A fix is available
APAR status
Closed as program error.
Error description
You notice your CICS region intermittently receives: DFHWB0001 An abend (code 0C4/AKEA) has occurred at offset x'25C4' in module DFHWBAP. The failure occurs on a MVCL instruction 0E0E at x'25C2' within DFHWBAP. The failing command is a WEB EXTRACT HTTPMETHOD HTTPVERSION QUERYSTRING. The abend0c4 is exposed by the unusual HTTP request. The URI is fully qualified yet the path is empty. Later on when the EXEC CICS WEB EXTRACT HTTPVERSION QUERYSTRING command executes, we end up in Webrequest_inquire. The code processes the HTTPVERSION option OK and at this point reg1 happens to be 0. We now try to process the QUERYSTRING option. scan_ptr points into the HTTP request at the offset designated by wrb_resource_offset (past the querystring). scan_limit happens to have been set to the same as scan_ptr. The consequence is that we fail to execute the code which searches for the '?' which starts the querystring. The code now checks reg2 assuming that we performed some kind of search. Register 2 is non-zero and happens to point to a work buffer. The code assumes that the querystring has been located and that reg1 points there. Register 1 actually points to low core. The code now tries to copy from low core into the caller's buffer using a source length which is enormous. During this copy from lowcore, we encounter a page which is fetch protected causing the program check. Additional Symptom(s) Search Keyword(s): kIXREVSCB
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: All CICS users. * **************************************************************** * PROBLEM DESCRIPTION: DFHWB0001 AN ABEND (CODE 0C4/AKEA) HAS * * OCCURRED AT OFFSET X'25C4' IN MODULE * * DFHWBAP when issuing EXEC CICS WEB * * EXTRACT. * **************************************************************** * RECOMMENDATION: * **************************************************************** A client sends in an HTTP request to CICS. The first line of this request is of the form; GET http://hostname:port?field1=value1 HTTP/1.1 The resource component is an absolute URI that contains a querystring but does not contain a path. When the request is received DFHWBSR parses the first line and works out offsets and lengths of the various components. When processing the absolute URI the hostname and port need to be skipped over as they only identify the target server and not the respurce on that server. The code that skips over the hostname and port is expecting to find a '/' character which would indicate the start of the path. The '/' is not present so scanning continues until the next space is located. This position is assumed to be the start of the resource. wrb_resource_offset and wrb_resource_length now get set incorrectly. The fields wrb_http_version_offset and wrb_http_version_length are also incorrect as the parsing code failed to correctly locate the HTTP version. When a later EXEC CICS WEB EXTRACT HTTPVERSION() QUERYSTRING() command is issued, DFHWBAP uses wrb_resource_offset to begin the search for the querystring. Due to wrb_resource_offset being wrong the start and end points of the search end up the same so the TRT to locate the '?' is never executed. As a result, registers 1 and 2 contain residual values. The query string is then copied to the callers buffer starting at the location addressed by register 1. This copying causes an ABEND0C4 when it attempts to read from inaccessible storage. Additional keywords: S0C4 ABENDS0C4 WB0001 CWXN MSGDFHWB0001
Problem conclusion
DFHWBSR has been changed to correctly parse the first line of an HTTP request that contains an absolute URI with a querystring and without a path.
Temporary fix
FIX AVAILABLE BY PTF ONLY
Comments
APAR Information
APAR number
PK85775
Reported component name
CICSTS V3 Z/OS
Reported component ID
5655M1500
Reported release
500
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2009-05-01
Closed date
2009-09-30
Last modified date
2009-11-04
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
PK94717 UK50636
Modules/Macros
DESWBAP DESWBDM DESWBRQ DESWBRQF DESWBSR DESWBXM DFHWBAP DFHWBAPF DFHWBDM DFHWBRQS DFHWBSR DFHWBXM
Fix information
Fixed component name
CICSTS V3 Z/OS
Fixed component ID
5655M1500
Applicable component levels
R500 PSY UK50636
UP09/10/05 P F910
Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.
[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSGMGV","label":"CICS Transaction Server"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"3.2","Edition":"","Line of Business":{"code":"LOB35","label":"Mainframe SW"}},{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG19M","label":"APARs - z\/OS environment"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"3.2","Edition":"","Line of Business":{"code":"","label":""}}]
Document Information
Modified date:
04 November 2009