View | Details | Raw Unified | Return to bug 42181
Collapse All | Expand All

(-)connectors/http11/src/java/org/apache/coyote/http11/Constants.java (+5 lines)
Lines 85-91 Link Here
85
     */
85
     */
86
    public static final byte COLON = (byte) ':';
86
    public static final byte COLON = (byte) ':';
87
87
88
    /**
89
     * SEMI_COLON.
90
     */
91
    public static final byte SEMI_COLON = (byte) ';';
88
92
93
89
    /**
94
    /**
90
     * 'A'.
95
     * 'A'.
91
     */
96
     */
(-)connectors/http11/src/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java (-5 / +23 lines)
Lines 28-34 Link Here
28
import org.apache.coyote.http11.InputFilter;
28
import org.apache.coyote.http11.InputFilter;
29
29
30
/**
30
/**
31
 * Chunked input filter.
31
 * Chunked input filter. Parses chunked data according to
32
 * <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.6.1">http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.6.1</a><br>
32
 * 
33
 * 
33
 * @author Remy Maucherat
34
 * @author Remy Maucherat
34
 */
35
 */
Lines 128-134 Link Here
128
129
129
        if (remaining <= 0) {
130
        if (remaining <= 0) {
130
            if (!parseChunkHeader()) {
131
            if (!parseChunkHeader()) {
131
                throw new IOException("Invalid chunk");
132
                throw new IOException("Invalid chunk header");
132
            }
133
            }
133
            if (endChunk) {
134
            if (endChunk) {
134
                parseEndChunk();
135
                parseEndChunk();
Lines 236-241 Link Here
236
237
237
    /**
238
    /**
238
     * Parse the header of a chunk.
239
     * Parse the header of a chunk.
240
     * A chunk header can look like one of the following:<br />
241
     * A10CRLF<br />
242
     * F23;chunk-extension to be ignoredCRLF
243
     *
244
     * <p>
245
     * The letters before CRLF or ';' (whatever comes first) must be valid hex
246
     * digits. We should not parse F23IAMGONNAMESSTHISUP34CRLF as a valid
247
     * header according to the spec.
239
     */
248
     */
240
    protected boolean parseChunkHeader()
249
    protected boolean parseChunkHeader()
241
        throws IOException {
250
        throws IOException {
Lines 243-248 Link Here
243
        int result = 0;
252
        int result = 0;
244
        boolean eol = false;
253
        boolean eol = false;
245
        boolean readDigit = false;
254
        boolean readDigit = false;
255
        boolean trailer = false;
246
256
247
        while (!eol) {
257
        while (!eol) {
248
258
Lines 254-264 Link Here
254
            if (buf[pos] == Constants.CR) {
264
            if (buf[pos] == Constants.CR) {
255
            } else if (buf[pos] == Constants.LF) {
265
            } else if (buf[pos] == Constants.LF) {
256
                eol = true;
266
                eol = true;
257
            } else {
267
            } else if (buf[pos] == Constants.SEMI_COLON) {
258
                if (HexUtils.DEC[buf[pos]] != -1) {
268
                trailer = true;
269
            } else if (!trailer) { 
270
                //don't read data after the trailer
271
                int charValue = HexUtils.getDec(buf[pos]);
272
                if (charValue != -1) {
259
                    readDigit = true;
273
                    readDigit = true;
260
                    result *= 16;
274
                    result *= 16;
261
                    result += HexUtils.DEC[buf[pos]];
275
                    result += charValue;
276
                } else {
277
                    //we shouldn't allow invalid, non hex characters
278
                    //in the chunked header
279
                    return false;
262
                }
280
                }
263
            }
281
            }
264
282
(-)connectors/http11/src/java/org/apache/coyote/http11/Http11AprProcessor.java (-2 / +2 lines)
Lines 113-119 Link Here
113
        initializeFilters();
113
        initializeFilters();
114
114
115
        // Cause loading of HexUtils
115
        // Cause loading of HexUtils
116
        int foo = HexUtils.DEC[0];
116
        HexUtils.getDec('0');
117
117
118
        // Cause loading of FastHttpDateFormat
118
        // Cause loading of FastHttpDateFormat
119
        FastHttpDateFormat.getCurrentDate();
119
        FastHttpDateFormat.getCurrentDate();
Lines 1459-1465 Link Here
1459
            int port = 0;
1459
            int port = 0;
1460
            int mult = 1;
1460
            int mult = 1;
1461
            for (int i = valueL - 1; i > colonPos; i--) {
1461
            for (int i = valueL - 1; i > colonPos; i--) {
1462
                int charValue = HexUtils.DEC[(int) valueB[i + valueS]];
1462
                int charValue = HexUtils.getDec(valueB[i + valueS]);
