Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-20118

[GSS](7.3.z) REM3-370 - ClientConnectionOpenListener can throw BufferOverflowException when sending sasl response

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • 7.3.4.CR1, 7.3.4.GA
    • None
    • EJB
    • None
    • +

      When sending a request that contains a SASL response, the listener does not check if the buffer is big enough. As a result, it can throw a BufferOverflowException is the SASL response is too big to fit the buffer:

      Aug 23, 2020 7:13:22 PM org.jboss.threads.LoggingUncaughtExceptionHandler uncaughtException
      ERROR: Thread Thread[XNIO-1 task-1,5,main] threw an uncaught exception
      java.nio.BufferOverflowException
      	at java.base/java.nio.DirectByteBuffer.put(DirectByteBuffer.java:410)
      	at java.base/java.nio.ByteBuffer.put(ByteBuffer.java:906)
      	at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.lambda$handleEvent$1(ClientConnectionOpenListener.java:479)
      	at org.jboss.remoting3.EndpointImpl$TrackingExecutor.lambda$execute$0(EndpointImpl.java:949)
      	at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
      	at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985)
      	at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487)
      	at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1378)
      	at java.base/java.lang.Thread.run(Thread.java:834)
      
      

              istudens@redhat.com Ivo Studensky
              rhn-support-bmaxwell Brad Maxwell
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: