[FILEUPLOAD-212] - Insecure request size checking - fix provided by (and credited to) Thomas Neidhart
git-svn-id: https://svn.apache.org/repos/asf/commons/proper/fileupload/trunk@1455031 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/RELEASE-NOTES.txt b/RELEASE-NOTES.txt
index fd2b4cf..6768f03 100644
--- a/RELEASE-NOTES.txt
+++ b/RELEASE-NOTES.txt
@@ -63,6 +63,7 @@
* [FILEUPLOAD-195] - Error reading the file size larger than 2 gb
* [FILEUPLOAD-197] - ServletFileUpload isMultipartContent method does not support HTTP PUT
* [FILEUPLOAD-204] - FileItem.getHeaders() returns always null.
+ * [FILEUPLOAD-212] - Insecure request size checking
* [FILEUPLOAD-214] - ServletFileUpload only accepts POST requests
Improvement
diff --git a/src/changes/changes.xml b/src/changes/changes.xml
index e6b0095..5ffb20e 100644
--- a/src/changes/changes.xml
+++ b/src/changes/changes.xml
@@ -97,6 +97,9 @@
<action issue="FILEUPLOAD-204" dev="jochen" type="fix" due-to="Hakju Oh">
FileItem.getHeaders() returns always null.
</action>
+ <action issue="FILEUPLOAD-204" dev="tn" type="fix" due-to="Damian Kolasa">
+ Insecure request size checking
+ </action>
<action issue="FILEUPLOAD-214" dev="simonetripodi" type="fix" due-to="Matthew Runo">
ServletFileUpload only accepts POST requests
</action>
diff --git a/src/main/java/org/apache/commons/fileupload/FileUploadBase.java b/src/main/java/org/apache/commons/fileupload/FileUploadBase.java
index bb0e7dc..ca1bc8b 100644
--- a/src/main/java/org/apache/commons/fileupload/FileUploadBase.java
+++ b/src/main/java/org/apache/commons/fileupload/FileUploadBase.java
@@ -919,26 +919,25 @@
if (sizeMax >= 0) {
long requestSize = ctx.contentLength();
- if (requestSize == -1) {
- input = new LimitedInputStream(input, sizeMax) {
- @Override
- protected void raiseError(long pSizeMax, long pCount)
- throws IOException {
- FileUploadException ex = new SizeLimitExceededException(
- format("the request was rejected because its size (%s) exceeds the configured maximum (%s)",
- pCount, pSizeMax),
- pCount, pSizeMax);
- throw new FileUploadIOException(ex);
- }
- };
- } else {
- if (sizeMax >= 0 && requestSize > sizeMax) {
+ if (requestSize != -1) {
+ if (requestSize > sizeMax) {
throw new SizeLimitExceededException(
format("the request was rejected because its size (%s) exceeds the configured maximum (%s)",
requestSize, sizeMax),
requestSize, sizeMax);
}
}
+ input = new LimitedInputStream(input, sizeMax) {
+ @Override
+ protected void raiseError(long pSizeMax, long pCount)
+ throws IOException {
+ FileUploadException ex = new SizeLimitExceededException(
+ format("the request was rejected because its size (%s) exceeds the configured maximum (%s)",
+ pCount, pSizeMax),
+ pCount, pSizeMax);
+ throw new FileUploadIOException(ex);
+ }
+ };
}
String charEncoding = headerEncoding;
