tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Thomas <medtho...@ntlworld.com>
Subject [PATCH] CGI Servlet bugs
Date Tue, 02 Sep 2003 20:51:27 GMT
Below is a patch for bug 22857, bug 22858 and one additional issue I found 
whilst looking at the other issues. I am concerned that the patch may only work 
on windows platforms and would appreciate it if someone with non-Windows 
knowledge could review this patch.

I have included TC5 and TC4 patches.

Mark

Index: catalina/src/share/org/apache/catalina/servlets/CGIServlet.java
===================================================================
RCS file: 
/home/cvspublic/jakarta-tomcat-catalina/catalina/src/share/org/apache/catali  
na/servlets/CGIServlet.java,v
retrieving revision 1.5
diff -u -r1.5 CGIServlet.java
--- catalina/src/share/org/apache/catalina/servlets/CGIServlet.java	22 Nov 2002 
22:26:08 -0000	1.5
+++ catalina/src/share/org/apache/catalina/servlets/CGIServlet.java	2 Sep 2003 
20:31:03 -0000
@@ -750,7 +750,7 @@
          *
          */
         protected CGIEnvironment(HttpServletRequest req,
-                                 ServletContext context) {
+                                 ServletContext context) throws IOException {
             setupFromContext(context);
             setupFromRequest(req);

@@ -946,7 +946,7 @@
          * @return   true if environment was set OK, false if there
          *           was a problem and no environment was set
          */
-        protected boolean setCGIEnvironment(HttpServletRequest req) {
+        protected boolean setCGIEnvironment(HttpServletRequest req) throws 
IOException {

             /*
              * This method is slightly ugly; c'est la vie.
@@ -1109,7 +1109,9 @@
                 }
             }

-            command = sCGIFullPath;
+            File fCGIFullPath = new File(sCGIFullPath);
+            command = fCGIFullPath.getCanonicalPath();
+
             envp.put("X_TOMCAT_SCRIPT_PATH", command);  //for kicks

             this.env = envp;
@@ -1550,17 +1552,19 @@

             //create query arguments
             Enumeration paramNames = params.keys();
-            StringBuffer cmdAndArgs = new StringBuffer(command);
+            StringBuffer cmdAndArgs = new StringBuffer("\"" + command + "\"");
             if (paramNames != null && paramNames.hasMoreElements()) {
                 cmdAndArgs.append(" ");
                 while (paramNames.hasMoreElements()) {
                     String k = (String) paramNames.nextElement();
                     String v = params.get(k).toString();
                     if ((k.indexOf("=") < 0) && (v.indexOf("=") < 0)) {
+                        cmdAndArgs.append("\"");
                         cmdAndArgs.append(k);
                         cmdAndArgs.append("=");
                         v = java.net.URLEncoder.encode(v);
                         cmdAndArgs.append(v);
+                        cmdAndArgs.append("\"");
                         cmdAndArgs.append(" ");
                     }
                 }
@@ -1573,11 +1577,9 @@
                 env.put("CONTENT_LENGTH", new Integer(contentLength));
             }*/

-        if (command.endsWith(".pl") || command.endsWith(".cgi")) {
             StringBuffer perlCommand = new StringBuffer("perl ");
             perlCommand.append(cmdAndArgs.toString());
             cmdAndArgs = perlCommand;
-        }

             rt = Runtime.getRuntime();
             proc = rt.exec(cmdAndArgs.toString(), hashToStringArray(env), wd);



Index: catalina/src/share/org/apache/catalina/servlets/CGIServlet.java
===================================================================
RCS file: 
/home/cvspublic/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/se  
rvlets/CGIServlet.java,v
retrieving revision 1.11
diff -u -r1.11 CGIServlet.java
--- catalina/src/share/org/apache/catalina/servlets/CGIServlet.java	4 Dec 2002 
21:09:07 -0000	1.11
+++ catalina/src/share/org/apache/catalina/servlets/CGIServlet.java	2 Sep 2003 
19:31:10 -0000
@@ -750,7 +750,7 @@
          *
          */
         protected CGIEnvironment(HttpServletRequest req,
-                                 ServletContext context) {
+                                 ServletContext context) throws IOException {
             setupFromContext(context);
             setupFromRequest(req);

@@ -946,7 +946,7 @@
          * @return   true if environment was set OK, false if there
          *           was a problem and no environment was set
          */
-        protected boolean setCGIEnvironment(HttpServletRequest req) {
+        protected boolean setCGIEnvironment(HttpServletRequest req) throws 
IOException {

             /*
              * This method is slightly ugly; c'est la vie.
@@ -1114,7 +1114,9 @@
                 }
             }

-            command = sCGIFullPath;
+            File fCGIFullPath = new File(sCGIFullPath);
+            command = fCGIFullPath.getCanonicalPath();
+
             envp.put("X_TOMCAT_SCRIPT_PATH", command);  //for kicks

             this.env = envp;
@@ -1555,17 +1557,19 @@

             //create query arguments
             Enumeration paramNames = params.keys();
-            StringBuffer cmdAndArgs = new StringBuffer(command);
+            StringBuffer cmdAndArgs = new StringBuffer("\"" + command + "\"");
             if (paramNames != null && paramNames.hasMoreElements()) {
                 cmdAndArgs.append(" ");
                 while (paramNames.hasMoreElements()) {
                     String k = (String) paramNames.nextElement();
                     String v = params.get(k).toString();
                     if ((k.indexOf("=") < 0) && (v.indexOf("=") < 0)) {
+                        cmdAndArgs.append("\"");
                         cmdAndArgs.append(k);
                         cmdAndArgs.append("=");
                         v = java.net.URLEncoder.encode(v);
                         cmdAndArgs.append(v);
+                        cmdAndArgs.append("\"");
                         cmdAndArgs.append(" ");
                     }
                 }
@@ -1578,12 +1582,10 @@
                 env.put("CONTENT_LENGTH", new Integer(contentLength));
             }*/

-        if (command.endsWith(".pl") || command.endsWith(".cgi")) {
             StringBuffer perlCommand = new StringBuffer("perl ");
             perlCommand.append(cmdAndArgs.toString());
             cmdAndArgs = perlCommand;
-        }

             rt = Runtime.getRuntime();
             proc = rt.exec(cmdAndArgs.toString(), hashToStringArray(env), wd);
 


Mime
View raw message