From: fhanik <fhanik@13f79535-47bb-0310-9956-ffa450edef68>
Date: Wed, 19 Jul 2006 13:00:42 +0000 (+0000)
Subject: Fixed chunked input filter to parse the header correctly. Performs strict parsing... 
X-Git-Url: https://git.internetallee.de/?a=commitdiff_plain;h=cdc7b2738ffe3a72ee378021a25b1610e03274ea;p=tomcat7.0

Fixed chunked input filter to parse the header correctly. Performs strict parsing according to the RFC2616, so if the header is invalid it bails out.


git-svn-id: https://svn.apache.org/repos/asf/tomcat/tc6.0.x/trunk@423453 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/java/org/apache/coyote/http11/Constants.java b/java/org/apache/coyote/http11/Constants.java
index 6907e8439..3a5ee857a 100644
--- a/java/org/apache/coyote/http11/Constants.java
+++ b/java/org/apache/coyote/http11/Constants.java
@@ -83,6 +83,12 @@ public final class Constants {
      * COLON.
      */
     public static final byte COLON = (byte) ':';
+    
+    /**
+     * SEMI_COLON.
+     */
+    public static final byte SEMI_COLON = (byte) ';';
+
 
 
     /**
diff --git a/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java b/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
index 73834da20..fe4634487 100644
--- a/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
+++ b/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
@@ -27,9 +27,11 @@ import org.apache.coyote.http11.Constants;
 import org.apache.coyote.http11.InputFilter;
 
 /**
- * Chunked input filter.
+ * Chunked input filter. Parses chunked data according to
+ * <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.6.1">http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.6.1</a><br>
  * 
  * @author Remy Maucherat
+ * @author Filip Hanik
  */
 public class ChunkedInputFilter implements InputFilter {
 
@@ -127,7 +129,7 @@ public class ChunkedInputFilter implements InputFilter {
 
         if (remaining <= 0) {
             if (!parseChunkHeader()) {
-                throw new IOException("Invalid chunk");
+                throw new IOException("Invalid chunk header");
             }
             if (endChunk) {
                 parseEndChunk();
@@ -234,6 +236,12 @@ public class ChunkedInputFilter implements InputFilter {
 
     /**
      * Parse the header of a chunk.
+     * A chunk header can look like 
+     * A10CRLF
+     * F23;chunk-extension to be ignoredCRLF
+     * The letters before CRLF but after the trailer mark, must be valid hex digits, 
+     * we should not parse F23IAMGONNAMESSTHISUP34CRLF as a valid header
+     * according to spec
      */
     protected boolean parseChunkHeader()
         throws IOException {
@@ -241,6 +249,7 @@ public class ChunkedInputFilter implements InputFilter {
         int result = 0;
         boolean eol = false;
         boolean readDigit = false;
+        boolean trailer = false;
 
         while (!eol) {
 
@@ -252,11 +261,18 @@ public class ChunkedInputFilter implements InputFilter {
             if (buf[pos] == Constants.CR) {
             } else if (buf[pos] == Constants.LF) {
                 eol = true;
-            } else {
+            } else if (buf[pos] == Constants.SEMI_COLON) {
+                trailer = true;
+            } else if (!trailer) { 
+                //don't read data after the trailer
                 if (HexUtils.DEC[buf[pos]] != -1) {
                     readDigit = true;
                     result *= 16;
                     result += HexUtils.DEC[buf[pos]];
+                } else {
+                    //we shouldn't allow invalid, non hex characters
+                    //in the chunked header
+                    return false;
                 }
             }