Crash on multipart/form-data decoding with empty mime type.

[sderiu]

Describe the bug

Server crashes on a multipart/form-data request with an empty mimeType.

To Reproduce

Steps to reproduce the behavior:

1. Send a multipart/form-data request from a client with an empty mime type.
2. Try decoding the request in a Content conform struct on the server.
3. Server crashes with a fatalError, no error messages provided.

Expected behavior

The request throw a decoding error avoiding server crashes and providing a readable error message.

Environment

• Vapor Framework version: 4.38.0
• OS version: Ubuntu 20.04, macOS 10.15.7

Additional context

This is how the AlamoFire request is sent (See MultipartFormData):

multipart.append(file, withName: "file", fileName: "my_file.zip", mimeType: "")

and this is how I decode it :

func upload(_ req: Request) throws {
      let file = try req.content.decode(Upload.self)
      // doing some other stuff
}

struct Upload: Content {
     let file : File 
}

Using Backtrace I found the line where the fatalError is raised :

Fatal error: file Vapor/MultipartParser.swift, line 186

The error is raised on the handleHeadersComplete function.

Me and the iOS developer spent some hours digging into the MultipartParser decoding strategy and we found the headers decoding is made using three different functions:

• handleHeaderField (Vapor/MultipartParser.swift, line 158)
• handleHeaderValue (Vapor/MultipartParser.swift, line 170)
• handleHeadersComplete (Vapor/MultipartParser.swift, line 186) where we got the fatal error.

Simplifying a lot the handleHeaderField function read the header name, handleHeaderValue the value for that header and handleHeadersComplete declares the header is complete.

Passing an empty mime type, the parser fail to decode the "Content-Type" header raising a fatalError, stopping the execution and causing a server crash.

[0xTim]

Moving to here to track it

[siemensikkema]

@sderiu Could you please check again with the latest version? (4.0.1)