51 lines
1.9 KiB
Diff
51 lines
1.9 KiB
Diff
From 28229fe98d5818f2329cb42151c31471367f20c3 Mon Sep 17 00:00:00 2001
|
|
From: liyajie <liyajie15@h-partners.com>
|
|
Date: Fri, 29 Nov 2024 03:44:57 +0800
|
|
Subject: [PATCH 1/1] Fix CVE-2024-4109
|
|
|
|
https://github.com/apache/tomcat/commit/8d2fe6894d6e258a6d615d7f786acca80e6020cb
|
|
---
|
|
.../io/undertow/protocols/http2/HpackDecoder.java | 13 ++++---------
|
|
1 file changed, 4 insertions(+), 9 deletions(-)
|
|
|
|
diff --git a/core/src/main/java/io/undertow/protocols/http2/HpackDecoder.java b/core/src/main/java/io/undertow/protocols/http2/HpackDecoder.java
|
|
index 8643130..f21dc1d 100644
|
|
--- a/core/src/main/java/io/undertow/protocols/http2/HpackDecoder.java
|
|
+++ b/core/src/main/java/io/undertow/protocols/http2/HpackDecoder.java
|
|
@@ -66,8 +66,6 @@ public class HpackDecoder {
|
|
*/
|
|
private int maxMemorySize;
|
|
|
|
- private final StringBuilder stringBuilder = new StringBuilder();
|
|
-
|
|
public HpackDecoder(int maxMemorySize) {
|
|
this.maxMemorySize = maxMemorySize;
|
|
headerTable = new HeaderField[DEFAULT_RING_BUFFER_SIZE];
|
|
@@ -227,19 +225,16 @@ public class HpackDecoder {
|
|
if (huffman) {
|
|
return readHuffmanString(length, buffer);
|
|
}
|
|
+ StringBuilder stringBuilder = new StringBuilder();
|
|
for (int i = 0; i < length; ++i) {
|
|
stringBuilder.append((char) buffer.get());
|
|
}
|
|
- String ret = stringBuilder.toString();
|
|
- stringBuilder.setLength(0);
|
|
- return ret;
|
|
+ return stringBuilder.toString();
|
|
}
|
|
|
|
private String readHuffmanString(int length, ByteBuffer buffer) throws HpackException {
|
|
- HPackHuffman.decode(buffer, length, stringBuilder);
|
|
- String ret = stringBuilder.toString();
|
|
- stringBuilder.setLength(0);
|
|
- return ret;
|
|
+ StringBuilder stringBuilder = new StringBuilder(length);
|
|
+ return stringBuilder.toString();
|
|
}
|
|
|
|
private HttpString handleIndexedHeaderName(int index) throws HpackException {
|
|
--
|
|
2.43.0
|
|
|