From dev-return-199968-archive-asf-public=cust-asf.ponee.io@tomcat.apache.org Tue Jul 2 13:50:01 2019 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [207.244.88.153]) by mx-eu-01.ponee.io (Postfix) with SMTP id B4AE618060E for ; Tue, 2 Jul 2019 15:50:00 +0200 (CEST) Received: (qmail 99078 invoked by uid 500); 2 Jul 2019 13:49:59 -0000 Mailing-List: contact dev-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Developers List" Delivered-To: mailing list dev@tomcat.apache.org Received: (qmail 99063 invoked by uid 99); 2 Jul 2019 13:49:59 -0000 Received: from ec2-52-202-80-70.compute-1.amazonaws.com (HELO gitbox.apache.org) (52.202.80.70) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 02 Jul 2019 13:49:59 +0000 From: GitBox To: dev@tomcat.apache.org Subject: [GitHub] [tomcat] markt-asf commented on a change in pull request #176: CoyoteAdapter: fix out-of-bounds read in checkNormalize Message-ID: <156207539969.15509.11344507893187352375.gitbox@gitbox.apache.org> Date: Tue, 02 Jul 2019 13:49:59 -0000 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit markt-asf commented on a change in pull request #176: CoyoteAdapter: fix out-of-bounds read in checkNormalize URL: https://github.com/apache/tomcat/pull/176#discussion_r299493101 ########## File path: java/org/apache/catalina/connector/CoyoteAdapter.java ########## @@ -1271,6 +1276,11 @@ public static boolean checkNormalize(MessageBytes uriMB) { } } + // The URL must start with '/' + if (c[start] != '/') { + return false; + } + // Check for ending with "/." or "/.." Review comment: I don't see how that can trigger a 500. The request line: `GET %20%2e%2e%20%30%20%0a HTTP/1.1` is going to result in a 400 response in all current Tomcat versions. Please provide a request line example that triggers the exception in the original report. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: users@infra.apache.org With regards, Apache Git Services --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org For additional commands, e-mail: dev-help@tomcat.apache.org