From: Markus Koschany <apo@debian.org>
Date: Sat, 18 Feb 2017 19:15:02 +0100
Subject: BZ57544-infinite-loop-part2

Fix 400 HTTP errors due to an incomplete fix for CVE-2017-6056.

Bug-Debian: https://bugs.debian.org/854551
Origin: https://github.com/apache/tomcat80/commit/534d62075f8c03cc3e77f301e53be53acdefd1c9
---
 java/org/apache/coyote/http11/AbstractInputBuffer.java | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/java/org/apache/coyote/http11/AbstractInputBuffer.java b/java/org/apache/coyote/http11/AbstractInputBuffer.java
index a1251d6..ac56de1 100644
--- a/java/org/apache/coyote/http11/AbstractInputBuffer.java
+++ b/java/org/apache/coyote/http11/AbstractInputBuffer.java
@@ -227,9 +227,10 @@ public abstract class AbstractInputBuffer<S> implements InputBuffer{
         // Copy leftover bytes to the beginning of the buffer
         if (lastValid - pos > 0 && pos > 0) {
             System.arraycopy(buf, pos, buf, 0, lastValid - pos);
-            lastValid = lastValid - pos;
-            pos = 0;
         }
+        // Always reset pos to zero
+        lastValid = lastValid - pos;
+        pos = 0;
 
         // Recycle filters
         for (int i = 0; i <= lastActiveFilter; i++) {