Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Minor
Fix Version/s: 2.2.40.Final, 2.3.24.Final, 2.4.0.Beta3
Affects Version/s: None
Component/s: None
Labels:
None

Git Pull Request:
https://github.com/undertow-io/undertow/pull/1837, https://github.com/undertow-io/undertow/pull/1922, https://github.com/undertow-io/undertow/pull/1923, https://github.com/undertow-io/undertow/pull/1924

A corner case, probably caused by some malformed request, but anyway here is the exception:

10:30:41,305 ERROR [io.undertow.request.io] (default I/O-28) UT005090: Unexpected failure: java.lang.ArrayIndexOutOfBoundsException: Index -126 out of bounds for length 256
at io.undertow.core@2.3.20.Final-SNAPSHOT//io.undertow.server.Connectors.isValidTokenCharacter(Connectors.java:644)
at io.undertow.core@2.3.20.Final-SNAPSHOT//io.undertow.protocols.http2.Http2HeaderBlockParser.emitHeader(Http2HeaderBlockParser.java:195)
at io.undertow.core@2.3.20.Final-SNAPSHOT//io.undertow.protocols.http2.HpackDecoder.decode(HpackDecoder.java:154)
at io.undertow.core@2.3.20.Final-SNAPSHOT//io.undertow.protocols.http2.Http2HeaderBlockParser.handleData(Http2HeaderBlockParser.java:112)
at io.undertow.core@2.3.20.Final-SNAPSHOT//io.undertow.protocols.http2.Http2PushBackParser.parse(Http2PushBackParser.java:63)
at io.undertow.core@2.3.20.Final-SNAPSHOT//io.undertow.protocols.http2.Http2FrameHeaderParser.handle(Http2FrameHeaderParser.java:192)
at io.undertow.core@2.3.20.Final-SNAPSHOT//io.undertow.protocols.http2.Http2Channel.parseFrameNoContinuation(Http2Channel.java:658)
at io.undertow.core@2.3.20.Final-SNAPSHOT//io.undertow.protocols.http2.Http2Channel.parseFrame(Http2Channel.java:636)
at io.undertow.core@2.3.20.Final-SNAPSHOT//io.undertow.server.protocol.framed.AbstractFramedChannel.receive(AbstractFramedChannel.java:460)
at io.undertow.core@2.3.20.Final-SNAPSHOT//io.undertow.server.protocol.http2.Http2ReceiveListener.handleEvent(Http2ReceiveListener.java:113)
at io.undertow.core@2.3.20.Final-SNAPSHOT//io.undertow.server.protocol.http2.Http2ReceiveListener.handleEvent(Http2ReceiveListener.java:75)
at org.jboss.xnio@3.8.16.Final//org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
t io.undertow.core@2.3.20.Final-SNAPSHOT//io.undertow.server.protocol.framed.AbstractFramedChannel$FrameReadListener.handleEvent(AbstractFramedChannel.java:1032)
at io.undertow.core@2.3.20.Final-SNAPSHOT//io.undertow.server.protocol.framed.AbstractFramedChannel$FrameReadListener.handleEvent(AbstractFramedChannel.java:1012)
at org.jboss.xnio@3.8.16.Final//org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
at io.undertow.core@2.3.20.Final-SNAPSHOT//io.undertow.server.protocol.framed.AbstractFramedChannel$FrameReadListener.lambda$handleEvent$0(AbstractFramedChannel.java:1040)
at io.undertow.core@2.3.20.Final-SNAPSHOT//io.undertow.server.protocol.framed.AbstractFramedChannel$1.run(AbstractFramedChannel.java:147)
at org.jboss.xnio.nio@3.8.16.Final//org.xnio.nio.WorkerThread.safeRun(WorkerThread.java:624)
at org.jboss.xnio.nio@3.8.16.Final//org.xnio.nio.WorkerThread.run(WorkerThread.java:491)

We need to check for negative bytes, just for safety.

is related to

UNDERTOW-2598 CVE-2025-9784 MadeYouReset HTTP/2 DDoS Vulnerability

Closed

Assignee:: Bartosz Baranowski

Reporter:: Flavia Rainone

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2025/10/09 10:00 AM

Updated:: 2026/03/04 7:26 AM

Resolved:: 2026/03/03 12:07 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates