tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Thomas <ma...@apache.org>
Subject Re: Where's the fix of CVE-2005-2090?
Date Tue, 29 Jan 2008 19:02:41 GMT
Filip Hanik - Dev Lists wrote:
> Mark Thomas wrote:
>> Michal Vyskocil wrote:
>>> I'm unable to locate a patch to fix the CVE-2005-2090. I cannot found 
>>> any hint from svn commit log or bugzilla.
>>>
>>> Maybe is this commit
>>> ------------------------------------------------------------------------
>>> r513079 | markt | 2007-03-01 01:26:12 +0100 (Čt, 01 bře 2007) | 1 line
>>>
>>> As per RFC2616, requests with multiple content-length headers are 
>>> invalid.
>>
>> Yep, that's it.
> isn't it documented incorrectly then?, we dont return 400, we just grab 
> one of the headers.

If you look at the code for MimeHeaders.getUniqueValue() you'll see that 
the code throws an IAE if multiple values are found in the headers.

Mark

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message