[jboss-jira] [JBoss JIRA] Closed: (JBREM-666) Broken or malicious clients can lock up the remoting server

Ovidiu Feodorov (JIRA) jira-events at jboss.com
Tue Jan 16 09:16:54 EST 2007 

     [ http://jira.jboss.com/jira/browse/JBREM-666?page=all ]

Ovidiu Feodorov closed JBREM-666.
---------------------------------

    Resolution: Done
      Assignee: Ovidiu Feodorov  (was: Tom  Elrod)

Fixed by moving all I/O initialization-related operations from the acceptor thread to the worker thread. See org.jboss.remoting.transport.socket.ServerThread.java.

Running the full testsuite pre and post fix, I see the numbers of errors dropping from 9 to 6. I am not sure this has anything to do with the change, though.

> Broken or malicious clients can lock up the remoting server
> -----------------------------------------------------------
>
>                 Key: JBREM-666
>                 URL: http://jira.jboss.com/jira/browse/JBREM-666
>             Project: JBoss Remoting
>          Issue Type: Bug
>      Security Level: Public(Everyone can see) 
>    Affects Versions: 2.2.0.Alpha3 (Bluto)
>            Reporter: Ovidiu Feodorov
>         Assigned To: Ovidiu Feodorov
>            Priority: Critical
>             Fix For: 2.2.0.Alpha5
>
>
> Due to the way the main socket accept loop is coded, there is an interval during which the main acceptor thread ("SocketServerInvoker#0-4457" in the log below) interacts with the new connection's input and output streams, before handing the connection over to a worker thread from the pool. During this period, the main acceptor thread is vulnerable to lock-ups, caused by either a broken or malicious client.
> Log from a production environment:
> 2007-01-08 16:13:31,473 624292 TRACE [org.jboss.remoting.transport.socket.SocketServerInvoker] @SocketServerInvoker#0-4457 Socket is going to be accepted
> 2007-01-08 16:13:31,473 624292 TRACE [org.jboss.remoting.transport.socket.SocketServerInvoker] @SocketServerInvoker#0-4457 Accepted: Socket[addr=/10.1.13.73,port=16999,localport=4457]
> 2007-01-08 16:13:31,473 624292 TRACE [org.jboss.remoting.transport.socket.SocketServerInvoker] @SocketServerInvoker#0-4457 try to get a thread for processing
> 2007-01-08 16:13:31,473 624292 TRACE [org.jboss.remoting.transport.socket.SocketServerInvoker] @SocketServerInvoker#0-4457 Got thread for processing - Thread[SocketServerInvokerThread-10.1.122.40-0,5,jboss]
> 2007-01-08 16:13:31,473 624292 TRACE [org.jboss.remoting.transport.socket.SocketServerInvoker] @SocketServerInvoker#0-4457 Reusing thread t=Thread[SocketServerInvokerThread-10.1.122.40-0,5,jboss]
> 2007-01-08 16:13:31,473 624292 TRACE [org.jboss.remoting.serialization.impl.jboss.JBossSerializationManager] @SocketServerInvoker#0-4457 Creating JBossObjectOutputStream
> 2007-01-08 16:13:31,473 624292 TRACE [org.jboss.remoting.serialization.impl.jboss.JBossSerializationManager] @SocketServerInvoker#0-4457 Creating JBossObjectInputStream
> 16:13:31,473 is the last time main acceptor thread is heard from (the logged interval ends at 16:22:34 with the server shutdown).

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list