You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by kk...@apache.org on 2015/02/05 04:15:24 UTC

svn commit: r1657460 - in /tomcat/tc8.0.x/trunk: java/org/apache/coyote/http11/AbstractOutputBuffer.java webapps/docs/changelog.xml

Author: kkolinko
Date: Thu Feb  5 03:15:23 2015
New Revision: 1657460

URL: http://svn.apache.org/r1657460
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=57509
Improve length check in OutputBuffer.write() to account for 4 extra bytes that are needed to terminates the headers.

Backport of r1657459 from trunk. (Code is the same, class names differ)

Modified:
    tomcat/tc8.0.x/trunk/java/org/apache/coyote/http11/AbstractOutputBuffer.java
    tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml

Modified: tomcat/tc8.0.x/trunk/java/org/apache/coyote/http11/AbstractOutputBuffer.java
URL: http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/java/org/apache/coyote/http11/AbstractOutputBuffer.java?rev=1657460&r1=1657459&r2=1657460&view=diff
==============================================================================
--- tomcat/tc8.0.x/trunk/java/org/apache/coyote/http11/AbstractOutputBuffer.java (original)
+++ tomcat/tc8.0.x/trunk/java/org/apache/coyote/http11/AbstractOutputBuffer.java Thu Feb  5 03:15:23 2015
@@ -594,7 +594,9 @@ public abstract class AbstractOutputBuff
      * requested number of bytes.
      */
     private void checkLengthBeforeWrite(int length) {
-        if (pos + length > headerBuffer.length) {
+        // "+ 4": BZ 57509. Reserve space for CR/LF/COLON/SP characters that
+        // are put directly into the buffer following this write operation.
+        if (pos + length + 4 > headerBuffer.length) {
             throw new HeadersTooLargeException(
                     sm.getString("iob.responseheadertoolarge.error"));
         }

Modified: tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml?rev=1657460&r1=1657459&r2=1657460&view=diff
==============================================================================
--- tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml Thu Feb  5 03:15:23 2015
@@ -72,6 +72,10 @@
         side effects of these mutltiple registrations would be exceptions
         appearing in the logs. (markt)
       </fix>
+      <fix>
+        <bug>57509</bug>: Improve length check when writing HTTP/1.1
+        response headers: reserve space for 4 extra bytes. (kkolinko)
+      </fix>
     </changelog>
   </subsection>
   <subsection name="Jasper">



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org