Merge remote-tracking branch 'origin/jetty-7' into jetty-8

Conflicts:
	jetty-servlets/src/main/java/org/eclipse/jetty/servlets/MultiPartFilter.java

jetty-servlets/src/test/java/org/eclipse/jetty/servlets/MultipartFilterTest.java

@@ -757,7 +757,39 @@ public class MultipartFilterTest
         assertTrue(response.getContent().contains("aaaa,bbbbb"));
     }
     
- 
+    @Test
+    public void testBufferOverflowNoCRLF () throws Exception
+    {
+        String boundary="XyXyXy";
+        // generated and parsed test
+        HttpTester request = new HttpTester();
+        HttpTester response = new HttpTester();
+        tester.addServlet(BoundaryServlet.class,"/testb");
+        tester.setAttribute("fileName", "abc");
+        tester.setAttribute("desc", "123");
+        tester.setAttribute("title", "ttt");
+        request.setMethod("POST");
+        request.setVersion("HTTP/1.0");
+        request.setHeader("Host","tester");
+        request.setURI("/context/testb");
+        request.setHeader("Content-Type","multipart/form-data; boundary="+boundary);
+
+        String content = "--XyXyXy";
+
+        ByteArrayOutputStream baos = new ByteArrayOutputStream();
+        baos.write(content.getBytes());
+
+        for (int i=0; i< 8500; i++) //create content that will overrun default buffer size of BufferedInputStream
+        {
+            baos.write('a');
+        }
+        request.setContent(baos.toString());
+
+        response.parse(tester.getResponses(request.generate()));
+        assertTrue(response.getContent().contains("Buffer size exceeded"));
+        assertEquals(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, response.getStatus());
+    }
+
     /*
      * see the testParameterMap test
      *

jetty-util/src/main/java/org/eclipse/jetty/util/MultiPartInputStream.java

@@ -486,7 +486,16 @@ public class MultiPartInputStream
         byte[] byteBoundary=(boundary+"--").getBytes(StringUtil.__ISO_8859_1);
 
         // Get first boundary
-        String line=((ReadLineInputStream)_in).readLine();
+        String line = null;
+        try
+        {
+            line=((ReadLineInputStream)_in).readLine();  
+        }
+        catch (IOException e)
+        {
+            LOG.warn("Badly formatted multipart request");
+            throw e;
+        }
 
         if (line == null)
             throw new IOException("Missing content for multipart request");
@@ -723,7 +732,6 @@ public class MultiPartInputStream
             }
             finally
             {
- 
                 part.close();
             }
         }

jetty-util/src/main/java/org/eclipse/jetty/util/ReadLineInputStream.java

@@ -49,6 +49,10 @@ public class ReadLineInputStream extends BufferedInputStream
         while (true)
         {
             int b=super.read();
+            
+            if (markpos < 0)
+                throw new IOException("Buffer size exceeded: no line terminator");
+            
             if (b==-1)
             {
                 int m=markpos;

jetty-util/src/test/java/org/eclipse/jetty/util/MultiPartInputStreamTest.java

@@ -521,7 +521,35 @@ public class MultiPartInputStreamTest extends TestCase
         assertThat(baos.toString("UTF-8"), is("Other")); 
     }
     
-  
+
+    public void testBufferOverflowNoCRLF () throws Exception
+    {
+        ByteArrayOutputStream baos = new ByteArrayOutputStream();
+        baos.write("--AaB03x".getBytes());
+        for (int i=0; i< 8500; i++) //create content that will overrun default buffer size of BufferedInputStream
+        {
+            baos.write('a');
+        }
+        
+        MultipartConfigElement config = new MultipartConfigElement(_dirname, 1024, 3072, 50);
+        MultiPartInputStream mpis = new MultiPartInputStream(new ByteArrayInputStream(baos.toByteArray()), 
+                                                             _contentType,
+                                                             config,
+                                                             _tmpDir);
+        mpis.setDeleteOnExit(true);
+        try
+        {
+            mpis.getParts();
+            fail ("Multipart buffer overrun");
+        }
+        catch (IOException e)
+        {
+            assertTrue(e.getMessage().startsWith("Buffer size exceeded"));
+        }
+
+    }
+    
+    
     public void testCharsetEncoding () throws Exception
     {
         String contentType = "multipart/form-data; boundary=TheBoundary; charset=ISO-8859-1";