Details
-
Bug
-
Status: Closed
-
Critical
-
Resolution: Fixed
-
1.2.2
-
Default configuration default environment.
Description
In FileUploadBase there is an issue when checking for upload request size, the check is based on presence of Content-Length header in request and FALSE assumption that when present it will represent the actual request size. Using this fact, attacker can supply request with defined Content-Length of 60 and bypass file upload restrictions, which can lead to successful Resource Depletion type attack.
IMHO by default file upload should return the LimitedInputStream implementation for file upload.
Attachments
Attachments
Issue Links
- is related to
-
FILEUPLOAD-202 org.apache.commons.fileupload.FileUploadBase$IOFileUploadException: Processing of multipart/form-data request failed. Stream ended unexpectedly
- Closed