You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by Ron Cemer <ro...@roncemer.com> on 2001/09/24 20:03:35 UTC
PATCH: Long URLs cause ArrayIndexOutOfBoundsException
I have discovered and fixed several bugs in jakarta-tomcat-3.2.3, all in
the HttpRequestAdapter.java source file. This same bug existed in
version 3.2.2 also. I'm not sure how far back it goes, or whether it
also exists in 4.0.
The bugs manifest themselves when the URI for the HTTP request(including
the request parameter list) exceeds 2048 characters. This prevents
Tomcat from being useful for sites which have forms with lots of fields,
for example, in which case the sumission of the form could cause a
"POST" or "GET" request with a lot of parameters tacked onto the URI.
This causes an ArrayIndexOutOfBoundsException due to some errors in
src/org/apache/tomcat/service/http/HttpRequestAdapter.java which keep it
from properly handling request lines longer than 2048 characters. I
have attached the output of "diff -u" for this file, and have tested it
with URIs over 12,000 characters in length. There are two methods
affected: readNextRequest() and readHeaders().
Please integrate these changes into the next release of jakarta-tomcat,
so that everyone can benefit from them.
Thanks for the great software!!!
Ron Cemer