[GRIZZLY-970] Fix accept-language qvalue parsing to avoid attempting to parse values with a length more than 5. Created: 09/Feb/11  Updated: 20/Jun/13  Resolved: 09/Feb/11

Status: Closed
Project: grizzly
Component/s: None
Affects Version/s: memcached-1.0, 1.9.31
Fix Version/s: memcached-1.0, 1.9.32

Type: Bug Priority: Critical
Reporter: Ryan Lubke Assignee: Ryan Lubke
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified


See: http://bugs.openjdk.java.net/show_bug.cgi?id=100119

A specially crafted accept-language header could be sent to the container with a qvalue that tiggers the bug referenced above.

Since the RFC states there should be no more than 3 digits after the decimal, we shouldn't be attempting to parse this number anyway.

Comment by Ryan Lubke [ 09/Feb/11 ]

Changes applied (1.9: r5883, 2.0: r5884).

Generated at Thu May 28 02:24:04 UTC 2015 using JIRA 6.2.3#6260-sha1:63ef1d6dac3f4f4d7db4c1effd405ba38ccdc558.