Return-Path: X-Original-To: apmail-tomcat-dev-archive@www.apache.org Delivered-To: apmail-tomcat-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 26ACFD3E9 for ; Thu, 9 Aug 2012 18:15:03 +0000 (UTC) Received: (qmail 49523 invoked by uid 500); 9 Aug 2012 18:15:02 -0000 Delivered-To: apmail-tomcat-dev-archive@tomcat.apache.org Received: (qmail 49451 invoked by uid 500); 9 Aug 2012 18:15:02 -0000 Mailing-List: contact dev-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Developers List" Delivered-To: mailing list dev@tomcat.apache.org Received: (qmail 49442 invoked by uid 99); 9 Aug 2012 18:15:02 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 09 Aug 2012 18:15:02 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 09 Aug 2012 18:14:59 +0000 Received: from eris.apache.org (localhost [127.0.0.1]) by eris.apache.org (Postfix) with ESMTP id F319C23889B8 for ; Thu, 9 Aug 2012 18:14:14 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1371355 - in /tomcat/tc6.0.x/trunk: ./ 53531.diff STATUS.txt java/org/apache/catalina/startup/ExpandWar.java src/ webapps/docs/changelog.xml Date: Thu, 09 Aug 2012 18:14:14 -0000 To: dev@tomcat.apache.org From: schultz@apache.org X-Mailer: svnmailer-1.0.8-patched Message-Id: <20120809181414.F319C23889B8@eris.apache.org> Author: schultz Date: Thu Aug 9 18:14:14 2012 New Revision: 1371355 URL: http://svn.apache.org/viewvc?rev=1371355&view=rev Log: https://issues.apache.org/bugzilla/show_bug.cgi?id=53531 Fix ExpandWar.expand to check the return value of File.mkdir and File.mkdirs Added: tomcat/tc6.0.x/trunk/53531.diff tomcat/tc6.0.x/trunk/src/ Modified: tomcat/tc6.0.x/trunk/ (props changed) tomcat/tc6.0.x/trunk/STATUS.txt tomcat/tc6.0.x/trunk/java/org/apache/catalina/startup/ExpandWar.java tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc6.0.x/trunk/ ------------------------------------------------------------------------------ Merged /tomcat/trunk:r1359981 Added: tomcat/tc6.0.x/trunk/53531.diff URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/53531.diff?rev=1371355&view=auto ============================================================================== --- tomcat/tc6.0.x/trunk/53531.diff (added) +++ tomcat/tc6.0.x/trunk/53531.diff Thu Aug 9 18:14:14 2012 @@ -0,0 +1,37 @@ +Index: java/org/apache/catalina/startup/ExpandWar.java +=================================================================== +--- java/org/apache/catalina/startup/ExpandWar.java (revision 1360366) ++++ java/org/apache/catalina/startup/ExpandWar.java (working copy) +@@ -132,7 +132,8 @@ + } + + // Create the new document base directory +- docBase.mkdir(); ++ if(!docBase.mkdir() && !docBase.isDirectory()) ++ throw new IOException(sm.getString("expandWar.createFailed", docBase)); + + // Expand the WAR into the new document base directory + String canonicalDocBasePrefix = docBase.getCanonicalPath(); +@@ -162,7 +163,9 @@ + if (last >= 0) { + File parent = new File(docBase, + name.substring(0, last)); +- parent.mkdirs(); ++ ++ if(!parent.mkdirs() && !parent.isDirectory()) ++ throw new IOException(sm.getString("expandWar.createFailed", parent)); + } + if (name.endsWith("/")) { + continue; +Index: java/org/apache/catalina/startup/LocalStrings.properties +=================================================================== +--- java/org/apache/catalina/startup/LocalStrings.properties (revision 1360366) ++++ java/org/apache/catalina/startup/LocalStrings.properties (working copy) +@@ -61,6 +61,7 @@ + expandWar.copy=Error copying {0} to {1} + expandWar.deleteFailed=[{0}] could not be completely deleted. The presence of the remaining files may cause problems + expandWar.illegalPath=The archive [{0}] is malformed and will be ignored: an entry contains an illegal path [{1}] ++expandWar.createFailed=Unable to create the directory [{0}] + hostConfig.appBase=Application base directory {0} does not exist + hostConfig.canonicalizing=Error delete redeploy resources from context [{0}] + hostConfig.cce=Lifecycle event data object {0} is not a Host Modified: tomcat/tc6.0.x/trunk/STATUS.txt URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1371355&r1=1371354&r2=1371355&view=diff ============================================================================== --- tomcat/tc6.0.x/trunk/STATUS.txt (original) +++ tomcat/tc6.0.x/trunk/STATUS.txt Thu Aug 9 18:14:14 2012 @@ -28,14 +28,6 @@ RELEASE SHOWSTOPPERS: PATCHES ACCEPTED TO BACKPORT: [ start all new proposals below, under PATCHES PROPOSED. ] -* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=53531 - ExpandWar.expand does not check the return value of File.mkdirs - Patch here: https://issues.apache.org/bugzilla/attachment.cgi?id=29050 - This is a similar fix to trunk (http://svn.apache.org/viewvc?view=revision&revision=1359981) - and also includes checking of File.mkdirs() as mentioned in the bug. - +1: schultz, kkolinko, rjung - -1: - * Fix conflict with CSRF protection filter and clustering Cache needs to be serializable http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java?r1=1083987&r2=1083986&pathrev=1083987 Modified: tomcat/tc6.0.x/trunk/java/org/apache/catalina/startup/ExpandWar.java URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/startup/ExpandWar.java?rev=1371355&r1=1371354&r2=1371355&view=diff ============================================================================== --- tomcat/tc6.0.x/trunk/java/org/apache/catalina/startup/ExpandWar.java (original) +++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/startup/ExpandWar.java Thu Aug 9 18:14:14 2012 @@ -132,7 +132,8 @@ public class ExpandWar { } // Create the new document base directory - docBase.mkdir(); + if(!docBase.mkdir() && !docBase.isDirectory()) + throw new IOException(sm.getString("expandWar.createFailed", docBase)); // Expand the WAR into the new document base directory String canonicalDocBasePrefix = docBase.getCanonicalPath(); @@ -162,7 +163,9 @@ public class ExpandWar { if (last >= 0) { File parent = new File(docBase, name.substring(0, last)); - parent.mkdirs(); + + if(!parent.mkdirs() && !parent.isDirectory()) + throw new IOException(sm.getString("expandWar.createFailed", parent)); } if (name.endsWith("/")) { continue; Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=1371355&r1=1371354&r2=1371355&view=diff ============================================================================== --- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Thu Aug 9 18:14:14 2012 @@ -170,6 +170,10 @@ the JreMemoryLeakPreventionListener does not trigger a full GC every hour. (markt/kkolinko) + + 53531: Fix ExpandWar.expand to check the return value of + File.mkdir and File.mkdirs. (schultz) + --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org For additional commands, e-mail: dev-help@tomcat.apache.org