[tomcat] 01/02: Reject invalid HTTP protocols with 400 rather than 505

Wed, 28 Apr 2021 09:29:32 -0700 

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit e5468e2a44448d3a90b3fb831bd83b156b32736f
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Wed Apr 28 17:21:13 2021 +0100

    Reject invalid HTTP protocols with 400 rather than 505
---
 java/org/apache/coyote/http11/Http11InputBuffer.java         | 2 +-
 test/org/apache/coyote/http11/TestHttp11InputBufferCRLF.java | 7 +++++++
 webapps/docs/changelog.xml                                   | 9 +++++++++
 3 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/java/org/apache/coyote/http11/Http11InputBuffer.java 
b/java/org/apache/coyote/http11/Http11InputBuffer.java
index e3ace89..e6255dd 100644
--- a/java/org/apache/coyote/http11/Http11InputBuffer.java
+++ b/java/org/apache/coyote/http11/Http11InputBuffer.java
@@ -554,7 +554,7 @@ public class Http11InputBuffer implements InputBuffer, 
ApplicationBufferHandler
                 } else if (prevChr == Constants.CR && chr == Constants.LF) {
                     end = pos - 1;
                     parsingRequestLineEol = true;
-                } else if (!HttpParser.isHttpProtocol(chr)) {
+                } else if (prevChr == Constants.CR || 
!HttpParser.isHttpProtocol(chr)) {
                     String invalidProtocol = 
parseInvalid(parsingRequestLineStart, byteBuffer);
                     throw new 
IllegalArgumentException(sm.getString("iib.invalidHttpProtocol", 
invalidProtocol));
                 }
diff --git a/test/org/apache/coyote/http11/TestHttp11InputBufferCRLF.java 
b/test/org/apache/coyote/http11/TestHttp11InputBufferCRLF.java
index 829912b..a953031 100644
--- a/test/org/apache/coyote/http11/TestHttp11InputBufferCRLF.java
+++ b/test/org/apache/coyote/http11/TestHttp11InputBufferCRLF.java
@@ -74,6 +74,13 @@ public class TestHttp11InputBufferCRLF extends 
TomcatBaseTest {
                 CRLF,
                 Boolean.FALSE, parameterSets);
 
+        // Standard HTTP/1.1 request with invalid HTTP protocol
+        addRequestWithSplits("GET /test HTTP/" + CR + "1.1" + CRLF +
+                "Host: localhost:8080" + CRLF +
+                "Connection: close" + CRLF +
+                CRLF,
+                Boolean.FALSE, Boolean.FALSE, parameterSets);
+
         // Invalid HTTP/1.1 request
         addRequestWithSplits("GET /te<st HTTP/1.1" + CRLF +
                 "Host: localhost:8080" + CRLF +
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index ad8924b..bc51e67 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -131,6 +131,15 @@
       </fix>
     </changelog>
   </subsection>
+  <subsection name="Coyote">
+    <changelog>
+      <fix>
+        Ensure that all HTTP requests that contain an invalid character in the
+        protocol component of the request line are rejected with a 400 response
+        rather than some requests being rejected with a 505 response. (markt)
+      </fix>
+    </changelog>
+  </subsection>
   <subsection name="Jasper">
     <changelog>
       <scode>

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to