Author: kkolinko Date: Thu Feb 5 03:15:23 2015 New Revision: 1657460 URL: http://svn.apache.org/r1657460 Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=57509 Improve length check in OutputBuffer.write() to account for 4 extra bytes that are needed to terminates the headers.
Backport of r1657459 from trunk. (Code is the same, class names differ) Modified: tomcat/tc8.0.x/trunk/java/org/apache/coyote/http11/AbstractOutputBuffer.java tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml Modified: tomcat/tc8.0.x/trunk/java/org/apache/coyote/http11/AbstractOutputBuffer.java URL: http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/java/org/apache/coyote/http11/AbstractOutputBuffer.java?rev=1657460&r1=1657459&r2=1657460&view=diff ============================================================================== --- tomcat/tc8.0.x/trunk/java/org/apache/coyote/http11/AbstractOutputBuffer.java (original) +++ tomcat/tc8.0.x/trunk/java/org/apache/coyote/http11/AbstractOutputBuffer.java Thu Feb 5 03:15:23 2015 @@ -594,7 +594,9 @@ public abstract class AbstractOutputBuff * requested number of bytes. */ private void checkLengthBeforeWrite(int length) { - if (pos + length > headerBuffer.length) { + // "+ 4": BZ 57509. Reserve space for CR/LF/COLON/SP characters that + // are put directly into the buffer following this write operation. + if (pos + length + 4 > headerBuffer.length) { throw new HeadersTooLargeException( sm.getString("iob.responseheadertoolarge.error")); } Modified: tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml?rev=1657460&r1=1657459&r2=1657460&view=diff ============================================================================== --- tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml Thu Feb 5 03:15:23 2015 @@ -72,6 +72,10 @@ side effects of these mutltiple registrations would be exceptions appearing in the logs. (markt) </fix> + <fix> + <bug>57509</bug>: Improve length check when writing HTTP/1.1 + response headers: reserve space for 4 extra bytes. (kkolinko) + </fix> </changelog> </subsection> <subsection name="Jasper"> --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org