Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 340929

Summary: After encounter a illegal utf8 uri, the buffer is not reseted, so the next request will be influenced
Product: [RT] Jetty Reporter: tangfulin <tangfulin>
Component: serverAssignee: Simone Bordet <simone.bordet>
Status: RESOLVED WORKSFORME QA Contact:
Severity: normal    
Priority: P3 CC: jetty-inbox, simone.bordet, tangfulin
Version: 7.3.0   
Target Milestone: 7.3.x   
Hardware: PC   
OS: Linux   
Whiteboard:

Description tangfulin CLA 2011-03-24 22:09:57 EDT 
Build Identifier: 20100617-1415

org.eclipse.jetty.http.HttpURI class reuse the "final Utf8StringBuilder _utf8b = new Utf8StringBuilder(64);" buffer to parse uri.

In normal cases, it will be reset before handle a new request. When uri not illegal, it will throw a IllegalArgumentException exception which will be catched at line 627 "catch (Throwable e)" . But in the cache section, it try to log like 'Log.warn(_uri+": "+e);', this will throw a IllegalStateException again, which not be cached, and will cause the next all requests error  


java.lang.IllegalArgumentException: !utf8
	at org.eclipse.jetty.util.Utf8StringBuilder.append(Utf8StringBuilder.java:119)
	at org.eclipse.jetty.util.Utf8StringBuilder.append(Utf8StringBuilder.java:49)
	at org.eclipse.jetty.http.HttpURI.toUtf8String(HttpURI.java:488)
	at org.eclipse.jetty.http.HttpURI.toString(HttpURI.java:662)
	at java.lang.String.valueOf(String.java:2826)
	at java.lang.StringBuilder.append(StringBuilder.java:115)
	at org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:633)

Reproducible: Always

Steps to Reproduce:
1.use a small thread pool
2.send some illegal utf8 request
3.send some legal utf8 request

expect: legal utf8 request will be ok
but happens: legal utf8 reqest also throw IllegalStateException
Comment 1 tangfulin CLA 2011-03-24 22:12:04 EDT 
Jar: jetty-all-server-7.3.0.v20110203.jar
source: jetty-all-server-7.3.0.v20110203-sources.jar
Comment 2 Simone Bordet CLA 2011-03-28 05:55:55 EDT 
I cannot reproduce this bug.

In the catch block at HttpConnection:627 the call to Log.warn(_uri+": "+e); does not rethrow any exception because HttpURI has a non-null _rawString field.
The connection is then closed.

Even if it would throw at the logging statement, this exception would be caught by the endpoint and the connection closed.

Since in any case the connection is closed, the HttpConnection and its _uri field are not reused and cannot influence other requests.

Do you have a test case that shows the issue you report ?
I tried to reproduce this bug in several cases, but was never able to.

I am resolving the bug; if you have further information, please reopen it and we'll work on it.

For example, how do you "send" requests ? Using a browser ? Jetty's HttpClient ? A test case ? Another HTTP client library ?
What is in the request that contains illegal UTF8 bytes ? The path ? The query string ?

Thanks !