This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new d67c1fcefb Fix AJP message length check
d67c1fcefb is described below
commit d67c1fcefbb01c211e010ecdaa48f2a8a15f2f38
Author: remm <[email protected]>
AuthorDate: Mon Nov 3 10:03:23 2025 +0100
Fix AJP message length check
PR#916 by Joshua Rogers.
---
java/org/apache/coyote/ajp/AjpProcessor.java | 2 +-
webapps/docs/changelog.xml | 4 ++++
2 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/java/org/apache/coyote/ajp/AjpProcessor.java
b/java/org/apache/coyote/ajp/AjpProcessor.java
index 5c129a13b5..296ace7bb2 100644
--- a/java/org/apache/coyote/ajp/AjpProcessor.java
+++ b/java/org/apache/coyote/ajp/AjpProcessor.java
@@ -574,7 +574,7 @@ public class AjpProcessor extends AbstractProcessor {
// Zero length message.
return true;
} else {
- if (messageLength > message.getBuffer().length) {
+ if (messageLength > (buf.length - Constants.H_SIZE)) {
// Message too long for the buffer
// Need to trigger a 400 response
String msg = sm.getString("ajpprocessor.header.tooLong",
Integer.valueOf(messageLength),
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index a10499ad80..3b10e75e8c 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -123,6 +123,10 @@
<bug>69866</bug>: Fix a memory leak when using a trust store with the
OpenSSL provider. Pull request <pr>912</pr> by aogburn. (markt)
</fix>
+ <fix>
+ Fix AJP message length check. Pull request <pr>916</pr> by Joshua
+ Rogers. (remm)
+ </fix>
</changelog>
</subsection>
<subsection name="Jasper">
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
