You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2016/05/26 08:44:08 UTC
svn commit: r1745576 - in /tomcat/trunk:
java/org/apache/coyote/http2/Http2Parser.java webapps/docs/changelog.xml
Author: markt
Date: Thu May 26 08:44:07 2016
New Revision: 1745576
URL: http://svn.apache.org/viewvc?rev=1745576&view=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=59564
Correct offset when reading into HTTP/2 input buffer that could cause problems reading request bodies. Patch by violetagg.
Modified:
tomcat/trunk/java/org/apache/coyote/http2/Http2Parser.java
tomcat/trunk/webapps/docs/changelog.xml
Modified: tomcat/trunk/java/org/apache/coyote/http2/Http2Parser.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http2/Http2Parser.java?rev=1745576&r1=1745575&r2=1745576&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/http2/Http2Parser.java (original)
+++ tomcat/trunk/java/org/apache/coyote/http2/Http2Parser.java Thu May 26 08:44:07 2016
@@ -561,7 +561,7 @@ class Http2Parser {
}
default boolean fill(boolean block, ByteBuffer data, int len) throws IOException {
- boolean result = fill(block, data.array(), data.arrayOffset(), len);
+ boolean result = fill(block, data.array(), data.arrayOffset() + data.position(), len);
if (result) {
data.position(data.position() + len);
}
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1745576&r1=1745575&r2=1745576&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Thu May 26 08:44:07 2016
@@ -94,6 +94,10 @@
attribute, <code>serverRemoveAppProvidedValues</code> may be used to
remove any Server header set by a web application. (markt)
</add>
+ <fix>
+ <bug>59564</bug>: Correct offset when reading into HTTP/2 input buffer
+ that could cause problems reading request bodies. (violetagg/markt)
+ </fix>
</changelog>
</subsection>
<subsection name="Jasper">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org