tomcat/CVE-2025-31650-2.patch

From b98e74f517b36929f4208506e5adad22cb767baa Mon Sep 17 00:00:00 2001
From: Mark Thomas <markt@apache.org>
Date: Wed, 19 Mar 2025 03:21:50 +0000
Subject: [PATCH] Additional fix for BZ 69614

Origin: https://github.com/apache/tomcat/commit/b98e74f517b36929f4208506e5adad22cb767baa

---
 java/org/apache/coyote/http2/Stream.java | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/java/org/apache/coyote/http2/Stream.java b/java/org/apache/coyote/http2/Stream.java
index e8f0d9481c03..ecda8caec811 100644
--- a/java/org/apache/coyote/http2/Stream.java
+++ b/java/org/apache/coyote/http2/Stream.java
@@ -456,6 +456,12 @@ public final void emitHeader(String name, String value) throws HpackException {
                     setIncremental(p.getIncremental());
                 } catch (IOException ioe) {
                     // Not possible with StringReader
+                } catch (IllegalArgumentException iae) {
+                    // Invalid priority header field values should be ignored
+                    if (log.isTraceEnabled()) {
+                        log.trace(sm.getString("http2Parser.processFramePriorityUpdate.invalid", getConnectionId(),
+                                getIdAsString()), iae);
+                    }
                 }
                 break;
             }
Fix CVE-2025-31650, CVE-2025-31651 (cherry picked from commit 30821400cbe4e4fd6b3f440f586e8b2f7f22ced6) 2025-04-29 19:32:53 +08:00			`From b98e74f517b36929f4208506e5adad22cb767baa Mon Sep 17 00:00:00 2001`
			`From: Mark Thomas <markt@apache.org>`
			`Date: Wed, 19 Mar 2025 03:21:50 +0000`
			`Subject: [PATCH] Additional fix for BZ 69614`

			`Origin: https://github.com/apache/tomcat/commit/b98e74f517b36929f4208506e5adad22cb767baa`

			`---`
			`java/org/apache/coyote/http2/Stream.java \| 6 ++++++`
			`1 file changed, 6 insertions(+)`

			`diff --git a/java/org/apache/coyote/http2/Stream.java b/java/org/apache/coyote/http2/Stream.java`
			`index e8f0d9481c03..ecda8caec811 100644`
			`--- a/java/org/apache/coyote/http2/Stream.java`
			`+++ b/java/org/apache/coyote/http2/Stream.java`
			`@@ -456,6 +456,12 @@ public final void emitHeader(String name, String value) throws HpackException {`
			`setIncremental(p.getIncremental());`
			`} catch (IOException ioe) {`
			`// Not possible with StringReader`
			`+ } catch (IllegalArgumentException iae) {`
			`+ // Invalid priority header field values should be ignored`
			`+ if (log.isTraceEnabled()) {`
			`+ log.trace(sm.getString("http2Parser.processFramePriorityUpdate.invalid", getConnectionId(),`
			`+ getIdAsString()), iae);`
			`+ }`
			`}`
			`break;`
			`}`