This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 432cd66874 Improve fix for addressing the CRCRLF edge case
432cd66874 is described below
commit 432cd668744976ad214a1c5d776d3e6eb03aab9e
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Tue Aug 2 18:58:37 2022 +0100
Improve fix for addressing the CRCRLF edge case
---
java/org/apache/coyote/http11/Http11InputBuffer.java | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/java/org/apache/coyote/http11/Http11InputBuffer.java
b/java/org/apache/coyote/http11/Http11InputBuffer.java
index 20bc3816bd..eef700d5f5 100644
--- a/java/org/apache/coyote/http11/Http11InputBuffer.java
+++ b/java/org/apache/coyote/http11/Http11InputBuffer.java
@@ -956,6 +956,10 @@ public class Http11InputBuffer implements InputBuffer,
ApplicationBufferHandler
if (!(chr == Constants.SP || chr == Constants.HT)) {
headerParsePos = HeaderParsePosition.HEADER_VALUE;
byteBuffer.position(byteBuffer.position() - 1);
+ // Avoids prevChr = chr at start of header value
+ // parsing which causes problems when chr is CR
+ // (in the case of an empty header value)
+ chr = 0;
break;
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
