414393 StringIndexOutofBoundsException with > 8k multipart content without CR or LF

jetty-servlets/src/main/java/org/eclipse/jetty/servlets/MultiPartFilter.java

@@ -151,6 +151,7 @@ public class MultiPartFilter implements Filter
                 params.add(entry.getKey(),value);
         }
         
+        boolean badFormatLogged = false;
         try
         {
             // Get first boundary
@@ -160,7 +161,7 @@ public class MultiPartFilter implements Filter
                 throw new IOException("Missing content for multipart request");
 
             line = line.trim();
-            boolean badFormatLogged = false;
+        
             while (line != null && !line.equals(boundary))
             {
                 if (!badFormatLogged)
@@ -402,6 +403,12 @@ public class MultiPartFilter implements Filter
             // handle request
             chain.doFilter(new Wrapper(srequest,params),response);
         }
+        catch (IOException e)
+        {
+            if (!badFormatLogged)
+                LOG.warn("Badly formatted multipart request");
+            throw e;             
+        }
         finally
         {
             deleteFiles(request);

jetty-servlets/src/test/java/org/eclipse/jetty/servlets/MultipartFilterTest.java

@@ -752,6 +752,38 @@ public class MultipartFilterTest
         assertTrue(response.getContent().contains("aaaa,bbbbb"));
     }
     
+    @Test
+    public void testBufferOverflowNoCRLF () throws Exception
+    {
+        String boundary="XyXyXy";
+        // generated and parsed test
+        HttpTester request = new HttpTester();
+        HttpTester response = new HttpTester();
+        tester.addServlet(BoundaryServlet.class,"/testb");
+        tester.setAttribute("fileName", "abc");
+        tester.setAttribute("desc", "123");
+        tester.setAttribute("title", "ttt");
+        request.setMethod("POST");
+        request.setVersion("HTTP/1.0");
+        request.setHeader("Host","tester");
+        request.setURI("/context/testb");
+        request.setHeader("Content-Type","multipart/form-data; boundary="+boundary);
+
+        String content = "--XyXyXy";
+
+        ByteArrayOutputStream baos = new ByteArrayOutputStream();
+        baos.write(content.getBytes());
+
+        for (int i=0; i< 8500; i++) //create content that will overrun default buffer size of BufferedInputStream
+        {
+            baos.write('a');
+        }
+        request.setContent(baos.toString());
+
+        response.parse(tester.getResponses(request.generate()));
+        assertTrue(response.getContent().contains("Buffer size exceeded"));
+        assertEquals(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, response.getStatus());
+    }
 
     /*
      * see the testParameterMap test

jetty-util/src/main/java/org/eclipse/jetty/util/ReadLineInputStream.java

@@ -49,6 +49,10 @@ public class ReadLineInputStream extends BufferedInputStream
         while (true)
         {
             int b=super.read();
+            
+            if (markpos < 0)
+                throw new IOException("Buffer size exceeded: no line terminator");
+            
             if (b==-1)
             {
                 int m=markpos;