You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2019/07/22 14:02:34 UTC
[tomcat] branch master updated: Correct parsing of host names that
contain bytes in the range 128 to 255
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/master by this push:
new ed26bdb Correct parsing of host names that contain bytes in the range 128 to 255
ed26bdb is described below
commit ed26bdbaf639a17c02a1e864d2c0553ed3f95971
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Mon Jul 22 15:02:00 2019 +0100
Correct parsing of host names that contain bytes in the range 128 to 255
---
java/org/apache/tomcat/util/http/parser/Host.java | 6 ++++--
webapps/docs/changelog.xml | 5 +++++
2 files changed, 9 insertions(+), 2 deletions(-)
diff --git a/java/org/apache/tomcat/util/http/parser/Host.java b/java/org/apache/tomcat/util/http/parser/Host.java
index c393fda..c3c3465 100644
--- a/java/org/apache/tomcat/util/http/parser/Host.java
+++ b/java/org/apache/tomcat/util/http/parser/Host.java
@@ -101,7 +101,8 @@ public class Host {
@Override
public int read(char[] cbuf, int off, int len) throws IOException {
for (int i = off; i < off + len; i++) {
- cbuf[i] = (char) bytes[pos++];
+ // Want output in range 0 to 255, not -128 to 127
+ cbuf[i] = (char) (bytes[pos++] & 0xFF);
}
return len;
}
@@ -116,7 +117,8 @@ public class Host {
@Override
public int read() throws IOException {
if (pos < end) {
- return bytes[pos++];
+ // Want output in range 0 to 255, not -128 to 127
+ return bytes[pos++] & 0xFF;
} else {
return -1;
}
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 4315b90..9cf2619 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -89,6 +89,11 @@
types that do not support it, which can occur when using the NIO
inherited channel capability. Submitted by František Kučera. (remm)
</fix>
+ <fix>
+ Correct parsing of invalid host names that contain bytes in the range
+ 128 to 255 and reject them with a 400 response rather than triggering an
+ internal error that results in a 500 response. (markt)
+ </fix>
</changelog>
</subsection>
<subsection name="Cluster">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org