1463
                if (charValue == -1) {
1463
                if (charValue == -1) {
1464
                    // Invalid character
1464
                    // Invalid character
1465
                    error = true;
1465
                    error = true;
(-)connectors/http11/src/java/org/apache/coyote/http11/Http11Processor.java (-2 / +2 lines)
Lines 111-117 Link Here
111
        initializeFilters();
111
        initializeFilters();
112
112
113
        // Cause loading of HexUtils
113
        // Cause loading of HexUtils
114
        int foo = HexUtils.DEC[0];
114
        HexUtils.getDec('0');
115
115
116
    }
116
    }
117
117
Lines 1420-1426 Link Here
1420
            int port = 0;
1420
            int port = 0;
1421
            int mult = 1;
1421
            int mult = 1;
1422
            for (int i = valueL - 1; i > colonPos; i--) {
1422
            for (int i = valueL - 1; i > colonPos; i--) {
1423
                int charValue = HexUtils.DEC[(int) valueB[i + valueS]];
1423
                int charValue = HexUtils.getDec(valueB[i + valueS]);
1424
                if (charValue == -1) {
1424
                if (charValue == -1) {
1425
                    // Invalid character
1425
                    // Invalid character
1426
                    error = true;
1426
                    error = true;
(-)connectors/jk/java/org/apache/coyote/ajp/AjpAprProcessor.java (-2 / +2 lines)
Lines 103-109 Link Here
103
        outputBuffer = ByteBuffer.allocateDirect(packetSize * 2);
103
        outputBuffer = ByteBuffer.allocateDirect(packetSize * 2);
104
104
105
        // Cause loading of HexUtils
105
        // Cause loading of HexUtils
106
        int foo = HexUtils.DEC[0];
106
        HexUtils.getDec('0');
107
107
108
        // Cause loading of HttpMessages
108
        // Cause loading of HttpMessages
109
        HttpMessages.getMessage(200);
109
        HttpMessages.getMessage(200);
Lines 935-941 Link Here
935
            int port = 0;
935
            int port = 0;
936
            int mult = 1;
936
            int mult = 1;
937
            for (int i = valueL - 1; i > colonPos; i--) {
937
            for (int i = valueL - 1; i > colonPos; i--) {
938
                int charValue = HexUtils.DEC[(int) valueB[i + valueS]];
938
                int charValue = HexUtils.getDec(valueB[i + valueS]);
939
                if (charValue == -1) {
939
                if (charValue == -1) {
940
                    // Invalid character
940
                    // Invalid character
941
                    error = true;
941
                    error = true;
(-)connectors/jk/java/org/apache/jk/common/HandlerRequest.java (-1 / +1 lines)
Lines 674-680 Link Here
674
            int port = 0;
674
            int port = 0;
675
            int mult = 1;
675
            int mult = 1;
676
            for (int i = valueL - 1; i > colonPos; i--) {
676
            for (int i = valueL - 1; i > colonPos; i--) {
677
                int charValue = HexUtils.DEC[(int) valueB[i + valueS]];
677
                int charValue = HexUtils.getDec(valueB[i + valueS]);
678
                if (charValue == -1) {
678
                if (charValue == -1) {
679
                    // Invalid character
679
                    // Invalid character
680
                    throw new CharConversionException("Invalid char in port: " + valueB[i + valueS]); 
680
                    throw new CharConversionException("Invalid char in port: " + valueB[i + valueS]); 
(-)connectors/util/java/org/apache/tomcat/util/buf/HexUtils.java (-8 / +18 lines)
Lines 36-41 Link Here
36
36
37
    /**
37
    /**
38
     *  Table for HEX to DEC byte translation.
38
     *  Table for HEX to DEC byte translation.
39
     *  @deprecated Use {@link #getDec(int)}
39
     */
40
     */
40
    public static final int[] DEC = {
41
    public static final int[] DEC = {
41
        -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
42
        -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
Lines 76-81 Link Here
76
    // --------------------------------------------------------- Static Methods
77
    // --------------------------------------------------------- Static Methods
77
78
78
79
80
    public static int getDec(int index){
81
        try {
82
            return DEC[index];
83
        } catch (ArrayIndexOutOfBoundsException ex) {
84
            return -1;
85
        }
86
    }
87
88
79
    /**
89
    /**
80
     * Convert a String of hexadecimal digits into the corresponding
90
     * Convert a String of hexadecimal digits into the corresponding
81
     * byte array by encoding each two hexadecimal digits as a byte.
91
     * byte array by encoding each two hexadecimal digits as a byte.
