tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From r...@apache.org
Subject cvs commit: jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/connector/http HttpProcessor.java
Date Tue, 17 Jul 2001 01:04:29 GMT
remm        01/07/16 18:04:29

  Modified:    catalina/src/share/org/apache/catalina/connector/http
                        HttpProcessor.java
  Log:
  - %25, %2F, %2E and %5C are now forbidden in the request URI. I hope this
    is not a problem with multi-byte characters.
  - Medium risk fix : always finish the response. That could lead to connection
    management problems. That has to be changed since otherwise no HTTP error
    report would be generated when something bad happened when parsing
    the request.
  
  Revision  Changes    Path
  1.30      +31 -16    jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/connector/http/HttpProcessor.java
  
  Index: HttpProcessor.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/connector/http/HttpProcessor.java,v
  retrieving revision 1.29
  retrieving revision 1.30
  diff -u -r1.29 -r1.30
  --- HttpProcessor.java	2001/07/16 21:55:17	1.29
  +++ HttpProcessor.java	2001/07/17 01:04:29	1.30
  @@ -1,6 +1,6 @@
  -/* * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/connector/http/HttpProcessor.java,v
1.29 2001/07/16 21:55:17 remm Exp $
  - * $Revision: 1.29 $
  - * $Date: 2001/07/16 21:55:17 $
  +/* * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/connector/http/HttpProcessor.java,v
1.30 2001/07/17 01:04:29 remm Exp $
  + * $Revision: 1.30 $
  + * $Date: 2001/07/17 01:04:29 $
    *
    * ====================================================================
    *
  @@ -106,7 +106,7 @@
    *
    * @author Craig R. McClanahan
    * @author Remy Maucherat
  - * @version $Revision: 1.29 $ $Date: 2001/07/16 21:55:17 $
  + * @version $Revision: 1.30 $ $Date: 2001/07/17 01:04:29 $
    */
   
   final class HttpProcessor
  @@ -778,18 +778,22 @@
           if (debug >= 1)
               log("Normalized: '" + uri + "' to '" + normalizedUri + "'");
   
  -        if (normalizedUri == null) {
  -	    log(" Invalid request URI: '" + uri + "'");
  -            throw new IOException("Invalid URI: " + uri + "'");
  -        }
  -
   	// Set the corresponding request properties
   	((HttpRequest) request).setMethod(method);
   	request.setProtocol(protocol);
  -	((HttpRequest) request).setRequestURI(normalizedUri);
  +        if (normalizedUri != null) {
  +            ((HttpRequest) request).setRequestURI(normalizedUri);
  +        } else {
  +            ((HttpRequest) request).setRequestURI(uri);
  +        }
   	request.setSecure(connector.getSecure());
   	request.setScheme(connector.getScheme());
   
  +        if (normalizedUri == null) {
  +	    log(" Invalid request URI: '" + uri + "'");
  +            throw new ServletException("Invalid URI: " + uri + "'");
  +        }
  +
   	if (debug >= 1)
   	    log(" Request is '" + method + "' for '" + uri +
   		"' with protocol '" + protocol + "'");
  @@ -814,8 +818,13 @@
           // Create a place for the normalized path
           String normalized = path;
   
  -        if (normalized == null)
  -            return (null);
  +        // Prevent encoding '%', '/', '.' and '\', which are special reserved
  +        // characters
  +        if ((normalized.indexOf("%25") > 0) || (normalized.indexOf("%2F") > 0)
  +            || (normalized.indexOf("%2E") > 0) 
  +            || (normalized.indexOf("%5C") > 0)) {
  +            return null;
  +        }
   
           if (normalized.equals("/."))
               return "/";
  @@ -933,6 +942,14 @@
                   }
               } catch (EOFException e) {
                   ok = false;
  +            } catch (ServletException e) {
  +                ok = false;
  +                try {
  +                    ((HttpServletResponse) response.getResponse())
  +                        .sendError(HttpServletResponse.SC_BAD_REQUEST);
  +                } catch (Exception f) {
  +                    ;
  +                }
               } catch (InterruptedIOException e) {
                   if (debug > 1) {
                       try {
  @@ -986,10 +1003,8 @@
               
               // Finish up the handling of the request
               try {
  -                if (ok) {
  -                    response.finishResponse();
  -                    request.finishRequest();
  -                }
  +                response.finishResponse();
  +                request.finishRequest();
                   if (output != null)
                       output.flush();
               } catch (IOException e) {
  
  
  

Mime
View raw message