This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/master by this push:
new ac7f2f3 Fix #419. Check parameter value size before conversion to
String
ac7f2f3 is described below
commit ac7f2f39ab7e6ed78e82b404d6a538d2bbfef219
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Fri May 21 12:07:37 2021 +0100
Fix #419. Check parameter value size before conversion to String
---
java/org/apache/catalina/connector/Request.java | 22 ++++++++++------------
webapps/docs/changelog.xml | 7 +++++++
2 files changed, 17 insertions(+), 12 deletions(-)
diff --git a/java/org/apache/catalina/connector/Request.java
b/java/org/apache/catalina/connector/Request.java
index 12e5611..a9c247f 100644
--- a/java/org/apache/catalina/connector/Request.java
+++ b/java/org/apache/catalina/connector/Request.java
@@ -2896,22 +2896,14 @@ public class Request implements HttpServletRequest {
parts.add(part);
if (part.getSubmittedFileName() == null) {
String name = part.getName();
- String value = null;
- try {
- value = part.getString(charset.name());
- } catch (UnsupportedEncodingException uee) {
- // Not possible
- }
if (maxPostSize >= 0) {
// Have to calculate equivalent size. Not
completely
// accurate but close enough.
postSize += name.getBytes(charset).length;
- if (value != null) {
- // Equals sign
- postSize++;
- // Value length
- postSize += part.getSize();
- }
+ // Equals sign
+ postSize++;
+ // Value length
+ postSize += part.getSize();
// Value separator
postSize++;
if (postSize > maxPostSize) {
@@ -2920,6 +2912,12 @@ public class Request implements HttpServletRequest {
"coyoteRequest.maxPostSizeExceeded"));
}
}
+ String value = null;
+ try {
+ value = part.getString(charset.name());
+ } catch (UnsupportedEncodingException uee) {
+ // Not possible
+ }
parameters.addParameter(name, value);
}
}
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 68065de..ea8d6df 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -128,6 +128,13 @@
encoding of the file. Based on a pull request by Jean-Louis Monteiro.
(markt)
</add>
+ <fix>
+ <pr>419</pr>: When processing POST requests of type
+ <code>multipart/form-data</code> for parts without a filename that are
+ added to the parameter map in String form, check the size of the part
+ before attempting conversion to String. Pull request provided by
+ tianshuang. (markt)
+ </fix>
</changelog>
</subsection>
<subsection name="Coyote">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
