Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[UNDERTOW-2056][UNDERTOW-2075][UNDERTOW-2076][UNDERTOW-2077][UNDERTOW-2137] CVE-2022-1259 and related fixes #1483

Merged
merged 5 commits into from
Jun 6, 2023
Merged

[UNDERTOW-2056][UNDERTOW-2075][UNDERTOW-2076][UNDERTOW-2077][UNDERTOW-2137] CVE-2022-1259 and related fixes #1483

merged 5 commits into from
Jun 6, 2023

Commits on Jun 6, 2023

  1. [UNDERTOW-2056] Replace AbstractFramedStreamSinkChannel.awaitWritable… 

    … by a timeout task
    @rmartinc @fl4via
    rmartinc authored and fl4via committed Jun 6, 2023
    Configuration menu
    Copy the full SHA
    620d934 View commit details
    Browse the repository at this point in the history

  2. [UNDERTOW-2076] At AbstractFramedChannel, check for receivesSuspended… 

    …* variables before resuming suspending.

Signed-off-by: Flavia Rainone <frainone@redhat.com>
    @fl4via
    fl4via committed Jun 6, 2023
    Configuration menu
    Copy the full SHA
    166497a View commit details
    Browse the repository at this point in the history

  3. [UNDERTOW-2077] Make ReferenceCountedPooled view close() idempotent. 

    Signed-off-by: Flavia Rainone <frainone@redhat.com>
    @fl4via
    fl4via committed Jun 6, 2023
    Configuration menu
    Copy the full SHA
    6588717 View commit details
    Browse the repository at this point in the history

  4. [UNDERTOW-2137] Freed method can still create issues when queued max … 

    …buffers are consumed
    @rmartinc @fl4via
    rmartinc authored and fl4via committed Jun 6, 2023
    Configuration menu
    Copy the full SHA
    236acd2 View commit details
    Browse the repository at this point in the history

  5. [UNDERTOW-2075] Change a bit the execution of suspend resumes in Abst… 

    …ractFramedChannel: suspend is done asap (if in IO thread it's executed immediately, scheduled if not), resume is always postponed to the IO thread.

The boolean vars can be updated immediately but then we need synch all modifications, that update can be in IO thread or not, so synch is needed. We cannot do this in the freed method as we cannot synch on this. So for that case the var is also updated in the IO thread.

Signed-off-by: Flavia Rainone <frainone@redhat.com>
    @rmartinc @fl4via
    rmartinc authored and fl4via committed Jun 6, 2023
    Configuration menu
    Copy the full SHA
    e577b7e View commit details
    Browse the repository at this point in the history