[jira] [Commented] (HTTPCORE-263) IndexOutOfBoundsException thrown in AbstractSessionInputBuffer.readLine()

Tue, 22 May 2012 09:41:25 -0700 

    [ 
https://issues.apache.org/jira/browse/HTTPCORE-263?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13281092#comment-13281092
 ] 

Michael Pujos commented on HTTPCORE-263:
----------------------------------------

After more thinking about it I finally found a test case where it happens.

First I think it can only happens with http requests having a body, which means 
HttpEntityEnclosingRequest requests. That is, at least PUT and POST requests.

In the attached test case, a special POST request is emitted with a bogus 
Content-Length so the bug triggers in lineFromReadBuffer: pos == this.bufferpos 
and this.buffer[pos - 1] == HTTP.CR.

When executed the test case ouput is (I added logging of values of pos and 
this.bufferpos when entering lineFromReadBuffer()) :

Entering blocking receiving loop, listening for HTTP stream requests on: 
0.0.0.0/0.0.0.0:8899
Incoming connection from: /127.0.0.1
Handling request on open connection...
lineFromReadBuffer(): pos: 16 this.bufferpos: 0
lineFromReadBuffer(): pos: 35 this.bufferpos: 17
lineFromReadBuffer(): pos: 37 this.bufferpos: 36
Processing HTTP request: POST / HTTP/1.1
Handling request on open connection...
lineFromReadBuffer(): pos: 43 this.bufferpos: 43
Exception in thread "pool-1-thread-1" java.lang.IndexOutOfBoundsException: off: 
43 len: -1 b.length: 8192
        at 
com.bubblesoft.org.apache.http.util.CharArrayBuffer.append(CharArrayBuffer.java:185)
        at 
com.bubblesoft.org.apache.http.impl.io.AbstractSessionInputBuffer.lineFromReadBuffer(AbstractSessionInputBuffer.java:337)
        at 
com.bubblesoft.org.apache.http.impl.io.AbstractSessionInputBuffer.readLine(AbstractSessionInputBuffer.java:251)
        at 
com.bubblesoft.org.apache.http.impl.io.HttpRequestParser.parseHead(HttpRequestParser.java:90)
        at 
com.bubblesoft.org.apache.http.impl.io.AbstractMessageParser.parse(AbstractMessageParser.java:252)
        at 
com.bubblesoft.org.apache.http.impl.AbstractHttpServerConnection.receiveRequestHeader(AbstractHttpServerConnection.java:242)
        at 
com.bubblesoft.org.apache.http.protocol.HttpService.handleRequest(HttpService.java:238)
        at HttpCoreBug$1.run(HttpCoreBug.java:125)
        at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown 
Source)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
        at java.lang.Thread.run(Unknown Source)

                
> IndexOutOfBoundsException thrown in AbstractSessionInputBuffer.readLine()
> -------------------------------------------------------------------------
>
>                 Key: HTTPCORE-263
>                 URL: https://issues.apache.org/jira/browse/HTTPCORE-263
>             Project: HttpComponents HttpCore
>          Issue Type: Bug
>          Components: HttpCore
>    Affects Versions: 4.1.1
>         Environment: reported on Android  2.3.3 using repackaged httpcore 
> 4.1.1, optimized and obfuscated with Proguard
>            Reporter: Michael Pujos
>            Priority: Minor
>             Fix For: 4.2.1
>
>         Attachments: HttpCoreBug.java, HttpCoreBug.java
>
>
> I've got the exception below reported in my Android app using (repackaged) 
> httpcore 4.1.1:
> java.lang.IndexOutOfBoundsException: off: 1088 len: -1 b.length: 8192
>       at org.apache.http.util.CharArrayBuffer.append(SourceFile:185)
>       at 
> org.apache.http.impl.io.AbstractSessionInputBuffer.readLine(SourceFile:251)
>       at org.apache.http.impl.io.HttpRequestParser.parseHead(SourceFile:90)
>       at 
> org.apache.http.impl.io.AbstractMessageParser.parseHead(SourceFile:252)
>                                                                  parse
>       at 
> org.apache.http.impl.AbstractHttpServerConnection.receiveRequestHeader(SourceFile:242)
>       at org.apache.http.protocol.HttpService.handleRequest(SourceFile:238)
>       at 
> org.teleal.cling.transport.impl.apache.HttpServerConnectionUpnpStream.run(SourceFile:116)
>       at 
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1088)
>       at 
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:581)
>       at java.lang.Thread.run(Thread.java:1019)
> It seems to be very rare. Stack trace line number (185) in 
> AbstractSessionInputBuffer doesn't exaclty match the exact line number of the 
> offending append() call (probably due to Proguard).
> However,  there are 2 append() calls in readLine(), and it looks like one of 
> them is called with len = -1, triggering the IndexOutOfBoundsException in 
> append()

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to