Author: remy.maucherat(a)jboss.com Date: 2014-09-01 10:18:30 -0400 (Mon, 01 Sep 2014) New Revision: 2498 Modified: branches/7.5.x/src/main/java/org/apache/coyote/http11/Constants.java branches/7.5.x/src/main/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java branches/7.5.x/src/main/java/org/jboss/web/CoyoteMessages.java Log: BZ1075028: Limit size of chunk extensions per request [which have no use in Servlets]. Modified: branches/7.5.x/src/main/java/org/apache/coyote/http11/Constants.java =================================================================== --- branches/7.5.x/src/main/java/org/apache/coyote/http11/Constants.java 2014-09-01 13:35:02 UTC (rev 2497) +++ branches/7.5.x/src/main/java/org/apache/coyote/http11/Constants.java 2014-09-01 14:18:30 UTC (rev 2498) @@ -49,6 +49,8 @@ .booleanValue(); public static final boolean DISABLE_KEEPALIVE_ON_CONCLOSE = Boolean.valueOf(System.getProperty("org.apache.coyote.http11.DISABLE_KEEPALIVE_ON_CONCLOSE", "false")).booleanValue(); + public static final int MAX_CHUNK_EXTENSION_SIZE = + Integer.valueOf(System.getProperty("org.apache.coyote.http11.MAX_CHUNK_EXTENSION_SIZE", "8192")).intValue(); /** Modified: branches/7.5.x/src/main/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java =================================================================== --- branches/7.5.x/src/main/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java 2014-09-01 13:35:02 UTC (rev 2497) +++ branches/7.5.x/src/main/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java 2014-09-01 14:18:30 UTC (rev 2498) @@ -108,7 +108,10 @@ */ private boolean error; - // ------------------------------------------------------------- Properties + /** + * Size of extensions processed for this request. + */ + private long extensionSize; // ---------------------------------------------------- InputBuffer Methods @@ -231,6 +234,7 @@ endChunk = false; needCRLFParse = false; error = false; + extensionSize = 0; } @@ -301,6 +305,7 @@ eol = true; } else if (buf[pos] == Constants.SEMI_COLON) { trailer = true; + extensionSize++; } else if (buf[pos] < 0) { error = true; throw MESSAGES.invalidChunkHeader(); @@ -316,6 +321,12 @@ error = true; throw MESSAGES.invalidChunkHeader(); } + } else { + // Skipping the extension + extensionSize++; + if (Constants.MAX_CHUNK_EXTENSION_SIZE > -1 && extensionSize > Constants.MAX_CHUNK_EXTENSION_SIZE) { + throw MESSAGES.maxExtensionSizeExceeded(Constants.MAX_CHUNK_EXTENSION_SIZE); + } } pos++; Modified: branches/7.5.x/src/main/java/org/jboss/web/CoyoteMessages.java =================================================================== --- branches/7.5.x/src/main/java/org/jboss/web/CoyoteMessages.java 2014-09-01 13:35:02 UTC (rev 2497) +++ branches/7.5.x/src/main/java/org/jboss/web/CoyoteMessages.java 2014-09-01 14:18:30 UTC (rev 2498) @@ -277,7 +277,7 @@ @Message(id = 2079, value = "Unexpected data read during handshake") String sslHandshakeData(); - @Message(id = 2080, value = "Thread [%s] stoppe to avoid potential leak") + @Message(id = 2080, value = "Thread [%s] stopped to avoid potential leak") String threadStopped(String threadName); @Message(id = 2081, value = "No cipher match") @@ -286,4 +286,7 @@ @Message(id = 2082, value = "Chunked input filter error") String chunkedFilterError(); + @Message(id = 2083, value = "Maximum extension size [%s] exceeded for this request") + IOException maxExtensionSizeExceeded(int size); + }