https://issues.apache.org/bugzilla/show_bug.cgi?id=57509
Bug ID: 57509 Summary: maxHttpHeaderSize maybe case ArrayIndexOutOfBoundsException Product: Tomcat 8 Version: 8.0.18 Hardware: PC Status: NEW Severity: normal Priority: P2 Component: Connectors Assignee: dev@tomcat.apache.org Reporter: yklovej...@163.com Modify the server.xml, add the maxHttpHeaderSize attribute: <Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" maxHttpHeaderSize="24"/> I deliberately modify the maxHttpHeaderSize to a small value, then I make a normal request, Sure, the request header is more than 24 bytes. Then the server is report following error: 28-Jan-2015 16:08:01.870 SEVERE [http-nio-8080-exec-1] org.apache.coyote.http11.AbstractHttp11Processor.endRequest Error finishing response java.lang.ArrayIndexOutOfBoundsException: 24 at org.apache.coyote.http11.AbstractOutputBuffer.sendStatus(AbstractOutputBuffer.java:445) at org.apache.coyote.http11.AbstractHttp11Processor.prepareResponse(AbstractHttp11Processor.java:1554) at org.apache.coyote.http11.AbstractHttp11Processor.action(AbstractHttp11Processor.java:739) at org.apache.coyote.Response.action(Response.java:179) ... Is not check the maxHttpHeaderSize? Normal circumstances, it's should response 413-request entity is too large. I think this is better and reasonable. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org