Skip to content

Commit 24a4fab

Browse files
author
Robert Engels
committed
handle non-compliant form senders
1 parent 1ff7baa commit 24a4fab

4 files changed

Lines changed: 41 additions & 3 deletions

File tree

src/main/java/robaho/net/httpserver/extras/MultipartFormParser.java

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -67,15 +67,16 @@ public static Map<String, List<Part>> parse(String encoding, String content_type
6767

6868
System.out.println("reading until start of part");
6969
// read until boundary found
70-
int matchCount = 0;
70+
int matchCount = 2; // starting at 2 allows matching non-compliant senders. rfc says CRLF is part of
71+
// boundary marker
7172
while (true) {
7273
int c = is.read();
7374
if (c == -1) {
7475
return results;
7576
}
7677
if (c == boundaryCheck[matchCount]) {
7778
matchCount++;
78-
if (matchCount == boundaryCheck.length) {
79+
if (matchCount == boundaryCheck.length - 2) {
7980
System.out.println("found boundary marker");
8081
break;
8182
}

src/test/java/robaho/net/httpserver/extras/MultipartFormParserTest.java

Lines changed: 32 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,8 +2,9 @@
22

33
import java.io.ByteArrayInputStream;
44
import java.io.ByteArrayOutputStream;
5-
import java.io.File;
65
import java.io.IOException;
6+
import java.io.InputStream;
7+
import java.io.FileInputStream;
78
import java.io.UnsupportedEncodingException;
89
import java.nio.file.Files;
910
import java.nio.file.Path;
@@ -104,4 +105,34 @@ public void testBinary() throws IOException {
104105

105106
Assert.assertEquals(Files.readAllBytes(Path.of("src/test/resources/small.png")), Files.readAllBytes((values.get(0).file()).toPath()), "parse failed");
106107
}
108+
109+
@Test
110+
public void testFormSample() throws IOException {
111+
var header = "Content-Type: multipart/form-data; boundary=46096193475433413916154539608327683027925589011069618792210780606661436297073";
112+
InputStream is = new FileInputStream("src/test/resources/formcapture.bin");
113+
114+
Path storage = Path.of("/tmp", "parser_test");
115+
storage.toFile().mkdirs();
116+
117+
var results = parse("UTF-8", header, is, storage);
118+
119+
Assert.assertEquals(results.size(), 1);
120+
List<Part> values = results.get("myfile");
121+
Assert.assertEquals(values.size(), 1);
122+
}
123+
124+
@Test
125+
public void testMultiFileFormSample() throws IOException {
126+
var header = "Content-Type: multipart/form-data; boundary=32727956756671617181299787496850966478586709733883895208245398568225409799378";
127+
InputStream is = new FileInputStream("src/test/resources/multifile_formcapture.bin");
128+
129+
Path storage = Path.of("/tmp", "parser_test");
130+
storage.toFile().mkdirs();
131+
132+
var results = parse("UTF-8", header, is, storage);
133+
134+
Assert.assertEquals(results.size(), 2);
135+
List<Part> values = results.get("myfile");
136+
Assert.assertEquals(values.size(), 1);
137+
}
107138
}

src/test/resources/formcapture.bin

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,6 @@
1+
--46096193475433413916154539608327683027925589011069618792210780606661436297073
2+
Content-Disposition: form-data; name="myfile"; filename="hello.txt"
3+
Content-Type: text/plain
4+
5+
This is a sample text file.
6+
--46096193475433413916154539608327683027925589011069618792210780606661436297073--

src/test/resources/multifile_formcapture.bin

583 Bytes
Binary file not shown.

0 commit comments

Comments
 (0)