(tomcat) branch 9.0.x updated: Better message if size limit is reached reading trailer header value

[markt]

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
     new 485f91e35d Better message if size limit is reached reading trailer 
header value
485f91e35d is described below

commit 485f91e35d6c45b8494b062146e6d798cea29ec9
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Thu Nov 9 08:46:00 2023 +0000

    Better message if size limit is reached reading trailer header value
---
 java/org/apache/coyote/http11/filters/ChunkedInputFilter.java | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java 
b/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
index fb6df01220..13dcb7d53f 100644
--- a/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
+++ b/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
@@ -566,6 +566,8 @@ public class ChunkedInputFilter implements InputFilter, 
ApplicationBufferHandler
                     eol = true;
                 } else if (HttpParser.isControl(chr) && chr != Constants.HT) {
                     throw new 
IOException(sm.getString("chunkedInputFilter.invalidTrailerHeaderValue"));
+                } else if (trailingHeaders.getEnd() >= 
trailingHeaders.getLimit()) {
+                    
throwBadRequestException(sm.getString("chunkedInputFilter.maxTrailer"));
                 } else if (chr == Constants.SP || chr == Constants.HT) {
                     trailingHeaders.append(chr);
                 } else {
@@ -591,6 +593,8 @@ public class ChunkedInputFilter implements InputFilter, 
ApplicationBufferHandler
             chr = readChunk.get(readChunk.position());
             if (chr != Constants.SP && chr != Constants.HT) {
                 validLine = false;
+            } else if (trailingHeaders.getEnd() >= trailingHeaders.getLimit()) 
{
+                
throwBadRequestException(sm.getString("chunkedInputFilter.maxTrailer"));
             } else {
                 eol = false;
                 // Copying one extra space in the buffer (since there must


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org