tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From lar...@apache.org
Subject cvs commit: jakarta-tomcat/src/native/jk jk_uri_worker_map.c
Date Wed, 16 May 2001 20:54:44 GMT
larryi      01/05/16 13:54:43

  Modified:    src/native/jk Tag: tomcat_32 jk_uri_worker_map.c
  Log:
  Fix bug in check_security_fraud() and add ".suffix " to ".suffix." and
  "suffix/" already being checked.
  
  Revision  Changes    Path
  No                   revision
  
  
  No                   revision
  
  
  1.3.2.1   +5 -4      jakarta-tomcat/src/native/jk/Attic/jk_uri_worker_map.c
  
  Index: jk_uri_worker_map.c
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat/src/native/jk/Attic/jk_uri_worker_map.c,v
  retrieving revision 1.3
  retrieving revision 1.3.2.1
  diff -u -r1.3 -r1.3.2.1
  --- jk_uri_worker_map.c	2000/05/29 12:53:24	1.3
  +++ jk_uri_worker_map.c	2001/05/16 20:54:37	1.3.2.1
  @@ -65,7 +65,7 @@
    * servlet container.                                                      *
    *                                                                         *
    * Author:      Gal Shachor <shachor@il.ibm.com>                           *
  - * Version:     $Revision: 1.3 $                                               *
  + * Version:     $Revision: 1.3.2.1 $                                               *
    ***************************************************************************/
   
   #include "jk_pool.h"
  @@ -111,7 +111,8 @@
    * fumble and return the jsp content. 
    *
    * To solve that we will check for path info following the suffix, we 
  - * will also check that the end of the uri is not .suffix.
  + * will also check that the end of the uri is not ".suffix.",
  + * ".suffix/", or ".suffix ".
    */
   static int check_security_fraud(jk_uri_worker_map_t *uw_map, 
                                   const char *uri, 
  @@ -129,9 +130,9 @@
                   if('.' != *(suffix_start - 1)) {
                       continue;
                   } else {
  -                    char *after_suffix = suffix_start + strlen(uw_map->maps[i].suffix)
+ 1;
  +                    char *after_suffix = suffix_start + strlen(uw_map->maps[i].suffix);
                   
  -                    if((('.' == *after_suffix) || ('/' == *after_suffix)) && 
  +                    if((('.' == *after_suffix) || ('/' == *after_suffix) || (' ' == *after_suffix))
&&
                          (0 == strncmp(uw_map->maps[i].context, uri, uw_map->maps[i].ctxt_len)))
{
                           /* 
                            * Security violation !!!
  
  
  

Mime
View raw message