You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Saravanan Bellan <Sa...@veritas.com> on 2003/04/16 04:09:09 UTC
[PATCH] - JTC - Http11Processor.java
This is a fix when the content-length is invalid or greater than
Integer.MAX_VALUE.
What was happening was when such a condition happens the Http11Processor
exits abruptly
leaving a dirty Request object(which has the invalid content length) and
when the
Request object is used for any futher request , the same exception is
returned.
To reproduce send a request with content-length < 0 or > Integer.MAX_VALUE.
Also, is there any proposal for the Changing the content length in the
Servlet specification from Integer to Long?
Thanks,
The following patch is also attached with the mail.
Index: Http11Processor.java
===================================================================
RCS file:
/home/cvspublic/jakarta-tomcat-connectors/http11/src/java/org/apache/coyote/
http11/Http11Processor.java,v
retrieving revision 1.63
diff -u -r1.63 Http11Processor.java
--- Http11Processor.java 23 Mar 2003 18:58:29 -0000 1.63
+++ Http11Processor.java 16 Apr 2003 01:52:57 -0000
@@ -959,11 +959,19 @@
InputFilter[] inputFilters = inputBuffer.getFilters();
// Parse content-length header
- int contentLength = request.getContentLength();
- if (contentLength >= 0) {
- inputBuffer.addActiveFilter
- (inputFilters[Constants.IDENTITY_FILTER]);
- contentDelimitation = true;
+ int contentLength = 0;
+
+ try {
+ contentLength = request.getContentLength();
+ if (contentLength >= 0) {
+ inputBuffer.addActiveFilter
+ (inputFilters[Constants.IDENTITY_FILTER]);
+ contentDelimitation = true;
+ }
+ } catch (Throwable t) {
+ // 400 - Invalid Request
+ error = true;
+ response.setStatus(400);
}
// Parse transfer-encoding header
Re: [PATCH] - JTC - Http11Processor.java
Posted by John Turner <to...@johnturner.com>.
Tomcat-dev would be the place for this.
John
On Tue, 15 Apr 2003 19:09:09 -0700, Saravanan Bellan
<Sa...@veritas.com> wrote:
> This is a fix when the content-length is invalid or greater than
> Integer.MAX_VALUE.
> What was happening was when such a condition happens the Http11Processor
> exits abruptly
> leaving a dirty Request object(which has the invalid content length) and
> when the
> Request object is used for any futher request , the same exception is
> returned.
> To reproduce send a request with content-length < 0 or >
> Integer.MAX_VALUE.
>
> Also, is there any proposal for the Changing the content length in the
> Servlet specification from Integer to Long?
>
> Thanks,
>
> The following patch is also attached with the mail.
>
>
> Index: Http11Processor.java
> ===================================================================
> RCS file:
> /home/cvspublic/jakarta-tomcat-
> connectors/http11/src/java/org/apache/coyote/
> http11/Http11Processor.java,v
> retrieving revision 1.63
> diff -u -r1.63 Http11Processor.java
> --- Http11Processor.java 23 Mar 2003 18:58:29 -0000 1.63
> +++ Http11Processor.java 16 Apr 2003 01:52:57 -0000
> @@ -959,11 +959,19 @@
> InputFilter[] inputFilters = inputBuffer.getFilters();
> // Parse content-length header
> - int contentLength = request.getContentLength();
> - if (contentLength >= 0) {
> - inputBuffer.addActiveFilter
> - (inputFilters[Constants.IDENTITY_FILTER]);
> - contentDelimitation = true;
> + int contentLength = 0;
> +
> + try {
> + contentLength = request.getContentLength();
> + if (contentLength >= 0) {
> + inputBuffer.addActiveFilter
> + (inputFilters[Constants.IDENTITY_FILTER]);
> + contentDelimitation = true;
> + }
> + } catch (Throwable t) {
> + // 400 - Invalid Request
> + error = true;
> + response.setStatus(400);
> }
> // Parse transfer-encoding header
>
>
>
--
Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org