Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 251389 Details for
Bug 272566
<=www-servers/tomcat-{5.5.27-r3, 6.0.18-r3}: DoS, Information Disclosure and XSS in example (CVE-2008-5515,CVE-2009-{0033,0580,0781,0783})
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch 2 of 2 to fix CVE-2008-5515 in tomcat 5.5.27
27-CVE-2008-5515.2.diff (text/plain), 2.59 KB, created by
Paul B. Henson
on 2010-10-21 02:47:20 UTC
(
hide
)
Description:
Patch 2 of 2 to fix CVE-2008-5515 in tomcat 5.5.27
Filename:
MIME Type:
Creator:
Paul B. Henson
Created:
2010-10-21 02:47:20 UTC
Size:
2.59 KB
patch
obsolete
>Index: container/catalina/src/share/org/apache/naming/resources/FileDirContext.java >=================================================================== >--- container/catalina/src/share/org/apache/naming/resources/FileDirContext.java (revision 783290) >+++ container/catalina/src/share/org/apache/naming/resources/FileDirContext.java (revision 783291) >@@ -37,7 +37,6 @@ > import javax.naming.directory.ModificationItem; > import javax.naming.directory.SearchControls; > >-import org.apache.catalina.util.RequestUtil; > import org.apache.naming.NamingContextBindingsEnumeration; > import org.apache.naming.NamingContextEnumeration; > import org.apache.naming.NamingEntry; >@@ -774,10 +773,58 @@ > */ > protected String normalize(String path) { > >- return RequestUtil.normalize(path, File.separatorChar == '\\'); >+ if (path == null) >+ return null; > >+ // Create a place for the normalized path >+ String normalized = path; >+ >+ if (File.separatorChar == '\\' && normalized.indexOf('\\') >= 0) >+ normalized = normalized.replace('\\', '/'); >+ >+ if (normalized.equals("/.")) >+ return "/"; >+ >+ // Add a leading "/" if necessary >+ if (!normalized.startsWith("/")) >+ normalized = "/" + normalized; >+ >+ // Resolve occurrences of "//" in the normalized path >+ while (true) { >+ int index = normalized.indexOf("//"); >+ if (index < 0) >+ break; >+ normalized = normalized.substring(0, index) + >+ normalized.substring(index + 1); >+ } >+ >+ // Resolve occurrences of "/./" in the normalized path >+ while (true) { >+ int index = normalized.indexOf("/./"); >+ if (index < 0) >+ break; >+ normalized = normalized.substring(0, index) + >+ normalized.substring(index + 2); >+ } >+ >+ // Resolve occurrences of "/../" in the normalized path >+ while (true) { >+ int index = normalized.indexOf("/../"); >+ if (index < 0) >+ break; >+ if (index == 0) >+ return (null); // Trying to go outside our context >+ int index2 = normalized.lastIndexOf('/', index - 1); >+ normalized = normalized.substring(0, index2) + >+ normalized.substring(index + 3); >+ } >+ >+ // Return the normalized path that we have completed >+ return (normalized); >+ > } > >+ > /** > * Return a File object representing the specified normalized > * context-relative path if it exists and is readable. Otherwise,
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=251389">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 272566
:
251387
| 251389 |
251391
|
251393
|
251395
