From 79301c650c2c04f2a9adfbb1cdbb3f85d09860b3 Mon Sep 17 00:00:00 2001
From: Trustin Lee <t@motd.kr>
Date: Tue, 23 Apr 2013 19:26:50 +0900
Subject: [PATCH] Fix incorrect name validation in AbstractHttpData

- Fixes #1228
---
 .../http/multipart/AbstractHttpData.java      | 36 ++++++-------------
 1 file changed, 10 insertions(+), 26 deletions(-)

diff --git a/src/main/java/org/jboss/netty/handler/codec/http/multipart/AbstractHttpData.java b/src/main/java/org/jboss/netty/handler/codec/http/multipart/AbstractHttpData.java
index b8f70ad6c9..44edcb792b 100644
--- a/src/main/java/org/jboss/netty/handler/codec/http/multipart/AbstractHttpData.java
+++ b/src/main/java/org/jboss/netty/handler/codec/http/multipart/AbstractHttpData.java
@@ -15,15 +15,19 @@
  */
 package org.jboss.netty.handler.codec.http.multipart;
 
-import java.nio.charset.Charset;
-
 import org.jboss.netty.handler.codec.http.HttpConstants;
 
+import java.nio.charset.Charset;
+import java.util.regex.Pattern;
+
 /**
  * Abstract HttpData implementation
  */
 public abstract class AbstractHttpData implements HttpData {
 
+    private static final Pattern STRIP_PATTERN = Pattern.compile("(?:^\\s+|\\s+$|\\n)");
+    private static final Pattern REPLACE_PATTERN = Pattern.compile("[\\r\\t]");
+
     protected final String name;
     protected long definedSize;
     protected long size;
@@ -34,34 +38,14 @@ public abstract class AbstractHttpData implements HttpData {
         if (name == null) {
             throw new NullPointerException("name");
         }
-        name = name.trim();
+
+        name = REPLACE_PATTERN.matcher(name).replaceAll(" ");
+        name = STRIP_PATTERN.matcher(name).replaceAll("");
+
         if (name.length() == 0) {
             throw new IllegalArgumentException("empty name");
         }
 
-        for (int i = 0; i < name.length(); i ++) {
-            char c = name.charAt(i);
-            if (c > 127) {
-                throw new IllegalArgumentException(
-                        "name contains non-ascii character: " + name);
-            }
-
-            // Check prohibited characters.
-            switch (c) {
-            case '=':
-            case ',':
-            case ';':
-            case ' ':
-            case '\t':
-            case '\r':
-            case '\n':
-            case '\f':
-            case 0x0b: // Vertical tab
-                throw new IllegalArgumentException(
-                        "name contains one of the following prohibited characters: " +
-                        "=,; \\t\\r\\n\\v\\f: " + name);
-            }
-        }
         this.name = name;
         if (charset != null) {
             setCharset(charset);