You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by bu...@apache.org on 2020/04/27 16:14:06 UTC

[Bug 64384] New: is ignored when there is no element specified

https://bz.apache.org/bugzilla/show_bug.cgi?id=64384

            Bug ID: 64384
           Summary: <multipart-config> is ignored when there is no
                    <file-threshold-size> element specified
           Product: Tomcat 8
           Version: 8.5.51
          Hardware: PC
                OS: Mac OS X 10.1
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Catalina
          Assignee: dev@tomcat.apache.org
          Reporter: chris@christopherschultz.net
  Target Milestone: ----

When a <multipart-config> element is present without any <file-size-threshold>
child element, the whole <multipart-config> appears to be ignored. Specifying
<file-size-threshold>0</file-size-threshold> (which is the default) results in
expected behavior.

With sample configuration:
    <multipart-config>
      <max-file-size>1048576</max-file-size><!-- 1MiB -->
      <max-request-size>1049600</max-request-size><!-- 1 MiB + 1 kiB -->
      <file-size-threshold>1024</file-size-threshold><!-- 1KiB -->
    </multipart-config>

File sizes larger than 1MiB are rejected as expected. Removing the
<file-size-threshold> element completely causes large files to be accepted as
if the configuration were not there.

Attaching a debugger, I can see that the multipartConfigElement is essentially
all defaults:

multipartConfigElement  MultipartConfigElement  (id=545)
        fileSizeThreshold       0
        location        "" (id=550)
        maxFileSize     -1
        maxRequestSize  -1

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org

[Bug 64384] is ignored if any of max-file-size/max-request-size/file-threshold-size elements are missing

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=64384

--- Comment #8 from Christopher Schultz <ch...@christopherschultz.net> ---
Rémy has back-ported to 9.0.x and 8.5.x.

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org

[Bug 64384] is ignored when there is no element specified

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=64384

--- Comment #3 from Christopher Schultz <ch...@christopherschultz.net> ---
I think I've found the problem, at ContextConfig:1355:

1355        MultipartDef multipartdef = servlet.getMultipartDef();
1356        if (multipartdef != null) {
1357             if (multipartdef.getMaxFileSize() != null &&
1358                    multipartdef.getMaxRequestSize()!= null &&
1359                    multipartdef.getFileSizeThreshold() != null) {
1360                wrapper.setMultipartConfigElement(new
MultipartConfigElement(
                            multipartdef.getLocation(),
                            Long.parseLong(multipartdef.getMaxFileSize()),
                            Long.parseLong(multipartdef.getMaxRequestSize()),
                            Integer.parseInt(
                                    multipartdef.getFileSizeThreshold())));
                } else {
                    wrapper.setMultipartConfigElement(new
MultipartConfigElement(
                            multipartdef.getLocation()));
                }
            }

When execution reaches 1355, the MultipartDef object contains the expected
values:

maxFileSize=1048576
maxRequestSize=1049600
fileSizeThreshold=null

The predicate on lines 1357 - 1359 cause this configuration to not be applied
if any of the items are missing.

The servlet spec allows any of these items to be missing, so I believe this is
a bug and spec violation together in one.

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org

[Bug 64384] is ignored when there is no element specified

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=64384

--- Comment #4 from Christopher Schultz <ch...@christopherschultz.net> ---
Created attachment 37199
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=37199&action=edit
Proposed patch

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org

[Bug 64384] is ignored when there is no element specified

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=64384

--- Comment #1 from Christopher Schultz <ch...@christopherschultz.net> ---
Created attachment 37198
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=37198&action=edit
Sample WAR file which reproduces the issue

This WAR file (including source) will work as expected:

1. Deploy the WAR file
2. Navigate to /test which will load index.html
3. Choose an arbitrary file and upload
4a. A small enough file will yield a debug output
4b. A large enough file (> 1MiB) will cause an error

If you edit WEB-INF/web.xml to remove the <file-size-threshold>, you will be
able to upload any size file without error.

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org

[Bug 64384] is ignored if any of max-file-size/max-request-size/file-threshold-size elements are missing

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=64384

Christopher Schultz <ch...@christopherschultz.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Resolution|---                         |FIXED
             Status|NEW                         |RESOLVED

--- Comment #7 from Christopher Schultz <ch...@christopherschultz.net> ---
Fixed in trunk (tc10) in commit 8dddc11512fbd3b91ed9d737a42e4b8415458ddf

Working on my git-fu to back-port to other supported branches.

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org

[Bug 64384] is ignored if any of max-file-size/max-request-size/file-threshold-size elements are missing

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=64384

Christopher Schultz <ch...@christopherschultz.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|<multipart-config> is       |<multipart-config> is
                   |ignored when there is no    |ignored if any of
                   |<file-threshold-size>       |max-file-size/max-request-s
                   |element specified           |ize/file-threshold-size
                   |                            |elements are missing

--- Comment #5 from Christopher Schultz <ch...@christopherschultz.net> ---
Updating description to reflect the fact that any missing element can cause
this.

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org

[Bug 64384] is ignored when there is no element specified

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=64384

--- Comment #2 from Remy Maucherat <re...@apache.org> ---
Ok, ok, the check here looks inaccurate:
https://github.com/apache/tomcat/blob/master/java/org/apache/catalina/startup/ContextConfig.java#L1365

Unless all are set, only the location would be used.

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org

[Bug 64384] is ignored if any of max-file-size/max-request-size/file-threshold-size elements are missing

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=64384

--- Comment #6 from Christopher Schultz <ch...@christopherschultz.net> ---
Initial testing indicates this patch is correct.

I'll commit once I build a proper test-case.

My guess is that this will not affect uses of @MultipartConfig annotation, as
this bug occurs when copying the web.xml config to the live servlet (wrapper)
object.

Temporary workaround for anyone observing lack of <multipart-config>: Make sure
to specify all of max-file-size, max-request-size, file-size-threshold

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org