Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 251391 Details for
Bug 272566
<=www-servers/tomcat-{5.5.27-r3, 6.0.18-r3}: DoS, Information Disclosure and XSS in example (CVE-2008-5515,CVE-2009-{0033,0580,0781,0783})
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch to fix CVE-2010-2227 in tomcat 5.5.27
27-CVE-2010-2227.diff (text/plain), 3.61 KB, created by
Paul B. Henson
on 2010-10-21 02:47:51 UTC
(
hide
)
Description:
Patch to fix CVE-2010-2227 in tomcat 5.5.27
Filename:
MIME Type:
Creator:
Paul B. Henson
Created:
2010-10-21 02:47:51 UTC
Size:
3.61 KB
patch
obsolete
>Index: connectors/http11/src/java/org/apache/coyote/http11/Http11Processor.java >=================================================================== >--- connectors/http11/src/java/org/apache/coyote/http11/Http11Processor.java (revision 959427) >+++ connectors/http11/src/java/org/apache/coyote/http11/Http11Processor.java (revision 959428) >@@ -78,7 +78,13 @@ > protected static StringManager sm = > StringManager.getManager(Constants.Package); > >+ /* >+ * Tracks how many internal filters are in the filter library so they >+ * are skipped when looking for pluggable filters. >+ */ >+ private int pluggableFilterIndex = Integer.MAX_VALUE; > >+ > // ----------------------------------------------------------- Constructors > > >@@ -1657,6 +1663,8 @@ > //inputBuffer.addFilter(new GzipInputFilter()); > outputBuffer.addFilter(new GzipOutputFilter()); > >+ pluggableFilterIndex = inputBuffer.filterLibrary.length; >+ > } > > >@@ -1675,7 +1683,7 @@ > (inputFilters[Constants.CHUNKED_FILTER]); > contentDelimitation = true; > } else { >- for (int i = 2; i < inputFilters.length; i++) { >+ for (int i = pluggableFilterIndex; i < inputFilters.length; i++) { > if (inputFilters[i].getEncodingName() > .toString().equals(encodingName)) { > inputBuffer.addActiveFilter(inputFilters[i]); >Index: connectors/http11/src/java/org/apache/coyote/http11/Http11AprProcessor.java >=================================================================== >--- connectors/http11/src/java/org/apache/coyote/http11/Http11AprProcessor.java (revision 959427) >+++ connectors/http11/src/java/org/apache/coyote/http11/Http11AprProcessor.java (revision 959428) >@@ -77,7 +77,13 @@ > protected static StringManager sm = > StringManager.getManager(Constants.Package); > >+ /* >+ * Tracks how many internal filters are in the filter library so they >+ * are skipped when looking for pluggable filters. >+ */ >+ private int pluggableFilterIndex = Integer.MAX_VALUE; > >+ > // ----------------------------------------------------------- Constructors > > >@@ -1699,6 +1705,8 @@ > //inputBuffer.addFilter(new GzipInputFilter()); > outputBuffer.addFilter(new GzipOutputFilter()); > >+ pluggableFilterIndex = inputBuffer.filterLibrary.length; >+ > } > > >@@ -1717,7 +1725,7 @@ > (inputFilters[Constants.CHUNKED_FILTER]); > contentDelimitation = true; > } else { >- for (int i = 2; i < inputFilters.length; i++) { >+ for (int i = pluggableFilterIndex; i < inputFilters.length; i++) { > if (inputFilters[i].getEncodingName() > .toString().equals(encodingName)) { > inputBuffer.addActiveFilter(inputFilters[i]); >Index: connectors/http11/src/java/org/apache/coyote/http11/filters/BufferedInputFilter.java >=================================================================== >--- connectors/http11/src/java/org/apache/coyote/http11/filters/BufferedInputFilter.java (revision 959427) >+++ connectors/http11/src/java/org/apache/coyote/http11/filters/BufferedInputFilter.java (revision 959428) >@@ -102,10 +102,12 @@ > } > > public void recycle() { >- if (buffered.getBuffer().length > 65536) { >- buffered = null; >- } else { >- buffered.recycle(); >+ if (buffered != null) { >+ if (buffered.getBuffer().length > 65536) { >+ buffered = null; >+ } else { >+ buffered.recycle(); >+ } > } > tempRead.recycle(); > hasRead = false;
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 272566
:
251387
|
251389
| 251391 |
251393
|
251395