Artem created HTTPCLIENT-1856:
---------------------------------
Summary: incorrect "Maximum line length limit exceeded" detection
is possible
Key: HTTPCLIENT-1856
URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1856
Project: HttpComponents HttpClient
Issue Type: Bug
Affects Versions: 4.5.3
Reporter: Artem
the error is in
org.apache.http.impl.io.SessionInputBufferImpl#readLine(org.apache.http.util.CharArrayBuffer)
{code}
if (maxLineLen > 0) {
final int currentLen = this.linebuffer.length()
+ (pos > 0 ? pos : this.bufferlen) - this.bufferpos;
if (currentLen >= maxLineLen) {
throw new MessageConstraintException("Maximum line length
limit exceeded");
}
}
{code}
If LF chanced to be at the beginning of the buffer, {{currentLen}} is
calculated incorrectly. It should be {{this.linebuffer.length() + pos -
this.bufferpos}}, so, effectively {{this.linebuffer.length() + 0 - 0}}.
E.g. if maxLineLen=10000, buffer.length=8192 (the default setting), a line is
9000, then it doesn't fit the buffer, thus it's 1st part is read into
{{linebuffer}}, 2nd part is read into {{buffer}}. If the 9000 line's
terminating LF chances to be the 1st char of that buffer, and after that line
it follows more header data, say, exceeding 8192 bytes - then the code
calculates {{currentLen = linebuffer.length() + bufferlen - bufferpos = 9000+
8192 - 0}} > 10000, while actual line length is just 9000.
I think the fix is to replace {{(pos > 0 ? pos : this.bufferlen)}} to {{(pos >
-1 ? pos : this.bufferlen)}}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
