[tomcat] 03/03: Ensure chunked, if present, is the last encoding in the list

markt Tue, 08 Jun 2021 03:44:15 -0700

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


commit be8f733b8c51156c5d9c1a1e5530df9e0730f0a7
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Mon May 10 22:14:18 2021 +0100

    Ensure chunked, if present, is the last encoding in the list
---
 java/org/apache/coyote/http11/Http11Processor.java | 13 +++++++++-
 .../apache/coyote/http11/TestHttp11Processor.java  | 28 +++++++++++++++-------
 webapps/docs/changelog.xml                         |  5 ++++
 3 files changed, 36 insertions(+), 10 deletions(-)

diff --git a/java/org/apache/coyote/http11/Http11Processor.java 
b/java/org/apache/coyote/http11/Http11Processor.java
index 2aad58a..1886f22 100644
--- a/java/org/apache/coyote/http11/Http11Processor.java
+++ b/java/org/apache/coyote/http11/Http11Processor.java
@@ -209,9 +209,20 @@ public class Http11Processor extends AbstractProcessor {
      * supported, a 501 response will be returned to the client.
      */
     private void addInputFilter(InputFilter[] inputFilters, String 
encodingName) {
+        if (contentDelimitation) {
+            // Chunked has already been specified and it must be the final
+            // encoding.
+            // 400 - Bad request
+            response.setStatus(400);
+            setErrorState(ErrorState.CLOSE_CLEAN, null);
+            if (log.isDebugEnabled()) {
+                log.debug(sm.getString("http11processor.request.prepare") +
+                          " Tranfer encoding lists chunked before [" + 
encodingName + "]");
+            }
+            return;
+        }
 
         // Parsing trims and converts to lower case.
-
         if (encodingName.equals("chunked")) {
             
inputBuffer.addActiveFilter(inputFilters[Constants.CHUNKED_FILTER]);
             contentDelimitation = true;
diff --git a/test/org/apache/coyote/http11/TestHttp11Processor.java 
b/test/org/apache/coyote/http11/TestHttp11Processor.java
index 1c7d3cc..cad207b 100644
--- a/test/org/apache/coyote/http11/TestHttp11Processor.java
+++ b/test/org/apache/coyote/http11/TestHttp11Processor.java
@@ -1838,47 +1838,53 @@ public class TestHttp11Processor extends TomcatBaseTest 
{
 
     @Test
     public void testTEHeaderUnknown01() throws Exception {
-        doTestTEHeaderUnknown("identity");
+        doTestTEHeaderInvalid("identity", false);
     }
 
 
     @Test
     public void testTEHeaderUnknown02() throws Exception {
-        doTestTEHeaderUnknown("identity, chunked");
+        doTestTEHeaderInvalid("identity, chunked", false);
     }
 
 
     @Test
     public void testTEHeaderUnknown03() throws Exception {
-        doTestTEHeaderUnknown("unknown, chunked");
+        doTestTEHeaderInvalid("unknown, chunked", false);
     }
 
 
     @Test
     public void testTEHeaderUnknown04() throws Exception {
-        doTestTEHeaderUnknown("void");
+        doTestTEHeaderInvalid("void", false);
     }
 
 
     @Test
     public void testTEHeaderUnknown05() throws Exception {
-        doTestTEHeaderUnknown("void, chunked");
+        doTestTEHeaderInvalid("void, chunked", false);
     }
 
 
     @Test
     public void testTEHeaderUnknown06() throws Exception {
-        doTestTEHeaderUnknown("void, identity");
+        doTestTEHeaderInvalid("void, identity", false);
     }
 
 
     @Test
     public void testTEHeaderUnknown07() throws Exception {
-        doTestTEHeaderUnknown("identity, void");
+        doTestTEHeaderInvalid("identity, void", false);
     }
 
 
-    private void doTestTEHeaderUnknown(String headerValue) throws Exception {
+    @Test
+    public void testTEHeaderChunkedNotLast01() throws Exception {
+        doTestTEHeaderInvalid("chunked, void", true);
+    }
+
+
+    private void doTestTEHeaderInvalid(String headerValue, boolean badRequest) 
throws Exception {
         Tomcat tomcat = getTomcatInstance();
 
         // No file system docBase required
@@ -1902,7 +1908,11 @@ public class TestHttp11Processor extends TomcatBaseTest {
         client.connect();
         client.processRequest(false);
 
-        Assert.assertTrue(client.isResponse501());
+        if (badRequest) {
+            Assert.assertTrue(client.isResponse400());
+        } else {
+            Assert.assertTrue(client.isResponse501());
+        }
     }
 
 
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index c852c95..5e670b2 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -223,6 +223,11 @@
         Process transfer encoding headers from both HTTP 1.0 and HTTP 1.1
         clients. (markt)
       </fix>
+      <fix>
+        Ensure that if the transfer encoding header contains the
+        <code>chunked</code>, that the <code>chunked</code> encoding is the
+        final encoding listed. (markt)
+      </fix>
     </changelog>
   </subsection>
   <subsection name="Jasper">

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 03/03: Ensure chunked, if present, is the last encoding in the list

Reply via email to