Author: markt
Date: Wed Jul 30 14:01:26 2008
New Revision: 681201
URL: http://svn.apache.org/viewvc?rev=681201&view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=42750
Make parsing of request line more tolerant of multiple SP and/or HT
Modified:
tomcat/connectors/trunk/http11/src/java/org/apache/coyote/http11/InternalAprInputBuffer.java
tomcat/connectors/trunk/http11/src/java/org/apache/coyote/http11/InternalInputBuffer.java
tomcat/current/tc5.5.x/STATUS.txt
Modified:
tomcat/connectors/trunk/http11/src/java/org/apache/coyote/http11/InternalAprInputBuffer.java
URL:
http://svn.apache.org/viewvc/tomcat/connectors/trunk/http11/src/java/org/apache/coyote/http11/InternalAprInputBuffer.java?rev=681201&r1=681200&r2=681201&view=diff
==============================================================================
---
tomcat/connectors/trunk/http11/src/java/org/apache/coyote/http11/InternalAprInputBuffer.java
(original)
+++
tomcat/connectors/trunk/http11/src/java/org/apache/coyote/http11/InternalAprInputBuffer.java
Wed Jul 30 14:01:26 2008
@@ -484,7 +484,8 @@
ascbuf[pos] = (char) buf[pos];
- if (buf[pos] == Constants.SP) {
+ // Spec says single SP but it also says be tolerant of HT
+ if (buf[pos] == Constants.SP || buf[pos] == Constants.HT) {
space = true;
request.method().setChars(ascbuf, start, pos - start);
}
@@ -493,6 +494,20 @@
}
+ // Spec says single SP but also says be tolerant of multiple and/or HT
+ while (space) {
+ // Read new bytes if needed
+ if (pos >= lastValid) {
+ if (!fill())
+ throw new EOFException(sm.getString("iib.eof.error"));
+ }
+ if (buf[pos] == Constants.SP || buf[pos] == Constants.HT) {
+ pos++;
+ } else {
+ space = false;
+ }
+ }
+
// Mark the current buffer position
start = pos;
int end = 0;
@@ -502,7 +517,6 @@
// Reading the URI
//
- space = false;
boolean eol = false;
while (!space) {
@@ -513,7 +527,8 @@
throw new EOFException(sm.getString("iib.eof.error"));
}
- if (buf[pos] == Constants.SP) {
+ // Spec says single SP but it also says be tolerant of HT
+ if (buf[pos] == Constants.SP || buf[pos] == Constants.HT) {
space = true;
end = pos;
} else if ((buf[pos] == Constants.CR)
@@ -531,6 +546,20 @@
}
+ // Spec says single SP but also says be tolerant of multiple and/or HT
+ while (space) {
+ // Read new bytes if needed
+ if (pos >= lastValid) {
+ if (!fill())
+ throw new EOFException(sm.getString("iib.eof.error"));
+ }
+ if (buf[pos] == Constants.SP || buf[pos] == Constants.HT) {
+ pos++;
+ } else {
+ space = false;
+ }
+ }
+
request.unparsedURI().setBytes(buf, start, end - start);
if (questionPos >= 0) {
request.queryString().setBytes(buf, questionPos + 1,
Modified:
tomcat/connectors/trunk/http11/src/java/org/apache/coyote/http11/InternalInputBuffer.java
URL:
http://svn.apache.org/viewvc/tomcat/connectors/trunk/http11/src/java/org/apache/coyote/http11/InternalInputBuffer.java?rev=681201&r1=681200&r2=681201&view=diff
==============================================================================
---
tomcat/connectors/trunk/http11/src/java/org/apache/coyote/http11/InternalInputBuffer.java
(original)
+++
tomcat/connectors/trunk/http11/src/java/org/apache/coyote/http11/InternalInputBuffer.java
Wed Jul 30 14:01:26 2008
@@ -426,7 +426,8 @@
ascbuf[pos] = (char) buf[pos];
- if (buf[pos] == Constants.SP) {
+ // Spec says single SP but it also says be tolerant of HT
+ if (buf[pos] == Constants.SP || buf[pos] == Constants.HT) {
space = true;
request.method().setChars(ascbuf, start, pos - start);
}
@@ -435,6 +436,20 @@
}
+ // Spec says single SP but also says be tolerant of multiple and/or HT
+ while (space) {
+ // Read new bytes if needed
+ if (pos >= lastValid) {
+ if (!fill())
+ throw new EOFException(sm.getString("iib.eof.error"));
+ }
+ if (buf[pos] == Constants.SP || buf[pos] == Constants.HT) {
+ pos++;
+ } else {
+ space = false;
+ }
+ }
+
// Mark the current buffer position
start = pos;
int end = 0;
@@ -444,7 +459,6 @@
// Reading the URI
//
- space = false;
boolean eol = false;
while (!space) {
@@ -455,7 +469,8 @@
throw new EOFException(sm.getString("iib.eof.error"));
}
- if (buf[pos] == Constants.SP) {
+ // Spec says single SP but it also says be tolerant of HT
+ if (buf[pos] == Constants.SP || buf[pos] == Constants.HT) {
space = true;
end = pos;
} else if ((buf[pos] == Constants.CR)
@@ -473,6 +488,20 @@
}
+ // Spec says single SP but also says be tolerant of multiple and/or HT
+ while (space) {
+ // Read new bytes if needed
+ if (pos >= lastValid) {
+ if (!fill())
+ throw new EOFException(sm.getString("iib.eof.error"));
+ }
+ if (buf[pos] == Constants.SP || buf[pos] == Constants.HT) {
+ pos++;
+ } else {
+ space = false;
+ }
+ }
+
request.unparsedURI().setBytes(buf, start, end - start);
if (questionPos >= 0) {
request.queryString().setBytes(buf, questionPos + 1,
Modified: tomcat/current/tc5.5.x/STATUS.txt
URL:
http://svn.apache.org/viewvc/tomcat/current/tc5.5.x/STATUS.txt?rev=681201&r1=681200&r2=681201&view=diff
==============================================================================
--- tomcat/current/tc5.5.x/STATUS.txt (original)
+++ tomcat/current/tc5.5.x/STATUS.txt Wed Jul 30 14:01:26 2008
@@ -108,13 +108,6 @@
+1: markt, yoavs
-1:
-* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=42750
- Make parsing of request line more tolerant of multiple SP and/or HT
- Note: This is on the critical path
- http://svn.apache.org/viewvc?rev=657954&view=rev
- +1: markt, fhanik, yoavs
- -1:
-
* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=45195
NPE when calling getAttribute(null). The spec is unclear but this
is a regression from 5.0.x Also avoid NPE on remove
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
