DO NOT REPLY [Bug 17178] New: - if user-agent sends cookies that add up more than 4K SocketInputStream throws an exception

[bu...@apache.org]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=17178>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=17178

if user-agent sends cookies that add up more than 4K SocketInputStream throws an exception

           Summary: if user-agent sends cookies that add up more than 4K
                    SocketInputStream throws an exception
           Product: Tomcat 4
           Version: 4.1.20
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: Normal
          Priority: Other
         Component: Catalina
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: alejandro.abdelnur@sun.com


The SocketInputStream class reads HTTP headers up to a maximum of 4096 bytes
(HttpHeader.MAX_VALUE_SIZE), after that it fails logging the exception in
catalina's log.
I assume they hardcoded this limit assuming the maximum length of a single
Cookie (4K). However, browsers append cookies into a single Cookies header
separating the cookies with ';'. If you have 2 cookies going with the same
request and adding up more than 4K, then the request fails. 

Offending code [SocketInputStream, line 461]:
  if ((2 * maxRead) <= HttpHeader.MAX_VALUE_SIZE) {

As browsers are recommended to support at least 20 cookies to a single web site
of 4K each, the value of the HttpHeader.MAX_VALUE_SIZE should be 20 bigger.

[This applies to all 4.x versions]

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org