ASF Bugzilla – Attachment 29288 Details for
Bug 42181
ArrayIndexOutOfBoundsException in parseChunkHeader
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
2012-08-28_tc6_42181.patch
2012-08-28_tc6_42181.patch (text/plain), 11.93 KB, created by
Konstantin Kolinko
on 2012-08-28 00:50:53 UTC
(
hide
)
Description:
2012-08-28_tc6_42181.patch
Filename:
MIME Type:
Creator:
Konstantin Kolinko
Created:
2012-08-28 00:50:53 UTC
Size:
11.93 KB
patch
obsolete
>Index: java/org/apache/catalina/util/HexUtils.java >=================================================================== >--- java/org/apache/catalina/util/HexUtils.java (revision 1377910) >+++ java/org/apache/catalina/util/HexUtils.java (working copy) >@@ -30,28 +30,7 @@ > public final class HexUtils { > // Code from Ajp11, from Apache's JServ > >- // Table for HEX to DEC byte translation >- public static final int[] DEC = { >- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, >- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, >- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, >- 00, 01, 02, 03, 04, 05, 06, 07, 8, 9, -1, -1, -1, -1, -1, -1, >- -1, 10, 11, 12, 13, 14, 15, -1, -1, -1, -1, -1, -1, -1, -1, -1, >- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, >- -1, 10, 11, 12, 13, 14, 15, -1, -1, -1, -1, -1, -1, -1, -1, -1, >- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, >- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, >- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, >- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, >- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, >- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, >- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, >- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, >- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, >- }; > >- >- > /** > * The string manager for this package. > */ >@@ -121,42 +100,7 @@ > > } > >- /** >- * Convert 4 hex digits to an int, and return the number of converted >- * bytes. >- * >- * @param hex Byte array containing exactly four hexadecimal digits >- * >- * @exception IllegalArgumentException if an invalid hexadecimal digit >- * is included >- */ >- public static int convert2Int( byte[] hex ) { >- // Code from Ajp11, from Apache's JServ > >- // assert b.length==4 >- // assert valid data >- int len; >- if(hex.length < 4 ) return 0; >- if( DEC[hex[0]]<0 ) >- throw new IllegalArgumentException(sm.getString("hexUtil.bad")); >- len = DEC[hex[0]]; >- len = len << 4; >- if( DEC[hex[1]]<0 ) >- throw new IllegalArgumentException(sm.getString("hexUtil.bad")); >- len += DEC[hex[1]]; >- len = len << 4; >- if( DEC[hex[2]]<0 ) >- throw new IllegalArgumentException(sm.getString("hexUtil.bad")); >- len += DEC[hex[2]]; >- len = len << 4; >- if( DEC[hex[3]]<0 ) >- throw new IllegalArgumentException(sm.getString("hexUtil.bad")); >- len += DEC[hex[3]]; >- return len; >- } >- >- >- > /** > * [Private] Convert the specified value (0 .. 15) to the corresponding > * hexadecimal digit. >Index: java/org/apache/coyote/ajp/AjpAprProcessor.java >=================================================================== >--- java/org/apache/coyote/ajp/AjpAprProcessor.java (revision 1377910) >+++ java/org/apache/coyote/ajp/AjpAprProcessor.java (working copy) >@@ -110,7 +110,7 @@ > outputBuffer = ByteBuffer.allocateDirect(packetSize * 2); > > // Cause loading of HexUtils >- int foo = HexUtils.DEC[0]; >+ HexUtils.getDec('0'); > > // Cause loading of HttpMessages > HttpMessages.getMessage(200); >@@ -956,7 +956,7 @@ > int port = 0; > int mult = 1; > for (int i = valueL - 1; i > colonPos; i--) { >- int charValue = HexUtils.DEC[(int) valueB[i + valueS]]; >+ int charValue = HexUtils.getDec(valueB[i + valueS]); > if (charValue == -1) { > // Invalid character > error = true; >Index: java/org/apache/coyote/ajp/AjpProcessor.java >=================================================================== >--- java/org/apache/coyote/ajp/AjpProcessor.java (revision 1377910) >+++ java/org/apache/coyote/ajp/AjpProcessor.java (working copy) >@@ -104,7 +104,7 @@ > 0, getBodyMessage.getLen()); > > // Cause loading of HexUtils >- int foo = HexUtils.DEC[0]; >+ HexUtils.getDec('0'); > > // Cause loading of HttpMessages > HttpMessages.getMessage(200); >@@ -961,7 +961,7 @@ > int port = 0; > int mult = 1; > for (int i = valueL - 1; i > colonPos; i--) { >- int charValue = HexUtils.DEC[(int) valueB[i + valueS]]; >+ int charValue = HexUtils.getDec(valueB[i + valueS]); > if (charValue == -1) { > // Invalid character > error = true; >Index: java/org/apache/coyote/http11/filters/ChunkedInputFilter.java >=================================================================== >--- java/org/apache/coyote/http11/filters/ChunkedInputFilter.java (revision 1377910) >+++ java/org/apache/coyote/http11/filters/ChunkedInputFilter.java (working copy) >@@ -307,10 +307,11 @@ > trailer = true; > } else if (!trailer) { > //don't read data after the trailer >- if (HexUtils.DEC[buf[pos]] != -1) { >+ int charValue = HexUtils.getDec(buf[pos]); >+ if (charValue != -1) { > readDigit = true; > result *= 16; >- result += HexUtils.DEC[buf[pos]]; >+ result += charValue; > } else { > //we shouldn't allow invalid, non hex characters > //in the chunked header >Index: java/org/apache/coyote/http11/Http11AprProcessor.java >=================================================================== >--- java/org/apache/coyote/http11/Http11AprProcessor.java (revision 1377910) >+++ java/org/apache/coyote/http11/Http11AprProcessor.java (working copy) >@@ -107,7 +107,7 @@ > initializeFilters(); > > // Cause loading of HexUtils >- int foo = HexUtils.DEC[0]; >+ HexUtils.getDec('0'); > } > > >@@ -1535,7 +1535,7 @@ > int port = 0; > int mult = 1; > for (int i = valueL - 1; i > colonPos; i--) { >- int charValue = HexUtils.DEC[(int) valueB[i + valueS]]; >+ int charValue = HexUtils.getDec(valueB[i + valueS]); > if (charValue == -1) { > // Invalid character > error = true; >Index: java/org/apache/coyote/http11/Http11NioProcessor.java >=================================================================== >--- java/org/apache/coyote/http11/Http11NioProcessor.java (revision 1377910) >+++ java/org/apache/coyote/http11/Http11NioProcessor.java (working copy) >@@ -111,7 +111,7 @@ > initializeFilters(); > > // Cause loading of HexUtils >- int foo = HexUtils.DEC[0]; >+ HexUtils.getDec('0'); > } > > >@@ -1531,7 +1531,7 @@ > int port = 0; > int mult = 1; > for (int i = valueL - 1; i > colonPos; i--) { >- int charValue = HexUtils.DEC[(int) valueB[i + valueS]]; >+ int charValue = HexUtils.getDec(valueB[i + valueS]); > if (charValue == -1) { > // Invalid character > error = true; >Index: java/org/apache/coyote/http11/Http11Processor.java >=================================================================== >--- java/org/apache/coyote/http11/Http11Processor.java (revision 1377910) >+++ java/org/apache/coyote/http11/Http11Processor.java (working copy) >@@ -101,7 +101,7 @@ > initializeFilters(); > > // Cause loading of HexUtils >- int foo = HexUtils.DEC[0]; >+ HexUtils.getDec('0'); > > } > >@@ -1413,7 +1413,7 @@ > int port = 0; > int mult = 1; > for (int i = valueL - 1; i > colonPos; i--) { >- int charValue = HexUtils.DEC[(int) valueB[i + valueS]]; >+ int charValue = HexUtils.getDec(valueB[i + valueS]); > if (charValue == -1) { > // Invalid character > error = true; >Index: java/org/apache/jk/common/HandlerRequest.java >=================================================================== >--- java/org/apache/jk/common/HandlerRequest.java (revision 1377910) >+++ java/org/apache/jk/common/HandlerRequest.java (working copy) >@@ -697,7 +697,7 @@ > int port = 0; > int mult = 1; > for (int i = valueL - 1; i > colonPos; i--) { >- int charValue = HexUtils.DEC[(int) valueB[i + valueS]]; >+ int charValue = HexUtils.getDec(valueB[i + valueS]); > if (charValue == -1) { > // Invalid character > throw new CharConversionException("Invalid char in port: " + valueB[i + valueS]); >Index: java/org/apache/tomcat/util/buf/HexUtils.java >=================================================================== >--- java/org/apache/tomcat/util/buf/HexUtils.java (revision 1377910) >+++ java/org/apache/tomcat/util/buf/HexUtils.java (working copy) >@@ -37,23 +37,11 @@ > /** > * Table for HEX to DEC byte translation. > */ >- public static final int[] DEC = { >- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, >- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, >- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, >+ private static final int[] DEC = { > 00, 01, 02, 03, 04, 05, 06, 07, 8, 9, -1, -1, -1, -1, -1, -1, > -1, 10, 11, 12, 13, 14, 15, -1, -1, -1, -1, -1, -1, -1, -1, -1, > -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, >- -1, 10, 11, 12, 13, 14, 15, -1, -1, -1, -1, -1, -1, -1, -1, -1, >- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, >- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, >- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, >- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, >- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, >- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, >- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, >- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, >- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, >+ -1, 10, 11, 12, 13, 14, 15, > }; > > >@@ -75,6 +63,14 @@ > > // --------------------------------------------------------- Static Methods > >+ public static int getDec(int index){ >+ // Fast for correct values, slower for incorrect ones >+ try { >+ return DEC[index - '0']; >+ } catch (ArrayIndexOutOfBoundsException ex) { >+ return -1; >+ } >+ } > > /** > * Convert a String of hexadecimal digits into the corresponding >@@ -146,6 +142,7 @@ > * > * @exception IllegalArgumentException if an invalid hexadecimal digit > * is included >+ * @deprecated Not used, will be removed in Tomcat 7 > */ > public static int convert2Int( byte[] hex ) { > // Code from Ajp11, from Apache's JServ >@@ -154,21 +151,21 @@ > // assert valid data > int len; > if(hex.length < 4 ) return 0; >- if( DEC[hex[0]]<0 ) >+ if( getDec(hex[0])<0 ) > throw new IllegalArgumentException(sm.getString("hexUtil.bad")); >- len = DEC[hex[0]]; >+ len = getDec(hex[0]); > len = len << 4; >- if( DEC[hex[1]]<0 ) >+ if( getDec(hex[1])<0 ) > throw new IllegalArgumentException(sm.getString("hexUtil.bad")); >- len += DEC[hex[1]]; >+ len += getDec(hex[1]); > len = len << 4; >- if( DEC[hex[2]]<0 ) >+ if( getDec(hex[2])<0 ) > throw new IllegalArgumentException(sm.getString("hexUtil.bad")); >- len += DEC[hex[2]]; >+ len += getDec(hex[2]); > len = len << 4; >- if( DEC[hex[3]]<0 ) >+ if( getDec(hex[3])<0 ) > throw new IllegalArgumentException(sm.getString("hexUtil.bad")); >- len += DEC[hex[3]]; >+ len += getDec(hex[3]); > return len; > } >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=29288">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 42181
: 29288 |
29295