You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2012/08/08 01:28:11 UTC
[Bug 53677] New: ArrayIndexOutOfBoundsException when response header
exceeds maxHttpHeaderSize
https://issues.apache.org/bugzilla/show_bug.cgi?id=53677
Priority: P2
Bug ID: 53677
Assignee: dev@tomcat.apache.org
Summary: ArrayIndexOutOfBoundsException when response header
exceeds maxHttpHeaderSize
Severity: normal
Classification: Unclassified
Reporter: dan8mx@gmail.com
Hardware: PC
Status: NEW
Version: 6.0.35
Component: Catalina
Product: Tomcat 6
Created attachment 29184
--> https://issues.apache.org/bugzilla/attachment.cgi?id=29184&action=edit
Small sample web app
When a servlet adds enough information to a response exceed the
maxHttpHeaderSize limitconfigured for an HTTP 1.1 connector, an
ArrayIndexOutOfBoundsException is thrown by Tomcat (example stacktrace below),
and the connection is closed without writing any data.
In a scenario like this, should a response with a status of 500 be returned to
indicate a server error? (and perhaps the server should log a message
indicating that the limit has been exceeded for a response, instead of throwing
an ArrayIndexOutOfBoundsException?)
This issue can be reproduced by testing with a servlet that implements this
contrived doGet method (sample application with this is attached):
protected void doGet(HttpServletRequest request, HttpServletResponse
response) throws ServletException, IOException {
char[] bigBuffer = new char[1024 * 8];
Arrays.fill(bigBuffer, 'a');
response.setHeader("x-example", new String(bigBuffer));
response.setContentType("text/plain");
response.setCharacterEncoding("ISO-8859-1");
Writer out = response.getWriter();
out.write("Hello!");
out.close();
}
This has been observed under the following configurations:
Tomcat 6.0.26/Oracle JDK 1.6.0_25 (64-bit)/SUSE Linux 10
Tomcat 6.0.35/Oracle JDK 1.7.0 (64-bit)/Windows 7
- Tomcat is not running behind a web server in any of these configurations
- The connector being used in both cases is Coyote HTTP/1.1
Stacktrace:
Aug 07, 2012 6:11:26 PM org.apache.catalina.core.StandardWrapperValve invoke
SEVERE: Servlet.service() for servlet SampleServlet threw exception
java.lang.ArrayIndexOutOfBoundsException: 8192
at
org.apache.coyote.http11.InternalOutputBuffer.write(InternalOutputBuffer.java:730)
at
org.apache.coyote.http11.InternalOutputBuffer.write(InternalOutputBuffer.java:641)
at
org.apache.coyote.http11.InternalOutputBuffer.sendHeader(InternalOutputBuffer.java:514)
at
org.apache.coyote.http11.Http11Processor.prepareResponse(Http11Processor.java:1637)
at
org.apache.coyote.http11.Http11Processor.action(Http11Processor.java:956)
at org.apache.coyote.Response.action(Response.java:183)
at org.apache.coyote.Response.sendHeaders(Response.java:379)
at
org.apache.catalina.connector.OutputBuffer.doFlush(OutputBuffer.java:314)
at org.apache.catalina.connector.OutputBuffer.close(OutputBuffer.java:274)
at org.apache.catalina.connector.CoyoteWriter.close(CoyoteWriter.java:108)
at com.example.SampleServlet.doGet(SampleServlet.java:36)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:617)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:859)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:602)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
at java.lang.Thread.run(Unknown Source)
Aug 07, 2012 6:11:26 PM org.apache.catalina.core.StandardWrapperValve invoke
SEVERE: Servlet.service() for servlet SampleServlet threw exception
java.lang.ArrayIndexOutOfBoundsException: 8192
at
org.apache.coyote.http11.InternalOutputBuffer.write(InternalOutputBuffer.java:730)
at
org.apache.coyote.http11.InternalOutputBuffer.write(InternalOutputBuffer.java:641)
at
org.apache.coyote.http11.InternalOutputBuffer.sendHeader(InternalOutputBuffer.java:514)
at
org.apache.coyote.http11.Http11Processor.prepareResponse(Http11Processor.java:1637)
at
org.apache.coyote.http11.Http11Processor.action(Http11Processor.java:956)
at org.apache.coyote.Response.action(Response.java:183)
at org.apache.coyote.Response.sendHeaders(Response.java:379)
at
org.apache.catalina.connector.OutputBuffer.doFlush(OutputBuffer.java:314)
at org.apache.catalina.connector.OutputBuffer.close(OutputBuffer.java:274)
at org.apache.catalina.connector.CoyoteWriter.close(CoyoteWriter.java:108)
at com.example.SampleServlet.doGet(SampleServlet.java:36)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:617)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:859)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:602)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
at java.lang.Thread.run(Unknown Source)
Aug 07, 2012 6:11:26 PM org.apache.coyote.http11.Http11Processor process
SEVERE: Error processing request
