* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=52384
Do not fail in Parameter parsing when debug logging is enabled.
Also do not flag extra '&' as errors.
http://svn.apache.org/viewvc?rev=1224659&view=rev
git-svn-id: https://svn.apache.org/repos/asf/tomcat/tc5.5.x/trunk@1228191 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/STATUS.txt b/STATUS.txt
index e7462aa..693159a 100644
--- a/STATUS.txt
+++ b/STATUS.txt
@@ -24,12 +24,6 @@
PATCHES ACCEPTED TO BACKPORT FROM TRUNK/OTHER:
[ start all new proposals below, under PATCHES PROPOSED. ]
-* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=52384
- Do not fail in Parameter parsing when debug logging is enabled.
- Also do not flag extra '&' as errors.
- http://svn.apache.org/viewvc?rev=1224659&view=rev
- +1: kkolinko, rjung, jim
- -1:
PATCHES PROPOSED TO BACKPORT:
[ New proposals should be added at the end of the list ]
diff --git a/connectors/util/java/org/apache/tomcat/util/http/LocalStrings.properties b/connectors/util/java/org/apache/tomcat/util/http/LocalStrings.properties
index 7d7ff06..815751d 100644
--- a/connectors/util/java/org/apache/tomcat/util/http/LocalStrings.properties
+++ b/connectors/util/java/org/apache/tomcat/util/http/LocalStrings.properties
@@ -17,6 +17,7 @@
parameters.copyFail=Failed to create copy of original parameter values for debug logging purposes
parameters.decodeFail.debug=Character decoding failed. Parameter [{0}] with value [{1}] has been ignored.
parameters.decodeFail.info=Character decoding failed. Parameter [{0}] with value [{1}] has been ignored. Note that the name and value quoted here may be corrupted due to the failed decoding. Use debug level logging to see the original, non-corrupted values.
+parameters.emptyChunk=Empty parameter chunk ignored
parameters.invalidChunk=Invalid chunk starting at byte [{0}] and ending at byte [{1}] with a value of [{2}] ignored
parameters.maxCountFail=More than the maximum number of request parameters (GET plus POST) for a single request ([{0}]) were detected. Any parameters beyond this limit have been ignored. To change this limit, set the maxParameterCount attribute on the Connector.
parameters.multipleDecodingFail=Character decoding failed. A total of [{0}] failures were detected but only the first was logged. Enable debug level logging for this logger to log all failures.
diff --git a/connectors/util/java/org/apache/tomcat/util/http/Parameters.java b/connectors/util/java/org/apache/tomcat/util/http/Parameters.java
index 79a1a17..e1b30f5 100644
--- a/connectors/util/java/org/apache/tomcat/util/http/Parameters.java
+++ b/connectors/util/java/org/apache/tomcat/util/http/Parameters.java
@@ -315,7 +315,17 @@
}
if (nameEnd <= nameStart ) {
+ if (valueStart == -1) {
+ // &&
+ if (log.isDebugEnabled()) {
+ log.debug(sm.getString("parameters.emptyChunk"));
+ }
+ // Do not flag as error
+ continue;
+ }
+ // &=foo&
if (log.isInfoEnabled()) {
+
if (valueEnd >= nameStart && log.isDebugEnabled()) {
String extract = null;
try {
@@ -342,7 +352,11 @@
}
tmpName.setBytes(bytes, nameStart, nameEnd - nameStart);
- tmpValue.setBytes(bytes, valueStart, valueEnd - valueStart);
+ if (valueStart >= 0) {
+ tmpValue.setBytes(bytes, valueStart, valueEnd - valueStart);
+ } else {
+ tmpValue.setBytes(bytes, 0, 0);
+ }
// Take copies as if anything goes wrong originals will be
// corrupted. This means original values can be logged.
@@ -350,7 +364,11 @@
if (log.isDebugEnabled()) {
try {
origName.append(bytes, nameStart, nameEnd - nameStart);
- origValue.append(bytes, valueStart, valueEnd - valueStart);
+ if (valueStart >= 0) {
+ origValue.append(bytes, valueStart, valueEnd - valueStart);
+ } else {
+ origValue.append(bytes, 0, 0);
+ }
} catch (IOException ioe) {
// Should never happen...
log.error(sm.getString("parameters.copyFail"), ioe);
@@ -367,11 +385,15 @@
tmpName.setCharset(charset);
name = tmpName.toString();
- if (decodeValue) {
- urlDecode(tmpValue);
+ if (valueStart >= 0) {
+ if (decodeValue) {
+ urlDecode(tmpValue);
+ }
+ tmpValue.setCharset(charset);
+ value = tmpValue.toString();
+ } else {
+ value = "";
}
- tmpValue.setCharset(charset);
- value = tmpValue.toString();
addParam(name, value);
} catch (IOException e) {
diff --git a/container/webapps/docs/changelog.xml b/container/webapps/docs/changelog.xml
index e7c0586..1b77a75 100644
--- a/container/webapps/docs/changelog.xml
+++ b/container/webapps/docs/changelog.xml
@@ -69,6 +69,14 @@
if there were errors during HTTP parameter parsing. (kkolinko)
</add>
<fix>
+ <bug>52384</bug>: Do not fail with parameter parsing when debug logging
+ is enabled. (kkolinko, jim)
+ </fix>
+ <fix>
+ Do not flag extra '&' characters in parameters as parse errors.
+ (kkolinko, jim)
+ </fix>
+ <fix>
Slightly improve performance of UDecoder.convert(). Align
<code>%2f</code> handling between implementations. (kkolinko)
</fix>