File jakarta-commons-fileupload-CVE-2016-3092.patch of Package jakarta-commons-fileupload.28093

Index: commons-fileupload-1.1.1/xdocs/changes.xml
===================================================================
--- commons-fileupload-1.1.1.orig/xdocs/changes.xml
+++ commons-fileupload-1.1.1/xdocs/changes.xml
@@ -43,6 +43,8 @@ The <action> type attribute can be add,u
 
     <release version="1.1.1" date="2006-06-08" description="Bugfix release">
 
+      <action dev="markt" type="add">(SUSE Backport from 1.5) Add a configurable limit (disabled by default) for the number of files to upload per request.</action>
+
       <action dev="martinc" type="fix" issue="FILEUPLOAD-20">
         Cache disk file item size when it is moved to a new location.
       </action>
Index: commons-fileupload-1.1.1/src/java/org/apache/commons/fileupload/FileCountLimitExceededException.java
===================================================================
--- /dev/null
+++ commons-fileupload-1.1.1/src/java/org/apache/commons/fileupload/FileCountLimitExceededException.java
@@ -0,0 +1,51 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.commons.fileupload;
+
+/**
+ * This exception is thrown if a request contains more files than the specified
+ * limit.
+ */
+public class FileCountLimitExceededException extends FileUploadException {
+
+    private static final long serialVersionUID = 6904179610227521789L;
+
+	/**
+     * The limit that was exceeded.
+     */
+    private final long limit;
+
+    /**
+     * Creates a new instance.
+     *
+     * @param message The detail message
+     * @param limit The limit that was exceeded
+     */
+    public FileCountLimitExceededException(final String message, final long limit) {
+        super(message);
+        this.limit = limit;
+    }
+
+    /**
+     * Retrieves the limit that was exceeded.
+     *
+     * @return The limit that was exceeded by the request
+     */
+    public long getLimit() {
+        return limit;
+    }
+}
Index: commons-fileupload-1.1.1/src/java/org/apache/commons/fileupload/FileUploadBase.java
===================================================================
--- commons-fileupload-1.1.1.orig/src/java/org/apache/commons/fileupload/FileUploadBase.java
+++ commons-fileupload-1.1.1/src/java/org/apache/commons/fileupload/FileUploadBase.java
@@ -172,6 +172,12 @@ public abstract class FileUploadBase {
      */
     private long sizeMax = -1;
 
+    /**
+     * The maximum permitted number of files that may be uploaded in a single
+     * request. A value of -1 indicates no maximum.
+     */
+    private long fileCountMax = -1;
+
 
     /**
      * The content encoding to use when reading part headers.
@@ -181,6 +187,23 @@ public abstract class FileUploadBase {
 
     // ----------------------------------------------------- Property accessors
 
+    /**
+     * Returns the maximum number of files allowed in a single request.
+     *
+     * @return The maximum number of files allowed in a single request.
+     */
+    public long getFileCountMax() {
+        return fileCountMax;
+    }
+
+    /**
+     * Sets the maximum number of files allowed per request.
+     *
+     * @param fileCountMax The new limit. {@code -1} means no limit.
+     */
+    public void setFileCountMax(final long fileCountMax) {
+        this.fileCountMax = fileCountMax;
+    }
 
     /**
      * Returns the factory class used when creating file items.
@@ -352,8 +375,18 @@ public abstract class FileUploadBase {
                         byte[] subBoundary = getBoundary(subContentType);
                         multi.setBoundary(subBoundary);
                         boolean nextSubPart = multi.skipPreamble();
+
+                        int numFiles = 0;
+
                         while (nextSubPart) {
                             headers = parseHeaders(multi.readHeaders());
+
+                            if (numFiles == getFileCountMax())
+                            {
+                                // The next item will exceed the limit.
+                                throw new FileCountLimitExceededException(ATTACHMENT, getFileCountMax());
+                            }
+
                             if (getFileName(headers) != null) {
                                 FileItem item =
                                         createItem(headers, false);
openSUSE Build Service is sponsored by