Upload: OutOfMemory if stream already been read (#10096)

Added -1 check and test.

Change-Id: I3f6c61417353884d22d8e6b33ef21319475c1907

2 files changed, 71 insertions, 1 deletions

diff --git a/server/src/com/vaadin/server/communication/FileUploadHandler.java b/server/src/com/vaadin/server/communication/FileUploadHandler.java
index 22c6a76106..576cbd8411 100644
--- a/server/src/com/vaadin/server/communication/FileUploadHandler.java
+++ b/server/src/com/vaadin/server/communication/FileUploadHandler.java
@@ -216,7 +216,10 @@ public class FileUploadHandler implements RequestHandler {
         }
     }
 
-    private static final int LF = "\n".getBytes()[0];
+    /**
+     * as per RFC 2045, line delimiters in headers are always CRLF, i.e. 13 10
+     */
+    private static final int LF = 10;
 
     private static final String CRLF = "\r\n";
 
@@ -295,6 +298,9 @@ public class FileUploadHandler implements RequestHandler {
         ByteArrayOutputStream bout = new ByteArrayOutputStream();
         int readByte = stream.read();
         while (readByte != LF) {
+            if (readByte == -1) {
+                throw new IOException("The multipart stream ended unexpectedly");
+            }
             bout.write(readByte);
             readByte = stream.read();
         }
diff --git a/server/tests/src/com/vaadin/server/communication/FileUploadHandlerTest.java b/server/tests/src/com/vaadin/server/communication/FileUploadHandlerTest.java
new file mode 100644
index 0000000000..2cb4c3bf4d
--- /dev/null
+++ b/server/tests/src/com/vaadin/server/communication/FileUploadHandlerTest.java
@@ -0,0 +1,64 @@
+/*
+ * Copyright 2000-2014 Vaadin Ltd.
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not
+ * use this file except in compliance with the License. You may obtain a copy of
+ * the License at
+ * 
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package com.vaadin.server.communication;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.mockito.Mockito;
+
+import com.vaadin.server.VaadinRequest;
+
+/**
+ * Tests whether we get infinite loop if InputStream is already read (#10096)
+ */
+public class FileUploadHandlerTest {
+
+    private FileUploadHandler handler;
+    private VaadinRequest request;
+
+    @Before
+    public void setup() throws Exception {
+        handler = new FileUploadHandler();
+        InputStream inputStream = new InputStream() {
+            private int counter = 0;
+
+            @Override
+            public int read() throws IOException {
+                counter++;
+                if (counter > 6) {
+                    throw new RuntimeException(
+                            "-1 is ignored by FileUploadHandler");
+                }
+                return -1;
+            }
+
+        };
+        request = Mockito.mock(VaadinRequest.class);
+        Mockito.when(request.getInputStream()).thenReturn(inputStream);
+        Mockito.when(request.getHeader("Content-Length")).thenReturn("211");
+    }
+
+    @Test(expected = IOException.class)
+    public void testStreamEnded() throws IOException {
+        handler.doHandleSimpleMultipartFileUpload(null, request, null, null,
+                null, null, null);
+
+    }
+
+}