On 02/09/2015 21:46, ma...@apache.org wrote: > Author: markt > Date: Wed Sep 2 20:46:17 2015 > New Revision: 1700900 > > URL: http://svn.apache.org/r1700900 > Log: > Update proposal > > Modified: > tomcat/tc6.0.x/trunk/STATUS.txt > tomcat/tc6.0.x/trunk/java/org/apache/catalina/util/RequestUtil.java
Bah. I applied the patch as well. Any chance of a couple of quick +1's from other committers so I don't have to revert it? Mark > > Modified: tomcat/tc6.0.x/trunk/STATUS.txt > URL: > http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1700900&r1=1700899&r2=1700900&view=diff > ============================================================================== > --- tomcat/tc6.0.x/trunk/STATUS.txt (original) > +++ tomcat/tc6.0.x/trunk/STATUS.txt Wed Sep 2 20:46:17 2015 > @@ -62,13 +62,13 @@ PATCHES PROPOSED TO BACKPORT: > > * Back-port fixes for Javadoc, formatting, clean-up and edge cases for URL > normalization > - > http://people.apache.org/~markt/patches/2015-09-01-url-normalization-tc6-v1.patch > + > http://people.apache.org/~markt/patches/2015-09-02-url-normalization-tc6-v2.patch > +1: markt > -1: > > * Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=58313 > http://svn.apache.org/r1700872 > - NNot required for async but still required because of Comet > + Not required for async but still required because of Comet > +1: markt > -1: > > > Modified: tomcat/tc6.0.x/trunk/java/org/apache/catalina/util/RequestUtil.java > URL: > http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/util/RequestUtil.java?rev=1700900&r1=1700899&r2=1700900&view=diff > ============================================================================== > --- tomcat/tc6.0.x/trunk/java/org/apache/catalina/util/RequestUtil.java > (original) > +++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/util/RequestUtil.java Wed > Sep 2 20:46:17 2015 > @@ -5,9 +5,9 @@ > * The ASF licenses this file to You under the Apache License, Version 2.0 > * (the "License"); you may not use this file except in compliance with > * the License. You may obtain a copy of the License at > - * > + * > * http://www.apache.org/licenses/LICENSE-2.0 > - * > + * > * Unless required by applicable law or agreed to in writing, software > * distributed under the License is distributed on an "AS IS" BASIS, > * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. > @@ -91,11 +91,15 @@ public final class RequestUtil { > * try to perform security checks for malicious input. > * > * @param path Relative path to be normalized > + * > + * @return The normalized path or <code>null</code> if the path cannot be > + * normalized > */ > public static String normalize(String path) { > return normalize(path, true); > } > > + > /** > * Normalize a relative URI path that may have relative values ("/./", > * "/../", and so on ) it it. <strong>WARNING</strong> - This method is > @@ -104,11 +108,15 @@ public final class RequestUtil { > * > * @param path Relative path to be normalized > * @param replaceBackSlash Should '\\' be replaced with '/' > + * > + * @return The normalized path or <code>null</code> if the path cannot be > + * normalized > */ > public static String normalize(String path, boolean replaceBackSlash) { > > - if (path == null) > + if (path == null) { > return null; > + } > > // Create a place for the normalized path > String normalized = path; > @@ -116,9 +124,6 @@ public final class RequestUtil { > if (replaceBackSlash && normalized.indexOf('\\') >= 0) > normalized = normalized.replace('\\', '/'); > > - if (normalized.equals("/.")) > - return "/"; > - > // Add a leading "/" if necessary > if (!normalized.startsWith("/")) > normalized = "/" + normalized; > @@ -126,36 +131,44 @@ public final class RequestUtil { > // Resolve occurrences of "//" in the normalized path > while (true) { > int index = normalized.indexOf("//"); > - if (index < 0) > + if (index < 0) { > break; > - normalized = normalized.substring(0, index) + > - normalized.substring(index + 1); > + } > + normalized = normalized.substring(0, index) + > normalized.substring(index + 1); > } > > // Resolve occurrences of "/./" in the normalized path > while (true) { > int index = normalized.indexOf("/./"); > - if (index < 0) > + if (index < 0) { > break; > - normalized = normalized.substring(0, index) + > - normalized.substring(index + 2); > + } > + normalized = normalized.substring(0, index) + > normalized.substring(index + 2); > } > > // Resolve occurrences of "/../" in the normalized path > while (true) { > int index = normalized.indexOf("/../"); > - if (index < 0) > + if (index < 0) { > break; > - if (index == 0) > - return (null); // Trying to go outside our context > + } > + if (index == 0) { > + return null; // Trying to go outside our context > + } > int index2 = normalized.lastIndexOf('/', index - 1); > - normalized = normalized.substring(0, index2) + > - normalized.substring(index + 3); > + normalized = normalized.substring(0, index2) + > normalized.substring(index + 3); > } > > - // Return the normalized path that we have completed > - return (normalized); > + if (normalized.equals("/.")) { > + return "/"; > + } > > + if (normalized.equals("/..")) { > + return null; // Trying to go outside our context > + } > + > + // Return the normalized path that we have completed > + return normalized; > } > > > @@ -213,8 +226,8 @@ public final class RequestUtil { > public static String URLDecode(String str) { > return URLDecode(str, null); > } > - > - > + > + > /** > * Decode and return the specified URL-encoded String. It is assumed the > * string is not a query string. > @@ -227,7 +240,7 @@ public final class RequestUtil { > public static String URLDecode(String str, String enc) { > return URLDecode(str, enc, false); > } > - > + > /** > * Decode and return the specified URL-encoded String. > * > @@ -294,7 +307,7 @@ public final class RequestUtil { > * by a valid 2-digit hexadecimal number > */ > public static String URLDecode(byte[] bytes, String enc, boolean > isQuery) { > - > + > if (bytes == null) > return (null); > > @@ -403,8 +416,8 @@ public final class RequestUtil { > ox = 0; > } else { > data[ox++] = c; > - } > - break; > + } > + break; > case '+': > data[ox++] = (byte)' '; > break; > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org