You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by li...@apache.org on 2022/09/07 07:44:01 UTC
[tomcat] branch 9.0.x updated: Avoid potential IndexOutOfBoundsException when matching HTTP/2 preface. Submitted #551 by 刘文章.
This is an automated email from the ASF dual-hosted git repository.
lihan pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 979ac3b5f3 Avoid potential IndexOutOfBoundsException when matching HTTP/2 preface. Submitted #551 by 刘文章.
979ac3b5f3 is described below
commit 979ac3b5f3587980d738b890b11e8c1458c0943c
Author: lihan <li...@apache.org>
AuthorDate: Wed Sep 7 14:40:51 2022 +0800
Avoid potential IndexOutOfBoundsException when matching HTTP/2 preface. Submitted #551 by 刘文章.
---
java/org/apache/coyote/http11/Http11InputBuffer.java | 2 +-
webapps/docs/changelog.xml | 5 +++++
2 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/java/org/apache/coyote/http11/Http11InputBuffer.java b/java/org/apache/coyote/http11/Http11InputBuffer.java
index cd15853a3f..9192f964f6 100644
--- a/java/org/apache/coyote/http11/Http11InputBuffer.java
+++ b/java/org/apache/coyote/http11/Http11InputBuffer.java
@@ -366,7 +366,7 @@ public class Http11InputBuffer implements InputBuffer, ApplicationBufferHandler
// Switch to the socket timeout.
wrapper.setReadTimeout(connectionTimeout);
}
- if (!keptAlive && byteBuffer.position() == 0 && byteBuffer.limit() >= CLIENT_PREFACE_START.length - 1) {
+ if (!keptAlive && byteBuffer.position() == 0 && byteBuffer.limit() >= CLIENT_PREFACE_START.length) {
boolean prefaceMatch = true;
for (int i = 0; i < CLIENT_PREFACE_START.length && prefaceMatch; i++) {
if (CLIENT_PREFACE_START[i] != byteBuffer.get(i)) {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index f9abcee2bc..ec3a553daa 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -213,6 +213,11 @@
the maximum value to 255. Based on a PR <pr>548</pr> by Stefan Mayr.
(lihan)
</fix>
+ <fix>
+ <pr>551</pr>: Avoid potential IndexOutOfBoundsException by fixing
+ incorrect check when matching HTTP/2 preface. Submitted by 刘文章.
+ (lihan)
+ </fix>
</changelog>
</subsection>
<subsection name="Jasper">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org