From 4cb3797d8d124901db426dbe2a1ab12da5cdcac8 Mon Sep 17 00:00:00 2001 From: Georgios Andrianakis Date: Thu, 2 Mar 2023 21:24:00 +0200 Subject: [PATCH] Prevent SSE writing from potentially causing accumulation of headers This could happen if a MessageBodyWriter writes the headers map (which does not make sense for streaming responses, but it's nevertheless allowed by the contract of the MessageBodyWriter) Fixes: #31559 --- .../client/handlers/ClientSetResponseEntityRestHandler.java | 4 ++-- .../resteasy/reactive/client/impl/InboundSseEventImpl.java | 3 ++- .../org/jboss/resteasy/reactive/common/core/Serialisers.java | 2 -- .../java/org/jboss/resteasy/reactive/server/core/SseUtil.java | 3 ++- .../jboss/resteasy/reactive/server/core/StreamingUtil.java | 3 ++- .../server/core/multipart/MultipartMessageBodyWriter.java | 3 ++- 6 files changed, 10 insertions(+), 8 deletions(-) diff --git a/independent-projects/resteasy-reactive/client/runtime/src/main/java/org/jboss/resteasy/reactive/client/handlers/ClientSetResponseEntityRestHandler.java b/independent-projects/resteasy-reactive/client/runtime/src/main/java/org/jboss/resteasy/reactive/client/handlers/ClientSetResponseEntityRestHandler.java index 8b3236f4951e2..cb811043af91b 100644 --- a/independent-projects/resteasy-reactive/client/runtime/src/main/java/org/jboss/resteasy/reactive/client/handlers/ClientSetResponseEntityRestHandler.java +++ b/independent-projects/resteasy-reactive/client/runtime/src/main/java/org/jboss/resteasy/reactive/client/handlers/ClientSetResponseEntityRestHandler.java @@ -5,7 +5,6 @@ import jakarta.ws.rs.client.Entity; import jakarta.ws.rs.core.MediaType; -import jakarta.ws.rs.core.MultivaluedMap; import jakarta.ws.rs.core.Response; import jakarta.ws.rs.core.Response.StatusType; @@ -17,6 +16,7 @@ import org.jboss.resteasy.reactive.client.spi.ClientRestHandler; import org.jboss.resteasy.reactive.common.core.Serialisers; import org.jboss.resteasy.reactive.common.jaxrs.StatusTypeImpl; +import org.jboss.resteasy.reactive.common.util.QuarkusMultivaluedHashMap; import io.vertx.core.buffer.Buffer; @@ -88,7 +88,7 @@ private ByteArrayInputStream entityStreamOfAbortedResponseOf(RestClientRequestCo entity = Entity.entity(untypedEntity, mediaType); } // FIXME: pass headers? - Buffer buffer = context.writeEntity(entity, (MultivaluedMap) Serialisers.EMPTY_MULTI_MAP, + Buffer buffer = context.writeEntity(entity, new QuarkusMultivaluedHashMap<>(), Serialisers.NO_WRITER_INTERCEPTOR); return new ByteArrayInputStream(buffer.getBytes()); } diff --git a/independent-projects/resteasy-reactive/client/runtime/src/main/java/org/jboss/resteasy/reactive/client/impl/InboundSseEventImpl.java b/independent-projects/resteasy-reactive/client/runtime/src/main/java/org/jboss/resteasy/reactive/client/impl/InboundSseEventImpl.java index 80c90ee0c0446..66cecfadab348 100644 --- a/independent-projects/resteasy-reactive/client/runtime/src/main/java/org/jboss/resteasy/reactive/client/impl/InboundSseEventImpl.java +++ b/independent-projects/resteasy-reactive/client/runtime/src/main/java/org/jboss/resteasy/reactive/client/impl/InboundSseEventImpl.java @@ -14,6 +14,7 @@ import org.jboss.resteasy.reactive.common.core.Serialisers; import org.jboss.resteasy.reactive.common.jaxrs.ConfigurationImpl; +import org.jboss.resteasy.reactive.common.util.QuarkusMultivaluedHashMap; public class InboundSseEventImpl implements InboundSseEvent { @@ -120,7 +121,7 @@ public T readData(GenericType type, MediaType mediaType) { InputStream in = new ByteArrayInputStream(data.getBytes(StandardCharsets.UTF_8)); try { return (T) ClientSerialisers.invokeClientReader(null, type.getRawType(), type.getType(), - mediaType, null, null, Serialisers.EMPTY_MULTI_MAP, + mediaType, null, null, new QuarkusMultivaluedHashMap<>(), serialisers, in, Serialisers.NO_READER_INTERCEPTOR, configuration); } catch (IOException e) { throw new UncheckedIOException(e); diff --git a/independent-projects/resteasy-reactive/common/runtime/src/main/java/org/jboss/resteasy/reactive/common/core/Serialisers.java b/independent-projects/resteasy-reactive/common/runtime/src/main/java/org/jboss/resteasy/reactive/common/core/Serialisers.java index b214cc5691aab..18cbc955d960f 100644 --- a/independent-projects/resteasy-reactive/common/runtime/src/main/java/org/jboss/resteasy/reactive/common/core/Serialisers.java +++ b/independent-projects/resteasy-reactive/common/runtime/src/main/java/org/jboss/resteasy/reactive/common/core/Serialisers.java @@ -14,7 +14,6 @@ import jakarta.ws.rs.RuntimeType; import jakarta.ws.rs.core.MediaType; -import jakarta.ws.rs.core.MultivaluedMap; import jakarta.ws.rs.core.Response; import jakarta.ws.rs.ext.MessageBodyReader; import jakarta.ws.rs.ext.MessageBodyWriter; @@ -32,7 +31,6 @@ public abstract class Serialisers { public static final Annotation[] NO_ANNOTATION = new Annotation[0]; public static final ReaderInterceptor[] NO_READER_INTERCEPTOR = new ReaderInterceptor[0]; - public static final MultivaluedMap EMPTY_MULTI_MAP = new QuarkusMultivaluedHashMap<>(); public static final WriterInterceptor[] NO_WRITER_INTERCEPTOR = new WriterInterceptor[0]; protected static final Map, Class> primitivesToWrappers = new HashMap<>(); // FIXME: spec says we should use generic type, but not sure how to pass that type from Jandex to reflection diff --git a/independent-projects/resteasy-reactive/server/runtime/src/main/java/org/jboss/resteasy/reactive/server/core/SseUtil.java b/independent-projects/resteasy-reactive/server/runtime/src/main/java/org/jboss/resteasy/reactive/server/core/SseUtil.java index da88aa6560dd5..f0a3824f25c42 100644 --- a/independent-projects/resteasy-reactive/server/runtime/src/main/java/org/jboss/resteasy/reactive/server/core/SseUtil.java +++ b/independent-projects/resteasy-reactive/server/runtime/src/main/java/org/jboss/resteasy/reactive/server/core/SseUtil.java @@ -18,6 +18,7 @@ import org.jboss.resteasy.reactive.common.core.Serialisers; import org.jboss.resteasy.reactive.common.util.CommonSseUtil; +import org.jboss.resteasy.reactive.common.util.QuarkusMultivaluedHashMap; import org.jboss.resteasy.reactive.server.handlers.PublisherResponseHandler; import org.jboss.resteasy.reactive.server.jaxrs.OutboundSseEventImpl; import org.jboss.resteasy.reactive.server.spi.ServerHttpResponse; @@ -138,7 +139,7 @@ private static String serialiseDataToString(ResteasyReactiveRequestContext conte if (writer.isWriteable(entityClass, entityType, Serialisers.NO_ANNOTATION, mediaType)) { // FIXME: spec doesn't really say what headers we should use here writer.writeTo(entity, entityClass, entityType, Serialisers.NO_ANNOTATION, mediaType, - Serialisers.EMPTY_MULTI_MAP, baos); + new QuarkusMultivaluedHashMap<>(), baos); wrote = true; break; } diff --git a/independent-projects/resteasy-reactive/server/runtime/src/main/java/org/jboss/resteasy/reactive/server/core/StreamingUtil.java b/independent-projects/resteasy-reactive/server/runtime/src/main/java/org/jboss/resteasy/reactive/server/core/StreamingUtil.java index ab04df5cff81c..0903202a53402 100644 --- a/independent-projects/resteasy-reactive/server/runtime/src/main/java/org/jboss/resteasy/reactive/server/core/StreamingUtil.java +++ b/independent-projects/resteasy-reactive/server/runtime/src/main/java/org/jboss/resteasy/reactive/server/core/StreamingUtil.java @@ -14,6 +14,7 @@ import jakarta.ws.rs.ext.MessageBodyWriter; import org.jboss.resteasy.reactive.common.core.Serialisers; +import org.jboss.resteasy.reactive.common.util.QuarkusMultivaluedHashMap; import org.jboss.resteasy.reactive.server.StreamingOutputStream; import org.jboss.resteasy.reactive.server.handlers.PublisherResponseHandler; import org.jboss.resteasy.reactive.server.spi.ServerHttpResponse; @@ -66,7 +67,7 @@ private static byte[] serialiseEntity(ResteasyReactiveRequestContext context, Ob if (writer.isWriteable(entityClass, entityType, Serialisers.NO_ANNOTATION, mediaType)) { // FIXME: spec doesn't really say what headers we should use here writer.writeTo(entity, entityClass, entityType, Serialisers.NO_ANNOTATION, mediaType, - Serialisers.EMPTY_MULTI_MAP, baos); + new QuarkusMultivaluedHashMap<>(), baos); wrote = true; break; } diff --git a/independent-projects/resteasy-reactive/server/runtime/src/main/java/org/jboss/resteasy/reactive/server/core/multipart/MultipartMessageBodyWriter.java b/independent-projects/resteasy-reactive/server/runtime/src/main/java/org/jboss/resteasy/reactive/server/core/multipart/MultipartMessageBodyWriter.java index a8ff157a4af84..6896e96e67225 100644 --- a/independent-projects/resteasy-reactive/server/runtime/src/main/java/org/jboss/resteasy/reactive/server/core/multipart/MultipartMessageBodyWriter.java +++ b/independent-projects/resteasy-reactive/server/runtime/src/main/java/org/jboss/resteasy/reactive/server/core/multipart/MultipartMessageBodyWriter.java @@ -24,6 +24,7 @@ import org.jboss.resteasy.reactive.common.core.Serialisers; import org.jboss.resteasy.reactive.common.reflection.ReflectionBeanFactoryCreator; +import org.jboss.resteasy.reactive.common.util.QuarkusMultivaluedHashMap; import org.jboss.resteasy.reactive.multipart.FileDownload; import org.jboss.resteasy.reactive.server.NoopCloseAndFlushOutputStream; import org.jboss.resteasy.reactive.server.core.CurrentRequestManager; @@ -192,7 +193,7 @@ private void writeEntity(OutputStream os, Object entity, MediaType mediaType, Re try (NoopCloseAndFlushOutputStream writerOutput = new NoopCloseAndFlushOutputStream(os)) { // FIXME: spec doesn't really say what headers we should use here writer.writeTo(entity, entityClass, entityType, Serialisers.NO_ANNOTATION, mediaType, - Serialisers.EMPTY_MULTI_MAP, writerOutput); + new QuarkusMultivaluedHashMap<>(), writerOutput); wrote = true; }