Return-Path: 
 <tomcat-dev-return-21483-apmail-jakarta-tomcat-dev-archive=jakarta.apache.org@jakarta.apache.org>
Delivered-To: apmail-jakarta-tomcat-dev-archive@jakarta.apache.org
Received: (qmail 26568 invoked by uid 500); 16 May 2001 20:54:55 -0000
Mailing-List: contact tomcat-dev-help@jakarta.apache.org; run by ezmlm
Precedence: bulk
list-help: <mailto:tomcat-dev-help@jakarta.apache.org>
list-unsubscribe: <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
list-post: <mailto:tomcat-dev@jakarta.apache.org>
Reply-To: tomcat-dev@jakarta.apache.org
Delivered-To: mailing list tomcat-dev@jakarta.apache.org
Received: (qmail 26255 invoked by uid 500); 16 May 2001 20:54:49 -0000
Delivered-To: apmail-jakarta-tomcat-cvs@apache.org
Date: 16 May 2001 20:54:44 -0000
Message-ID: <20010516205444.25995.qmail@apache.org>
From: larryi@apache.org
To: jakarta-tomcat-cvs@apache.org
Subject: cvs commit: jakarta-tomcat/src/native/jk jk_uri_worker_map.c

larryi      01/05/16 13:54:43

  Modified:    src/native/jk Tag: tomcat_32 jk_uri_worker_map.c
  Log:
  Fix bug in check_security_fraud() and add ".suffix " to ".suffix." and
  "suffix/" already being checked.
  
  Revision  Changes    Path
  No                   revision
  
  
  No                   revision
  
  
  1.3.2.1   +5 -4      jakarta-tomcat/src/native/jk/Attic/jk_uri_worker_map.c
  
  Index: jk_uri_worker_map.c
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat/src/native/jk/Attic/jk_uri_worker_map.c,v
  retrieving revision 1.3
  retrieving revision 1.3.2.1
  diff -u -r1.3 -r1.3.2.1
  --- jk_uri_worker_map.c	2000/05/29 12:53:24	1.3
  +++ jk_uri_worker_map.c	2001/05/16 20:54:37	1.3.2.1
  @@ -65,7 +65,7 @@
    * servlet container.                                                      *
    *                                                                         *
    * Author:      Gal Shachor <shachor@il.ibm.com>                           *
  - * Version:     $Revision: 1.3 $                                               *
  + * Version:     $Revision: 1.3.2.1 $                                               *
    ***************************************************************************/
   
   #include "jk_pool.h"
  @@ -111,7 +111,8 @@
    * fumble and return the jsp content. 
    *
    * To solve that we will check for path info following the suffix, we 
  - * will also check that the end of the uri is not .suffix.
  + * will also check that the end of the uri is not ".suffix.",
  + * ".suffix/", or ".suffix ".
    */
   static int check_security_fraud(jk_uri_worker_map_t *uw_map, 
                                   const char *uri, 
  @@ -129,9 +130,9 @@
                   if('.' != *(suffix_start - 1)) {
                       continue;
                   } else {
  -                    char *after_suffix = suffix_start + strlen(uw_map->maps[i].suffix) + 1;
  +                    char *after_suffix = suffix_start + strlen(uw_map->maps[i].suffix);
                   
  -                    if((('.' == *after_suffix) || ('/' == *after_suffix)) && 
  +                    if((('.' == *after_suffix) || ('/' == *after_suffix) || (' ' == *after_suffix)) &&
                          (0 == strncmp(uw_map->maps[i].context, uri, uw_map->maps[i].ctxt_len))) {
                           /* 
                            * Security violation !!!