Author: jochen Date: Fri Apr 6 19:04:55 2007 New Revision: 526346 URL: http://svn.apache.org/viewvc?view=rev&rev=526346 Log: A MalformedStreamException is now thrown, if the size of an items headers exceeds HEADER_PART_SIZE_MAX. PR: FILEUPLOAD-116 Submitted-by: Amichai Rothman <[EMAIL PROTECTED]>
Modified: jakarta/commons/proper/fileupload/trunk/src/changes/changes.xml jakarta/commons/proper/fileupload/trunk/src/java/org/apache/commons/fileupload/MultipartStream.java Modified: jakarta/commons/proper/fileupload/trunk/src/changes/changes.xml URL: http://svn.apache.org/viewvc/jakarta/commons/proper/fileupload/trunk/src/changes/changes.xml?view=diff&rev=526346&r1=526345&r2=526346 ============================================================================== --- jakarta/commons/proper/fileupload/trunk/src/changes/changes.xml (original) +++ jakarta/commons/proper/fileupload/trunk/src/changes/changes.xml Fri Apr 6 19:04:55 2007 @@ -55,6 +55,11 @@ due-to="Michael Macaluso" due-to-email="[EMAIL PROTECTED]"> Added support for accessing the file item headers. </action> + <action dev="jochen" type="fix" issue="FILEUPLOAD-116" + due-to="Amichai Rothman" due-to-email="[EMAIL PROTECTED]"> + A MalformedStreamException is now thrown, if the size of an items + headers exceeds HEADER_PART_SIZE_MAX; + </action> </release> <release version="1.2" date="2007-02-13"> Modified: jakarta/commons/proper/fileupload/trunk/src/java/org/apache/commons/fileupload/MultipartStream.java URL: http://svn.apache.org/viewvc/jakarta/commons/proper/fileupload/trunk/src/java/org/apache/commons/fileupload/MultipartStream.java?view=diff&rev=526346&r1=526345&r2=526346 ============================================================================== --- jakarta/commons/proper/fileupload/trunk/src/java/org/apache/commons/fileupload/MultipartStream.java (original) +++ jakarta/commons/proper/fileupload/trunk/src/java/org/apache/commons/fileupload/MultipartStream.java Fri Apr 6 19:04:55 2007 @@ -530,26 +530,27 @@ public String readHeaders() throws MalformedStreamException { int i = 0; - byte[] b = new byte[1]; + byte b; // to support multi-byte characters ByteArrayOutputStream baos = new ByteArrayOutputStream(); - int sizeMax = HEADER_PART_SIZE_MAX; int size = 0; while (i < HEADER_SEPARATOR.length) { try { - b[0] = readByte(); + b = readByte(); } catch (IOException e) { throw new MalformedStreamException("Stream ended unexpectedly"); } - size++; - if (b[0] == HEADER_SEPARATOR[i]) { + if (++size > HEADER_PART_SIZE_MAX) { + throw new MalformedStreamException( + "Header section has more than " + HEADER_PART_SIZE_MAX + + " bytes (maybe it is not properly terminated)"); + } + if (b == HEADER_SEPARATOR[i]) { i++; } else { i = 0; } - if (size <= sizeMax) { - baos.write(b[0]); - } + baos.write(b); } String headers = null; --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]