[jboss-jira] [JBoss JIRA] Closed: (JBREM-666) Broken or malicious clients can lock up the remoting server
[ http://jira.jboss.com/jira/browse/JBREM-666?page=all ]
Ovidiu Feodorov closed JBREM-666.
---------------------------------
Resolution: Done
Assignee: Ovidiu Feodorov (was: Tom Elrod)
Fixed by moving all I/O initialization-related operations from the acceptor thread to the
worker thread. See org.jboss.remoting.transport.socket.ServerThread.java.
Running the full testsuite pre and post fix, I see the numbers of errors dropping from 9
to 6. I am not sure this has anything to do with the change, though.
Broken or malicious clients can lock up the remoting server
-----------------------------------------------------------
Key: JBREM-666
URL: http://jira.jboss.com/jira/browse/JBREM-666
Project: JBoss Remoting
Issue Type: Bug
Security Level: Public(Everyone can see)
Affects Versions: 2.2.0.Alpha3 (Bluto)
Reporter: Ovidiu Feodorov
Assigned To: Ovidiu Feodorov
Priority: Critical
Fix For: 2.2.0.Alpha5
Due to the way the main socket accept loop is coded, there is an interval during which
the main acceptor thread ("SocketServerInvoker#0-4457" in the log below)
interacts with the new connection's input and output streams, before handing the
connection over to a worker thread from the pool. During this period, the main acceptor
thread is vulnerable to lock-ups, caused by either a broken or malicious client.
Log from a production environment:
2007-01-08 16:13:31,473 624292 TRACE
[org.jboss.remoting.transport.socket.SocketServerInvoker] @SocketServerInvoker#0-4457
Socket is going to be accepted
2007-01-08 16:13:31,473 624292 TRACE
[org.jboss.remoting.transport.socket.SocketServerInvoker] @SocketServerInvoker#0-4457
Accepted: Socket[addr=/10.1.13.73,port=16999,localport=4457]
2007-01-08 16:13:31,473 624292 TRACE
[org.jboss.remoting.transport.socket.SocketServerInvoker] @SocketServerInvoker#0-4457 try
to get a thread for processing
2007-01-08 16:13:31,473 624292 TRACE
[org.jboss.remoting.transport.socket.SocketServerInvoker] @SocketServerInvoker#0-4457 Got
thread for processing - Thread[SocketServerInvokerThread-10.1.122.40-0,5,jboss]
2007-01-08 16:13:31,473 624292 TRACE
[org.jboss.remoting.transport.socket.SocketServerInvoker] @SocketServerInvoker#0-4457
Reusing thread t=Thread[SocketServerInvokerThread-10.1.122.40-0,5,jboss]
2007-01-08 16:13:31,473 624292 TRACE
[org.jboss.remoting.serialization.impl.jboss.JBossSerializationManager]
@SocketServerInvoker#0-4457 Creating JBossObjectOutputStream
2007-01-08 16:13:31,473 624292 TRACE
[org.jboss.remoting.serialization.impl.jboss.JBossSerializationManager]
@SocketServerInvoker#0-4457 Creating JBossObjectInputStream
16:13:31,473 is the last time main acceptor thread is heard from (the logged interval
ends at 16:22:34 with the server shutdown).
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira