tomcat/CVE-2025-31650-3.patch

From b7674782679e1514a0d154166b1d04d38aaac4a9 Mon Sep 17 00:00:00 2001
From: Mark Thomas <markt@apache.org>
Date: Wed, 19 Mar 2025 03:47:11 +0000
Subject: [PATCH] Improve handling of unexpected errors during HTTP/2
 processing

Origin: https://github.com/apache/tomcat/commit/b7674782679e1514a0d154166b1d04d38aaac4a9

---
 java/org/apache/coyote/http2/Http2UpgradeHandler.java | 8 ++++++++
 java/org/apache/coyote/http2/LocalStrings.properties  | 1 +
 3 files changed, 12 insertions(+)

diff --git a/java/org/apache/coyote/http2/Http2UpgradeHandler.java b/java/org/apache/coyote/http2/Http2UpgradeHandler.java
index 54e119b3f36b..38a81309a6e0 100644
--- a/java/org/apache/coyote/http2/Http2UpgradeHandler.java
+++ b/java/org/apache/coyote/http2/Http2UpgradeHandler.java
@@ -47,6 +47,7 @@
 import org.apache.coyote.http2.Http2Parser.Output;
 import org.apache.juli.logging.Log;
 import org.apache.juli.logging.LogFactory;
+import org.apache.tomcat.util.ExceptionUtils;
 import org.apache.tomcat.util.http.MimeHeaders;
 import org.apache.tomcat.util.http.parser.Priority;
 import org.apache.tomcat.util.log.UserDataHelper;
@@ -439,6 +440,13 @@ public SocketState upgradeDispatch(SocketEvent status) {
                 log.debug(sm.getString("upgradeHandler.ioerror", connectionId), ioe);
             }
             close();
+        } catch (Throwable t) {
+            ExceptionUtils.handleThrowable(t);
+            if (log.isDebugEnabled()) {
+                log.debug(sm.getString("upgradeHandler.throwable", connectionId), t);
+            }
+            // Unexpected errors close the connection.
+            close();
         }
 
         if (log.isTraceEnabled()) {
diff --git a/java/org/apache/coyote/http2/LocalStrings.properties b/java/org/apache/coyote/http2/LocalStrings.properties
index 114f546017d4..61cb8497bf4b 100644
--- a/java/org/apache/coyote/http2/LocalStrings.properties
+++ b/java/org/apache/coyote/http2/LocalStrings.properties
@@ -160,6 +160,7 @@ upgradeHandler.stream.error=Connection [{0}], Stream [{1}] Closed due to error
 upgradeHandler.stream.even=A new remote stream ID of [{0}] was requested but all remote streams must use odd identifiers
 upgradeHandler.stream.notWritable=Connection [{0}], Stream [{1}], This stream is in state [{2}] and is not writable
 upgradeHandler.stream.old=A new remote stream ID of [{0}] was requested but the most recent stream was [{1}]
+upgradeHandler.throwable=Connection [{0}]
 upgradeHandler.tooManyRemoteStreams=The client attempted to use more than [{0}] active streams
 upgradeHandler.tooMuchOverhead=Connection [{0}], Too much overhead so the connection will be closed
 upgradeHandler.unexpectedAck=Connection [{0}], Stream [{1}], A settings acknowledgement was received when not expected