aspnet
diff --git a/‎src/Microsoft.AspNetCore.Server.Kestrel/Internal/Http/Frame.cs
Lines changed: 23 additions & 4 deletions b/‎src/Microsoft.AspNetCore.Server.Kestrel/Internal/Http/Frame.cs
Lines changed: 23 additions & 4 deletions
diff --git a/‎src/Microsoft.AspNetCore.Server.Kestrel/Internal/Http/FrameHeaders.Generated.cs
Lines changed: 6 additions & 0 deletions b/‎src/Microsoft.AspNetCore.Server.Kestrel/Internal/Http/FrameHeaders.Generated.cs
Lines changed: 6 additions & 0 deletions
diff --git a/‎src/Microsoft.AspNetCore.Server.Kestrel/Internal/Http/FrameHeaders.cs
Lines changed: 13 additions & 0 deletions b/‎src/Microsoft.AspNetCore.Server.Kestrel/Internal/Http/FrameHeaders.cs
Lines changed: 13 additions & 0 deletions
diff --git a/‎src/Microsoft.AspNetCore.Server.Kestrel/Internal/Http/FrameOfT.cs
Lines changed: 10 additions & 0 deletions b/‎src/Microsoft.AspNetCore.Server.Kestrel/Internal/Http/FrameOfT.cs
Lines changed: 10 additions & 0 deletions
diff --git a/‎src/Microsoft.AspNetCore.Server.Kestrel/Internal/Http/FrameResponseHeaders.cs
Lines changed: 4 additions & 0 deletions b/‎src/Microsoft.AspNetCore.Server.Kestrel/Internal/Http/FrameResponseHeaders.cs
Lines changed: 4 additions & 0 deletions
diff --git a/‎src/Microsoft.AspNetCore.Server.Kestrel/Internal/Infrastructure/IKestrelTrace.cs
Lines changed: 1 addition & 1 deletion b/‎src/Microsoft.AspNetCore.Server.Kestrel/Internal/Infrastructure/IKestrelTrace.cs
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Microsoft.AspNetCore.Server.Kestrel/Internal/Infrastructure/KestrelTrace.cs
Lines changed: 3 additions & 3 deletions b/‎src/Microsoft.AspNetCore.Server.Kestrel/Internal/Infrastructure/KestrelTrace.cs
Lines changed: 3 additions & 3 deletions
@@ -4,6 +4,7 @@
 using System;
 using System.Collections.Generic;
 using System.Diagnostics;
+using System.Globalization;
 using System.IO;
 using System.Linq;
 using System.Net;
@@ -75,7 +76,7 @@ public abstract partial class Frame : IFrameControl
         protected readonly long _keepAliveMilliseconds;
         private readonly long _requestHeadersTimeoutMilliseconds;
 
-        private int _responseBytesWritten;
+        protected long _responseBytesWritten;
 
         public Frame(ConnectionContext context)
         {
@@ -516,8 +517,8 @@ public async Task FlushAsync(CancellationToken cancellationToken)
 
         public void Write(ArraySegment<byte> data)
         {
+            VerifyAndUpdateWrite(data.Count);
             ProduceStartAndFireOnStarting().GetAwaiter().GetResult();
-            _responseBytesWritten += data.Count;
 
             if (_canHaveBody)
             {
@@ -547,7 +548,7 @@ public Task WriteAsync(ArraySegment<byte> data, CancellationToken cancellationTo
                 return WriteAsyncAwaited(data, cancellationToken);
             }
 
-            _responseBytesWritten += data.Count;
+            VerifyAndUpdateWrite(data.Count);
 
             if (_canHaveBody)
             {
@@ -573,8 +574,9 @@ public Task WriteAsync(ArraySegment<byte> data, CancellationToken cancellationTo
 
         public async Task WriteAsyncAwaited(ArraySegment<byte> data, CancellationToken cancellationToken)
         {
+            VerifyAndUpdateWrite(data.Count);
+
             await ProduceStartAndFireOnStarting();
-            _responseBytesWritten += data.Count;
 
             if (_canHaveBody)
             {
@@ -598,6 +600,23 @@ public async Task WriteAsyncAwaited(ArraySegment<byte> data, CancellationToken c
             }
         }
 
+        private void VerifyAndUpdateWrite(int count)
+        {
+            var responseHeaders = FrameResponseHeaders;
+
+            if (responseHeaders != null &&
+                !responseHeaders.HasTransferEncoding &&
+                responseHeaders.HasContentLength &&
+                _responseBytesWritten + count > responseHeaders.HeaderContentLengthValue.Value)
+            {
+                _keepAlive = false;
+                throw new InvalidOperationException(
+                    $"Response Content-Length mismatch: too many bytes written ({_responseBytesWritten + count} of {responseHeaders.HeaderContentLengthValue.Value}).");
+            }
+
+            _responseBytesWritten += count;
+        }
+
         private void WriteChunked(ArraySegment<byte> data)
         {
             SocketOutput.Write(data, chunk: true);
 
@@ -3697,6 +3697,7 @@ protected override void ClearFast()
         {
             _bits = 0;
             _headers = default(HeaderReferences);
+            
             MaybeUnknown?.Clear();
         }
 
@@ -5670,6 +5671,7 @@ public StringValues HeaderContentLength
             }
             set
             {
+                _contentLength = ParseContentLength(value);
                 _bits |= 2048L;
                 _headers._ContentLength = value; 
                 _headers._rawContentLength = null;
@@ -7384,6 +7386,7 @@ protected override void SetValueFast(string key, StringValues value)
                     {
                         if ("Content-Length".Equals(key, StringComparison.OrdinalIgnoreCase))
                         {
+                            _contentLength = ParseContentLength(value);
                             _bits |= 2048L;
                             _headers._ContentLength = value;
                             _headers._rawContentLength = null;
@@ -7809,6 +7812,7 @@ protected override void AddValueFast(string key, StringValues value)
                             {
                                 ThrowDuplicateKeyException();
                             }
+                            _contentLength = ParseContentLength(value);
                             _bits |= 2048L;
                             _headers._ContentLength = value;
                             _headers._rawContentLength = null;
@@ -8350,6 +8354,7 @@ protected override bool RemoveFast(string key)
                         {
                             if (((_bits & 2048L) != 0))
                             {
+                                _contentLength = null;
                                 _bits &= ~2048L;
                                 _headers._ContentLength = StringValues.Empty;
                                 _headers._rawContentLength = null;
@@ -8601,6 +8606,7 @@ protected override void ClearFast()
         {
             _bits = 0;
             _headers = default(HeaderReferences);
+            _contentLength = null;
             MaybeUnknown?.Clear();
         }
 
 
@@ -4,6 +4,7 @@
 using System;
 using System.Collections;
 using System.Collections.Generic;
+using System.Globalization;
 using System.Linq;
 using Microsoft.AspNetCore.Http;
 using Microsoft.Extensions.Primitives;
@@ -232,6 +233,18 @@ public static void ValidateHeaderCharacters(string headerCharacters)
             }
         }
 
+        public static long ParseContentLength(StringValues value)
+        {
+            try
+            {
+                return long.Parse(value, NumberStyles.AllowLeadingWhite | NumberStyles.AllowTrailingWhite, CultureInfo.InvariantCulture);
+            }
+            catch (FormatException ex)
+            {
+                throw new InvalidOperationException("Content-Length value must be an integral number.", ex);
+            }
+        }
+
         private static void ThrowInvalidHeaderCharacter(char ch)
         {
             throw new InvalidOperationException(string.Format("Invalid non-ASCII or control character in header: 0x{0:X4}", (ushort)ch));
 
@@ -92,6 +92,16 @@ public override async Task RequestProcessingAsync()
                         try
                         {
                             await _application.ProcessRequestAsync(context).ConfigureAwait(false);
+
+                            var responseHeaders = FrameResponseHeaders;
+                            if (!responseHeaders.HasTransferEncoding &&
+                                responseHeaders.HasContentLength &&
+                                _responseBytesWritten < responseHeaders.HeaderContentLengthValue.Value)
+                            {
+                                _keepAlive = false;
+                                ReportApplicationError(new InvalidOperationException(
+                                    $"Response Content-Length mismatch: too few bytes written ({_responseBytesWritten} of {responseHeaders.HeaderContentLengthValue.Value})."));
+                            }
                         }
                         catch (Exception ex)
                         {
 
@@ -13,6 +13,8 @@ public partial class FrameResponseHeaders : FrameHeaders
         private static readonly byte[] _CrLf = new[] { (byte)'\r', (byte)'\n' };
         private static readonly byte[] _colonSpace = new[] { (byte)':', (byte)' ' };
 
+        private long? _contentLength;
+
         public bool HasConnection => HeaderConnection.Count != 0;
 
         public bool HasTransferEncoding => HeaderTransferEncoding.Count != 0;
@@ -23,6 +25,8 @@ public partial class FrameResponseHeaders : FrameHeaders
 
         public bool HasDate => HeaderDate.Count != 0;
 
+        public long? HeaderContentLengthValue => _contentLength;
+
         public Enumerator GetEnumerator()
         {
             return new Enumerator(this);
 
@@ -33,7 +33,7 @@ public interface IKestrelTrace : ILogger
 
         void ConnectionDisconnectedWrite(string connectionId, int count, Exception ex);
 
-        void ConnectionHeadResponseBodyWrite(string connectionId, int count);
+        void ConnectionHeadResponseBodyWrite(string connectionId, long count);
 
         void ConnectionBadRequest(string connectionId, BadHttpRequestException ex);
 
 
@@ -24,7 +24,7 @@ public class KestrelTrace : IKestrelTrace
         private static readonly Action<ILogger, string, Exception> _applicationError;
         private static readonly Action<ILogger, string, Exception> _connectionError;
         private static readonly Action<ILogger, string, int, Exception> _connectionDisconnectedWrite;
-        private static readonly Action<ILogger, string, int, Exception> _connectionHeadResponseBodyWrite;
+        private static readonly Action<ILogger, string, long, Exception> _connectionHeadResponseBodyWrite;
         private static readonly Action<ILogger, Exception> _notAllConnectionsClosedGracefully;
         private static readonly Action<ILogger, string, string, Exception> _connectionBadRequest;
 
@@ -49,7 +49,7 @@ static KestrelTrace()
             _connectionDisconnectedWrite = LoggerMessage.Define<string, int>(LogLevel.Debug, 15, @"Connection id ""{ConnectionId}"" write of ""{count}"" bytes to disconnected client.");
             _notAllConnectionsClosedGracefully = LoggerMessage.Define(LogLevel.Debug, 16, "Some connections failed to close gracefully during server shutdown.");
             _connectionBadRequest = LoggerMessage.Define<string, string>(LogLevel.Information, 17, @"Connection id ""{ConnectionId}"" bad request data: ""{message}""");
-            _connectionHeadResponseBodyWrite = LoggerMessage.Define<string, int>(LogLevel.Debug, 18, @"Connection id ""{ConnectionId}"" write of ""{count}"" body bytes to non-body HEAD response.");
+            _connectionHeadResponseBodyWrite = LoggerMessage.Define<string, long>(LogLevel.Debug, 18, @"Connection id ""{ConnectionId}"" write of ""{count}"" body bytes to non-body HEAD response.");
         }
 
         public KestrelTrace(ILogger logger)
@@ -135,7 +135,7 @@ public virtual void ConnectionDisconnectedWrite(string connectionId, int count,
             _connectionDisconnectedWrite(_logger, connectionId, count, ex);
         }
 
-        public virtual void ConnectionHeadResponseBodyWrite(string connectionId, int count)
+        public virtual void ConnectionHeadResponseBodyWrite(string connectionId, long count)
         {
             _connectionHeadResponseBodyWrite(_logger, connectionId, count, null);
         }
Original file line number	Diff line number	Diff line change
`@@ -3697,6 +3697,7 @@ protected override void ClearFast()`
`3697`	`3697`	`{`
`3698`	`3698`	`_bits = 0;`
`3699`	`3699`	`_headers = default(HeaderReferences);`
	`3700`	`+`
`3700`	`3701`	`MaybeUnknown?.Clear();`
`3701`	`3702`	`}`
`3702`	`3703`
`@@ -5670,6 +5671,7 @@ public StringValues HeaderContentLength`
`5670`	`5671`	`}`
`5671`	`5672`	`set`
`5672`	`5673`	`{`
	`5674`	`+ _contentLength = ParseContentLength(value);`
`5673`	`5675`	`_bits \|= 2048L;`
`5674`	`5676`	`_headers._ContentLength = value;`
`5675`	`5677`	`_headers._rawContentLength = null;`
`@@ -7384,6 +7386,7 @@ protected override void SetValueFast(string key, StringValues value)`
`7384`	`7386`	`{`
`7385`	`7387`	`if ("Content-Length".Equals(key, StringComparison.OrdinalIgnoreCase))`
`7386`	`7388`	`{`
	`7389`	`+ _contentLength = ParseContentLength(value);`
`7387`	`7390`	`_bits \|= 2048L;`
`7388`	`7391`	`_headers._ContentLength = value;`
`7389`	`7392`	`_headers._rawContentLength = null;`
`@@ -7809,6 +7812,7 @@ protected override void AddValueFast(string key, StringValues value)`
`7809`	`7812`	`{`
`7810`	`7813`	`ThrowDuplicateKeyException();`
`7811`	`7814`	`}`
	`7815`	`+ _contentLength = ParseContentLength(value);`
`7812`	`7816`	`_bits \|= 2048L;`
`7813`	`7817`	`_headers._ContentLength = value;`
`7814`	`7818`	`_headers._rawContentLength = null;`
`@@ -8350,6 +8354,7 @@ protected override bool RemoveFast(string key)`
`8350`	`8354`	`{`
`8351`	`8355`	`if (((_bits & 2048L) != 0))`
`8352`	`8356`	`{`
	`8357`	`+ _contentLength = null;`
`8353`	`8358`	`_bits &= ~2048L;`
`8354`	`8359`	`_headers._ContentLength = StringValues.Empty;`
`8355`	`8360`	`_headers._rawContentLength = null;`
`@@ -8601,6 +8606,7 @@ protected override void ClearFast()`
`8601`	`8606`	`{`
`8602`	`8607`	`_bits = 0;`
`8603`	`8608`	`_headers = default(HeaderReferences);`
	`8609`	`+ _contentLength = null;`
`8604`	`8610`	`MaybeUnknown?.Clear();`
`8605`	`8611`	`}`
`8606`	`8612`
Original file line number	Diff line number	Diff line change
`@@ -92,6 +92,16 @@ public override async Task RequestProcessingAsync()`
`92`	`92`	`try`
`93`	`93`	`{`
`94`	`94`	`await _application.ProcessRequestAsync(context).ConfigureAwait(false);`
	`95`	`+`
	`96`	`+ var responseHeaders = FrameResponseHeaders;`
	`97`	`+ if (!responseHeaders.HasTransferEncoding &&`
	`98`	`+ responseHeaders.HasContentLength &&`
	`99`	`+ _responseBytesWritten < responseHeaders.HeaderContentLengthValue.Value)`
	`100`	`+ {`
	`101`	`+ _keepAlive = false;`
	`102`	`+ ReportApplicationError(new InvalidOperationException(`
	`103`	`+ $"Response Content-Length mismatch: too few bytes written ({_responseBytesWritten} of {responseHeaders.HeaderContentLengthValue.Value})."));`
	`104`	`+ }`
`95`	`105`	`}`
`96`	`106`	`catch (Exception ex)`
`97`	`107`	`{`
Original file line number	Diff line number	Diff line change
`@@ -24,7 +24,7 @@ public class KestrelTrace : IKestrelTrace`
`24`	`24`	`private static readonly Action<ILogger, string, Exception> _applicationError;`
`25`	`25`	`private static readonly Action<ILogger, string, Exception> _connectionError;`
`26`	`26`	`private static readonly Action<ILogger, string, int, Exception> _connectionDisconnectedWrite;`
`27`		`- private static readonly Action<ILogger, string, int, Exception> _connectionHeadResponseBodyWrite;`
	`27`	`+ private static readonly Action<ILogger, string, long, Exception> _connectionHeadResponseBodyWrite;`
`28`	`28`	`private static readonly Action<ILogger, Exception> _notAllConnectionsClosedGracefully;`
`29`	`29`	`private static readonly Action<ILogger, string, string, Exception> _connectionBadRequest;`
`30`	`30`
`@@ -49,7 +49,7 @@ static KestrelTrace()`
`49`	`49`	`_connectionDisconnectedWrite = LoggerMessage.Define<string, int>(LogLevel.Debug, 15, @"Connection id ""{ConnectionId}"" write of ""{count}"" bytes to disconnected client.");`
`50`	`50`	`_notAllConnectionsClosedGracefully = LoggerMessage.Define(LogLevel.Debug, 16, "Some connections failed to close gracefully during server shutdown.");`
`51`	`51`	`_connectionBadRequest = LoggerMessage.Define<string, string>(LogLevel.Information, 17, @"Connection id ""{ConnectionId}"" bad request data: ""{message}""");`
`52`		`- _connectionHeadResponseBodyWrite = LoggerMessage.Define<string, int>(LogLevel.Debug, 18, @"Connection id ""{ConnectionId}"" write of ""{count}"" body bytes to non-body HEAD response.");`
	`52`	`+ _connectionHeadResponseBodyWrite = LoggerMessage.Define<string, long>(LogLevel.Debug, 18, @"Connection id ""{ConnectionId}"" write of ""{count}"" body bytes to non-body HEAD response.");`
`53`	`53`	`}`
`54`	`54`
`55`	`55`	`public KestrelTrace(ILogger logger)`
`@@ -135,7 +135,7 @@ public virtual void ConnectionDisconnectedWrite(string connectionId, int count,`
`135`	`135`	`_connectionDisconnectedWrite(_logger, connectionId, count, ex);`
`136`	`136`	`}`
`137`	`137`
`138`		`- public virtual void ConnectionHeadResponseBodyWrite(string connectionId, int count)`
	`138`	`+ public virtual void ConnectionHeadResponseBodyWrite(string connectionId, long count)`
`139`	`139`	`{`
`140`	`140`	`_connectionHeadResponseBodyWrite(_logger, connectionId, count, null);`
`141`	`141`	`}`