Lines 37-43
Link Here
|
37 |
import javax.naming.directory.ModificationItem; |
37 |
import javax.naming.directory.ModificationItem; |
38 |
import javax.naming.directory.SearchControls; |
38 |
import javax.naming.directory.SearchControls; |
39 |
|
39 |
|
40 |
import org.apache.catalina.util.RequestUtil; |
|
|
41 |
import org.apache.naming.NamingContextBindingsEnumeration; |
40 |
import org.apache.naming.NamingContextBindingsEnumeration; |
42 |
import org.apache.naming.NamingContextEnumeration; |
41 |
import org.apache.naming.NamingContextEnumeration; |
43 |
import org.apache.naming.NamingEntry; |
42 |
import org.apache.naming.NamingEntry; |
Lines 774-783
Link Here
|
774 |
*/ |
773 |
*/ |
775 |
protected String normalize(String path) { |
774 |
protected String normalize(String path) { |
776 |
|
775 |
|
777 |
return RequestUtil.normalize(path, File.separatorChar == '\\'); |
776 |
if (path == null) |
|
|
777 |
return null; |
778 |
|
778 |
|
|
|
779 |
// Create a place for the normalized path |
780 |
String normalized = path; |
781 |
|
782 |
if (File.separatorChar == '\\' && normalized.indexOf('\\') >= 0) |
783 |
normalized = normalized.replace('\\', '/'); |
784 |
|
785 |
if (normalized.equals("/.")) |
786 |
return "/"; |
787 |
|
788 |
// Add a leading "/" if necessary |
789 |
if (!normalized.startsWith("/")) |
790 |
normalized = "/" + normalized; |
791 |
|
792 |
// Resolve occurrences of "//" in the normalized path |
793 |
while (true) { |
794 |
int index = normalized.indexOf("//"); |
795 |
if (index < 0) |
796 |
break; |
797 |
normalized = normalized.substring(0, index) + |
798 |
normalized.substring(index + 1); |
799 |
} |
800 |
|
801 |
// Resolve occurrences of "/./" in the normalized path |
802 |
while (true) { |
803 |
int index = normalized.indexOf("/./"); |
804 |
if (index < 0) |
805 |
break; |
806 |
normalized = normalized.substring(0, index) + |
807 |
normalized.substring(index + 2); |
808 |
} |
809 |
|
810 |
// Resolve occurrences of "/../" in the normalized path |
811 |
while (true) { |
812 |
int index = normalized.indexOf("/../"); |
813 |
if (index < 0) |
814 |
break; |
815 |
if (index == 0) |
816 |
return (null); // Trying to go outside our context |
817 |
int index2 = normalized.lastIndexOf('/', index - 1); |
818 |
normalized = normalized.substring(0, index2) + |
819 |
normalized.substring(index + 3); |
820 |
} |
821 |
|
822 |
// Return the normalized path that we have completed |
823 |
return (normalized); |
824 |
|
779 |
} |
825 |
} |
780 |
|
826 |
|
|
|
827 |
|
781 |
/** |
828 |
/** |
782 |
* Return a File object representing the specified normalized |
829 |
* Return a File object representing the specified normalized |
783 |
* context-relative path if it exists and is readable. Otherwise, |
830 |
* context-relative path if it exists and is readable. Otherwise, |