This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 1.x
in repository https://gitbox.apache.org/repos/asf/commons-fileupload.git
The following commit(s) were added to refs/heads/1.x by this push:
new c7ca2efe Additional tests to expand code coverage
c7ca2efe is described below
commit c7ca2efeb31b3dbac97e955000f312edde954f36
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Thu May 29 07:54:43 2025 +0100
Additional tests to expand code coverage
---
.../commons/fileupload/MultipartStreamTest.java | 63 ++++++++++++++++++++++
1 file changed, 63 insertions(+)
diff --git
a/src/test/java/org/apache/commons/fileupload/MultipartStreamTest.java
b/src/test/java/org/apache/commons/fileupload/MultipartStreamTest.java
index 6c0b71b0..ebdc334d 100644
--- a/src/test/java/org/apache/commons/fileupload/MultipartStreamTest.java
+++ b/src/test/java/org/apache/commons/fileupload/MultipartStreamTest.java
@@ -18,12 +18,17 @@
package org.apache.commons.fileupload;
import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.fail;
import java.io.ByteArrayInputStream;
+import java.io.IOException;
import java.io.InputStream;
import org.junit.Test;
+import org.apache.commons.fileupload.disk.DiskFileItemFactory;
+import org.apache.commons.fileupload.servlet.ServletFileUpload;
+
/**
* Tests {@link org.apache.commons.fileupload.MultipartStream}.
*/
@@ -62,4 +67,62 @@ public class MultipartStreamTest {
final MultipartStream ms = new MultipartStream(input, boundary, new
MultipartStream.ProgressNotifier(null, contents.length));
assertNotNull(ms);
}
+
+ @Test
+ public void testMalformedUploadTruncatedHeaders()
+ throws IOException, FileUploadException {
+ final String request =
+ "-----1234\r\n" +
+ "Content-Disposition: form-data; name=\"file1\";
filename=\"foo1.tab\"\r\n" +
+ "Content-Type: text/whatever\r\n" +
+ "Content-Length: 10\r\n" +
+ "\r\n" +
+ "This is the content of the file\n" +
+ "\r\n" +
+ "-----1234\r\n" +
+ "Content-Disposition: form-data; name=\"file2\";
filename=\"foo2.tab\"\r\n" +
+ "Content-Type: text/whatever\r\n" +
+ "\r\n" +
+ "This is the content of the file\n";
+
+ final ServletFileUpload upload = new ServletFileUpload(new
DiskFileItemFactory());
+ upload.setFileSizeMax(-1);
+ upload.setSizeMax(-1);
+
+ final MockHttpServletRequest req = new MockHttpServletRequest(
+ request.getBytes("US-ASCII"), Constants.CONTENT_TYPE);
+ try {
+ upload.parseRequest(req);
+ fail("Expected exception.");
+ } catch (final FileUploadBase.IOFileUploadException e) {
+ // Expected
+ }
+ }
+
+ @Test
+ public void testMalformedUploadTruncatedHeadersOnBoundary() throws
IOException {
+ final StringBuilder request = new StringBuilder(
+ "-----1234\r\n" +
+ "Content-Disposition: form-data; name=\"file1\";
filename=\"foo1.tab\"\r\n" +
+ "Content-Type: text/whatever\r\n" +
+ "Content-Length: 10\r\n" +
+ "X-Padding: ");
+ int paddingLength = MultipartStream.DEFAULT_BUFSIZE - request.length();
+ for (int i = 0; i < paddingLength; i++) {
+ request.append('x');
+ }
+
+ final ServletFileUpload upload = new ServletFileUpload(new
DiskFileItemFactory());
+ upload.setFileSizeMax(-1);
+ upload.setSizeMax(-1);
+
+ final MockHttpServletRequest req = new MockHttpServletRequest(
+ request.toString().getBytes("US-ASCII"),
Constants.CONTENT_TYPE);
+ try {
+ upload.parseRequest(req);
+ fail("Expected exception.");
+ } catch (final FileUploadException e) {
+ // Expected
+ }
+ }
}
