(tomcat) branch 10.1.x updated: Better message if size limit is reached reading trailer header value

Thu, 09 Nov 2023 00:57:58 -0800 

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.1.x by this push:
     new 495a41d931 Better message if size limit is reached reading trailer 
header value
495a41d931 is described below

commit 495a41d931433fb58c8248e17600df63c00f9294
Author: Mark Thomas <[email protected]>
AuthorDate: Thu Nov 9 08:46:00 2023 +0000

    Better message if size limit is reached reading trailer header value
---
 java/org/apache/coyote/http11/filters/ChunkedInputFilter.java | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java 
b/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
index fb6df01220..13dcb7d53f 100644
--- a/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
+++ b/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
@@ -566,6 +566,8 @@ public class ChunkedInputFilter implements InputFilter, 
ApplicationBufferHandler
                     eol = true;
                 } else if (HttpParser.isControl(chr) && chr != Constants.HT) {
                     throw new 
IOException(sm.getString("chunkedInputFilter.invalidTrailerHeaderValue"));
+                } else if (trailingHeaders.getEnd() >= 
trailingHeaders.getLimit()) {
+                    
throwBadRequestException(sm.getString("chunkedInputFilter.maxTrailer"));
                 } else if (chr == Constants.SP || chr == Constants.HT) {
                     trailingHeaders.append(chr);
                 } else {
@@ -591,6 +593,8 @@ public class ChunkedInputFilter implements InputFilter, 
ApplicationBufferHandler
             chr = readChunk.get(readChunk.position());
             if (chr != Constants.SP && chr != Constants.HT) {
                 validLine = false;
+            } else if (trailingHeaders.getEnd() >= trailingHeaders.getLimit()) 
{
+                
throwBadRequestException(sm.getString("chunkedInputFilter.maxTrailer"));
             } else {
                 eol = false;
                 // Copying one extra space in the buffer (since there must


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to