You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2019/07/22 14:35:19 UTC
[Bug 63578] New: o.a.coyote.http11.Http11Processor.prepareRequest:
various inputs triggering 500 response code
https://bz.apache.org/bugzilla/show_bug.cgi?id=63578
Bug ID: 63578
Summary: o.a.coyote.http11.Http11Processor.prepareRequest:
various inputs triggering 500 response code
Product: Tomcat 9
Version: 9.0.22
Hardware: Macintosh
Status: NEW
Severity: minor
Priority: P2
Component: Connectors
Assignee: dev@tomcat.apache.org
Reporter: alex@forallsecure.com
Target Milestone: -----
Created attachment 36672
--> https://bz.apache.org/bugzilla/attachment.cgi?id=36672&action=edit
Inputs triggering 500 responses.
Http11Processor.prepareRequest generates 500 responses instead of 400 on
various inputs:
- Invalid Expect and Transfer-encoding headers can lead to a NullPtrException
- Invalid Content-length headers can lead to an InvalidArgumentException and a
NumberFormatException
- Large numbers of headers and/or cookies can lead to an IllegalStateException
or an InvalidArgumentException
I'm attaching the inputs that resulted in 500 responses. You can replay them
with `cat <exception>.request | nc localhost 8080`, assuming tomcat listens on
8080. The responses are attached in the respective `<exception>.response` file.
The responses include the stacktraces that led to the 500.
I'm running tomcat from source after compiling it with ant. Version is 'Apache
Tomcat/9.0.22-dev', and commit is ed26bdbaf639a17c02a1e864d2c0553ed3f95971 from
Jul 22.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 63578] o.a.coyote.http11.Http11Processor.prepareRequest:
various inputs triggering 500 response code
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=63578
--- Comment #2 from Alex Rebert <al...@forallsecure.com> ---
Thanks Mark for fixing the issues so promptly.
If you think some part of the tomcat code base would benefit from additional
automated analysis, please let me know which ones and I'll take a look.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 63578] o.a.coyote.http11.Http11Processor.prepareRequest:
various inputs triggering 500 response code
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=63578
Mark Thomas <ma...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |FIXED
OS| |All
--- Comment #1 from Mark Thomas <ma...@apache.org> ---
Thanks for this report.
I tracked down the root causes and added minimal test cases as well as getting
the issues fixed.
Fixed in:
- master for 9.0.23 onwards
- 8.5.x for 8.5.44 onwards
- 7.0.x for 7.0.97 onwards
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org