search

javaee / grizzly

Writing scalable server applications in the Java™ programming language has always been difficult. Before the advent of the Java New I/O API (NIO), thread management issues made it impossible for a server to scale to thousands of users. The Grizzly NIO framework has been designed to help developers to take advantage of the Java™ NIO API.
https://javaee.github.io/grizzly/
Other
222 stars 60 forks source link

Race condition when a 100 continue is sent and shortly afterwards a 200 response. #1976

Closed fsgonz closed 6 years ago

fsgonz commented 6 years ago

When a server sends an expect 100 continue response and shortly afterwards a 200 OK response is sent, a race condition occurs because if the IOEvent involved is honored after the two messages are flushed to the buffer, the 200 response is ignored as it assumed that the message simply involved a 100 continue response. In those cases it should be verified if more that one message is present in the buffer in the state machine in decodeInitialLineFromBytes HttpClientFilter. Currently this is not verified so the second message is ignored.

                  if (httpResponse.getStatus() == 100) {

                        // reset the parsing state in preparation to parse
                        // another initial line which represents the final
                        // response from the server after it has sent a
                        // 100-Continue.
                        parsingState.offset += 2;
                        parsingState.start = parsingState.offset;
                        return false;
                    }
fsgonz commented 6 years ago

I've created a PR with a possible fix for this issue.

https://github.com/javaee/grizzly/pull/1977

fsgonz commented 6 years ago

In the changes included in the PR I verify if another response is pending in the buffer and "resets" the state machine in that case.

rlubke commented 6 years ago

Thanks for the contribution.

fsgonz commented 6 years ago

Thank you!