Return-Path: X-Original-To: apmail-tomcat-dev-archive@www.apache.org Delivered-To: apmail-tomcat-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 7D2CD92F1 for ; Sat, 28 Jan 2012 19:41:08 +0000 (UTC) Received: (qmail 44945 invoked by uid 500); 28 Jan 2012 19:41:07 -0000 Delivered-To: apmail-tomcat-dev-archive@tomcat.apache.org Received: (qmail 44787 invoked by uid 500); 28 Jan 2012 19:41:06 -0000 Mailing-List: contact dev-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Developers List" Delivered-To: mailing list dev@tomcat.apache.org Received: (qmail 44778 invoked by uid 99); 28 Jan 2012 19:41:05 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 28 Jan 2012 19:41:05 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 28 Jan 2012 19:41:04 +0000 Received: from eris.apache.org (localhost [127.0.0.1]) by eris.apache.org (Postfix) with ESMTP id 848BC238897D for ; Sat, 28 Jan 2012 19:40:44 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1237146 - in /tomcat/trunk/java/org/apache/coyote/http11: AbstractOutputBuffer.java LocalStrings.properties Date: Sat, 28 Jan 2012 19:40:44 -0000 To: dev@tomcat.apache.org From: markt@apache.org X-Mailer: svnmailer-1.0.8-patched Message-Id: <20120128194044.848BC238897D@eris.apache.org> Author: markt Date: Sat Jan 28 19:40:43 2012 New Revision: 1237146 URL: http://svn.apache.org/viewvc?rev=1237146&view=rev Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=52543 Provide a meaningful error message when writing more response headers than permitted Modified: tomcat/trunk/java/org/apache/coyote/http11/AbstractOutputBuffer.java tomcat/trunk/java/org/apache/coyote/http11/LocalStrings.properties Modified: tomcat/trunk/java/org/apache/coyote/http11/AbstractOutputBuffer.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http11/AbstractOutputBuffer.java?rev=1237146&r1=1237145&r2=1237146&view=diff ============================================================================== --- tomcat/trunk/java/org/apache/coyote/http11/AbstractOutputBuffer.java (original) +++ tomcat/trunk/java/org/apache/coyote/http11/AbstractOutputBuffer.java Sat Jan 28 19:40:43 2012 @@ -449,6 +449,7 @@ public abstract class AbstractOutputBuff // Writing the byte chunk to the output buffer int length = bc.getLength(); + checkLengthBeforeWrite(length); System.arraycopy(bc.getBytes(), bc.getStart(), buf, pos, length); pos = pos + length; @@ -466,6 +467,7 @@ public abstract class AbstractOutputBuff int start = cc.getStart(); int end = cc.getEnd(); + checkLengthBeforeWrite(end-start); char[] cbuf = cc.getBuffer(); for (int i = start; i < end; i++) { char c = cbuf[i]; @@ -490,6 +492,7 @@ public abstract class AbstractOutputBuff * @param b data to be written */ public void write(byte[] b) { + checkLengthBeforeWrite(b.length); // Writing the byte chunk to the output buffer System.arraycopy(b, 0, buf, pos, b.length); @@ -512,6 +515,7 @@ public abstract class AbstractOutputBuff // From the Tomcat 3.3 HTTP/1.0 connector int len = s.length(); + checkLengthBeforeWrite(len); for (int i = 0; i < len; i++) { char c = s.charAt (i); // Note: This is clearly incorrect for many strings, @@ -541,4 +545,16 @@ public abstract class AbstractOutputBuff } + /** + * Checks to see if there is enough space in the buffer to write the + * requested number of bytes. + */ + private void checkLengthBeforeWrite(int length) + throws IllegalStateException { + if (pos + length > buf.length) { + throw new IllegalStateException( + sm.getString("iob.responseheadertoolarge.error")); + } + } + } Modified: tomcat/trunk/java/org/apache/coyote/http11/LocalStrings.properties URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http11/LocalStrings.properties?rev=1237146&r1=1237145&r2=1237146&view=diff ============================================================================== --- tomcat/trunk/java/org/apache/coyote/http11/LocalStrings.properties (original) +++ tomcat/trunk/java/org/apache/coyote/http11/LocalStrings.properties Sat Jan 28 19:40:43 2012 @@ -30,3 +30,5 @@ iib.invalidheader=The HTTP header line [ iib.invalidmethod=Invalid character (CR or LF) found in method name iib.parseheaders.ise.error=Unexpected state: headers already parsed. Buffer not recycled? iib.requestheadertoolarge.error=Request header is too large + +iob.responseheadertoolarge.error=An attempt was made to write more data to the response headers than there was room available in the buffer. Increase maxHttpHeaderSize on the connector or write less data into the response headers. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org For additional commands, e-mail: dev-help@tomcat.apache.org