Uploaded image for project: 'Commons FileUpload'
  1. Commons FileUpload
  2. FILEUPLOAD-108

FileUploadBase.parseHeaders() has logic and performance flaws related to max header size.

    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 1.1 Final
    • Fix Version/s: 1.2
    • Labels:
      None

      Description

      FileUploadBase.parseHeaders() has logic and performance flaws:

      MultipartStream.readHeaders() already limits the total header size, so FileUploadBase.parseHeaders() doesn't have to limit each header as well (it can cause problems, and gains nothing).

      Furthermore, the current implementation would cause an ArrayOutOfBoundsException if a longer header would in fact be present, which is undocumented and would cause trouble in calling app.

      Finally, the local buffer which is the cause of this limit is not needed - copying into it just takes up more memory and cpu.

      A simple solution is using substrings rather than a buffer - substrings point into the same char buffer as the original (immutable) string, so no additional memory is used, no char copying is necessary, the undocumented exception will not occur, and the artificial max header size is no longer needed, so FileUpload can be more robust and flexible.

        Attachments

          Activity

            People

            • Assignee:
              jochen@apache.org Jochen Wiedmann
              Reporter:
              amichai Amichai Rothman
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: