java.nio.BufferOverflowException

jackcess | pgervaise | 1 year ago
  1. 0

    BufferOverflowException

    jackcess | 1 year ago | pgervaise
    java.nio.BufferOverflowException
  2. 0

    Does not show RAW XML data

    Stack Overflow | 2 years ago | Haziq Sheikh
    java.nio.BufferOverflowException
  3. Speed up your debug routine!

    Automated exception search integrated into your IDE

  4. 0

    Bug reported at http://mail.openjdk.java.net/pipermail/security-dev/2016-February/013387.html ---------------------------------------------------------- Hi, while supporting an app development team, I'm facing a tough TLS issue - maybe you experts have an idea. They try to open an HTTPS connection to the server URL https://nfe-homologacao.sefazrs.rs.gov.br:443/ws/NfeAutorizacao/NFeAutorizacao.asmx. This is a Web Service of some Brazilian financial authority. So, what I'm basically doing is this: --code snippet-- URL url = new URL("https://nfe-homologacao.sefazrs.rs.gov.br:443/ws/NfeAutorizacao/NFeAutorizacao.asmx"); HttpsURLConnection con = (HttpsURLConnection)url.openConnection(); con.setHostnameVerifier(new DefaultHostnameVerifier()); // optional default is GET con.setRequestMethod("GET"); System.out.println("Sending 'GET' request to URL: " + url); int responseCode = con.getResponseCode(); System.out.println("Response Code: " + responseCode); --end code snippet- I expect it to return "403 - not authorized". The coding will work with JDK7. However, with JDK8, I get this type of exception: java.net.SocketException: Unrecognized Windows Sockets error: 0: recv failed at java.net.SocketInputStream.socketRead0(Native Method) at java.net.SocketInputStream.socketRead(SocketInputStream.java:116) at java.net.SocketInputStream.read(SocketInputStream.java:170) at java.net.SocketInputStream.read(SocketInputStream.java:141) at sun.security.ssl.InputRecord.readFully(InputRecord.java:465) at sun.security.ssl.InputRecord.read(InputRecord.java:503) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:973) at sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:930) at sun.security.ssl.AppInputStream.read(AppInputStream.java:105) at java.io.BufferedInputStream.fill(BufferedInputStream.java:246) at java.io.BufferedInputStream.read1(BufferedInputStream.java:286) at java.io.BufferedInputStream.read(BufferedInputStream.java:345) at sun.net.www.http.HttpClient.parseHTTPHeader(HttpClient.java:704) at sun.net.www.http.HttpClient.parseHTTP(HttpClient.java:647) at sun.net.www.http.HttpClient.parseHTTP(HttpClient.java:675) at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1536) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1441) at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:480) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:338) ... I can get it to work in JDK8 by forcing it to TLSv1 only, e.g. by setting property -Djdk.tls.client.protocols=TLSv1. For JDK9 I even get a different exception: javax.net.ssl.SSLException: java.nio.BufferOverflowException at sun.security.ssl.Alerts.getSSLException(Alerts.java:214) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1948) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1900) at sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1883) at sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1809) at sun.security.ssl.AppInputStream.read(AppInputStream.java:173) at java.io.BufferedInputStream.fill(BufferedInputStream.java:246) at java.io.BufferedInputStream.read1(BufferedInputStream.java:286) at java.io.BufferedInputStream.read(BufferedInputStream.java:345) at sun.net.www.http.HttpClient.parseHTTPHeader(HttpClient.java:704) at sun.net.www.http.HttpClient.parseHTTP(HttpClient.java:647) at sun.net.www.http.HttpClient.parseHTTP(HttpClient.java:675) at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1534) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1439) at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:480) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:319) at com.sap.cl.HttpsURLConnectionTest.sendGETRequest(HttpsURLConnectionTest.java:42) at com.sap.cl.HttpsURLConnectionTest.main(HttpsURLConnectionTest.java:63) Caused by: java.nio.BufferOverflowException at java.nio.HeapByteBuffer.put(HeapByteBuffer.java:206) at sun.security.ssl.SSLSocketInputRecord.decodeInputRecord(SSLSocketInputRecord.java:226) at sun.security.ssl.SSLSocketInputRecord.decode(SSLSocketInputRecord.java:178) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1012) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:957) at sun.security.ssl.AppInputStream.read(AppInputStream.java:159) ... 12 more I've debugged a lot today and tried to get something out of the javax.net.debug output but I didn't get any further with this - probably due to my lack of understanding the details of TLS communication and its implementation. I know the server is using some legacy protocol but still I think it should work. Maybe someone has any helpful idea? Is it a bug? You can simply try to run my test code snippet and should see the issue immediately... Thanks Christoph

    JDK Bug System | 10 months ago | Xue-Lei Fan
    javax.net.ssl.SSLException: java.nio.BufferOverflowException
  5. 0

