This is an automated email from the ASF dual-hosted git repository.
rmaucher pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 77ab2497d9 Fix isTrailerFieldsReady
77ab2497d9 is described below
commit 77ab2497d990163992a5bb891a04914b11818e19
Author: remm <[email protected]>
AuthorDate: Mon Jun 1 03:52:11 2026 +0200
Fix isTrailerFieldsReady
Use it in the test since it's not allowed to access the trailers if it
does not return true. So this is now more strict, maybe problems ?
setLimit should always set the limit (it could change in theory).
Http11InputBuffer.expand would be inefficient if it is used (always
reallocate even if unneeded).
---
java/org/apache/coyote/AbstractProcessor.java | 8 +++++++-
java/org/apache/coyote/http11/Http11InputBuffer.java | 3 ++-
java/org/apache/coyote/http11/Http11OutputBuffer.java | 2 +-
java/org/apache/coyote/http11/filters/BufferedInputFilter.java | 2 ++
test/org/apache/coyote/http11/filters/TestChunkedInputFilter.java | 2 +-
webapps/docs/changelog.xml | 4 ++++
6 files changed, 17 insertions(+), 4 deletions(-)
diff --git a/java/org/apache/coyote/AbstractProcessor.java
b/java/org/apache/coyote/AbstractProcessor.java
index 999ba956d6..8d855baed7 100644
--- a/java/org/apache/coyote/AbstractProcessor.java
+++ b/java/org/apache/coyote/AbstractProcessor.java
@@ -338,7 +338,13 @@ public abstract class AbstractProcessor extends
AbstractProcessorLight implement
setErrorState(ErrorState.CLOSE_CLEAN, null);
return;
}
- port = port * 10 + c - '0';
+ int digit = c - '0';
+ if (port > (Integer.MAX_VALUE - digit) / 10) {
+ response.setStatus(400);
+ setErrorState(ErrorState.CLOSE_CLEAN, null);
+ return;
+ }
+ port = port * 10 + digit;
}
request.setServerPort(port);
diff --git a/java/org/apache/coyote/http11/Http11InputBuffer.java
b/java/org/apache/coyote/http11/Http11InputBuffer.java
index 7dd7cc65b3..8e308f6f4c 100644
--- a/java/org/apache/coyote/http11/Http11InputBuffer.java
+++ b/java/org/apache/coyote/http11/Http11InputBuffer.java
@@ -688,7 +688,7 @@ public class Http11InputBuffer implements InputBuffer,
ApplicationBufferHandler,
boolean isChunking() {
- for (int i = 0; i < lastActiveFilter; i++) {
+ for (int i = 0; i <= lastActiveFilter; i++) {
if (activeFilters[i] == filterLibrary[Constants.CHUNKED_FILTER]) {
return true;
}
@@ -854,6 +854,7 @@ public class Http11InputBuffer implements InputBuffer,
ApplicationBufferHandler,
public void expand(int size) {
if (byteBuffer.capacity() >= size) {
byteBuffer.limit(size);
+ return;
}
ByteBuffer temp = ByteBuffer.allocate(size);
temp.put(byteBuffer);
diff --git a/java/org/apache/coyote/http11/Http11OutputBuffer.java
b/java/org/apache/coyote/http11/Http11OutputBuffer.java
index 857025e44e..f943611949 100644
--- a/java/org/apache/coyote/http11/Http11OutputBuffer.java
+++ b/java/org/apache/coyote/http11/Http11OutputBuffer.java
@@ -546,7 +546,7 @@ public class Http11OutputBuffer implements HttpOutputBuffer
{
boolean isChunking() {
- for (int i = 0; i < lastActiveFilter; i++) {
+ for (int i = 0; i <= lastActiveFilter; i++) {
if (activeFilters[i] == filterLibrary[Constants.CHUNKED_FILTER]) {
return true;
}
diff --git a/java/org/apache/coyote/http11/filters/BufferedInputFilter.java
b/java/org/apache/coyote/http11/filters/BufferedInputFilter.java
index 789da42b0d..878ca7487b 100644
--- a/java/org/apache/coyote/http11/filters/BufferedInputFilter.java
+++ b/java/org/apache/coyote/http11/filters/BufferedInputFilter.java
@@ -76,6 +76,8 @@ public class BufferedInputFilter implements InputFilter,
ApplicationBufferHandle
if (buffered == null) {
buffered = new ByteChunk();
buffered.setLimit(limit);
+ } else {
+ buffered.setLimit(limit);
}
}
diff --git a/test/org/apache/coyote/http11/filters/TestChunkedInputFilter.java
b/test/org/apache/coyote/http11/filters/TestChunkedInputFilter.java
index f1d5b3efb7..6e72520cd1 100644
--- a/test/org/apache/coyote/http11/filters/TestChunkedInputFilter.java
+++ b/test/org/apache/coyote/http11/filters/TestChunkedInputFilter.java
@@ -627,7 +627,7 @@ public class TestChunkedInputFilter extends TomcatBaseTest {
private void dumpHeader(String headerName, HttpServletRequest req,
PrintWriter pw) {
- String value = req.getTrailerFields().get(headerName);
+ String value = req.isTrailerFieldsReady() ?
req.getTrailerFields().get(headerName) : null;
if (value == null) {
value = "null";
}
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 695421b2b2..3f2d172dcd 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -400,6 +400,10 @@
to <code>Http2Protocol</code> that allows the consistency check for the
scheme provided by the user agent to be bypassed. (markt)
</fix>
+ <fix>
+ <code>isTrailerFieldsReady</code> was always returning
+ <code>true</code>. (remm)
+ </fix>
</changelog>
</subsection>
<subsection name="Jasper">
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
