Overview

File tomcat-9.0.36-CVE-2023-28709.patch of Package tomcat.32131

From fbd81421629afe8b8a3922d59020cde81caea861 Mon Sep 17 00:00:00 2001
From: Mark Thomas <markt@apache.org>
Date: Tue, 11 Apr 2023 16:41:44 +0100
Subject: [PATCH] Fix parameter counting logic

---
 java/org/apache/tomcat/util/http/Parameters.java | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

Index: apache-tomcat-9.0.36-src/java/org/apache/tomcat/util/http/Parameters.java
===================================================================
--- apache-tomcat-9.0.36-src.orig/java/org/apache/tomcat/util/http/Parameters.java
+++ apache-tomcat-9.0.36-src/java/org/apache/tomcat/util/http/Parameters.java
@@ -206,14 +206,14 @@ public final class Parameters {
             return;
         }
 
-        parameterCount ++;
-        if (limit > -1 && parameterCount > limit) {
+        if (limit > -1 && parameterCount >= limit) {
             // Processing this parameter will push us over the limit. ISE is
             // what Request.parseParts() uses for requests that are too big
             setParseFailedReason(FailReason.TOO_MANY_PARAMETERS);
             throw new IllegalStateException(sm.getString(
                     "parameters.maxCountFail", Integer.valueOf(limit)));
         }
+        parameterCount++;
 
         ArrayList<String> values = paramHashValues.get(key);
         if (values == null) {
openSUSE Build Service is sponsored by
Places