    Bug reported at http://mail.openjdk.java.net/pipermail/security-dev/2016-February/013387.html ---------------------------------------------------------- Hi, while supporting an app development team, I'm facing a tough TLS issue - maybe you experts have an idea. They try to open an HTTPS connection to the server URL https://nfe-homologacao.sefazrs.rs.gov.br:443/ws/NfeAutorizacao/NFeAutorizacao.asmx. This is a Web Service of some Brazilian financial authority. So, what I'm basically doing is this: --code snippet-- URL url = new URL("https://nfe-homologacao.sefazrs.rs.gov.br:443/ws/NfeAutorizacao/NFeAutorizacao.asmx"); HttpsURLConnection con = (HttpsURLConnection)url.openConnection(); con.setHostnameVerifier(new DefaultHostnameVerifier()); // optional default is GET con.setRequestMethod("GET"); System.out.println("Sending 'GET' request to URL: " + url); int responseCode = con.getResponseCode(); System.out.println("Response Code: " + responseCode); --end code snippet- I expect it to return "403 - not authorized". The coding will work with JDK7. However, with JDK8, I get this type of exception: java.net.SocketException: Unrecognized Windows Sockets error: 0: recv failed at java.net.SocketInputStream.socketRead0(Native Method) at java.net.SocketInputStream.socketRead(SocketInputStream.java:116) at java.net.SocketInputStream.read(SocketInputStream.java:170) at java.net.SocketInputStream.read(SocketInputStream.java:141) at sun.security.ssl.InputRecord.readFully(InputRecord.java:465) at sun.security.ssl.InputRecord.read(InputRecord.java:503) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:973) at sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:930) at sun.security.ssl.AppInputStream.read(AppInputStream.java:105) at java.io.BufferedInputStream.fill(BufferedInputStream.java:246) at java.io.BufferedInputStream.read1(BufferedInputStream.java:286) at java.io.BufferedInputStream.read(BufferedInputStream.java:345) at sun.net.www.http.HttpClient.parseHTTPHeader(HttpClient.java:704) at sun.net.www.http.HttpClient.parseHTTP(HttpClient.java:647) at sun.net.www.http.HttpClient.parseHTTP(HttpClient.java:675) at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1536) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1441) at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:480) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:338) ... I can get it to work in JDK8 by forcing it to TLSv1 only, e.g. by setting property -Djdk.tls.client.protocols=TLSv1. For JDK9 I even get a different exception: javax.net.ssl.SSLException: java.nio.BufferOverflowException at sun.security.ssl.Alerts.getSSLException(Alerts.java:214) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1948) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1900) at sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1883) at sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1809) at sun.security.ssl.AppInputStream.read(AppInputStream.java:173) at java.io.BufferedInputStream.fill(BufferedInputStream.java:246) at java.io.BufferedInputStream.read1(BufferedInputStream.java:286) at java.io.BufferedInputStream.read(BufferedInputStream.java:345) at sun.net.www.http.HttpClient.parseHTTPHeader(HttpClient.java:704) at sun.net.www.http.HttpClient.parseHTTP(HttpClient.java:647) at sun.net.www.http.HttpClient.parseHTTP(HttpClient.java:675) at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1534) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1439) at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:480) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:319) at com.sap.cl.HttpsURLConnectionTest.sendGETRequest(HttpsURLConnectionTest.java:42) at com.sap.cl.HttpsURLConnectionTest.main(HttpsURLConnectionTest.java:63) Caused by: java.nio.BufferOverflowException at java.nio.HeapByteBuffer.put(HeapByteBuffer.java:206) at sun.security.ssl.SSLSocketInputRecord.decodeInputRecord(SSLSocketInputRecord.java:226) at sun.security.ssl.SSLSocketInputRecord.decode(SSLSocketInputRecord.java:178) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1012) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:957) at sun.security.ssl.AppInputStream.read(AppInputStream.java:159) ... 12 more I've debugged a lot today and tried to get something out of the javax.net.debug output but I didn't get any further with this - probably due to my lack of understanding the details of TLS communication and its implementation. I know the server is using some legacy protocol but still I think it should work. Maybe someone has any helpful idea? Is it a bug? You can simply try to run my test code snippet and should see the issue immediately... Thanks Christoph

    JDK Bug System | 10 months ago | Xue-Lei Fan
    javax.net.ssl.SSLException: java.nio.BufferOverflowException

  1. Sreekesh Alwayswithyourvision 1 times, last 11 months ago
6 unregistered visitors
Not finding the right solution?
Take a tour to get the most out of Samebug.

Tired of useless tips?

Automated exception search integrated into your IDE

Root Cause Analysis

  1. java.nio.BufferOverflowException

    No message provided

    at java.nio.HeapByteBuffer.put()
  2. Java RT
    HeapByteBuffer.put
    1. java.nio.HeapByteBuffer.put(HeapByteBuffer.java:206)
    1 frame
  3. com.healthmarketscience.jackcess
    TableImpl.addRowFromMap
    1. com.healthmarketscience.jackcess.impl.TableImpl.createRow(TableImpl.java:2151)
    2. com.healthmarketscience.jackcess.impl.TableImpl.createRow(TableImpl.java:2035)
    3. com.healthmarketscience.jackcess.impl.TableImpl.addRows(TableImpl.java:1568)
    4. com.healthmarketscience.jackcess.impl.TableImpl.addRow(TableImpl.java:1461)
    5. com.healthmarketscience.jackcess.impl.TableImpl.addRowFromMap(TableImpl.java:1469)
    5 frames
  4. Unknown
    BufferOverflowException.main
    1. BufferOverflowException.main(BufferOverflowException.java:47)
    1 frame