Author: kkolinko
Date: Mon Jan 9 04:50:17 2012
New Revision: 1229027
URL: http://svn.apache.org/viewvc?rev=1229027&view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=52384
Do not fail in Parameter parsing when debug logging is enabled.
Also do not flag extra '&' in parameters as errors.
Modified:
tomcat/tc6.0.x/trunk/STATUS.txt
tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/http/LocalStrings.properties
tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/http/Parameters.java
tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1229027&r1=1229026&r2=1229027&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Mon Jan 9 04:50:17 2012
@@ -90,13 +90,6 @@ PATCHES PROPOSED TO BACKPORT:
+1: kkolinko, rjung
-1:
-* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=52384
- Do not fail in Parameter parsing when debug logging is enabled.
- Also do not flag extra '&' as errors.
- http://svn.apache.org/viewvc?rev=1224659&view=rev
- +1: kkolinko, rjung, markt
- -1:
-
* Reduce log level for the message about hitting maxParameterCount limit
from WARN to INFO.
in java/org/apache/tomcat/util/http/Parameters.java line 242:
Modified:
tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/http/LocalStrings.properties
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/http/LocalStrings.properties?rev=1229027&r1=1229026&r2=1229027&view=diff
==============================================================================
---
tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/http/LocalStrings.properties
(original)
+++
tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/http/LocalStrings.properties
Mon Jan 9 04:50:17 2012
@@ -17,6 +17,7 @@ parameters.bytes=Start processing with i
parameters.copyFail=Failed to create copy of original parameter values for
debug logging purposes
parameters.decodeFail.debug=Character decoding failed. Parameter [{0}] with
value [{1}] has been ignored.
parameters.decodeFail.info=Character decoding failed. Parameter [{0}] with
value [{1}] has been ignored. Note that the name and value quoted here may be
corrupted due to the failed decoding. Use debug level logging to see the
original, non-corrupted values.
+parameters.emptyChunk=Empty parameter chunk ignored
parameters.invalidChunk=Invalid chunk starting at byte [{0}] and ending at
byte [{1}] with a value of [{2}] ignored
parameters.maxCountFail=More than the maximum number of request parameters
(GET plus POST) for a single request ([{0}]) were detected. Any parameters
beyond this limit have been ignored. To change this limit, set the
maxParameterCount attribute on the Connector.
parameters.multipleDecodingFail=Character decoding failed. A total of [{0}]
failures were detected but only the first was logged. Enable debug level
logging for this logger to log all failures.
Modified: tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/http/Parameters.java
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/http/Parameters.java?rev=1229027&r1=1229026&r2=1229027&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/http/Parameters.java
(original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/http/Parameters.java Mon
Jan 9 04:50:17 2012
@@ -314,6 +314,15 @@ public final class Parameters {
}
if (nameEnd <= nameStart ) {
+ if (valueStart == -1) {
+ // &&
+ if (log.isDebugEnabled()) {
+ log.debug(sm.getString("parameters.emptyChunk"));
+ }
+ // Do not flag as error
+ continue;
+ }
+ // &=foo&
if (log.isInfoEnabled()) {
if (valueEnd >= nameStart && log.isDebugEnabled()) {
String extract = null;
@@ -341,7 +350,11 @@ public final class Parameters {
}
tmpName.setBytes(bytes, nameStart, nameEnd - nameStart);
- tmpValue.setBytes(bytes, valueStart, valueEnd - valueStart);
+ if (valueStart >= 0) {
+ tmpValue.setBytes(bytes, valueStart, valueEnd - valueStart);
+ } else {
+ tmpValue.setBytes(bytes, 0, 0);
+ }
// Take copies as if anything goes wrong originals will be
// corrupted. This means original values can be logged.
@@ -349,7 +362,11 @@ public final class Parameters {
if (log.isDebugEnabled()) {
try {
origName.append(bytes, nameStart, nameEnd - nameStart);
- origValue.append(bytes, valueStart, valueEnd - valueStart);
+ if (valueStart >= 0) {
+ origValue.append(bytes, valueStart, valueEnd -
valueStart);
+ } else {
+ origValue.append(bytes, 0, 0);
+ }
} catch (IOException ioe) {
// Should never happen...
log.error(sm.getString("parameters.copyFail"), ioe);
@@ -366,11 +383,15 @@ public final class Parameters {
tmpName.setCharset(charset);
name = tmpName.toString();
- if (decodeValue) {
- urlDecode(tmpValue);
+ if (valueStart >= 0) {
+ if (decodeValue) {
+ urlDecode(tmpValue);
+ }
+ tmpValue.setCharset(charset);
+ value = tmpValue.toString();
+ } else {
+ value = "";
}
- tmpValue.setCharset(charset);
- value = tmpValue.toString();
addParam(name, value);
} catch (IOException e) {
Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=1229027&r1=1229026&r2=1229027&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Mon Jan 9 04:50:17 2012
@@ -81,6 +81,14 @@
The <code>FailedRequestFilter</code> filter can be used to detect this
condition. (kkolinko)
</fix>
+ <fix>
+ <bug>52384</bug>: Do not fail with parameter parsing when debug logging
+ is enabled. (kkolinko)
+ </fix>
+ <fix>
+ Do not flag extra '&' characters in parameters as parse errors.
+ (kkolinko)
+ </fix>
</changelog>
</subsection>
<subsection name="Jasper">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
