commons-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From joc...@apache.org
Subject svn commit: r964159 - in /commons/proper/fileupload/trunk: ./ src/changes/changes.xml
Date Wed, 14 Jul 2010 20:02:17 GMT
Author: jochen
Date: Wed Jul 14 20:02:16 2010
New Revision: 964159

URL: http://svn.apache.org/viewvc?rev=964159&view=rev
Log:
Upgrade to latest parent POM, preparing 1.2.2.

Modified:
    commons/proper/fileupload/trunk/   (props changed)
    commons/proper/fileupload/trunk/src/changes/changes.xml

Propchange: commons/proper/fileupload/trunk/
------------------------------------------------------------------------------
--- svn:ignore (original)
+++ svn:ignore Wed Jul 14 20:02:16 2010
@@ -1,3 +1,5 @@
 target
 maven.log
 velocity.log
+
+release.properties

Modified: commons/proper/fileupload/trunk/src/changes/changes.xml
URL: http://svn.apache.org/viewvc/commons/proper/fileupload/trunk/src/changes/changes.xml?rev=964159&r1=964158&r2=964159&view=diff
==============================================================================
--- commons/proper/fileupload/trunk/src/changes/changes.xml (original)
+++ commons/proper/fileupload/trunk/src/changes/changes.xml Wed Jul 14 20:02:16 2010
@@ -44,10 +44,11 @@ The <action> type attribute can be add,u
     <release version="1.2.2" date="Not yet released">
       <action dev="jochen" type="fix"
           due-to="Daniel Fabian" due-to-email="dfabian@google.com">
-        Added a check for file names containing a NUL characters.
-        Such file names are now triggering an InvalidFileNameException,
-        due to a security problem. (A file name like "foo.exe\0.png"
-        might lead to the unintended creation of "foo.exe".)
+        Added a check for file names containing a NULL characters. Such file
+        names are now triggering an InvalidFileNameException since the file name
+        cannot be used as provided to create the file since it will be truncated
+        at the NUL character on most (all?) operating systems. E.g. a file name
+        like "test.foo0.bar" would result in "test.foo" being created.
       </action>
       <action dev="jochen" type="fix" issue="FILEUPLOAD-160"
           due-to="Stepan Koltsov" due-to-email="yozh@mx1.ru">



Mime
View raw message