Skip to content

Fix for undertow versions > 2.2.40, 2.3.25 and 2.4.0#11844

Open
vandonr wants to merge 4 commits into
masterfrom
vandonr/fix2
Open

Fix for undertow versions > 2.2.40, 2.3.25 and 2.4.0#11844
vandonr wants to merge 4 commits into
masterfrom
vandonr/fix2

Conversation

@vandonr

@vandonr vandonr commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

What Does This Do

following this CVE fix, the HTTP parser changed.

  • for instrumentation purposes, the new one uses a similar interface, so we can just plug it into the existing advice.
  • in tests, since the behavior changed a bit, we need a special case to handle old vs new

Motivation

LatestDepTests failed

Additional Notes

since the old parser was an abstract class and the new one is a final, we cannot reuse the existing Instrumenter.ForTypeHierarchy instrumentation and need to create a new class that inherits from Instrumenter.ForSingleType instead.

Contributor Checklist

  • Format the title according to the contribution guidelines
  • Assign the type: and (comp: or inst:) labels in addition to any other useful labels
  • Avoid using close, fix, or any linking keywords when referencing an issue
    Use solves instead, and assign the PR milestone to the issue
  • Update the CODEOWNERS file on source file addition, migration, or deletion
  • Update public documentation with any new configuration flags or behaviors
  • Add your completed PR to the merge queue by commenting /merge. You can also:
    • Customize the commit message associated with the merge with /merge --commit-message "..."
    • Remove your PR from the merge queue with /merge -c
    • Skip all merge queue checks with /merge -f --reason "reason"; please use this judiciously, as some checks do not run at the PR-level (note: the PR still needs to be mergeable, this will only skip the pre-merge build)
    • Get more information in this doc

Jira ticket: [PROJ-IDENT]

@datadog-prod-us1-5

datadog-prod-us1-5 Bot commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

🎯 Code Coverage (details)
Patch Coverage: 100.00%
Overall Coverage: 69.73% (+12.79%)

This comment will be updated automatically if new data arrives.
🔗 Commit SHA: 9fbd0c2 | Docs | Datadog PR Page | Give us feedback!

@dd-octo-sts

dd-octo-sts Bot commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

🟢 Java Benchmark SLOs — All performance SLOs passed

Suite Status
Startup 🟢 pass

SLO thresholds are defined here based on automatically generated metrics. A warning is raised when results are within 5% of the threshold.

PR vs. master results
Scenario Candidate master Δ (95% CI of mean)
startup:insecure-bank:iast:Agent 14.79 s 14.60 s [+0.5%; +2.0%] (maybe worse)
startup:insecure-bank:tracing:Agent 13.64 s 13.75 s [-1.9%; +0.2%] (no difference)
startup:petclinic:appsec:Agent 16.93 s 16.84 s [-0.4%; +1.5%] (no difference)
startup:petclinic:iast:Agent 16.22 s 16.98 s [-8.7%; -0.3%] (maybe better)
startup:petclinic:profiling:Agent 16.79 s 16.84 s [-1.3%; +0.7%] (no difference)
startup:petclinic:sca:Agent 16.89 s 16.61 s [+0.7%; +2.6%] (maybe worse)
startup:petclinic:tracing:Agent 16.08 s 16.21 s [-1.6%; -0.0%] (maybe better)

Commit: 9fbd0c20 · CI Pipeline · Benchmarking Platform UI


Load and DaCapo benchmarks can be triggered manually in the GitLab pipeline. Results will appear in the Benchmarking Platform UI after completion.

@vandonr vandonr changed the title Fix for undertow latest versions Fix for undertow versions > 2.2.40, 2.3.25 and 2.4.0 Jul 8, 2026
@vandonr vandonr added type: bug fix Bug fix inst: others All other instrumentations labels Jul 8, 2026
@vandonr vandonr marked this pull request as ready for review July 8, 2026 10:01
@vandonr vandonr requested a review from a team as a code owner July 8, 2026 10:01
@vandonr vandonr requested review from ygree and removed request for a team July 8, 2026 10:01
@vandonr

vandonr commented Jul 8, 2026

Copy link
Copy Markdown
Contributor Author

@codex review

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 81d352e8ab

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

// Older versions match the decoded servlet path on redispatch,
// while the newer RequestParser expects the raw encoded path;
// using the other form either misses the servlet mapping or hangs.
asyncContext.dispatch(hasNewRequestParser() ? ep.rawPath : req.servletPath)

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Badge Migrate touched Groovy test to JUnit 5

This patch adds new behavior to an existing Groovy/Spock test, but the root AGENTS.md for this tree says to use JUnit 5 and to migrate an existing Groovy test when it is written in Groovy. Please move this updated coverage to a JUnit 5 test instead of extending UndertowServletAsyncTest.groovy.

Useful? React with 👍 / 👎.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

inst: others All other instrumentations type: bug fix Bug fix

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant