DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=25193>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=25193 Wrong Content-Length in POST could cause information leakage / misbehaviour [EMAIL PROTECTED] changed: What |Removed |Added ---------------------------------------------------------------------------- Status|REOPENED |RESOLVED Resolution| |FIXED ------- Additional Comments From [EMAIL PROTECTED] 2003-12-04 13:56 ------- There's a basic defect in the code which reads the request body. If there's a disconnect, then the full array could be parsed, although some of its data is bad. This will occur only for small posts (< 8KB). I suggest trying out this patch for a possible fix (if a bad read occurs, no parameters will be parsed, which is the most reliable behavior; I think the asumption of the alg is that there would be an IOE being thrown if there's a client disconnect): RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5/CoyoteRequest.java,v retrieving revision 1.25 diff -r1.25 CoyoteRequest.java 2371,2372c2371,2374 < readPostBody(formData, len); < parameters.processParameters(formData, 0, len); --- > int actualLen = readPostBody(formData, len); > if (actualLen == len) { > parameters.processParameters(formData, 0, len); > } --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]