tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 45933] New: Error processing TLD file in webapp with XML parser
Date Thu, 02 Oct 2008 06:51:20 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=45933

           Summary: Error processing TLD file in webapp with XML parser
           Product: Tomcat 5
           Version: 5.5.27
          Platform: PC
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: P3
         Component: Catalina
        AssignedTo: dev@tomcat.apache.org
        ReportedBy: ecapachedev@gmail.com
                CC: ecapachedev@gmail.com


Along the same lines with CR 29936,
com.apache.catalina.startup.TldConfig.tldDigester has an issue with
initialization.  Basically, the TldConfig's parser can be initialized with the
webapp's XML parser, which causes a security problem, since it has permission
issues with reading files.  This is caused by a similar scenario to CR 29936:

1) Remove all stock webapps that come with the standard installation.  This
includes the ones in server/webapps.  Remember to remove the configurations in
conf/Catalina.
2) Add a webapp that has a XML parser located in WEB-INF/lib.  For instance,
one from sourceforge or Apache Xerces.
3) Add a library containing a .tld file in META-INF like Spring.
4) In order to actually have a log containing the error, you need to enable
logging.  For example, by following the instructions laid out in
http://tomcat.apache.org/tomcat-5.5-doc/logging.html.  I used log4j.
5) Start the appserver in secure mode.

You should see an error in the log similar to the following:

ERROR main org.apache.catalina.startup.TldConfig - Exception processing TLD
META-INF/spring-form.tld in JAR at resource path
TOMCAT_PATH/webapps/MY_WAR/WEB-INF/lib/spring.jar in context /MY_WAR
java.security.AccessControlException: access denied (java.io.FilePermission
TOMCAT_PATH/common/lib/jsp-api.jar read)
        at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
        at
java.security.AccessController.checkPermission(AccessController.java:546)
        at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
        at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
        at java.util.zip.ZipFile.<init>(ZipFile.java:109)
        at java.util.jar.JarFile.<init>(JarFile.java:133)
        at java.util.jar.JarFile.<init>(JarFile.java:70)
        at sun.net.www.protocol.jar.URLJarFile.<init>(URLJarFile.java:72)
        at sun.net.www.protocol.jar.URLJarFile.getJarFile(URLJarFile.java:48)
        at sun.net.www.protocol.jar.JarFileFactory.get(JarFileFactory.java:53)
        at
sun.net.www.protocol.jar.JarURLConnection.connect(JarURLConnection.java:104)
        at
sun.net.www.protocol.jar.JarURLConnection.getInputStream(JarURLConnection.java:132)
        at java.net.URL.openStream(URL.java:1009)
        at org.apache.xerces.impl.XMLEntityManager.setupCurrentEntity(Unknown
Source)
        at org.apache.xerces.impl.XMLEntityManager.startEntity(Unknown Source)
        at org.apache.xerces.impl.XMLEntityManager.startDTDEntity(Unknown
Source)
        at org.apache.xerces.impl.XMLDTDScannerImpl.setInputSource(Unknown
Source)
        at
org.apache.xerces.impl.XMLDocumentScannerImpl$DTDDispatcher.dispatch(Unknown
Source)
        at
org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(Unknown
Source)
        at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
        at org.apache.xerces.parsers.DTDConfiguration.parse(Unknown Source)
        at org.apache.xerces.parsers.XMLParser.parse(Unknown Source)
        at org.apache.xerces.parsers.AbstractSAXParser.parse(Unknown Source)
        at org.apache.tomcat.util.digester.Digester.parse(Digester.java:1562)
        at
org.apache.catalina.startup.TldConfig.tldScanStream(TldConfig.java:514)
        at org.apache.catalina.startup.TldConfig.tldScanJar(TldConfig.java:472)
        at org.apache.catalina.startup.TldConfig.execute(TldConfig.java:307)
        at
org.apache.catalina.core.StandardContext.processTlds(StandardContext.java:4307)
        at
org.apache.catalina.core.StandardContext.start(StandardContext.java:4144)
        at
org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:760)
        at
org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:122)
        at
org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:144)
        at java.security.AccessController.doPrivileged(Native Method)
        at
org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:738)
        at
org.apache.catalina.core.StandardHost.addChild(StandardHost.java:544)
        at
org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:831)
        at
org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:720)
        at
org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:490)
        at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1150)
        at
org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311)
        at
org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:120)
        at
org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1022)
        at org.apache.catalina.core.StandardHost.start(StandardHost.java:736)
        at
org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1014)
        at
org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
        at
org.apache.catalina.core.StandardService.start(StandardService.java:448)
        at
org.apache.catalina.core.StandardServer.start(StandardServer.java:700)
        at org.apache.catalina.startup.Catalina.start(Catalina.java:552)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:295)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:433)

Note that if you restart the appserver, you will need to remove the webapp's
TLD cache located at "TOMCAT_PATH/work/Catalina/localhost/MY_WAR/tldCache.ser"
to reproduce the error again.


-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message