Projects
Mega:24.03:SP1:Everything
tomcat
_service:tar_scm:CVE-2023-28709.patch
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm:CVE-2023-28709.patch of Package tomcat
From fbd81421629afe8b8a3922d59020cde81caea861 Mon Sep 17 00:00:00 2001 From: Mark Thomas <markt@apache.org> Date: Tue, 11 Apr 2023 16:41:44 +0100 Subject: [PATCH] Fix parameter counting logic Origin: https://github.com/apache/tomcat/commit/fbd81421629afe8b8a3922d59020cde81caea861 --- java/org/apache/tomcat/util/http/Parameters.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/java/org/apache/tomcat/util/http/Parameters.java b/java/org/apache/tomcat/util/http/Parameters.java index 08c6ffd..a19453d 100644 --- a/java/org/apache/tomcat/util/http/Parameters.java +++ b/java/org/apache/tomcat/util/http/Parameters.java @@ -205,14 +205,14 @@ public final class Parameters { return; } - parameterCount ++; - if (limit > -1 && parameterCount > limit) { + if (limit > -1 && parameterCount >= limit) { // Processing this parameter will push us over the limit. ISE is // what Request.parseParts() uses for requests that are too big setParseFailedReason(FailReason.TOO_MANY_PARAMETERS); throw new IllegalStateException(sm.getString( "parameters.maxCountFail", Integer.valueOf(limit))); } + parameterCount ++; ArrayList<String> values = paramHashValues.get(key); if (values == null) { -- 2.33.0
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2