Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1334296

Summary: HTTP 503 error when filtering list of Software Channel Entitlements
Product: Red Hat Satellite 5 Reporter: Radovan Drazny <rdrazny>
Component: ServerAssignee: Grant Gainey <ggainey>
Status: CLOSED ERRATA QA Contact: Jan Hutaƙ <jhutar>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 570CC: dyordano, ggainey, jhutar, tlestach
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: spacewalk-java-2.3.8-148-sat Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-08-22 12:24:31 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Radovan Drazny 2016-05-09 10:59:02 UTC 
Description of problem:
Satellite server returns HTTP 503 error on the page /rhn/channels/software/Entitlements.do if a string longer than 8192 characters is entered into filtering text box. In addition, there are following errors in the log:

/var/log/tomcat6/catalina.out

SEVERE: Buffer overflow: buffer.len=8192 pos=236 data=8752
May 9, 2016 4:59:05 AM org.apache.jk.common.MsgAjp cpBytes
SEVERE: Overflow 
Throwable occurred: java.lang.Throwable
        at org.apache.jk.common.MsgAjp.cpBytes(MsgAjp.java:196)
        at org.apache.jk.common.MsgAjp.appendByteChunk(MsgAjp.java:170)
        at org.apache.jk.common.MsgAjp.appendBytes(MsgAjp.java:155)
        at org.apache.jk.common.JkInputStream.appendHead(JkInputStream.java:324)
        at org.apache.jk.core.MsgContext.action(MsgContext.java:266)
        at org.apache.coyote.Response.action(Response.java:183)
        at org.apache.coyote.Response.sendHeaders(Response.java:379)
        at org.apache.catalina.connector.OutputBuffer.doFlush(OutputBuffer.java:305)
        at org.apache.catalina.connector.OutputBuffer.close(OutputBuffer.java:273)
        at org.apache.catalina.connector.Response.finishResponse(Response.java:492)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:323)
        at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190)
        at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:291)
        at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:769)
        at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:698)
        at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:891)
        at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:690)
        at java.lang.Thread.run(Thread.java:767)

(Yes, this is the complete traceback, there are no more lines)

/var/log/httpd/error_log

 [error] ajp_msg_get_string(): BufferOverflowException 236 299


Version-Release number of selected component (if applicable):
spacewalk-java-2.3.8-137
spacewalk-backend-2.3.3-41

How reproducible:
always

Steps to Reproduce:
1. Go to page /rhn/channels/software/Entitlements.do
2. Enter more than 8192 characters into the "Filter by channel entitlement" text field. Spaces are ok.
3. Press Enter or click on the eye icon.

Actual results:
Page with HTTP 503 Service Temporarily Unavailable error displayed, and there is traceback in the log.


Expected results:
Normal entitlement not found page displayed, no tracebacks in the log.
Comment 2 Grant Gainey 2016-05-12 17:49:04 UTC 
Ignore #c1, wrong BZ
Comment 3 Grant Gainey 2016-05-12 19:32:34 UTC 
Note: this can only be fixed in SATELLITE-5.7 codebase, since entitlement-tracking has been dropped from spacewalk
Comment 4 Grant Gainey 2016-05-12 19:49:26 UTC 
Found a different affected page available in SW:

https://beast-spacewalk-dev.usersys.redhat.com/rhn/systems/SystemEntitlements.do

Same reproducer.
Comment 5 Grant Gainey 2016-05-12 20:36:25 UTC 
See discussion in https://bugzilla.redhat.com/show_bug.cgi?id=512844 - even though the eventual fix for that BZ was not for this symptom, there is A LOT of discussion about the same AJP buffer-overflow-exception we're seeing.

Probable bandaid for the current issue would be to teach ListTag to apply some arbitrary size limit to the filter-by box.
Comment 6 Grant Gainey 2016-05-12 20:37:14 UTC 
http://grokbase.com/t/tomcat/users/10bg6b145b/buffer-overflow
Comment 7 Grant Gainey 2016-05-12 21:08:01 UTC 
Limited filter-by to 4096 characters - should be plenty, and doesn't overflow AJP buffers...

spacewalk.github:
57de49594ede0e96ae9be76c4e127643e3a99b7f
Comment 15 errata-xmlrpc 2016-08-22 12:24:31 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-1645.html