Repository: cxf Updated Branches: refs/heads/3.1.x-fixes 15e4db968 -> 1b7d4d148
CXF-6813:MediaTypeHeaderProvider doesn't check the illegal media type string like 's//tt;type=text/plain' Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/1b7d4d14 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/1b7d4d14 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/1b7d4d14 Branch: refs/heads/3.1.x-fixes Commit: 1b7d4d1488db897ac7c824288556bed2df851309 Parents: 15e4db9 Author: Jim Ma <[email protected]> Authored: Wed Mar 2 16:15:25 2016 +0800 Committer: Jim Ma <[email protected]> Committed: Wed Mar 2 16:21:54 2016 +0800 ---------------------------------------------------------------------- .../cxf/jaxrs/impl/MediaTypeHeaderProvider.java | 5 ++++ .../jaxrs/impl/MediaTypeHeaderProviderTest.java | 31 ++++++++++++++++++++ 2 files changed, 36 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7d4d14/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/MediaTypeHeaderProvider.java ---------------------------------------------------------------------- diff --git a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/MediaTypeHeaderProvider.java b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/MediaTypeHeaderProvider.java index 89ea998..d8dfc66 100644 --- a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/MediaTypeHeaderProvider.java +++ b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/MediaTypeHeaderProvider.java @@ -64,6 +64,11 @@ public class MediaTypeHeaderProvider implements HeaderDelegate<MediaType> { int paramsStart = mType.indexOf(';', i + 1); int end = paramsStart == -1 ? mType.length() : paramsStart; + String[] parts = mType.substring(0, end).split("/"); + if (parts.length != 2 || StringUtils.isEmpty(parts[0]) || StringUtils.isEmpty(parts[1])) { + throw new IllegalArgumentException("Can not parse media type string: " + mType); + } + String type = mType.substring(0, i); String subtype = mType.substring(i + 1, end); http://git-wip-us.apache.org/repos/asf/cxf/blob/1b7d4d14/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/impl/MediaTypeHeaderProviderTest.java ---------------------------------------------------------------------- diff --git a/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/impl/MediaTypeHeaderProviderTest.java b/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/impl/MediaTypeHeaderProviderTest.java index d569a6a..cece6ef 100644 --- a/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/impl/MediaTypeHeaderProviderTest.java +++ b/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/impl/MediaTypeHeaderProviderTest.java @@ -128,6 +128,37 @@ public class MediaTypeHeaderProviderTest extends Assert { } @Test + public void testIlleageMediaType() { + try { + new MediaTypeHeaderProvider().fromString("t//;*"); + fail("Parse exception expected"); + } catch (IllegalArgumentException pe) { + // expected + } + + try { + new MediaTypeHeaderProvider().fromString("s//t;type=a/b"); + fail("Parse exception expected"); + } catch (IllegalArgumentException pe) { + // expected + } + + try { + new MediaTypeHeaderProvider().fromString("s/b/t;type=a/b"); + fail("Parse exception expected"); + } catch (IllegalArgumentException pe) { + // expected + } + + try { + new MediaTypeHeaderProvider().fromString("/b;type=a/b"); + fail("Parse exception expected"); + } catch (IllegalArgumentException pe) { + // expected + } + } + + @Test public void testTypeWithParameters() { MediaType mt = MediaType.valueOf("text/html;q=1234;b=4321");
