You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2022/03/08 16:46:30 UTC

[tomcat] 01/02: Fix potential concurrency issue.

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit b3e76d3cdb5aab462df1d51b8048ff63829eebd1
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Tue Mar 8 16:27:03 2022 +0000

    Fix potential concurrency issue.
    
    If the request is split across multiple packets and those packets are
    processed in rapid succession then it is possible that subsequent
    packets see the wrong value for readComplete and register the socket for
    a further read rather than processing the request.
---
 java/org/apache/coyote/http11/Http11Processor.java | 4 ++--
 webapps/docs/changelog.xml                         | 5 +++++
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/java/org/apache/coyote/http11/Http11Processor.java b/java/org/apache/coyote/http11/Http11Processor.java
index 6751f74..eafd286 100644
--- a/java/org/apache/coyote/http11/Http11Processor.java
+++ b/java/org/apache/coyote/http11/Http11Processor.java
@@ -112,13 +112,13 @@ public class Http11Processor extends AbstractProcessor {
      * Flag used to indicate that the socket should be kept open (e.g. for keep
      * alive or send file.
      */
-    protected boolean openSocket = false;
+    protected volatile boolean openSocket = false;
 
 
     /**
      * Flag that indicates if the request headers have been completely read.
      */
-    protected boolean readComplete = true;
+    protected volatile boolean readComplete = true;
 
     /**
      * HTTP/1.1 flag.
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 4e0c0b5..d50cfa0 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -127,6 +127,11 @@
         when user code was doing sequential operations in a single thread.
         Test case code submitted by Istvan Szekely. (remm)
       </fix>
+      <fix>
+        Fix potential thread-safety issue that could cause HTTP/1.1 request
+        processing to wait, and potentially timeout, waiting for additional
+        data when the full request has been received. (markt)
+      </fix>
     </changelog>
   </subsection>
   <subsection name="Jasper">

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org