[tomcat] branch 7.0.x updated: 64965: Avoid JspContextWrapper ISE in findAttribute

Tue, 08 Dec 2020 07:34:26 -0800 

This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch 7.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/7.0.x by this push:
     new 6d01814  64965: Avoid JspContextWrapper ISE in findAttribute
6d01814 is described below

commit 6d01814cba1fe45b860176feabbed247edab839e
Author: remm <r...@apache.org>
AuthorDate: Tue Dec 8 16:24:39 2020 +0100

    64965: Avoid JspContextWrapper ISE in findAttribute
    
    JspContextWrapper.findAttribute should ignore expired sessions rather
    than throw an IllegalStateException.
---
 java/org/apache/jasper/runtime/JspContextWrapper.java | 7 ++++++-
 webapps/docs/changelog.xml                            | 9 +++++++++
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/java/org/apache/jasper/runtime/JspContextWrapper.java 
b/java/org/apache/jasper/runtime/JspContextWrapper.java
index 5845b4f..677bc49 100644
--- a/java/org/apache/jasper/runtime/JspContextWrapper.java
+++ b/java/org/apache/jasper/runtime/JspContextWrapper.java
@@ -187,7 +187,12 @@ public class JspContextWrapper extends PageContext 
implements VariableResolver {
             o = rootJspCtxt.getAttribute(name, REQUEST_SCOPE);
             if (o == null) {
                 if (getSession() != null) {
-                    o = rootJspCtxt.getAttribute(name, SESSION_SCOPE);
+                    try {
+                        o = rootJspCtxt.getAttribute(name, SESSION_SCOPE);
+                    } catch (IllegalStateException ise) {
+                        // Session has been invalidated.
+                        // Ignore and fall through to application scope.
+                    }
                 }
                 if (o == null) {
                     o = rootJspCtxt.getAttribute(name, APPLICATION_SCOPE);
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index d9ea700..dd24280 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -133,6 +133,15 @@
       </fix>
     </changelog>
   </subsection>
+  <subsection name="Jasper">
+    <changelog>
+      <fix>
+        <bug>64965</bug>: <code>JspContextWrapper.findAttribute</code> should
+        ignore expired sessions rather than throw an
+        <code>IllegalStateException</code>. (remm)
+      </fix>
+    </changelog>
+  </subsection>
   <subsection name="WebSocket">
     <changelog>
       <fix>


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to