What about security vulnarability tools scanning RHDG ports?
Issue
- We run scanner to detect vulnerabilities which scan also the DG endpoints, should we avoid it?
- Should it be avoided to run security scanner to detect vulnerability against Data Grid ports?
- What to do if a security scanner detects a DG server is vulnerable?
- We have several WARN and ERROR messages found in our logfile, what is the purpose or it? Here some examples
WARN [org.infinispan.rest.Http20RequestHandler] (REST-ServerWorker-5-6) ISPN012006: Uncaught exception in the pipeline: java.lang.StringIndexOutOfBoundsException: String index out of range: -1
at java.lang.String.substring(String.java:1931)
at org.infinispan.rest.InfinispanRequestFactory.createRequest(InfinispanRequestFactory.java:35)
at org.infinispan.rest.Http20RequestHandler.channelRead0(Http20RequestHandler.java:53)
at org.infinispan.rest.Http11RequestHandler.channelRead0(Http11RequestHandler.java:35)
at org.infinispan.rest.Http11RequestHandler.channelRead0(Http11RequestHandler.java:18)
at io.netty.channel.SimpleChannelInboundHandler.channelRead(SimpleChannelInboundHandler.java:105)
...
ERROR [org.infinispan.server.memcached.MemcachedDecoder] (Memcached-ServerWorker-4-2) ISPN005003: Exception reported: org.infinispan.server.memcached.UnknownOperationException: Unknown operation: �\00�\�.6$4' "�i��7#�'����ٮ�\00�\00\00\00\00\00\00\00\00\00\00
\00\00\00 \00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00"\00#\00
at org.infinispan.server.memcached.MemcachedDecoder.toRequest(MemcachedDecoder.java:1076)
at org.infinispan.server.memcached.MemcachedDecoder.readHeader(MemcachedDecoder.java:327)
at org.infinispan.server.memcached.MemcachedDecoder.decodeHeader(MemcachedDecoder.java:207)
at org.infinispan.server.memcached.MemcachedDecoder.decodeDispatch(MemcachedDecoder.java:185)
at org.infinispan.server.memcached.MemcachedDecoder.decode(MemcachedDecoder.java:138)
at io.netty.handler.codec.ReplayingDecoder.callDecode(ReplayingDecoder.java:367)
...
ERROR [org.infinispan.server.memcached.MemcachedDecoder] (Memcached-ServerWorker-4-3) ISPN005003: Exception reported: org.infinispan.server.memcached.UnknownOperationException: Unknown operation: \00�\00�\00\�.6$4' "�i��7#�'����ٮ�\00�\00\00\00\00\00\00\00\00\00\00 \00\00\00 \00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00"\00#\00
...
2018-12-01 01:20:09,635 WARN [org.infinispan.rest.Http20RequestHandler] (REST-ServerWorker-5-1) ISPN012006: Uncaught exception in the pipeline: java.lang.IllegalArgumentException: invalid escape sequence `%lo' at index 0 of: %login-config.xml
The new DG 7.3.6 cluster are crashing with this error:
2020-11-13 02:53:45,265 ERROR [org.infinispan.rest.Http20RequestHandler] (REST-ServerIO-5-14) ISPN012006: Uncaught exception in the pipeline: java.lang.IllegalArgumentException: unterminated escape sequence at index 0 of: %.
at io.netty.handler.codec.http.QueryStringDecoder.decodeComponent(QueryStringDecoder.java:371)
at io.netty.handler.codec.http.QueryStringDecoder.path(QueryStringDecoder.java:189)
at org.infinispan.rest.InfinispanRequestFactory.createRequest(InfinispanRequestFactory.java:35)
at org.infinispan.rest.Http20RequestHandler.channelRead0(Http20RequestHandler.java:54)
at org.infinispan.rest.Http11RequestHandler.channelRead0(Http11RequestHandler.java:35)
at org.infinispan.rest.Http11RequestHandler.channelRead0(Http11RequestHandler.java:18)
at io.netty.channel.SimpleChannelInboundHandler.channelRead(SimpleChannelInboundHandler.java:99)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:377)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:363)
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:355)
at io.netty.handler.codec.MessageToMessageDecoder.channelRead(MessageToMessageDecoder.java:102)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:377)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:363)
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:355)
at io.netty.handler.codec.MessageToMessageDecoder.channelRead(MessageToMessageDecoder.java:102)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:377)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:363)
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:355)
at io.netty.handler.codec.MessageToMessageDecoder.channelRead(MessageToMessageDecoder.java:102)
at io.netty.handler.codec.MessageToMessageCodec.channelRead(MessageToMessageCodec.java:111)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:377)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:363)
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:355)
at org.infinispan.rest.cors.CorsHandler.channelRead(CorsHandler.java:75)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:377)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:363)
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:355)
at io.netty.channel.CombinedChannelDuplexHandler$DelegatingChannelHandlerContext.fireChannelRead(CombinedChannelDuplexHandler.java:436)
at io.netty.handler.codec.ByteToMessageDecoder.fireChannelRead(ByteToMessageDecoder.java:321)
at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:295)
at io.netty.channel.CombinedChannelDuplexHandler.channelRead(CombinedChannelDuplexHandler.java:251)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:377)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:363)
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:355)
at io.netty.channel.ChannelInboundHandlerAdapter.channelRead(ChannelInboundHandlerAdapter.java:93)
at org.infinispan.server.core.transport.StatsChannelHandler.channelRead(StatsChannelHandler.java:26)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:377)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:363)
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:355)
at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1410)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:377)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:363)
at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:919)
at io.netty.channel.epoll.AbstractEpollStreamChannel$EpollStreamUnsafe.epollInReady(AbstractEpollStreamChannel.java:792)
at io.netty.channel.epoll.EpollEventLoop.processReady(EpollEventLoop.java:475)
at io.netty.channel.epoll.EpollEventLoop.run(EpollEventLoop.java:378)
at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:989)
at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
at java.lang.Thread.run(Thread.java:748)
Environment
- Red Hat Data Grid (RHDG)
- 7.x
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
