Created attachment 1081060 [details]
01514173.btm

Description of problem:

org.jboss.sun.net.httpserver.SSLStreams$InputStream does not return -1 in the event of an eof.  It improperly returns 0 instead.  This means read loops until an -1 return occurs can loop endlessly.  That can produce high CPU loops in calls like:

"HttpManagementService-threads - 384" #6598 prio=5 os_prio=0 tid=0x00007fc2441c9800 nid=0x3045 runnable [0x00007fc1f623b000]
java.lang.Thread.State: RUNNABLE
    at java.io.FilterInputStream.read(FilterInputStream.java:107)
    at org.jboss.sun.net.httpserver.AuthFilter.consumeInput(AuthFilter.java:54)
    at org.jboss.sun.net.httpserver.AuthFilter.doFilter(AuthFilter.java:72)
    at org.jboss.com.sun.net.httpserver.Filter$Chain.doFilter(Filter.java:81)
    at org.jboss.sun.net.httpserver.ServerImpl$Exchange$LinkHandler.handle(ServerImpl.java:710)
    at org.jboss.com.sun.net.httpserver.Filter$Chain.doFilter(Filter.java:78)
    at org.jboss.as.domain.http.server.RealmReadinessFilter.doFilter(RealmReadinessFilter.java:48)
    at org.jboss.as.domain.http.server.DmrFailureReadinessFilter.doFilter(DmrFailureReadinessFilter.java:45)


Version-Release number of selected component (if applicable):

EAP 6.4.4


How reproducible:

Potentially reproducible with network issues


Steps to Reproduce:
1. Set up console for https access
2. Use byteman with the attached script to force an eof in the ssl stream:

JAVA_OPTS="$JAVA_OPTS -javaagent:/path/to/lib/byteman.jar=script:/home/aaron/path/to/01514173.btm,boot:/path/to/lib/byteman.jar"

3. Start JBoss and make curl request like so:

curl --insecure -v https://localhost:9443/management/add-content -F "file=@/path/to/large/app.war"

Actual results:

The SSLStream returns 0 upon eof and allows for org.jboss.sun.net.httpserver.AuthFilter.consumeInput to loop endlessly

Expected results:

The SSLStream returns -1 upon eof


Additional info: