Convert InvalidOperationException to InvalidDataException for form reader (#20138)

Marusyk · web-flow · commit d0cc04f95701 · 2020-03-26T09:42:22.000-07:00
diff --git a/src/Http/WebUtilities/src/FormPipeReader.cs b/src/Http/WebUtilities/src/FormPipeReader.cs
@@ -377,10 +377,17 @@ private string GetDecodedString(ReadOnlySpan<byte> readOnlySpan)
                 // We will also create a string from it by the end of the function.
                 var span = MemoryMarshal.CreateSpan(ref Unsafe.AsRef(readOnlySpan[0]), readOnlySpan.Length);
 
-                var bytes = UrlDecoder.DecodeInPlace(span, isFormEncoding: true);
-                span = span.Slice(0, bytes);
+                try
+                {
+                    var bytes = UrlDecoder.DecodeInPlace(span, isFormEncoding: true);
+                    span = span.Slice(0, bytes);
 
-                return _encoding.GetString(span);
+                    return _encoding.GetString(span);
+                }
+                catch (InvalidOperationException ex)
+                {
+                    throw new InvalidDataException("The form value contains invalid characters.", ex);
+                }
             }
             else
             {
diff --git a/src/Http/WebUtilities/test/FormPipeReaderTests.cs b/src/Http/WebUtilities/test/FormPipeReaderTests.cs
@@ -78,6 +78,18 @@ public async Task ReadFormAsync_EmptyValueWithoutEqualsWithAdditionalEntryAllowe
             Assert.Equal("2", formCollection["baz"].ToString());
         }
 
+        [Fact]
+        public async Task ReadFormAsync_ValueContainsInvalidCharacters_Throw()
+        {
+            var bodyPipe = await MakePipeReader("%00");
+
+            var exception = await Assert.ThrowsAsync<InvalidDataException>(
+                () => ReadFormAsync(new FormPipeReader(bodyPipe)));
+
+            Assert.Equal("The form value contains invalid characters.", exception.Message);
+            Assert.IsType<InvalidOperationException>(exception.InnerException);
+        }
+
         [Fact]
         public async Task ReadFormAsync_ValueCountLimitMet_Success()
         {
diff --git a/src/Shared/UrlDecoder/UrlDecoder.cs b/src/Shared/UrlDecoder/UrlDecoder.cs
@@ -294,7 +294,7 @@ private static int UnescapePercentEncoding(ref int scan, Span<byte> buffer, bool
         /// Read the next char and convert it into hexadecimal value.
         ///
         /// The <paramref name="scan"/> index will be moved to the next
-        /// byte no matter no matter whether the operation successes.
+        /// byte no matter whether the operation successes.
         /// </summary>
         /// <param name="scan">The index of the byte in the buffer to read</param>
         /// <param name="buffer">The byte span from which the hex to be read</param>
