Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP1:GA
jakarta-commons-fileupload
jakarta-commons-fileupload-CVE-2016-3092-2.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File jakarta-commons-fileupload-CVE-2016-3092-2.patch of Package jakarta-commons-fileupload
Index: commons-fileupload-1.1.1/src/java/org/apache/commons/fileupload/MultipartStream.java =================================================================== --- commons-fileupload-1.1.1.orig/src/java/org/apache/commons/fileupload/MultipartStream.java +++ commons-fileupload-1.1.1/src/java/org/apache/commons/fileupload/MultipartStream.java @@ -253,24 +253,27 @@ public class MultipartStream { public MultipartStream(InputStream input, byte[] boundary, int bufSize) { - this.input = input; - this.bufSize = bufSize; - this.buffer = new byte[bufSize]; - - // We prepend CR/LF to the boundary to chop trailng CR/LF from + if (boundary == null) { + throw new IllegalArgumentException("boundary may not be null"); + } + // We prepend CR/LF to the boundary to chop trailing CR/LF from // body-data tokens. this.boundaryLength = boundary.length + BOUNDARY_PREFIX.length; if (bufSize < this.boundaryLength + 1) { throw new IllegalArgumentException( "The buffer size specified for the MultipartStream is too small"); } + + this.input = input; + this.bufSize = Math.max(bufSize, boundaryLength*2); + this.buffer = new byte[this.bufSize]; + this.boundary = new byte[this.boundaryLength]; this.keepRegion = boundary.length + KEEP_REGION_PAD; System.arraycopy(BOUNDARY_PREFIX, 0, this.boundary, 0, BOUNDARY_PREFIX.length); System.arraycopy(boundary, 0, this.boundary, BOUNDARY_PREFIX.length, boundary.length); - head = 0; tail = 0; }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor