You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2019/07/22 14:03:20 UTC
[tomcat] branch 8.5.x updated: Correct parsing of host names that
contain bytes in the range 128 to 255
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new b447e51 Correct parsing of host names that contain bytes in the range 128 to 255
b447e51 is described below
commit b447e5104033a37b7cbae684180be5d548d5df40
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Mon Jul 22 15:02:00 2019 +0100
Correct parsing of host names that contain bytes in the range 128 to 255
---
java/org/apache/tomcat/util/http/parser/Host.java | 6 ++++--
webapps/docs/changelog.xml | 5 +++++
2 files changed, 9 insertions(+), 2 deletions(-)
diff --git a/java/org/apache/tomcat/util/http/parser/Host.java b/java/org/apache/tomcat/util/http/parser/Host.java
index f4f5848..1400de1 100644
--- a/java/org/apache/tomcat/util/http/parser/Host.java
+++ b/java/org/apache/tomcat/util/http/parser/Host.java
@@ -96,7 +96,8 @@ public class Host {
@Override
public int read(char[] cbuf, int off, int len) throws IOException {
for (int i = off; i < off + len; i++) {
- cbuf[i] = (char) bytes[pos++];
+ // Want output in range 0 to 255, not -128 to 127
+ cbuf[i] = (char) (bytes[pos++] & 0xFF);
}
return len;
}
@@ -111,7 +112,8 @@ public class Host {
@Override
public int read() throws IOException {
if (pos < end) {
- return bytes[pos++];
+ // Want output in range 0 to 255, not -128 to 127
+ return bytes[pos++] & 0xFF;
} else {
return -1;
}
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 476c45b..456e553 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -76,6 +76,11 @@
types that do not support it, which can occur when using the NIO
inherited channel capability. Submitted by František Kučera. (remm)
</fix>
+ <fix>
+ Correct parsing of invalid host names that contain bytes in the range
+ 128 to 255 and reject them with a 400 response rather than triggering an
+ internal error that results in a 500 response. (markt)
+ </fix>
</changelog>
</subsection>
<subsection name="Other">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org