diff -up ./modules/jetty/src/main/java/org/mortbay/jetty/handler/ErrorHandler.java.fix2 ./modules/jetty/src/main/java/org/mortbay/jetty/handler/ErrorHandler.java --- ./modules/jetty/src/main/java/org/mortbay/jetty/handler/ErrorHandler.java.fix2 2009-11-03 12:45:36.000000000 -0500 +++ ./modules/jetty/src/main/java/org/mortbay/jetty/handler/ErrorHandler.java 2009-11-03 12:47:35.000000000 -0500 @@ -91,8 +91,7 @@ public class ErrorHandler extends Abstra writer.write("<title>Error "); writer.write(Integer.toString(code)); writer.write(' '); - if (message!=null) - writer.write(deScript(message)); + write(writer,message); writer.write("</title>\n"); } @@ -117,9 +116,9 @@ public class ErrorHandler extends Abstra writer.write("<h2>HTTP ERROR "); writer.write(Integer.toString(code)); writer.write("</h2>\n<p>Problem accessing "); - writer.write(deScript(uri)); + write(writer,uri); writer.write(". Reason:\n<pre> "); - writer.write(deScript(message)); + write(writer,message); writer.write("</pre></p>"); } @@ -135,7 +134,7 @@ public class ErrorHandler extends Abstra PrintWriter pw = new PrintWriter(sw); th.printStackTrace(pw); pw.flush(); - writer.write(deScript(sw.getBuffer().toString())); + write(writer,sw.getBuffer().toString()); writer.write("</pre>\n"); th =th.getCause(); @@ -162,13 +161,34 @@ public class ErrorHandler extends Abstra } /* ------------------------------------------------------------ */ - protected String deScript(String string) + protected void write(Writer writer,String string) + throws IOException { if (string==null) - return null; - string=StringUtil.replace(string, "&", "&"); - string=StringUtil.replace(string, "<", "<"); - string=StringUtil.replace(string, ">", ">"); - return string; + return; + + for (int i=0;i<string.length();i++) + { + char c=string.charAt(i); + + switch(c) + { + case '&' : + writer.write("&"); + break; + case '<' : + writer.write("<"); + break; + case '>' : + writer.write(">"); + break; + + default: + if (Character.isISOControl(c) && !Character.isWhitespace(c)) + writer.write('?'); + else + writer.write(c); + } + } } } diff -up ./modules/jetty/src/main/java/org/mortbay/jetty/HttpParser.java.fix2 ./modules/jetty/src/main/java/org/mortbay/jetty/HttpParser.java --- ./modules/jetty/src/main/java/org/mortbay/jetty/HttpParser.java.fix2 2009-11-03 12:46:07.000000000 -0500 +++ ./modules/jetty/src/main/java/org/mortbay/jetty/HttpParser.java 2009-11-03 12:47:35.000000000 -0500 @@ -465,7 +465,15 @@ public class HttpParser implements Parse case HttpHeaders.CONTENT_LENGTH_ORDINAL: if (_contentLength != HttpTokens.CHUNKED_CONTENT) { - _contentLength=BufferUtil.toLong(value); + try + { + _contentLength=BufferUtil.toLong(value); + } + catch(NumberFormatException e) + { + Log.ignore(e); + throw new HttpException(HttpServletResponse.SC_BAD_REQUEST); + } if (_contentLength <= 0) _contentLength=HttpTokens.NO_CONTENT; } diff -up ./modules/util/src/main/java/org/mortbay/log/StdErrLog.java.fix2 ./modules/util/src/main/java/org/mortbay/log/StdErrLog.java --- ./modules/util/src/main/java/org/mortbay/log/StdErrLog.java.fix2 2009-11-03 12:47:02.000000000 -0500 +++ ./modules/util/src/main/java/org/mortbay/log/StdErrLog.java 2009-11-03 12:48:00.000000000 -0500 @@ -26,8 +26,10 @@ import org.mortbay.util.DateCache; public class StdErrLog implements Logger { private static DateCache _dateCache; - private static boolean debug = System.getProperty("DEBUG",null)!=null; - private String name; + private static boolean __debug = System.getProperty("DEBUG",null)!