FIX unused trailing bytes in ASN.1 SEQUENCE (#296)

Author: vharseko

.github/workflows/build.yml

@@ -41,27 +41,15 @@ jobs:
          path: ~/.m2/repository
          key: ${{ runner.os }}-m2-repository-${{ hashFiles('**/pom.xml') }}
          restore-keys: ${{ runner.os }}-m2-repository
-    - name: Build with Maven
-      env:
-        MAVEN_OPTS: -Dhttps.protocols=TLSv1.2 -Dmaven.wagon.httpconnectionManager.ttlSeconds=120 -Dmaven.wagon.http.retryHandler.requestSentEnabled=true -Dmaven.wagon.http.retryHandler.count=10
-      run: mvn --batch-mode --errors --update-snapshots package --file pom.xml
-    - name: IT test
-      id: failsafe
+    - name: Set Integration Test Environment
+      id: maven-profile-flag
       if: runner.os != 'Windows'
-      timeout-minutes: 120
+      run:   | 
+        echo "MAVEN_PROFILE_FLAG=-P precommit" >> $GITHUB_OUTPUT 
+    - name: Build with Maven
       env:
         MAVEN_OPTS: -Dhttps.protocols=TLSv1.2 -Dmaven.wagon.httpconnectionManager.ttlSeconds=120 -Dmaven.wagon.http.retryHandler.requestSentEnabled=true -Dmaven.wagon.http.retryHandler.count=10
-      run:   |
-        cat /etc/hosts
-        mvn --batch-mode --errors verify --file opendj-server-legacy/pom.xml -P precommit
-    - name: Upload IT test failiure opendj-server-legacy/target
-      uses: actions/upload-artifact@v3
-      if: failure()
-      with:
-        name: failsafe-${{ matrix.os }}-${{ matrix.java }}
-        retention-days: 5
-        path:  |
-            opendj-server-legacy/target/
+      run: mvn --batch-mode --errors --update-snapshots verify --file pom.xml ${{ steps.maven-profile-flag.outputs.MAVEN_PROFILE_FLAG }}
     - name: Test on Unix
       if: runner.os != 'Windows'
       run:   |

opendj-grizzly/src/main/java/org/forgerock/opendj/grizzly/ASN1BufferReader.java

@@ -35,7 +35,13 @@
 /** Grizzly ASN1 reader implementation. */
 final class ASN1BufferReader extends AbstractASN1Reader {
     private final class ChildSequenceLimiter implements SequenceLimiter {
-        private SequenceLimiter parent;
+        @Override
+		public String toString() {
+			return "ChildSequenceLimiter [parent=" + parent + ", child=" + child + ", readLimit=" + readLimit
+					+ ", bytesRead=" + bytesRead + ", remaining()=" + remaining() + "]";
+		}
+
+		private SequenceLimiter parent;
         private ChildSequenceLimiter child;
         private int readLimit;
         private int bytesRead;
@@ -55,7 +61,7 @@ public SequenceLimiter endSequence() throws IOException {
             parent.checkLimit(remaining());
             if (remaining() > 0) {
                 logger.debug(LocalizableMessage.raw(
-                    "Ignoring %d unused trailing bytes in ASN.1 SEQUENCE", remaining()));
+                    "Ignoring %d unused trailing bytes in ASN.1 SEQUENCE: %s", remaining(),toString()));
             }
             for (int i = 0; i < remaining(); i++) {
                 buffer.get();
@@ -81,11 +87,16 @@ public ChildSequenceLimiter startSequence(final int readLimit) {
     }
 
     private final class RootSequenceLimiter implements SequenceLimiter {
-        private ChildSequenceLimiter child;
+        @Override
+		public String toString() {
+			return "RootSequenceLimiter [remaining()=" + remaining() + "]";
+		}
+
+		private ChildSequenceLimiter child;
 
         @Override
         public void checkLimit(final int readSize) throws IOException {
-            if (buffer.remaining() < readSize) {
+            if ( remaining() < readSize) {
                 final LocalizableMessage message = ERR_ASN1_TRUNCATED_LENGTH_BYTE.get();
                 throw DecodeException.fatalError(message);
             }
@@ -99,7 +110,7 @@ public ChildSequenceLimiter endSequence() throws DecodeException {
 
         @Override
         public int remaining() {
-            return buffer.remaining();
+            return buffer.hasRemaining() ? buffer.remaining() : 0;
         }
 
         @Override

opendj-grizzly/src/main/java/org/forgerock/opendj/grizzly/DefaultTCPNIOTransport.java

@@ -135,7 +135,7 @@ protected TCPNIOTransport newInstance() {
             // Enabled by default.
             builder.setReuseAddress(Boolean.parseBoolean(reuseAddressStr));
         }
-        //builder.setMemoryManager(new PooledMemoryManager(true));
+        builder.setMemoryManager(new PooledMemoryManager(true));
 
 
         final TCPNIOTransport transport = builder.build();

opendj-grizzly/src/main/java/org/forgerock/opendj/grizzly/LDAPClientFilter.java

@@ -429,7 +429,7 @@ public final NextAction handleRead(final FilterChainContext ctx) throws IOExcept
                 return ctx.getStopAction(buffer.duplicate());
             }
             final int length = reader.peekLength();
-            final Buffer remainder = buffer.remaining() > length ? buffer.split(buffer.position() + length) : null;
+            final Buffer remainder = (buffer.hasRemaining() && buffer.remaining() > length) ? buffer.split(buffer.position() + length) : null;
             buffer.reset();
             try (final ASN1BufferReader packetReader =
                     new ASN1BufferReader(maxASN1ElementSize, buffer.asReadOnlyBuffer())) {

opendj-grizzly/src/main/java/org/forgerock/opendj/grizzly/ServerTCPNIOTransport.java

@@ -98,7 +98,7 @@ protected TCPNIOTransport newInstance() {
             builder.setReuseAddress(Boolean.parseBoolean(reuseAddressStr));
         }
         // Force usage of PooledMemoryManager which allows to use grizzly's buffers across threads.
-        //builder.setMemoryManager(new PooledMemoryManager(true));
+        builder.setMemoryManager(new PooledMemoryManager(true));
 
         final TCPNIOTransport transport = builder.build();
 

opendj-ldap-toolkit/src/test/java/com/forgerock/opendj/ldap/tools/AuthRateITCase.java

@@ -50,7 +50,7 @@ public Object[][] authRateArgs() throws Exception {
                 args("-h", TestCaseUtils.getServerSocketAddress().getHostName(),
                      "-p", Integer.toString(TestCaseUtils.getServerSocketAddress().getPort()),
                      "-g", "rand(0,1000)", "-D", "uid=%d,ou=people,o=test", "-w", "password",
-                     "-i", "1", "-c", "1", "-m", "10", "-f", "-S", "-B", "0"),
+                     "-i", "1", "-c", "1", "-m", "1000", "-f", "-S", "-B", "0"),
                 THROUGHPUT_TEXT, "" },
         };
     }
@@ -74,7 +74,7 @@ public void testITAuthRate(String[] arguments, Object expectedOut, Object expect
                 //Skip header line
                 for (int i = 1; i < authRateResLines.length; i++) {
                     String[] authRateLineData = authRateResLines[i].split(",");
-                    assertThat(authRateLineData[authRateLineData.length - 1].trim()).isEqualTo("0.0");
+                    assertThat(authRateLineData[authRateLineData.length - 1].trim()).as(outContent).isEqualTo("0.0");
                 }
             }
         }