
- tempBuffer.put(destinationBuffer);
- destinationBuffer = tempBuffer;
+ expanded.put(destinationBuffer);
+ destinationBuffer = expanded;
break;
case BUFFER_UNDERFLOW:
// We should never get this result on a call to
SSLEngine.wrap(), only on a call to unwrap().
