Uploaded image for project: 'Undertow'
  1. Undertow
  2. UNDERTOW-2048

CVE-2022-2764 UndertowInputStream.close() blocks waiting to read= -1

XMLWordPrintable

      This can cause the following stack trace in certain cenarios:

      "default task-6" #167 prio=5 os_prio=0 cpu=129039.92ms elapsed=7555.11s tid=0x000000000af4b000 nid=0x4a9d runnable  [0x00007fe91f2b2000]
   java.lang.Thread.State: RUNNABLE
        at sun.nio.ch.EPoll.wait(java.base@11.0.1/Native Method)
        at sun.nio.ch.EPollSelectorImpl.doSelect(java.base@11.0.1/EPollSelectorImpl.java:120)
        at sun.nio.ch.SelectorImpl.lockAndDoSelect(java.base@11.0.1/SelectorImpl.java:124)
        - locked <0x00000000d1e9e3b0> (a sun.nio.ch.Util$2)
        - locked <0x00000000d1e9e150> (a sun.nio.ch.EPollSelectorImpl)
        at sun.nio.ch.SelectorImpl.select(java.base@11.0.1/SelectorImpl.java:141)
        at org.xnio.nio.SelectorUtils.await(SelectorUtils.java:51)
        at org.xnio.nio.NioSocketConduit.awaitReadable(NioSocketConduit.java:358)
        at org.xnio.conduits.AbstractSourceConduit.awaitReadable(AbstractSourceConduit.java:66)
        at io.undertow.conduits.ReadDataStreamSourceConduit.awaitReadable(ReadDataStreamSourceConduit.java:101)
        at org.xnio.conduits.AbstractSourceConduit.awaitReadable(AbstractSourceConduit.java:66)
        at org.xnio.conduits.ConduitStreamSourceChannel.awaitReadable(ConduitStreamSourceChannel.java:151)
        at io.undertow.channels.DetachableStreamSourceChannel.awaitReadable(DetachableStreamSourceChannel.java:77)
        at io.undertow.server.HttpServerExchange$ReadDispatchChannel.awaitReadable(HttpServerExchange.java:2218)
        at org.xnio.channels.Channels.readBlocking(Channels.java:295)
        at io.undertow.io.UndertowInputStream.readIntoBuffer(UndertowInputStream.java:109)
        at io.undertow.io.UndertowInputStream.close(UndertowInputStream.java:160)
        at org.wildfly.httpclient.ejb.HttpInvocationHandler$1.getRequestContent(HttpInvocationHandler.java:231)
        at org.jboss.as.ejb3.remote.AssociationImpl.receiveInvocationRequest(AssociationImpl.java:139)
        at org.wildfly.httpclient.ejb.HttpInvocationHandler.lambda$handleInternal$0(HttpInvocationHandler.java:152)
        at org.wildfly.httpclient.ejb.HttpInvocationHandler$$Lambda$973/0x0000000100ed0c40.run(Unknown Source)
        at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
        at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1982)
        at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
        at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377)
        at org.xnio.XnioWorker$WorkerThreadFactory$1$1.run(XnioWorker.java:1280)
        at java.lang.Thread.run(java.base@11.0.1/Thread.java:834)

            flaviarnn Flavia Rainone
            flaviarnn Flavia Rainone
            Alessio Soldano, Bartosz Baranowski, Brad Maxwell, Brian Stansberry, Carlo de Wolf, Chess Hazlett, Daniel Kreling, Darran Lofthouse, Farah Juma, Flavia Rainone, Ingo Weiss, Jason Lee, Jonathan Christison, Kunjan Rathod (Inactive), Lin Gao, Martin Svehla, Michaela Osmerova, Miroslav Sochurek, Moulali Shikalwadi, Neil Wallace, Paramvir Jindal, Peter Mackay, Peter Palaga, Radovan Stancel, Richard Opalka, Stefano Maestri, Ted Won, Tomas Hofman, Tom Jenkinson, Vladimir Dosoudil
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: