From f405ecb1763249f74a93b3cff7ba43d1f6dbcb63 Mon Sep 17 00:00:00 2001
From: Ben Schmeckpeper <ben.schmeckpeper@gmail.com>
Date: Tue, 9 Feb 2021 15:16:58 -0600
Subject: [PATCH] Handle EOFError raised by Rack

In v2.2.0, Rack started raising an EOFError when given an empty body with a
multipart upload - https://github.com/rack/rack/pull/1572  Previously, Rack had
swallowed this error.
---
 CHANGELOG.md                |  2 ++
 lib/grape/request.rb        |  2 ++
 spec/grape/endpoint_spec.rb | 16 ++++++++++++++++
 3 files changed, 20 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 2793496880..b610254e7d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,6 +8,8 @@
 
 * Your contribution here.
 
+* [#2161](https://github.com/ruby-grape/grape/pull/2157): Handle EOFError from Rack when given an empty multipart body - [@bschmeck](https://github.com/bschmeck).
+
 ### 1.5.2 (2021/02/06)
 
 #### Features
diff --git a/lib/grape/request.rb b/lib/grape/request.rb
index b547797482..3163aa7989 100644
--- a/lib/grape/request.rb
+++ b/lib/grape/request.rb
@@ -15,6 +15,8 @@ def initialize(env, **options)
 
     def params
       @params ||= build_params
+    rescue EOFError
+      raise Grape::Exceptions::InvalidMessageBody, 'multipart/form-data'
     end
 
     def headers
diff --git a/spec/grape/endpoint_spec.rb b/spec/grape/endpoint_spec.rb
index 4bbeb070c3..f121577918 100644
--- a/spec/grape/endpoint_spec.rb
+++ b/spec/grape/endpoint_spec.rb
@@ -420,6 +420,22 @@ def app
         expect(last_response.status).to eq(201)
         expect(last_response.body).to eq('Bob')
       end
+
+      it 'returns a 400 if given an invalid multipart body' do
+        # Rack swallowed this error until v2.2.0
+        major, minor, _patch = Rack.release.split('.').map(&:to_i)
+        next if major < 2 || major == 2 && minor < 2
+
+        subject.params do
+          requires :file, type: Rack::Multipart::UploadedFile
+        end
+        subject.post '/upload' do
+          params[:file][:filename]
+        end
+        post '/upload', { file: '' }, 'CONTENT_TYPE' => 'multipart/form-data; boundary=foobar'
+        expect(last_response.status).to eq(400)
+        expect(last_response.body).to include('multipart/form-data')
+      end
     end
 
     it 'responds with a 415 for an unsupported content-type' do