Lines 154-174 Link Here
154
	// assert valid data
164
	// assert valid data
155
	int len;
165
	int len;
156
	if(hex.length < 4 ) return 0;
166
	if(hex.length < 4 ) return 0;
157
	if( DEC[hex[0]]<0 )
167
	if( getDec(hex[0])<0 )
158
	    throw new IllegalArgumentException(sm.getString("hexUtil.bad"));
168
	    throw new IllegalArgumentException(sm.getString("hexUtil.bad"));
159
	len = DEC[hex[0]];
169
	len = getDec(hex[0]);
160
	len = len << 4;
170
	len = len << 4;
161
	if( DEC[hex[1]]<0 )
171
	if( getDec(hex[1])<0 )
162
	    throw new IllegalArgumentException(sm.getString("hexUtil.bad"));
172
	    throw new IllegalArgumentException(sm.getString("hexUtil.bad"));
163
	len += DEC[hex[1]];
173
	len += getDec(hex[1]);
164
	len = len << 4;
174
	len = len << 4;
165
	if( DEC[hex[2]]<0 )
175
	if( getDec(hex[2])<0 )
166
	    throw new IllegalArgumentException(sm.getString("hexUtil.bad"));
176
	    throw new IllegalArgumentException(sm.getString("hexUtil.bad"));
167
	len += DEC[hex[2]];
177
	len += getDec(hex[2]);
168
	len = len << 4;
178
	len = len << 4;
169
	if( DEC[hex[3]]<0 )
179
	if( getDec(hex[3])<0 )
170
	    throw new IllegalArgumentException(sm.getString("hexUtil.bad"));
180
	    throw new IllegalArgumentException(sm.getString("hexUtil.bad"));
171
	len += DEC[hex[3]];
181
	len += getDec(hex[3]);
172
	return len;
182
	return len;
173
    }
183
    }
174
184
(-)container/catalina/src/share/org/apache/catalina/util/HexUtils.java (-9 / +24 lines)
Lines 30-36 Link Here
30
public final class HexUtils {
30
public final class HexUtils {
31
    // Code from Ajp11, from Apache's JServ
31
    // Code from Ajp11, from Apache's JServ
32
32
33
    // Table for HEX to DEC byte translation
33
    /**
34
     *  Table for HEX to DEC byte translation.
35
     *  @deprecated Use {@link #getDec(int)}
36
     */
34
    public static final int[] DEC = {
37
    public static final int[] DEC = {
35
        -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
38
        -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
36
        -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
39
        -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
Lines 59-64 Link Here
59
        StringManager.getManager("org.apache.catalina.util");
62
        StringManager.getManager("org.apache.catalina.util");
60
63
61
64
65
    // --------------------------------------------------------- Static Methods
66
67
68
    public static int getDec(int index){
69
        try {
70
            return DEC[index];
71
        } catch (ArrayIndexOutOfBoundsException ex) {
72
            return -1;
73
        }
74
    }
75
76
62
    /**
77
    /**
63
     * Convert a String of hexadecimal digits into the corresponding
78
     * Convert a String of hexadecimal digits into the corresponding
64
     * byte array by encoding each two hexadecimal digits as a byte.
79
     * byte array by encoding each two hexadecimal digits as a byte.
Lines 137-157 Link Here
137
        // assert valid data
152
        // assert valid data
138
        int len;
153
        int len;
139
        if(hex.length < 4 ) return 0;
154
        if(hex.length < 4 ) return 0;
140
        if( DEC[hex[0]]<0 )
155
        if( getDec(hex[0])<0 )
141
            throw new IllegalArgumentException(sm.getString("hexUtil.bad"));
156
            throw new IllegalArgumentException(sm.getString("hexUtil.bad"));
142
        len = DEC[hex[0]];
157
        len = getDec(hex[0]);
143
        len = len << 4;
158
        len = len << 4;
144
        if( DEC[hex[1]]<0 )
159
        if( getDec(hex[1])<0 )
145
            throw new IllegalArgumentException(sm.getString("hexUtil.bad"));
160
            throw new IllegalArgumentException(sm.getString("hexUtil.bad"));
146
        len += DEC[hex[1]];
161
        len += getDec(hex[1]);
147
        len = len << 4;
162
        len = len << 4;
148
        if( DEC[hex[2]]<0 )
163
        if( getDec(hex[2])<0 )
149
            throw new IllegalArgumentException(sm.getString("hexUtil.bad"));
164
            throw new IllegalArgumentException(sm.getString("hexUtil.bad"));
150
        len += DEC[hex[2]];
165
        len += getDec(hex[2]);
151
        len = len << 4;
166
        len = len << 4;
152
        if( DEC[hex[3]]<0 )
167
        if( getDec(hex[3])<0 )
153
            throw new IllegalArgumentException(sm.getString("hexUtil.bad"));
168
            throw new IllegalArgumentException(sm.getString("hexUtil.bad"));
154
        len += DEC[hex[3]];
169
        len += getDec(hex[3]);
155
        return len;
170
        return len;
156
    }
171
    }
157
172

Return to bug 42181