diff --git a/src/main/java/org/apache/commons/fileupload/FileUploadBase.java b/src/main/java/org/apache/commons/fileupload/FileUploadBase.java
index b693744..c8f5ca1 100644
--- a/src/main/java/org/apache/commons/fileupload/FileUploadBase.java
+++ b/src/main/java/org/apache/commons/fileupload/FileUploadBase.java
@@ -991,7 +991,12 @@ public abstract class FileUploadBase {
}
notifier = new MultipartStream.ProgressNotifier(listener, requestSize);
- multi = new MultipartStream(input, boundary, notifier);
+ try {
+ multi = new MultipartStream(input, boundary, notifier);
+ } catch (IllegalArgumentException iae) {
+ throw new InvalidContentTypeException(
+ format("The boundary specified in the %s header is too long", CONTENT_TYPE), iae);
+ }
multi.setHeaderEncoding(charEncoding);
skipPreamble = true;
@@ -1183,7 +1188,7 @@ public abstract class FileUploadBase {
* detail message.
*/
public InvalidContentTypeException() {
- // Nothing to do.
+ super();
}
/**
@@ -1196,6 +1201,9 @@ public abstract class FileUploadBase {
super(message);
}
+ public InvalidContentTypeException(String msg, Throwable cause) {
+ super(msg, cause);
+ }
}
/**
diff --git a/src/main/java/org/apache/commons/fileupload/MultipartStream.java b/src/main/java/org/apache/commons/fileupload/MultipartStream.java
index 9088947..0474ef9 100644
--- a/src/main/java/org/apache/commons/fileupload/MultipartStream.java
+++ b/src/main/java/org/apache/commons/fileupload/MultipartStream.java
@@ -268,10 +268,8 @@ public class MultipartStream {
/**
* Creates a new instance.
*
- * @deprecated 1.2.1 Use {@link #MultipartStream(InputStream, byte[],
- * org.apache.commons.fileupload.MultipartStream.ProgressNotifier)},
- * or {@link #MultipartStream(InputStream, byte[], int,
- * org.apache.commons.fileupload.MultipartStream.ProgressNotifier)}
+ * @deprecated 1.2.1 Use {@link #MultipartStream(InputStream, byte[], int,
+ * ProgressNotifier)}
*/
@Deprecated
public MultipartStream() {
@@ -292,10 +290,8 @@ public class MultipartStream {
* encapsulations.
* @param bufSize The size of the buffer to be used, in bytes.
*
- * @see #MultipartStream(InputStream, byte[],
- * MultipartStream.ProgressNotifier)
* @deprecated 1.2.1 Use {@link #MultipartStream(InputStream, byte[], int,
- * org.apache.commons.fileupload.MultipartStream.ProgressNotifier)}.
+ * ProgressNotifier)}.
*/
@Deprecated
public MultipartStream(InputStream input, byte[] boundary, int bufSize) {
@@ -317,8 +313,7 @@ public class MultipartStream {
* @param pNotifier The notifier, which is used for calling the
* progress listener, if any.
*
- * @see #MultipartStream(InputStream, byte[],
- * MultipartStream.ProgressNotifier)
+ * @throws IllegalArgumentException If the buffer size is too small
*/
MultipartStream(InputStream input,
byte[] boundary,
@@ -331,9 +326,14 @@ public class MultipartStream {
// We prepend CR/LF to the boundary to chop trailing CR/LF from
// body-data tokens.
- this.boundary = new byte[boundary.length + BOUNDARY_PREFIX.length];
this.boundaryLength = boundary.length + BOUNDARY_PREFIX.length;
+ if (bufSize < this.boundaryLength + 1) {
+ throw new IllegalArgumentException(
+ "The buffer size specified for the MultipartStream is too small");
+ }
+ this.boundary = new byte[this.boundaryLength];
this.keepRegion = this.boundary.length;
+
System.arraycopy(BOUNDARY_PREFIX, 0, this.boundary, 0,
BOUNDARY_PREFIX.length);
System.arraycopy(boundary, 0, this.boundary, BOUNDARY_PREFIX.length,
@@ -352,8 +352,7 @@ public class MultipartStream {
* @param pNotifier An object for calling the progress listener, if any.
*
*
- * @see #MultipartStream(InputStream, byte[], int,
- * MultipartStream.ProgressNotifier)
+ * @see #MultipartStream(InputStream, byte[], int, ProgressNotifier)
*/
MultipartStream(InputStream input,
byte[] boundary,
@@ -368,10 +367,8 @@ public class MultipartStream {
* @param boundary The token used for dividing the stream into
* encapsulations.
*
- * @deprecated 1.2.1 Use {@link #MultipartStream(InputStream, byte[],
- * MultipartStream.ProgressNotifier)}.
- * @see #MultipartStream(InputStream, byte[], int,
- * MultipartStream.ProgressNotifier)
+ * @deprecated 1.2.1 Use {@link #MultipartStream(InputStream, byte[], int,
+ * ProgressNotifier)}.
*/
@Deprecated
public MultipartStream(InputStream input,
diff --git a/src/test/java/org/apache/commons/fileupload/MultipartStreamTest.java b/src/test/java/org/apache/commons/fileupload/MultipartStreamTest.java
index 7148d81..80871f4 100644
--- a/src/test/java/org/apache/commons/fileupload/MultipartStreamTest.java
+++ b/src/test/java/org/apache/commons/fileupload/MultipartStreamTest.java
@@ -38,7 +38,8 @@ public class MultipartStreamTest {
final byte[] contents = strData.getBytes();
InputStream input = new ByteArrayInputStream(contents);
byte[] boundary = BOUNDARY_TEXT.getBytes();
- int iBufSize = boundary.length;
+ int iBufSize =
+ boundary.length + MultipartStream.BOUNDARY_PREFIX.length + 1;
MultipartStream ms = new MultipartStream(
input,
boundary,
@@ -47,6 +48,21 @@ public class MultipartStreamTest {
assertNotNull(ms);
}
+ @Test(expected=IllegalArgumentException.class)
+ public void testSmallBuffer() throws Exception {
+ final String strData = "foobar";
+ final byte[] contents = strData.getBytes();
+ InputStream input = new ByteArrayInputStream(contents);
+ byte[] boundary = BOUNDARY_TEXT.getBytes();
+ int iBufSize = 1;
+ @SuppressWarnings("unused")
+ MultipartStream ms = new MultipartStream(
+ input,
+ boundary,
+ iBufSize,
+ new MultipartStream.ProgressNotifier(null, contents.length));
+ }
+
@Test
public void testTwoParamConstructor() throws Exception {
final String strData = "foobar";