File jakarta-commons-fileupload-CVE-2016-3092-2.patch of Package jakarta-commons-fileupload.28093

Index: commons-fileupload-1.1.1/src/java/org/apache/commons/fileupload/MultipartStream.java
===================================================================
--- commons-fileupload-1.1.1.orig/src/java/org/apache/commons/fileupload/MultipartStream.java
+++ commons-fileupload-1.1.1/src/java/org/apache/commons/fileupload/MultipartStream.java
@@ -253,24 +253,27 @@ public class MultipartStream {
     public MultipartStream(InputStream input,
                            byte[] boundary,
                            int bufSize) {
-        this.input = input;
-        this.bufSize = bufSize;
-        this.buffer = new byte[bufSize];
-
-        // We prepend CR/LF to the boundary to chop trailng CR/LF from
+        if (boundary == null) {
+            throw new IllegalArgumentException("boundary may not be null");
+        }
+        // We prepend CR/LF to the boundary to chop trailing CR/LF from
         // body-data tokens.
         this.boundaryLength = boundary.length + BOUNDARY_PREFIX.length;
         if (bufSize < this.boundaryLength + 1) {
             throw new IllegalArgumentException(
                     "The buffer size specified for the MultipartStream is too small");
         }
+
+        this.input = input;
+        this.bufSize = Math.max(bufSize, boundaryLength*2);
+        this.buffer = new byte[this.bufSize];
+
         this.boundary = new byte[this.boundaryLength];
         this.keepRegion = boundary.length + KEEP_REGION_PAD;
         System.arraycopy(BOUNDARY_PREFIX, 0, this.boundary, 0,
                 BOUNDARY_PREFIX.length);
         System.arraycopy(boundary, 0, this.boundary, BOUNDARY_PREFIX.length,
                 boundary.length);
-
         head = 0;
         tail = 0;
     }
openSUSE Build Service is sponsored by