svn commit: r1037924 - in /tomcat/trunk: java/org/apache/coyote/ java/org/apache/coyote/http11/filters/ test/org/apache/coyote/http11/filters/ webapps/docs/ webapps/docs/config/

Mon, 22 Nov 2010 14:45:25 -0800 

Author: kkolinko
Date: Mon Nov 22 22:43:51 2010
New Revision: 1037924

URL: http://svn.apache.org/viewvc?rev=1037924&view=rev
Log:
Impose a limit on the total length of the trailing headers.
Otherwise the ByteChunk buffer in the ChunkedInputFilter might grow unlimitedly.

Implemented as a system property. It might be better to implement it as an 
attribute of a connector (like maxPostSize and maxSavePostSize attributes are), 
but I am not sure that it is worth the effort.

Modified:
    tomcat/trunk/java/org/apache/coyote/Constants.java
    tomcat/trunk/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
    
tomcat/trunk/test/org/apache/coyote/http11/filters/TestChunkedInputFilter.java
    tomcat/trunk/webapps/docs/changelog.xml
    tomcat/trunk/webapps/docs/config/systemprops.xml

Modified: tomcat/trunk/java/org/apache/coyote/Constants.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/Constants.java?rev=1037924&r1=1037923&r2=1037924&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/Constants.java (original)
+++ tomcat/trunk/java/org/apache/coyote/Constants.java Mon Nov 22 22:43:51 2010
@@ -69,4 +69,12 @@ public final class Constants {
                 "org.apache.coyote.USE_CUSTOM_STATUS_MSG_IN_HEADER",
                 "false")).booleanValue(); 
 
+    /**
+     * Limit on the total length of the trailer headers in
+     * a chunked HTTP request.
+     */
+    public static final int MAX_TRAILER_SIZE =
+        Integer.parseInt(System.getProperty(
+                "org.apache.coyote.MAX_TRAILER_SIZE",
+                "8192"));
 }

Modified: 
tomcat/trunk/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java?rev=1037924&r1=1037923&r2=1037924&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java 
(original)
+++ tomcat/trunk/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java 
Mon Nov 22 22:43:51 2010
@@ -102,7 +102,14 @@ public class ChunkedInputFilter implemen
     /**
      * Byte chunk used to store trailing headers.
      */
-    protected ByteChunk trailingHeaders = new ByteChunk();
+    protected ByteChunk trailingHeaders;
+
+    {
+        trailingHeaders = new ByteChunk();
+        if (org.apache.coyote.Constants.MAX_TRAILER_SIZE > 0) {
+            
trailingHeaders.setLimit(org.apache.coyote.Constants.MAX_TRAILER_SIZE);
+        }
+    }
 
 
     /**

Modified: 
tomcat/trunk/test/org/apache/coyote/http11/filters/TestChunkedInputFilter.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/coyote/http11/filters/TestChunkedInputFilter.java?rev=1037924&r1=1037923&r2=1037924&view=diff
==============================================================================
--- 
tomcat/trunk/test/org/apache/coyote/http11/filters/TestChunkedInputFilter.java 
(original)
+++ 
tomcat/trunk/test/org/apache/coyote/http11/filters/TestChunkedInputFilter.java 
Mon Nov 22 22:43:51 2010
@@ -70,7 +70,52 @@ public class TestChunkedInputFilter exte
         client.processRequest();
         
assertEquals("null7TestTestTest0123456789abcdefghijABCDEFGHIJopqrstuvwxyz", 
client.getResponseBody());
     }
-    
+
+    public void testTrailingHeadersSizeLimit() throws Exception {
+        // Setup Tomcat instance
+        Tomcat tomcat = getTomcatInstance();
+
+        // Must have a real docBase - just use temp
+        Context ctx = 
+            tomcat.addContext("", System.getProperty("java.io.tmpdir"));
+
+        Tomcat.addServlet(ctx, "servlet", new EchoHeaderServlet());
+        ctx.addServletMapping("/", "servlet");
+
+        tomcat.start();
+
+        StringBuilder longText = new StringBuilder("Test1234567890");
+        while (longText.length() <= 8192) {
+            longText.append(longText.toString());
+        }
+
+        String[] request = new String[]{
+            "POST /echo-params.jsp HTTP/1.1" + SimpleHttpClient.CRLF +
+            "Host: any" + SimpleHttpClient.CRLF +
+            "Transfer-encoding: chunked" + SimpleHttpClient.CRLF +
+            "Content-Type: application/x-www-form-urlencoded" +
+                    SimpleHttpClient.CRLF +
+            "Connection: close" + SimpleHttpClient.CRLF +
+            SimpleHttpClient.CRLF +
+            "3" + SimpleHttpClient.CRLF +
+            "a=0" + SimpleHttpClient.CRLF +
+            "4" + SimpleHttpClient.CRLF +
+            "&b=1" + SimpleHttpClient.CRLF +
+            "0" + SimpleHttpClient.CRLF +
+            "x-trailer: Test" + longText + SimpleHttpClient.CRLF +
+            SimpleHttpClient.CRLF };
+
+        TrailerClient client = new TrailerClient();
+        client.setPort(getPort());
+        client.setRequest(request);
+
+        client.connect();
+        client.processRequest();
+        // Expected to fail because the trailers are longer
+        // than the default limit of 8Kb
+        assertTrue(client.isResponse500());
+    }
+
     public void testNoTrailingHeaders() throws Exception {
         // Setup Tomcat instance
         Tomcat tomcat = getTomcatInstance();

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1037924&r1=1037923&r2=1037924&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Mon Nov 22 22:43:51 2010
@@ -167,6 +167,11 @@
         <bug>49860</bug>: Complete support for handling trailing headers in
         chunked HTTP requests. (markt)
       </fix>
+      <add>
+        Impose a limit on the length of the trailing headers. The limit
+        is configurable with a system property and is <code>8192</code>
+        by default. (kkolinko)
+      </add>
     </changelog>
   </subsection>
   <subsection name="Jasper">

Modified: tomcat/trunk/webapps/docs/config/systemprops.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/systemprops.xml?rev=1037924&r1=1037923&r2=1037924&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/config/systemprops.xml (original)
+++ tomcat/trunk/webapps/docs/config/systemprops.xml Mon Nov 22 22:43:51 2010
@@ -474,6 +474,13 @@
       <p>If not specified, the default value of <code>false</code> will be 
used.</p>
     </property>
 
+    <property name="org.apache.coyote.MAX_TRAILER_SIZE">
+      <p>Limits the total length of trailing headers in the last chunk of
+      a chunked HTTP request.
+      If the value is <code>-1</code>, no limit will be imposed.</p>
+      <p>If not specified, the default value of <code>8192</code> will be 
used.</p>
+    </property>
+
     <property name="catalina.useNaming">
       <p>If this is <code>false</code> it will override the
       <code>useNaming</code> attribute for all <a href="context.html">



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to