This is an automated email from the ASF dual-hosted git repository.
rmaucher pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 35b23f7afe Fix minor issues
35b23f7afe is described below
commit 35b23f7afe4f24aa36dafab2d29f622e267bd99c
Author: remm <[email protected]>
AuthorDate: Thu May 28 22:25:01 2026 +0200
Fix minor issues
Of note is a fix for lock bypass for directories. As a solution, strip
trailing / for lock keys.
---
java/org/apache/catalina/webresources/AbstractArchiveResource.java | 5 ++---
.../catalina/webresources/AbstractSingleArchiveResource.java | 3 +++
java/org/apache/catalina/webresources/DirResourceSet.java | 7 ++++++-
java/org/apache/catalina/webresources/JarWarResource.java | 3 +++
java/org/apache/catalina/webresources/LocalStrings.properties | 1 +
5 files changed, 15 insertions(+), 4 deletions(-)
diff --git a/java/org/apache/catalina/webresources/AbstractArchiveResource.java
b/java/org/apache/catalina/webresources/AbstractArchiveResource.java
index 73b1a67a2a..8e923baf35 100644
--- a/java/org/apache/catalina/webresources/AbstractArchiveResource.java
+++ b/java/org/apache/catalina/webresources/AbstractArchiveResource.java
@@ -205,7 +205,7 @@ public abstract class AbstractArchiveResource extends
AbstractResource {
public URL getCodeBase() {
try {
return new URI(codeBaseUrl).toURL();
- } catch (MalformedURLException | URISyntaxException e) {
+ } catch (MalformedURLException | URISyntaxException |
NullPointerException e) {
if (getLog().isDebugEnabled()) {
getLog().debug(sm.getString("fileResource.getUrlFail",
codeBaseUrl), e);
}
@@ -262,8 +262,7 @@ public abstract class AbstractArchiveResource extends
AbstractResource {
@Override
public Certificate[] getCertificates() {
if (!readCerts) {
- // TODO - get content first
- throw new IllegalStateException();
+ throw new
IllegalStateException(sm.getString("abstractResource.getContentFirst"));
}
return certificates;
}
diff --git
a/java/org/apache/catalina/webresources/AbstractSingleArchiveResource.java
b/java/org/apache/catalina/webresources/AbstractSingleArchiveResource.java
index 5e499dff41..9fd0e93440 100644
--- a/java/org/apache/catalina/webresources/AbstractSingleArchiveResource.java
+++ b/java/org/apache/catalina/webresources/AbstractSingleArchiveResource.java
@@ -69,6 +69,9 @@ public abstract class AbstractSingleArchiveResource extends
AbstractArchiveResou
jarFile = getArchiveResourceSet().openJarFile();
// Need to create a new JarEntry so the certificates can be read
JarEntry jarEntry = jarFile.getJarEntry(getResource().getName());
+ if (jarEntry == null) {
+ return null;
+ }
InputStream is = jarFile.getInputStream(jarEntry);
return new JarInputStreamWrapper(jarEntry, is);
} catch (IOException ioe) {
diff --git a/java/org/apache/catalina/webresources/DirResourceSet.java
b/java/org/apache/catalina/webresources/DirResourceSet.java
index 08ddc26206..9ebb76a07a 100644
--- a/java/org/apache/catalina/webresources/DirResourceSet.java
+++ b/java/org/apache/catalina/webresources/DirResourceSet.java
@@ -348,7 +348,12 @@ public class DirResourceSet extends
AbstractFileResourceSet implements WebResour
* particular, Windows can make individual directories case sensitive
and File.getCanonicalPath() doesn't return
* the canonical file name on Linux for some case insensitive file
systems (such as mounted Windows shares).
*/
- return RequestUtil.normalize(path).toLowerCase(Locale.ENGLISH);
+ String key = RequestUtil.normalize(path).toLowerCase(Locale.ENGLISH);
+ // Avoid bad locking for directory when getResource might lock without
the / but then access the path after adding /
+ if (key.endsWith("/")) {
+ key = key.substring(0, key.length() - 1);
+ }
+ return key;
}
diff --git a/java/org/apache/catalina/webresources/JarWarResource.java
b/java/org/apache/catalina/webresources/JarWarResource.java
index 495762e822..fcd76a68f5 100644
--- a/java/org/apache/catalina/webresources/JarWarResource.java
+++ b/java/org/apache/catalina/webresources/JarWarResource.java
@@ -60,6 +60,9 @@ public class JarWarResource extends AbstractArchiveResource {
try {
warFile = getArchiveResourceSet().openJarFile();
JarEntry jarFileInWar = warFile.getJarEntry(archivePath);
+ if (jarFileInWar == null) {
+ return null;
+ }
InputStream isInWar = warFile.getInputStream(jarFileInWar);
jarIs = new JarInputStream(isInWar);
diff --git a/java/org/apache/catalina/webresources/LocalStrings.properties
b/java/org/apache/catalina/webresources/LocalStrings.properties
index e0b3c6baac..2dac41235d 100644
--- a/java/org/apache/catalina/webresources/LocalStrings.properties
+++ b/java/org/apache/catalina/webresources/LocalStrings.properties
@@ -19,6 +19,7 @@ abstractArchiveResourceSet.setReadOnlyFalse=Archive based
WebResourceSets such a
abstractFileResourceSet.canonicalfileCheckFailed=Resource for web application
[{0}] at path [{1}] was not loaded as the canonical path [{2}] did not match.
Use of symlinks is one possible cause.
abstractResource.getContentFail=Unable to return [{0}] as a byte array
+abstractResource.getContentFirst=getContent must be called before
getCertificates
abstractResource.getContentTooLarge=Unable to return [{0}] as a byte array
since the resource is [{1}] bytes in size which is larger than the maximum size
of a byte array
abstractResourceSet.checkPath=The requested path [{0}] is not valid. It must
begin with "/".
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