=null; + private String _name; + + StringBuffer _buffer = new StringBuffer(); static { @@ -49,44 +51,59 @@ public class StdErrLog implements Logger public StdErrLog(String name) { - this.name=name==null?"":name; + this._name=name==null?"":name; } public boolean isDebugEnabled() { - return debug; + return __debug; } public void setDebugEnabled(boolean enabled) { - debug=enabled; + __debug=enabled; } public void info(String msg,Object arg0, Object arg1) { String d=_dateCache.now(); int ms=_dateCache.lastMs(); - System.err.println(d+(ms>99?".":(ms>9?".0":".00"))+ms+":"+name+":INFO: "+format(msg,arg0,arg1)); + synchronized(_buffer) + { + tag(d,ms,":INFO:"); + format(msg,arg0,arg1); + System.err.println(_buffer.toString()); + } } public void debug(String msg,Throwable th) { - if (debug) + if (__debug) { String d=_dateCache.now(); int ms=_dateCache.lastMs(); - System.err.println(d+(ms>99?".":(ms>9?".0":".00"))+ms+":"+name+":DEBUG: "+msg); - if (th!=null) th.printStackTrace(); + synchronized(_buffer) + { + tag(d,ms,":DBUG:"); + format(msg); + format(th); + System.err.println(_buffer.toString()); + } } } public void debug(String msg,Object arg0, Object arg1) { - if (debug) + if (__debug) { String d=_dateCache.now(); int ms=_dateCache.lastMs(); - System.err.println(d+(ms>99?".":(ms>9?".0":".00"))+ms+":"+name+":DEBUG: "+format(msg,arg0,arg1)); + synchronized(_buffer) + { + tag(d,ms,":DBUG:"); + format(msg,arg0,arg1); + System.err.println(_buffer.toString()); + } } } @@ -94,42 +111,126 @@ public class StdErrLog implements Logger { String d=_dateCache.now(); int ms=_dateCache.lastMs(); - System.err.println(d+(ms>99?".":(ms>9?".0":".00"))+ms+":"+name+":WARN: "+format(msg,arg0,arg1)); + synchronized(_buffer) + { + tag(d,ms,":WARN:"); + format(msg,arg0,arg1); + System.err.println(_buffer.toString()); + } } public void warn(String msg, Throwable th) { String d=_dateCache.now(); int ms=_dateCache.lastMs(); - System.err.println(d+(ms>99?".":(ms>9?".0":".00"))+ms+":"+name+":WARN: "+msg); - if (th!=null) - th.printStackTrace(); + synchronized(_buffer) + { + tag(d,ms,":WARN:"); + format(msg); + format(th); + System.err.println(_buffer.toString()); + } } - - private String format(String msg, Object arg0, Object arg1) + + private void tag(String d,int ms,String tag) + { + _buffer.setLength(0); + _buffer.append(d); + if (ms>99) + _buffer.append('.'); + else if (ms>9) + _buffer.append(".0"); + else + _buffer.append(".00"); + _buffer.append(ms).append(tag).append(_name).append(':'); + } + + private void format(String msg, Object arg0, Object arg1) { int i0=msg.indexOf("{}"); int i1=i0<0?-1:msg.indexOf("{}",i0+2); - if (arg1!=null && i1>=0) - msg=msg.substring(0,i1)+arg1+msg.substring(i1+2); - if (arg0!=null && i0>=0) - msg=msg.substring(0,i0)+arg0+msg.substring(i0+2); - return msg; + if (i0>=0) + { + format(msg.substring(0,i0)); + format(String.valueOf(arg0)); + + if (i1>=0) + { + format(msg.substring(i0+2,i1)); + format(String.valueOf(arg1)); + format(msg.substring(i1+2)); + } + else + { + format(msg.substring(i0+2)); + if (arg1!=null) + { + _buffer.append(' '); + format(String.valueOf(arg1)); + } + } + } + else + { + format(msg); + if (arg0!=null) + { + _buffer.append(' '); + format(String.valueOf(arg0)); + } + if (arg1!=null) + { + _buffer.append(' '); + format(String.valueOf(arg1)); + } + } + } + + private void format(String msg) + { + for (int i=0;i<msg.length();i++) + { + char c=msg.charAt(i); + if (Character.isISOControl(c)) + { + if (c=='\n') + _buffer.append('|'); + else if (c=='\r') + _buffer.append('<'); + else + _buffer.append('?'); + } + else + _buffer.append(c); + } + } + + private void format(Throwable th) + { + _buffer.append('\n'); + format(th.toString()); + StackTraceElement[] elements = th.getStackTrace(); + for (int i=0;elements!=null && i<elements.length;i++) + { + _buffer.append("\n\tat "); + format(elements[i].toString()); + } } public Logger getLogger(String name) { - if ((name==null && this.name==null) || - (name!=null && name.equals(this.name))) + if ((name==null && this._name==null) || + (name!=null && name.equals(this._name))) return this; return new StdErrLog(name); } public String toString() { - return "STDERR"+name; + return "STDERR"+_name; } + }