This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit d8bf141be926cd79d9dc31b08444ba3739c2a58a
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Tue Aug 2 18:58:37 2022 +0100
Improve fix for addressing the CRCRLF edge case
---
java/org/apache/coyote/http11/Http11InputBuffer.java | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/java/org/apache/coyote/http11/Http11InputBuffer.java
b/java/org/apache/coyote/http11/Http11InputBuffer.java
index 21491d438a..06ff079c34 100644
--- a/java/org/apache/coyote/http11/Http11InputBuffer.java
+++ b/java/org/apache/coyote/http11/Http11InputBuffer.java
@@ -956,6 +956,10 @@ public class Http11InputBuffer implements InputBuffer,
ApplicationBufferHandler
if (!(chr == Constants.SP || chr == Constants.HT)) {
headerParsePos = HeaderParsePosition.HEADER_VALUE;
byteBuffer.position(byteBuffer.position() - 1);
+ // Avoids prevChr = chr at start of header value
+ // parsing which causes problems when chr is CR
+ // (in the case of an empty header value)
+ chr = 0;
break;
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
