Merge pull request #1411 from rmartinc/UNDERTOW-2206

[UNDERTOW-1591][UNDERTOW-2123][UNDERTOW-2206] IAE trying to decode a requestPath

Author: ropalka

core/src/main/java/io/undertow/server/Connectors.java

@@ -32,10 +32,12 @@
 import io.undertow.util.StatusCodes;
 import io.undertow.util.URLUtils;
 import io.undertow.connector.PooledByteBuffer;
+import org.xnio.OptionMap;
 import org.xnio.channels.StreamSourceChannel;
 import org.xnio.conduits.ConduitStreamSinkChannel;
 
 import java.io.IOException;
+import java.nio.charset.StandardCharsets;
 import java.util.Date;
 import java.util.concurrent.Executor;
 import java.util.concurrent.RejectedExecutionException;
@@ -447,13 +449,33 @@ public static void setExchangeRequestPath(final HttpServerExchange exchange, fin
             throw new RuntimeException(e);
         }
     }
-        /**
-         * Sets the request path and query parameters, decoding to the requested charset.
-         *
-         * @param exchange    The exchange
-         * @param encodedPath        The encoded path
-         * @param charset     The charset
-         */
+
+    /**
+     * Sets the request path and query parameters, decoding to the requested charset.
+     * All the options are retrieved from the exchange undertow options.
+     *
+     * @param exchange The exchange
+     * @param encodedPath The encoded path to decode
+     * @param decodeBuffer The decode buffer to use
+     * @throws ParameterLimitException
+     */
+    public static void setExchangeRequestPath(final HttpServerExchange exchange, final String encodedPath, StringBuilder decodeBuffer) throws ParameterLimitException {
+        final OptionMap options = exchange.getConnection().getUndertowOptions();
+        setExchangeRequestPath(exchange, encodedPath,
+                options.get(UndertowOptions.URL_CHARSET, StandardCharsets.UTF_8.name()),
+                options.get(UndertowOptions.DECODE_URL, true),
+                options.get(UndertowOptions.ALLOW_ENCODED_SLASH, false),
+                decodeBuffer,
+                options.get(UndertowOptions.MAX_PARAMETERS, UndertowOptions.DEFAULT_MAX_PARAMETERS));
+    }
+
+    /**
+     * Sets the request path and query parameters, decoding to the requested charset.
+     *
+     * @param exchange    The exchange
+     * @param encodedPath The encoded path
+     * @param charset     The charset
+     */
     public static void setExchangeRequestPath(final HttpServerExchange exchange, final String encodedPath, final String charset, boolean decode, final boolean allowEncodedSlash, StringBuilder decodeBuffer, int maxParameters) throws ParameterLimitException {
         boolean requiresDecode = false;
         final StringBuilder pathBuilder = new StringBuilder();

core/src/main/java/io/undertow/server/protocol/http/HttpRequestParser.java

@@ -619,7 +619,7 @@ final void handlePathParameters(ByteBuffer buffer, ParseState state, HttpServerE
                 handleParsedParam(param, stringBuilder.substring(pos), exchange, urlDecodeRequired, state);
                 final String path = stringBuilder.toString();
                 // the canonicalPathStart should be the current length to not add anything to it
-                parsePathComplete(state, exchange, path.length(), state.parseState, urlDecodeRequired, path);
+                parsePathComplete(state, exchange, path.length(), state.parseState, state.urlDecodeRequired, path);
                 state.state = ParseState.VERSION;
                 state.nextQueryParam = null;
                 if (next == '?') {

servlet/src/main/java/io/undertow/servlet/spec/AsyncContextImpl.java

@@ -21,9 +21,7 @@
 import java.io.IOException;
 import java.util.ArrayDeque;
 import java.util.Deque;
-import java.util.HashMap;
 import java.util.List;
-import java.util.Map;
 import java.util.concurrent.CopyOnWriteArrayList;
 import java.util.concurrent.Executor;
 import java.util.concurrent.TimeUnit;
@@ -61,8 +59,10 @@
 import io.undertow.servlet.handlers.ServletDebugPageHandler;
 import io.undertow.servlet.handlers.ServletPathMatch;
 import io.undertow.servlet.handlers.ServletRequestContext;
+import io.undertow.servlet.util.DispatchUtils;
 import io.undertow.util.CanonicalPathUtils;
 import io.undertow.util.Headers;
+import io.undertow.util.ParameterLimitException;
 import io.undertow.util.SameThreadExecutor;
 import io.undertow.util.StatusCodes;
 import io.undertow.util.WorkerUtils;
@@ -219,53 +219,15 @@ public void dispatch(final ServletContext context, final String path) {
 
         HttpServletRequestImpl requestImpl = servletRequestContext.getOriginalRequest();
         HttpServletResponseImpl responseImpl = servletRequestContext.getOriginalResponse();
-        final HttpServerExchange exchange = requestImpl.getExchange();
 
