Uploaded image for project: 'Undertow'
  1. Undertow
  2. UNDERTOW-2016

Undertow returns 500 response when first address in X-Forwarded-For is ipv6 with leading 0 in any part

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Duplicate
    • Icon: Major Major
    • None
    • 2.2.14.Final
    • Core
    • None
    • Hide

      Step 1: Start a spring boot 2.5.8 project with spring-boot-starter-undertow and create an endpoint GET /xyz

      Step 2: Curl the endpoint with following header
      curl -v http://localhost:8080/xyz -H "X-Forwarded-For: 2001:0DB8:5ecc:f5eb:0ee8:34a2:360a:8f65"

      Show
      Step 1: Start a spring boot 2.5.8 project with spring-boot-starter-undertow and create an endpoint GET /xyz Step 2: Curl the endpoint with following header curl -v http://localhost:8080/xyz -H "X-Forwarded-For: 2001:0DB8:5ecc:f5eb:0ee8:34a2:360a:8f65"

      After upgrading to Spring Boot 2.5.8 which is shipped with Undertow 2.2.14.Final, we have noticed some requests are getting 500 response and on further investigation we found the following exception when the first address in X-Forwarded-For has  as ipv6 with leading 0 in any part of it.

      03:40:26.122 DEBUG [   XNIO-1 I/O-4] io.undertow.request.error-response       : Setting error code 500 for exchange HttpServerExchange{ GET /xyz}
      java.lang.RuntimeException: null
        at io.undertow.server.HttpServerExchange.setStatusCode(HttpServerExchange.java:1484)
        at io.undertow.server.Connectors.executeRootHandler(Connectors.java:420)
        at io.undertow.server.protocol.http.HttpReadListener.handleEventWithNoRunningRequest(HttpReadListener.java:256)
        at io.undertow.server.protocol.http.HttpReadListener.handleEvent(HttpReadListener.java:136)
        at io.undertow.server.protocol.http.HttpOpenListener.handleEvent(HttpOpenListener.java:162)
        at io.undertow.server.protocol.http.HttpOpenListener.handleEvent(HttpOpenListener.java:100)
        at io.undertow.server.protocol.http.HttpOpenListener.handleEvent(HttpOpenListener.java:57)
        at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
        at org.xnio.ChannelListeners$10.handleEvent(ChannelListeners.java:291)
        at org.xnio.ChannelListeners$10.handleEvent(ChannelListeners.java:286)
        at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
        at org.xnio.nio.QueuedNioTcpServer2.acceptTask(QueuedNioTcpServer2.java:178)
        at org.xnio.nio.WorkerThread.safeRun(WorkerThread.java:612)
        at org.xnio.nio.WorkerThread.run(WorkerThread.java:479)
        
      03:40:26.122 DEBUG [   XNIO-1 I/O-4] io.undertow.request.io                   : UT005013: An IOException occurred
      java.io.IOException: UT000185: Invalid IP address 2001:0DB8:5ecc:f5eb:0ee8:34a2:360a:8f65
        at io.undertow.util.NetworkUtils.parseIpv6AddressToBytes(NetworkUtils.java:121)
        at io.undertow.util.NetworkUtils.parseIpv6Address(NetworkUtils.java:90)
        at io.undertow.server.handlers.ProxyPeerAddressHandler.handleRequest(ProxyPeerAddressHandler.java:76)
        at io.undertow.server.handlers.GracefulShutdownHandler.handleRequest(GracefulShutdownHandler.java:94)
        at io.undertow.server.Connectors.executeRootHandler(Connectors.java:387)
        at io.undertow.server.protocol.http.HttpReadListener.handleEventWithNoRunningRequest(HttpReadListener.java:256)
        at io.undertow.server.protocol.http.HttpReadListener.handleEvent(HttpReadListener.java:136)
        at io.undertow.server.protocol.http.HttpOpenListener.handleEvent(HttpOpenListener.java:162)
        at io.undertow.server.protocol.http.HttpOpenListener.handleEvent(HttpOpenListener.java:100)
        at io.undertow.server.protocol.http.HttpOpenListener.handleEvent(HttpOpenListener.java:57)
        at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
        at org.xnio.ChannelListeners$10.handleEvent(ChannelListeners.java:291)
        at org.xnio.ChannelListeners$10.handleEvent(ChannelListeners.java:286)
        at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
        at org.xnio.nio.QueuedNioTcpServer2.acceptTask(QueuedNioTcpServer2.java:178)
        at org.xnio.nio.WorkerThread.safeRun(WorkerThread.java:612)
        at org.xnio.nio.WorkerThread.run(WorkerThread.java:479) 

      Expected Behaviour:

      The request should be processed. ProxyPeerAddressHandler should set the address as unresolved. 

      Actual Behaviour:

      The request is dropped with 500 response code and exception trace as mentioned above. This issue also exists in versions earlier to 2.2.14.Final if there is only one address in X-Forwarded-For and it has ipv6 format with leading 0 in any part.

              rhn-cservice-bbaranow Bartosz Baranowski
              avisawstech avis aws (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: