You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by ma...@apache.org on 2016/05/26 08:44:08 UTC

svn commit: r1745576 - in /tomcat/trunk: java/org/apache/coyote/http2/Http2Parser.java webapps/docs/changelog.xml

Author: markt
Date: Thu May 26 08:44:07 2016
New Revision: 1745576

URL: http://svn.apache.org/viewvc?rev=1745576&view=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=59564
Correct offset when reading into HTTP/2 input buffer that could cause problems reading request bodies. Patch by violetagg.

Modified:
    tomcat/trunk/java/org/apache/coyote/http2/Http2Parser.java
    tomcat/trunk/webapps/docs/changelog.xml

Modified: tomcat/trunk/java/org/apache/coyote/http2/Http2Parser.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http2/Http2Parser.java?rev=1745576&r1=1745575&r2=1745576&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/http2/Http2Parser.java (original)
+++ tomcat/trunk/java/org/apache/coyote/http2/Http2Parser.java Thu May 26 08:44:07 2016
@@ -561,7 +561,7 @@ class Http2Parser {
         }
 
         default boolean fill(boolean block, ByteBuffer data, int len) throws IOException {
-            boolean result = fill(block, data.array(), data.arrayOffset(), len);
+            boolean result = fill(block, data.array(), data.arrayOffset() + data.position(), len);
             if (result) {
                 data.position(data.position() + len);
             }

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1745576&r1=1745575&r2=1745576&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Thu May 26 08:44:07 2016
@@ -94,6 +94,10 @@
         attribute, <code>serverRemoveAppProvidedValues</code> may be used to
         remove any Server header set by a web application. (markt)
       </add>
+      <fix>
+        <bug>59564</bug>: Correct offset when reading into HTTP/2 input buffer
+        that could cause problems reading request bodies. (violetagg/markt)
+      </fix>
     </changelog>
   </subsection>
   <subsection name="Jasper">



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org