From 294b2ba02b667548617a94cd99592110ac230add Mon Sep 17 00:00:00 2001 From: Simone Bordet Date: Mon, 22 Mar 2021 10:39:36 +0100 Subject: [PATCH] Fixes #6072 - jetty server high CPU when client send data length > 17408. Updates after review. Signed-off-by: Simone Bordet --- .../main/java/org/eclipse/jetty/io/ssl/SslConnection.java | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/jetty-io/src/main/java/org/eclipse/jetty/io/ssl/SslConnection.java b/jetty-io/src/main/java/org/eclipse/jetty/io/ssl/SslConnection.java index bd7c6d49de0..b1f3d322aeb 100644 --- a/jetty-io/src/main/java/org/eclipse/jetty/io/ssl/SslConnection.java +++ b/jetty-io/src/main/java/org/eclipse/jetty/io/ssl/SslConnection.java @@ -729,13 +729,15 @@ public class SslConnection extends AbstractConnection implements Connection.Upgr return filled = -1; case BUFFER_UNDERFLOW: - if (netFilled > 0) + if (BufferUtil.space(_encryptedInput) == 0) { - if (BufferUtil.space(_encryptedInput) > 0) - continue; // try filling some more BufferUtil.clear(_encryptedInput); throw new SSLHandshakeException("Encrypted buffer max length exceeded"); } + + if (netFilled > 0) + continue; // try filling some more + _underflown = true; if (netFilled < 0 && _sslEngine.getUseClientMode()) {