Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

HttpUtil.getContentLength can throw parse error even when default value is supplied

See original GitHub issue

Fairly straight-forward to fix, but not sure if we should actually change the behavior or just change the javadoc. I can contribute a PR.

Expected behavior

Calling HttpUtil.getContentLength(HttpMessage, int) should return the default value when the header is not a number, in accordance with the javadoc:

Returns: the content length or defaultValue if this message does not have the “Content-Length” header or its value is not a number. Not to exceed the boundaries of integer.

Actual behavior

For invalid inputs, the method throws an exception:

Exception in thread "main" java.lang.NumberFormatException: For input string: "foo"
	at java.base/java.lang.NumberFormatException.forInputString(NumberFormatException.java:67)
	at java.base/java.lang.Long.parseLong(Long.java:711)
	at java.base/java.lang.Long.parseLong(Long.java:836)
	at io.netty.handler.codec.http.HttpUtil.getContentLength(HttpUtil.java:181)
	at io.netty.handler.codec.http.HttpUtil.getContentLength(HttpUtil.java:203)
	at io.micronaut.http.server.netty.fuzzing.X.main(X.java:12)

Steps to reproduce

Run the reproducer code.

Minimal yet complete reproducer code (or URL to code)

package io.micronaut.http.server.netty.fuzzing;

import io.netty.handler.codec.http.DefaultFullHttpRequest;
import io.netty.handler.codec.http.HttpMethod;
import io.netty.handler.codec.http.HttpUtil;
import io.netty.handler.codec.http.HttpVersion;

public class X {
    public static void main(String[] args) {
        DefaultFullHttpRequest request = new DefaultFullHttpRequest(HttpVersion.HTTP_1_1, HttpMethod.GET, "/");
        request.headers().add("Content-Length", "foo");
        System.out.println(HttpUtil.getContentLength(request, 0));
    }
}

Netty version

4.1.73.Final

JVM version (e.g. `java -version`)

openjdk version “17.0.1” 2021-10-19 OpenJDK Runtime Environment Temurin-17.0.1+12 (build 17.0.1+12) OpenJDK 64-Bit Server VM Temurin-17.0.1+12 (build 17.0.1+12, mixed mode, sharing)

OS version (e.g. `uname -a`)

Linux yawkat-oracle 5.13.0-28-generic #31-Ubuntu SMP Thu Jan 13 17:41:06 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux

Issue Analytics

State:
Created 2 years ago
Comments:5 (5 by maintainers)

Top GitHub Comments

1reaction

normanmaurercommented, Feb 18, 2022

I think we should fix the code… Let me do it.

0reactions

normanmaurercommented, Feb 18, 2022

yeah I think we should keep it simple

Top Results From Across the Web

Anyway to set a default only when there is parse error for ...

Clearly the default will work when there is no num field in the configuration file. However, when there is a malformatted one. Spring...

Fix list for IBM WebSphere Application Server V8.5

IBM WebSphere Application Server provides periodic fixes for the base and Network Deployment editions of release V8.5. The following is a complete listing ......

The Request - Java Servlet Programming [Book] - O'Reilly

An HTTP servlet gets its request parameters as part of its query string (for GET requests) or as encoded post data (for POST...

HttpCore Tutorial

A consistent API for building client / proxy / server side HTTP services ... and HttpEntity#getContentLength() methods can be used for.

Release Notes - Java Bug System - OpenJDK

ChoiceFormat doc; [JDK-5061359] - No error for ambiguous member of intersection ... Problem with parsing krb5.conf; [JDK-6319773] - pkgmk could fail without ...