Re: svn commit: r1132487 - in /tomcat/trunk: java/org/apache/coyote/http11/AbstractHttp11Processor.java webapps/docs/changelog.xml

Mon, 06 Jun 2011 05:05:09 -0700 

Ascii.parseInt can throw a NumberFormatException which should probably be
caught and a 400 returned.

-Tim

On Sun, Jun 5, 2011 at 4:26 PM, <ma...@apache.org> wrote:

> Author: markt
> Date: Sun Jun  5 20:26:37 2011
> New Revision: 1132487
>
> URL: http://svn.apache.org/viewvc?rev=1132487&view=rev
> Log:
> Parse port as base10, not hex
>
> Modified:
>    tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java
>    tomcat/trunk/webapps/docs/changelog.xml
>
> Modified:
> tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java
> URL:
> http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java?rev=1132487&r1=1132486&r2=1132487&view=diff
>
> ==============================================================================
> --- tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java
> (original)
> +++ tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Processor.java
> Sun Jun  5 20:26:37 2011
> @@ -39,7 +39,6 @@ import org.apache.juli.logging.Log;
>  import org.apache.tomcat.util.ExceptionUtils;
>  import org.apache.tomcat.util.buf.Ascii;
>  import org.apache.tomcat.util.buf.ByteChunk;
> -import org.apache.tomcat.util.buf.HexUtils;
>  import org.apache.tomcat.util.buf.MessageBytes;
>  import org.apache.tomcat.util.http.FastHttpDateFormat;
>  import org.apache.tomcat.util.http.MimeHeaders;
> @@ -993,26 +992,9 @@ public abstract class AbstractHttp11Proc
>             }
>             request.serverName().setChars(hostNameC, 0, valueL);
>         } else {
> -
>             request.serverName().setChars(hostNameC, 0, colonPos);
> -
> -            int port = 0;
> -            int mult = 1;
> -            for (int i = valueL - 1; i > colonPos; i--) {
> -                int charValue = HexUtils.getDec(valueB[i + valueS]);
> -                if (charValue == -1) {
> -                    // Invalid character
> -                    error = true;
> -                    // 400 - Bad request
> -                    response.setStatus(400);
> -                    adapter.log(request, response, 0);
> -                    break;
> -                }
> -                port = port + (charValue * mult);
> -                mult = 10 * mult;
> -            }
> -            request.setServerPort(port);
> -
> +            request.setServerPort(Ascii.parseInt(
> +                    valueB, valueS + colonPos + 1, valueL - colonPos -
> 1));
>         }
>
>     }
>
>

Reply via email to