Strictly obey newline definitions as per RFC 7578 and RFC 2046

clue · clue · commit cd5d3c80b11e · 2017-11-28T18:25:43.000+01:00
diff --git a/src/Io/MultipartParser.php b/src/Io/MultipartParser.php
@@ -12,6 +12,8 @@
  * that resembles PHP's `$_POST` and `$_FILES` superglobals.
  *
  * @internal
+ * @link https://tools.ietf.org/html/rfc7578
+ * @link https://tools.ietf.org/html/rfc2046#section-5.1.1
  */
 final class MultipartParser
 {
@@ -43,23 +45,34 @@ private function parse()
             return $this->request;
         }
 
-        $this->parseBuffer($matches[1], (string)$this->request->getBody());
+        $this->parseBody('--' . $matches[1], (string)$this->request->getBody());
 
         return $this->request;
     }
 
-    private function parseBuffer($boundary, $buffer)
+    private function parseBody($boundary, $buffer)
     {
-        $chunks = explode('--' . $boundary, $buffer);
-        array_pop($chunks);
+        $len = strlen($boundary);
+
+        // ignore everything before initial boundary (SHOULD be empty)
+        $start = strpos($buffer, $boundary . "\r\n");
+
+        while ($start !== false) {
+            // search following boundary (preceded by newline)
+            // ignore last if not followed by boundary (SHOULD end with "--")
+            $start += $len + 2;
+            $end = strpos($buffer, "\r\n" . $boundary, $start);
+            if ($end === false) {
+                break;
+            }
 
-        foreach ($chunks as $chunk) {
-            $chunk = $this->stripTrailingEOL($chunk);
-            $this->parseChunk($chunk);
+            // parse one part and continue searching for next
+            $this->parsePart(substr($buffer, $start, $end - $start));
+            $start = $end;
         }
     }
 
-    private function parseChunk($chunk)
+    private function parsePart($chunk)
     {
         $pos = strpos($chunk, "\r\n\r\n");
         if ($pos === false) {
@@ -157,10 +170,13 @@ private function parseHeaders($header)
         $headers = array();
 
         foreach (explode("\r\n", trim($header)) as $line) {
-            list($key, $values) = explode(':', $line, 2);
-            $key = trim($key);
-            $key = strtolower($key);
-            $values = explode(';', $values);
+            $parts = explode(':', $line, 2);
+            if (!isset($parts[1])) {
+                continue;
+            }
+
+            $key = strtolower(trim($parts[0]));
+            $values = explode(';', $parts[1]);
             $values = array_map('trim', $values);
             $headers[$key] = $values;
         }
@@ -179,15 +195,6 @@ private function getParameterFromHeader(array $header, $parameter)
         return null;
     }
 
-    private function stripTrailingEOL($chunk)
-    {
-        if (substr($chunk, -2) === "\r\n") {
-            return substr($chunk, 0, -2);
-        }
-
-        return $chunk;
-    }
-
     private function extractPost($postFields, $key, $value)
     {
         $chunks = explode('[', $key);
diff --git a/tests/Io/MultipartParserTest.php b/tests/Io/MultipartParserTest.php
@@ -429,7 +429,7 @@ public function testInvalidDoubleContentDispositionUsesLast()
         );
     }
 
-    public function testInvalidMissingNewlineAfterValueDoesNotMatter()
+    public function testInvalidMissingNewlineAfterValueWillBeIgnored()
     {
         $boundary = "---------------------------5844729766471062541057622570";
 
@@ -446,12 +446,7 @@ public function testInvalidMissingNewlineAfterValueDoesNotMatter()
         $parsedRequest = MultipartParser::parseRequest($request);
 
         $this->assertEmpty($parsedRequest->getUploadedFiles());
-        $this->assertSame(
-            array(
-                'key' => 'value'
-            ),
-            $parsedRequest->getParsedBody()
-        );
+        $this->assertEmpty($parsedRequest->getParsedBody());
     }
 
     public function testInvalidMissingValueWillBeIgnored()
@@ -497,7 +492,27 @@ public function testInvalidContentDispositionMissingWillBeIgnored()
         $data  = "--$boundary\r\n";
         $data .= "Content-Type: text/plain\r\n";
         $data .= "\r\n";
-        $data .= "hello";
+        $data .= "hello\r\n";
+        $data .= "--$boundary--\r\n";
+
+        $request = new ServerRequest('POST', 'http://example.com/', array(
+            'Content-Type' => 'multipart/form-data; boundary=' . $boundary,
+        ), $data, 1.1);
+
+        $parsedRequest = MultipartParser::parseRequest($request);
+
+        $this->assertEmpty($parsedRequest->getUploadedFiles());
+        $this->assertEmpty($parsedRequest->getParsedBody());
+    }
+
+    public function testInvalidContentDispositionMissingValueWillBeIgnored()
+    {
+        $boundary = "---------------------------5844729766471062541057622570";
+
+        $data  = "--$boundary\r\n";
+        $data .= "Content-Disposition\r\n";
+        $data .= "\r\n";
+        $data .= "value\r\n";
         $data .= "--$boundary--\r\n";
 
         $request = new ServerRequest('POST', 'http://example.com/', array(
@@ -517,7 +532,7 @@ public function testInvalidContentDispositionWithoutNameWillBeIgnored()
         $data  = "--$boundary\r\n";
         $data .= "Content-Disposition: form-data; something=\"key\"\r\n";
         $data .= "\r\n";
-        $data .= "value";
+        $data .= "value\r\n";
         $data .= "--$boundary--\r\n";
 
         $request = new ServerRequest('POST', 'http://example.com/', array(