java.lang.ArrayIndexOutOfBoundsException
at java.lang.System.arraycopy(Native Method)
at
org.apache.coyote.http11.InternalOutputBuffer.write(InternalOutputBuffer.java:701)
at
org.apache.coyote.http11.InternalOutputBuffer.sendStatus(InternalOutputBuffer.java:438)
at
org.apache.coyote.http11.Http11Processor.prepareResponse(Http11Processor.java:1624)
at
org.apache.coyote.http11.Http11Processor.action(Http11Processor.java:956)
at org.apache.coyote.Response.action(Response.java:183)
at org.apache.coyote.Response.sendHeaders(Response.java:379)
at
org.apache.catalina.connector.OutputBuffer.doFlush(OutputBuffer.java:314)
at org.apache.catalina.connector.OutputBuffer.close(OutputBuffer.java:274)
at org.apache.catalina.connector.Response.finishResponse(Response.java:493)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:317)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:859)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:602)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
at java.lang.Thread.run(Unknown Source)
Aug 07, 2012 6:11:26 PM org.apache.coyote.http11.Http11Processor process
SEVERE: Error processing request
java.lang.ArrayIndexOutOfBoundsException
at java.lang.System.arraycopy(Native Method)
at
org.apache.coyote.http11.InternalOutputBuffer.write(InternalOutputBuffer.java:701)
at
org.apache.coyote.http11.InternalOutputBuffer.sendStatus(InternalOutputBuffer.java:438)
at
org.apache.coyote.http11.Http11Processor.prepareResponse(Http11Processor.java:1624)
at
org.apache.coyote.http11.Http11Processor.action(Http11Processor.java:956)
at org.apache.coyote.Response.action(Response.java:183)
at org.apache.coyote.Response.sendHeaders(Response.java:379)
at
org.apache.catalina.connector.OutputBuffer.doFlush(OutputBuffer.java:314)
at org.apache.catalina.connector.OutputBuffer.close(OutputBuffer.java:274)
at org.apache.catalina.connector.Response.finishResponse(Response.java:493)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:317)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:859)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:602)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
at java.lang.Thread.run(Unknown Source)
Aug 07, 2012 6:11:26 PM org.apache.coyote.http11.Http11Processor process
SEVERE: Error finishing response
java.lang.ArrayIndexOutOfBoundsException
at java.lang.System.arraycopy(Native Method)
at
org.apache.coyote.http11.InternalOutputBuffer.write(InternalOutputBuffer.java:701)
at
org.apache.coyote.http11.InternalOutputBuffer.sendStatus(InternalOutputBuffer.java:438)
at
org.apache.coyote.http11.Http11Processor.prepareResponse(Http11Processor.java:1624)
at
org.apache.coyote.http11.Http11Processor.action(Http11Processor.java:956)
at org.apache.coyote.Response.action(Response.java:181)
at
org.apache.coyote.http11.InternalOutputBuffer.endRequest(InternalOutputBuffer.java:398)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:901)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:602)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
at java.lang.Thread.run(Unknown Source)
Aug 07, 2012 6:11:26 PM org.apache.coyote.http11.Http11Processor process
SEVERE: Error finishing response
java.lang.ArrayIndexOutOfBoundsException
at java.lang.System.arraycopy(Native Method)
at
org.apache.coyote.http11.InternalOutputBuffer.write(InternalOutputBuffer.java:701)
at
org.apache.coyote.http11.InternalOutputBuffer.sendStatus(InternalOutputBuffer.java:438)
at
org.apache.coyote.http11.Http11Processor.prepareResponse(Http11Processor.java:1624)
at
org.apache.coyote.http11.Http11Processor.action(Http11Processor.java:956)
at org.apache.coyote.Response.action(Response.java:181)
at
org.apache.coyote.http11.InternalOutputBuffer.endRequest(InternalOutputBuffer.java:398)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:901)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:602)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
at java.lang.Thread.run(Unknown Source)
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 53677] ArrayIndexOutOfBoundsException when response header
exceeds maxHttpHeaderSize
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=53677
Dan Henry <da...@gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |dan8mx@gmail.com
OS| |All
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 53677] ArrayIndexOutOfBoundsException when response header
exceeds maxHttpHeaderSize
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=53677
--- Comment #1 from Mark Thomas <ma...@apache.org> ---
Fixed in trunk and 7.0.x and will be included in 7.0.30 onwards.
It has not yet been proposed for back-port as due to the connector refactoring,
a 6.0.x specific patch will be required.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org