tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From craig...@locus.apache.org
Subject cvs commit: jakarta-tomcat/src/share/org/apache/tomcat/request SimpleMapper1.java StaticInterceptor.java
Date Mon, 11 Dec 2000 17:52:31 GMT
craigmcc    00/12/11 09:52:31

  Modified:    src/share/org/apache/tomcat/request Tag: tomcat_32
                        SimpleMapper1.java StaticInterceptor.java
  Log:
  Fix a security vulnerability that would display the contents of sensitive
  files when a URL like this was used:
  
  	http://localhost:8080/examples//WEB-INF/web.xml
  
  This vulnerability appears on Linux (and any other OS that ignores "//" in
  the middle of a pathname), but not on Windows.
  
  Submitted by: Ramon Cacha <rcasha@megabyte.net>
  PR: BugRat Bug Report #565
  
  Revision  Changes    Path
  No                   revision
  
  
  No                   revision
  
  
  1.15.2.4  +2 -2      jakarta-tomcat/src/share/org/apache/tomcat/request/SimpleMapper1.java
  
  Index: SimpleMapper1.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/request/SimpleMapper1.java,v
  retrieving revision 1.15.2.3
  retrieving revision 1.15.2.4
  diff -u -r1.15.2.3 -r1.15.2.4
  --- SimpleMapper1.java	2000/12/01 03:00:41	1.15.2.3
  +++ SimpleMapper1.java	2000/12/11 17:52:30	1.15.2.4
  @@ -343,8 +343,8 @@
               requestURI.substring(contextPath.length()).toUpperCase();
           if (relativePath.equals("/META-INF") ||
               relativePath.equals("/WEB-INF") ||
  -            relativePath.startsWith("/META-INF/") ||
  -            relativePath.startsWith("/WEB-INF/"))
  +            (relativePath.indexOf("/META-INF/") != 0) ||
  +            (relativePath.indexOf("/WEB-INF/") != 0))
               return 404;
   
   	return OK;
  
  
  
  1.7.2.5   +3 -1      jakarta-tomcat/src/share/org/apache/tomcat/request/StaticInterceptor.java
  
  Index: StaticInterceptor.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/request/StaticInterceptor.java,v
  retrieving revision 1.7.2.4
  retrieving revision 1.7.2.5
  diff -u -r1.7.2.4 -r1.7.2.5
  --- StaticInterceptor.java	2000/11/07 22:52:52	1.7.2.4
  +++ StaticInterceptor.java	2000/12/11 17:52:30	1.7.2.5
  @@ -418,7 +418,9 @@
   
   		String relPathU=relPath.toUpperCase();
   		if ( relPathU.startsWith("WEB-INF") ||
  -				relPathU.startsWith("META-INF")) {
  +                     relPathU.startsWith("META-INF") ||
  +                    (relPathU.indexOf("/WEB-INF/") != 0) ||
  +                    (relPathU.indexOf("/META-INF/") != 0) ) {
   			return null;
   		}
   	}
  
  
  

Mime
View raw message