From 127e145b4220c58eea90ae49eff0ba6c61b31673 Mon Sep 17 00:00:00 2001 From: Scott Mitchell Date: Fri, 18 Dec 2020 15:25:23 -0800 Subject: [PATCH] DefaultHttpCookiePair#parseCookiePair more strict overflow detection (#1292) Motivation: DefaultHttpCookiePair#parseCookiePair doesn't check for overflow when calculating the value starting index. Modifications: - Check for overflow when calculating overflow index. Result: More robust overflow detection in DefaultHttpCookiePair#parseCookiePair. --- .../io/servicetalk/http/api/DefaultHttpCookiePair.java | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/servicetalk-http-api/src/main/java/io/servicetalk/http/api/DefaultHttpCookiePair.java b/servicetalk-http-api/src/main/java/io/servicetalk/http/api/DefaultHttpCookiePair.java index c9d154cd14..d4ea1e0632 100644 --- a/servicetalk-http-api/src/main/java/io/servicetalk/http/api/DefaultHttpCookiePair.java +++ b/servicetalk-http-api/src/main/java/io/servicetalk/http/api/DefaultHttpCookiePair.java @@ -85,10 +85,12 @@ public static HttpCookiePair parseCookiePair(final CharSequence sequence, int na return parseCookiePair0(sequence, nameStart, nameLength, valueEnd < 0 ? sequence.length() : valueEnd); } - static HttpCookiePair parseCookiePair0(final CharSequence sequence, int nameStart, int nameLength, int valueEnd) { + private static HttpCookiePair parseCookiePair0(final CharSequence sequence, int nameStart, int nameLength, + int valueEnd) { final int valueStart = nameStart + nameLength + 1; - if (valueEnd - 1 < valueStart) { - throw new IllegalArgumentException("unexpected format of cookie pair, empty value"); + if (valueEnd <= valueStart || valueStart < 0) { + throw new IllegalArgumentException("value indexes are invalid. valueStart: " + valueStart + + " valueEnd: " + valueEnd); } if (sequence.charAt(valueStart) == '"' && sequence.charAt(valueEnd - 1) == '"') { if (valueEnd - 2 <= valueStart) {