[jboss-jira] [JBoss JIRA] Commented: (JBREM-666) Broken or malicious clients can lock up the remoting server
[ http://jira.jboss.com/jira/browse/JBREM-666?page=comments#action_12351160 ]
Tom Elrod commented on JBREM-666:
----------------------------------
[Just a comment for release documentation]
While this problem remains in earlier versions of remoting, can partially work around this
by increasing the number of accept threads (config property numAcceptThreads). The
default number of accept threads is 1, so only takes one broken client to cause remoting
socket server to stop accepting new incoming requests (even if many server worker threads
to process the request).
Broken or malicious clients can lock up the remoting server
-----------------------------------------------------------
Key: JBREM-666
URL: http://jira.jboss.com/jira/browse/JBREM-666
Project: JBoss Remoting
Issue Type: Bug
Security Level: Public(Everyone can see)
Affects Versions: 2.2.0.Alpha3 (Bluto)
Reporter: Ovidiu Feodorov
Assigned To: Ovidiu Feodorov
Priority: Critical
Fix For: 2.2.0.Alpha5
Due to the way the main socket accept loop is coded, there is an interval during which
the main acceptor thread ("SocketServerInvoker#0-4457" in the log below)
interacts with the new connection's input and output streams, before handing the
connection over to a worker thread from the pool. During this period, the main acceptor
thread is vulnerable to lock-ups, caused by either a broken or malicious client.
Log from a production environment:
2007-01-08 16:13:31,473 624292 TRACE
[org.jboss.remoting.transport.socket.SocketServerInvoker] @SocketServerInvoker#0-4457
Socket is going to be accepted
2007-01-08 16:13:31,473 624292 TRACE
[org.jboss.remoting.transport.socket.SocketServerInvoker] @SocketServerInvoker#0-4457
Accepted: Socket[addr=/10.1.13.73,port=16999,localport=4457]
2007-01-08 16:13:31,473 624292 TRACE
[org.jboss.remoting.transport.socket.SocketServerInvoker] @SocketServerInvoker#0-4457 try
to get a thread for processing
2007-01-08 16:13:31,473 624292 TRACE
[org.jboss.remoting.transport.socket.SocketServerInvoker] @SocketServerInvoker#0-4457 Got
thread for processing - Thread[SocketServerInvokerThread-10.1.122.40-0,5,jboss]
2007-01-08 16:13:31,473 624292 TRACE
[org.jboss.remoting.transport.socket.SocketServerInvoker] @SocketServerInvoker#0-4457
Reusing thread t=Thread[SocketServerInvokerThread-10.1.122.40-0,5,jboss]
2007-01-08 16:13:31,473 624292 TRACE
[org.jboss.remoting.serialization.impl.jboss.JBossSerializationManager]
@SocketServerInvoker#0-4457 Creating JBossObjectOutputStream
2007-01-08 16:13:31,473 624292 TRACE
[org.jboss.remoting.serialization.impl.jboss.JBossSerializationManager]
@SocketServerInvoker#0-4457 Creating JBossObjectInputStream
16:13:31,473 is the last time main acceptor thread is heard from (the logged interval
ends at 16:22:34 with the server shutdown).
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira