From 3d7888dfd73266453bb561cd6b083874748ec73a Mon Sep 17 00:00:00 2001 From: Sergey Budkin Date: Fri, 24 Oct 2014 12:29:58 +0300 Subject: Upload: OutOfMemory if stream already been read (#10096) Added -1 check and test. Change-Id: I3f6c61417353884d22d8e6b33ef21319475c1907 --- .../server/communication/FileUploadHandler.java | 8 ++- .../communication/FileUploadHandlerTest.java | 64 ++++++++++++++++++++++ 2 files changed, 71 insertions(+), 1 deletion(-) create mode 100644 server/tests/src/com/vaadin/server/communication/FileUploadHandlerTest.java diff --git a/server/src/com/vaadin/server/communication/FileUploadHandler.java b/server/src/com/vaadin/server/communication/FileUploadHandler.java index 22c6a76106..576cbd8411 100644 --- a/server/src/com/vaadin/server/communication/FileUploadHandler.java +++ b/server/src/com/vaadin/server/communication/FileUploadHandler.java @@ -216,7 +216,10 @@ public class FileUploadHandler implements RequestHandler { } } - private static final int LF = "\n".getBytes()[0]; + /** + * as per RFC 2045, line delimiters in headers are always CRLF, i.e. 13 10 + */ + private static final int LF = 10; private static final String CRLF = "\r\n"; @@ -295,6 +298,9 @@ public class FileUploadHandler implements RequestHandler { ByteArrayOutputStream bout = new ByteArrayOutputStream(); int readByte = stream.read(); while (readByte != LF) { + if (readByte == -1) { + throw new IOException("The multipart stream ended unexpectedly"); + } bout.write(readByte); readByte = stream.read(); } diff --git a/server/tests/src/com/vaadin/server/communication/FileUploadHandlerTest.java b/server/tests/src/com/vaadin/server/communication/FileUploadHandlerTest.java new file mode 100644 index 0000000000..2cb4c3bf4d --- /dev/null +++ b/server/tests/src/com/vaadin/server/communication/FileUploadHandlerTest.java @@ -0,0 +1,64 @@ +/* + * Copyright 2000-2014 Vaadin Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ +package com.vaadin.server.communication; + +import java.io.IOException; +import java.io.InputStream; + +import org.junit.Before; +import org.junit.Test; +import org.mockito.Mockito; + +import com.vaadin.server.VaadinRequest; + +/** + * Tests whether we get infinite loop if InputStream is already read (#10096) + */ +public class FileUploadHandlerTest { + + private FileUploadHandler handler; + private VaadinRequest request; + + @Before + public void setup() throws Exception { + handler = new FileUploadHandler(); + InputStream inputStream = new InputStream() { + private int counter = 0; + + @Override + public int read() throws IOException { + counter++; + if (counter > 6) { + throw new RuntimeException( + "-1 is ignored by FileUploadHandler"); + } + return -1; + } + + }; + request = Mockito.mock(VaadinRequest.class); + Mockito.when(request.getInputStream()).thenReturn(inputStream); + Mockito.when(request.getHeader("Content-Length")).thenReturn("211"); + } + + @Test(expected = IOException.class) + public void testStreamEnded() throws IOException { + handler.doHandleSimpleMultipartFileUpload(null, request, null, null, + null, null, null); + + } + +} -- cgit v1.2.3