[jira] [Commented] (FTPSERVER-424) Leak of allowed passive ports

Tue, 11 Apr 2017 07:42:01 -0700 

    [ 
https://issues.apache.org/jira/browse/FTPSERVER-424?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15964460#comment-15964460
 ] 

Harry Gu commented on FTPSERVER-424:
------------------------------------

I don't seem to have a direct way for contributing the fixed code, so I'm 
describing the fix here. Could one of the committers take care of this please?

Class: org.apache.ftpserver.impl.PassivePorts

Change:
    Line 218:
        from:
                freeList.remove(i);
        to:
                freeList.remove(ret);

Explanation:
When a passive port is already in use by another process (either used for other 
purposes or still in the process of being closed), the code at line 223 will 
remove the item from freeCopy list, and make freeCopy out of sync with 
freeList. As a result, during the next round within the while loop, line 218 
may remove the wrong port from freeList as the positions have been shifted. In 
other words, a free port is removed from the pool and the used port still 
remains. This can happen more and more on the server and eventually run out of 
free ports in freeList.
The fix uses "ret" instead of "i", so the right port that's represented as an 
Integer object is removed from freeList.

Please let me know if it's still unclear. It would be a great if the release 
can be cut quickly. Thanks!


> Leak of allowed passive ports
> -----------------------------
>
>                 Key: FTPSERVER-424
>                 URL: https://issues.apache.org/jira/browse/FTPSERVER-424
>             Project: FtpServer
>          Issue Type: Bug
>    Affects Versions: 1.0.6
>            Reporter: Taras Puchko
>         Attachments: ApacheJMeter_addons.jar, 
> FTPS_All-in-One_1MB_200VU_upload.jmx, MINA_Config.zip, MINA_FTP_Error.txt, 
> Snapshots.zip
>
>
> In several hours after start the server cannot accept passive connections if 
> allowed passive ports are configured.
> This is caused by FTPSERVER-420, 
> org.apache.ftpserver.impl.PassivePorts.reserveNextPort() lines 218-219,
> where the value removed from the freeList might be different from the value 
> added to the usedList, if checkPortUnbound returns false before.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Reply via email to