[Bug 66325] New: NestedState concurrency issue

Wed, 26 Oct 2022 03:58:05 -0700 

https://bz.apache.org/bugzilla/show_bug.cgi?id=66325

            Bug ID: 66325
           Summary: NestedState concurrency issue
           Product: Tomcat 8
           Version: 8.5.69
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: EL
          Assignee: dev@tomcat.apache.org
          Reporter: manuelramonleonjime...@gmail.com
  Target Milestone: ----

We faced a jsp exception because the nestedState object is not properly
synchronized. Even though the line triggering the exception is commented with
"Should never happen", it happened to us making the page break.

The lines involved are:

<c:set var="aName">
   <c:out value="${someVariable.stream().filter(i -> i.getEvent() ==
'a-value').map(e -> e.getAsJson()).findFirst().orElse('')}" />
</c:set>

The error is:

SEVERE: Servlet.service() for servlet [bestsecret] in context with path []
threw exception [An exception occurred processing [/...] at line ...

...
java.lang.IllegalStateException: Nested state may only be set once
        at
org.apache.el.parser.AstLambdaExpression.setNestedState(AstLambdaExpression.java:123)
        at
org.apache.el.parser.AstLambdaExpression.getNestedState(AstLambdaExpression.java:114)
        at
org.apache.el.parser.AstLambdaExpression.getValue(AstLambdaExpression.java:43)
        at
org.apache.el.parser.AstMethodParameters.getParameters(AstMethodParameters.java:33)
        at org.apache.el.parser.AstValue.getValue(AstValue.java:157)
        at
org.apache.el.ValueExpressionImpl.getValue(ValueExpressionImpl.java:189)

Lines with the issue:
https://github.com/apache/tomcat/blob/main/java/org/apache/el/parser/AstLambdaExpression.java#L112-L124

The issue IMO is that between the check at line 113 and the check at line 121,
the nestedState is set, so the execution enters in the if triggering the
unexpected exception, breaking the whole JSP page. The blocks should be
synchronized on the object or any other measure taken.

Please fix it as you consider the better.

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to