Repository: cxf Updated Branches: refs/heads/master cb36642a8 -> 6f4bc7afa
CXF-6813:MediaTypeHeaderProvider doesn't check the illegal media type string like 's//tt;type=text/plain' Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/6f4bc7af Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/6f4bc7af Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/6f4bc7af Branch: refs/heads/master Commit: 6f4bc7afa4ae6e8d45e1ef757bb3f3a4229e37cf Parents: cb36642 Author: Jim Ma <[email protected]> Authored: Wed Mar 2 16:15:25 2016 +0800 Committer: Jim Ma <[email protected]> Committed: Wed Mar 2 16:18:28 2016 +0800 ---------------------------------------------------------------------- .../cxf/jaxrs/impl/MediaTypeHeaderProvider.java | 5 ++++ .../jaxrs/impl/MediaTypeHeaderProviderTest.java | 31 ++++++++++++++++++++ 2 files changed, 36 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/6f4bc7af/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/MediaTypeHeaderProvider.java ---------------------------------------------------------------------- diff --git a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/MediaTypeHeaderProvider.java b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/MediaTypeHeaderProvider.java index 89ea998..d8dfc66 100644 --- a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/MediaTypeHeaderProvider.java +++ b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/MediaTypeHeaderProvider.java @@ -64,6 +64,11 @@ public class MediaTypeHeaderProvider implements HeaderDelegate<MediaType> { int paramsStart = mType.indexOf(';', i + 1); int end = paramsStart == -1 ? mType.length() : paramsStart; + String[] parts = mType.substring(0, end).split("/"); + if (parts.length != 2 || StringUtils.isEmpty(parts[0]) || StringUtils.isEmpty(parts[1])) { + throw new IllegalArgumentException("Can not parse media type string: " + mType); + } + String type = mType.substring(0, i); String subtype = mType.substring(i + 1, end); http://git-wip-us.apache.org/repos/asf/cxf/blob/6f4bc7af/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/impl/MediaTypeHeaderProviderTest.java ---------------------------------------------------------------------- diff --git a/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/impl/MediaTypeHeaderProviderTest.java b/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/impl/MediaTypeHeaderProviderTest.java index d569a6a..cece6ef 100644 --- a/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/impl/MediaTypeHeaderProviderTest.java +++ b/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/impl/MediaTypeHeaderProviderTest.java @@ -128,6 +128,37 @@ public class MediaTypeHeaderProviderTest extends Assert { } @Test + public void testIlleageMediaType() { + try { + new MediaTypeHeaderProvider().fromString("t//;*"); + fail("Parse exception expected"); + } catch (IllegalArgumentException pe) { + // expected + } + + try { + new MediaTypeHeaderProvider().fromString("s//t;type=a/b"); + fail("Parse exception expected"); + } catch (IllegalArgumentException pe) { + // expected + } + + try { + new MediaTypeHeaderProvider().fromString("s/b/t;type=a/b"); + fail("Parse exception expected"); + } catch (IllegalArgumentException pe) { + // expected + } + + try { + new MediaTypeHeaderProvider().fromString("/b;type=a/b"); + fail("Parse exception expected"); + } catch (IllegalArgumentException pe) { + // expected + } + } + + @Test public void testTypeWithParameters() { MediaType mt = MediaType.valueOf("text/html;q=1234;b=4321");
