This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 0c7bee5615 The default servlet now rejects HTTP overlapping range
requests
0c7bee5615 is described below
commit 0c7bee5615b187b3b7358e110d7b7ab5f542dfff
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Wed Nov 27 15:40:35 2024 +0000
The default servlet now rejects HTTP overlapping range requests
Based on #782 provided by Chenjp
---
java/org/apache/catalina/servlets/DefaultServlet.java | 19 +++++++++++++++++++
.../servlets/TestDefaultServletRangeRequests.java | 3 +++
webapps/docs/changelog.xml | 5 +++++
3 files changed, 27 insertions(+)
diff --git a/java/org/apache/catalina/servlets/DefaultServlet.java
b/java/org/apache/catalina/servlets/DefaultServlet.java
index 86286a3152..7d5b54bc00 100644
--- a/java/org/apache/catalina/servlets/DefaultServlet.java
+++ b/java/org/apache/catalina/servlets/DefaultServlet.java
@@ -1488,6 +1488,7 @@ public class DefaultServlet extends HttpServlet {
// Convert to internal representation
ArrayList<Range> result = new ArrayList<>();
+ List<long[]> rangeContext = new ArrayList<>();
for (Ranges.Entry entry : ranges.getEntries()) {
Range currentRange = new Range();
if (entry.getStart() == -1) {
@@ -1511,6 +1512,24 @@ public class DefaultServlet extends HttpServlet {
return null;
}
+ // See https://www.rfc-editor.org/rfc/rfc9110.html#status.416
+ // No good reason for ranges to overlap so always reject
+ for (long[] r : rangeContext) {
+ long s2 = r[0];
+ long e2 = r[1];
+ // Given valid [s1,e1] and [s2,e2]
+ // If { s1>e2 || s2>e1 } then no overlap
+ // equivalent to
+ // If not { s1>e2 || s2>e1 } then overlap
+ // De Morgan's law
+ if (currentRange.start <= e2 && s2 <= currentRange.end) {
+ // isOverlap
+ response.addHeader("Content-Range", "bytes */" +
fileLength);
+
response.sendError(HttpServletResponse.SC_REQUESTED_RANGE_NOT_SATISFIABLE);
+ return null;
+ }
+ }
+ rangeContext.add(new long[] { currentRange.start, currentRange.end
});
result.add(currentRange);
}
diff --git
a/test/org/apache/catalina/servlets/TestDefaultServletRangeRequests.java
b/test/org/apache/catalina/servlets/TestDefaultServletRangeRequests.java
index 1ebf851b01..ccd41fbc26 100644
--- a/test/org/apache/catalina/servlets/TestDefaultServletRangeRequests.java
+++ b/test/org/apache/catalina/servlets/TestDefaultServletRangeRequests.java
@@ -63,6 +63,9 @@ public class TestDefaultServletRangeRequests extends
TomcatBaseTest {
parameterSets.add(new Object[] { "bytes=b-10", null,
Integer.valueOf(416), "", "*/" + len });
// Invalid ranges (out of range)
parameterSets.add(new Object[] { "bytes=1000-2000", null,
Integer.valueOf(416), "", "*/" + len });
+ // Invalid overlapping ranges
+ parameterSets.add(new Object[] { "bytes=1-100, 30-50", null,
Integer.valueOf(416), "", "*/" + len });
+ parameterSets.add(new Object[] { "bytes=1-100, 90-150", null,
Integer.valueOf(416), "", "*/" + len });
// Invalid no equals
parameterSets.add(new Object[] { "bytes 1-10", null,
Integer.valueOf(416), "", "*/" + len });
parameterSets.add(new Object[] { "bytes1-10", null,
Integer.valueOf(416), "", "*/" + len });
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index aa466525e1..3eff5efc7c 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -193,6 +193,11 @@
<pr>787</pr>: Add regression tests for <bug>69478</bug>. Pull request
provided by Thomas Krisch. (markt)
</add>
+ <fix>
+ The default servlet now rejects HTTP range requests when two or more of
+ the requested ranges overlap. Based on pull request <pr>782</pr>
+ provided by Chenjp. (markt)
+ </fix>
</changelog>
</subsection>
<subsection name="Coyote">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