-        exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY).setDispatcherType(DispatcherType.ASYNC);
-
-        requestImpl.setAttribute(ASYNC_REQUEST_URI, requestImpl.getOriginalRequestURI());
-        requestImpl.setAttribute(ASYNC_CONTEXT_PATH, requestImpl.getOriginalContextPath());
-        requestImpl.setAttribute(ASYNC_SERVLET_PATH, requestImpl.getOriginalServletPath());
-        requestImpl.setAttribute(ASYNC_QUERY_STRING, requestImpl.getOriginalQueryString());
-
-        String newQueryString = "";
-        int qsPos = path.indexOf("?");
-        String newServletPath = path;
-        if (qsPos != -1) {
-            newQueryString = newServletPath.substring(qsPos + 1);
-            newServletPath = newServletPath.substring(0, qsPos);
-        }
-        String newRequestUri = context.getContextPath() + newServletPath;
-
-        //todo: a more efficient impl
-        Map<String, Deque<String>> newQueryParameters = new HashMap<>();
-        for (String part : newQueryString.split("&")) {
-            String name = part;
-            String value = "";
-            int equals = part.indexOf('=');
-            if (equals != -1) {
-                name = part.substring(0, equals);
-                value = part.substring(equals + 1);
-            }
-            Deque<String> queue = newQueryParameters.get(name);
-            if (queue == null) {
-                newQueryParameters.put(name, queue = new ArrayDeque<>(1));
-            }
-            queue.add(value);
+        ServletPathMatch info;
+        try {
+            info = DispatchUtils.dispatchAsync(path, requestImpl, responseImpl, (ServletContextImpl) context);
+        } catch (ParameterLimitException e) {
+            throw new IllegalStateException(e);
         }
-        requestImpl.setQueryParameters(newQueryParameters);
-
-        requestImpl.getExchange().setRelativePath(newServletPath);
-        requestImpl.getExchange().setQueryString(newQueryString);
-        requestImpl.getExchange().setRequestPath(newRequestUri);
-        requestImpl.getExchange().setRequestURI(newRequestUri);
-        requestImpl.setServletContext((ServletContextImpl) context);
-        responseImpl.setServletContext((ServletContextImpl) context);
 
         Deployment deployment = requestImpl.getServletContext().getDeployment();
-        ServletPathMatch info = deployment.getServletPaths().getServletHandlerByPath(newServletPath);
-        requestImpl.getExchange().getAttachment(ServletRequestContext.ATTACHMENT_KEY).setServletPathMatch(info);
-
         dispatchAsyncRequest(deployment.getServletDispatcher(), info, exchange);
     }
 

servlet/src/main/java/io/undertow/servlet/spec/HttpServletRequestImpl.java

@@ -18,7 +18,6 @@
 
 package io.undertow.servlet.spec;
 
-import io.undertow.UndertowOptions;
 import io.undertow.security.api.SecurityContext;
 import io.undertow.security.idm.Account;
 import io.undertow.server.HttpServerExchange;
@@ -56,7 +55,6 @@
 import java.io.UnsupportedEncodingException;
 import java.net.InetAddress;
 import java.net.InetSocketAddress;
-import java.net.URLDecoder;
 import java.nio.charset.Charset;
 import java.nio.charset.StandardCharsets;
 import java.nio.charset.UnsupportedCharsetException;
@@ -291,29 +289,16 @@ public String getMethod() {
 
     @Override
     public String getPathInfo() {
-        final ServletPathMatch match = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY).getServletPathMatch();
-        return match != null ? decodeURL(match.getRemaining()) : null;
-    }
-
-    private String decodeURL(final String s) {
-        try {
-            return s != null && s.length() > 0 ? URLDecoder.decode(s, getURLEncoding()) : s;
-        } catch (UnsupportedEncodingException ignored) {
-            throw new IllegalStateException(); // cannot happen
+        ServletPathMatch match = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY).getServletPathMatch();
+        if (match != null) {
+            return match.getRemaining();
         }
-    }
-
-    private String getURLEncoding() {
-        return exchange.getConnection().getUndertowOptions().get(UndertowOptions.URL_CHARSET, StandardCharsets.UTF_8.name());
+        return null;
     }
 
     @Override
     public String getPathTranslated() {
-        ServletPathMatch match = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY).getServletPathMatch();
-        if (match != null) {
-            return servletContext.getRealPath(match.getRemaining());
-        }
-        return null;
+        return servletContext.getRealPath(getPathInfo());
     }
 
     @Override
@@ -453,8 +438,11 @@ public StringBuffer getRequestURL() {
 
     @Override
     public String getServletPath() {
-        final ServletPathMatch match = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY).getServletPathMatch();
-        return match != null ? decodeURL(match.getMatched()) : "";
+        ServletPathMatch match = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY).getServletPathMatch();
+        if (match != null) {
+            return match.getMatched();
+        }
+        return "";
     }
 
     @Override
@@ -1183,11 +1171,7 @@ public String getOriginalServletPath() {
         if(uri != null) {
             return uri;
         }
-        ServletPathMatch match = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY).getServletPathMatch();
-        if (match != null) {
-            return match.getMatched();
-        }
-        return "";
+        return getServletPath();
     }
 
     public String getOriginalPathInfo() {
@@ -1199,11 +1183,7 @@ public String getOriginalPathInfo() {
         if(uri != null) {
             return uri;
         }
-        ServletPathMatch match = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY).getServletPathMatch();
-        if (match != null) {
-            return match.getRemaining();
-        }
-        return null;
+        return getPathInfo();
     }
 
     public String getOriginalContextPath() {