Return-Path: X-Original-To: apmail-geronimo-scm-archive@www.apache.org Delivered-To: apmail-geronimo-scm-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id AE23D105D4 for ; Wed, 8 May 2013 14:59:38 +0000 (UTC) Received: (qmail 96625 invoked by uid 500); 8 May 2013 14:59:38 -0000 Delivered-To: apmail-geronimo-scm-archive@geronimo.apache.org Received: (qmail 96517 invoked by uid 500); 8 May 2013 14:59:37 -0000 Mailing-List: contact scm-help@geronimo.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: Reply-To: dev@geronimo.apache.org List-Id: Delivered-To: mailing list scm@geronimo.apache.org Received: (qmail 96100 invoked by uid 99); 8 May 2013 14:59:35 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 08 May 2013 14:59:35 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 08 May 2013 14:59:32 +0000 Received: from eris.apache.org (localhost [127.0.0.1]) by eris.apache.org (Postfix) with ESMTP id 4A026238897D; Wed, 8 May 2013 14:59:11 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1480311 - /geronimo/external/trunk/tomcat-parent-7.0.39/util/src/main/java/org/apache/tomcat/util/http/parser/HttpParser.java Date: Wed, 08 May 2013 14:59:11 -0000 To: scm@geronimo.apache.org From: gawor@apache.org X-Mailer: svnmailer-1.0.8-patched Message-Id: <20130508145911.4A026238897D@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: gawor Date: Wed May 8 14:59:10 2013 New Revision: 1480311 URL: http://svn.apache.org/r1480311 Log: merge fix for https://issues.apache.org/bugzilla/show_bug.cgi?id=54703 - Be tolerant of applications that pass CR or LF in setHeader() values. Modified: geronimo/external/trunk/tomcat-parent-7.0.39/util/src/main/java/org/apache/tomcat/util/http/parser/HttpParser.java Modified: geronimo/external/trunk/tomcat-parent-7.0.39/util/src/main/java/org/apache/tomcat/util/http/parser/HttpParser.java URL: http://svn.apache.org/viewvc/geronimo/external/trunk/tomcat-parent-7.0.39/util/src/main/java/org/apache/tomcat/util/http/parser/HttpParser.java?rev=1480311&r1=1480310&r2=1480311&view=diff ============================================================================== --- geronimo/external/trunk/tomcat-parent-7.0.39/util/src/main/java/org/apache/tomcat/util/http/parser/HttpParser.java (original) +++ geronimo/external/trunk/tomcat-parent-7.0.39/util/src/main/java/org/apache/tomcat/util/http/parser/HttpParser.java Wed May 8 14:59:10 2013 @@ -262,17 +262,34 @@ public class HttpParser { } } - private static SkipConstantResult skipConstant(StringReader input, - String constant) throws IOException { - int len = constant.length(); + // Skip any LWS and return the next char + private static int skipLws(StringReader input, boolean withReset) + throws IOException { + if (withReset) { + input.mark(1); + } int c = input.read(); - // Skip lws - while (c == 32 || c == 9) { + while (c == 32 || c == 9 || c == 10 || c == 13) { + if (withReset) { + input.mark(1); + } c = input.read(); } + if (withReset) { + input.reset(); + } + return c; + } + + private static SkipConstantResult skipConstant(StringReader input, + String constant) throws IOException { + int len = constant.length(); + + int c = skipLws(input, false); + for (int i = 0; i < len; i++) { if (i == 0 && c == -1) { return SkipConstantResult.EOF; @@ -296,12 +313,7 @@ public class HttpParser { private static String readToken(StringReader input) throws IOException { StringBuilder result = new StringBuilder(); - int c = input.read(); - - // Skip lws - while (c == 32 || c == 9) { - c = input.read(); - } + int c = skipLws(input, false); while (c != -1 && isToken(c)) { result.append((char) c); @@ -325,12 +337,7 @@ public class HttpParser { private static String readQuotedString(StringReader input, boolean returnQuoted) throws IOException { - int c = input.read(); - - // Skip lws - while (c == 32 || c == 9) { - c = input.read(); - } + int c = skipLws(input, false); if (c != '"') { return null; @@ -366,12 +373,8 @@ public class HttpParser { private static String readTokenOrQuotedString(StringReader input, boolean returnQuoted) throws IOException { - // Use mark/reset as skip(-1) fails when reading the last character of - // the input - input.mark(1); - int c = input.read(); - // Go back so first character is available to be read again - input.reset(); + // Go back so first non-LWS character is available to be read again + int c = skipLws(input, true); if (c == '"') { return readQuotedString(input, returnQuoted); @@ -398,12 +401,7 @@ public class HttpParser { StringBuilder result = new StringBuilder(); boolean quoted = false; - int c = input.read(); - - // Skip lws - while (c == 32 || c == 9) { - c = input.read(); - } + int c = skipLws(input, false); if (c == '"') { quoted = true; @@ -455,12 +453,7 @@ public class HttpParser { StringBuilder result = new StringBuilder(); boolean quoted = false; - int c = input.read(); - - // Skip lws - while (c == 32 || c == 9) { - c = input.read(); - } + int c = skipLws(input, false); if (c == '"') { quoted = true;