This is an automated email from the ASF dual-hosted git repository.
rmaucher pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new bfad8fbbc9 Fix minor issues
bfad8fbbc9 is described below
commit bfad8fbbc9b2a8041c016f3afdf79abf9cd7bd1a
Author: remm <[email protected]>
AuthorDate: Thu May 28 22:25:01 2026 +0200
Fix minor issues
Of note is a fix for lock bypass for directories. As a solution, strip
trailing / for lock keys.
---
java/org/apache/catalina/webresources/AbstractArchiveResource.java | 5 ++---
.../catalina/webresources/AbstractSingleArchiveResource.java | 3 +++
java/org/apache/catalina/webresources/DirResourceSet.java | 7 ++++++-
java/org/apache/catalina/webresources/JarWarResource.java | 3 +++
java/org/apache/catalina/webresources/LocalStrings.properties | 1 +
5 files changed, 15 insertions(+), 4 deletions(-)
diff --git a/java/org/apache/catalina/webresources/AbstractArchiveResource.java
b/java/org/apache/catalina/webresources/AbstractArchiveResource.java
index fc12a33a58..d35cc8f7c7 100644
--- a/java/org/apache/catalina/webresources/AbstractArchiveResource.java
+++ b/java/org/apache/catalina/webresources/AbstractArchiveResource.java
@@ -191,7 +191,7 @@ public abstract class AbstractArchiveResource extends
AbstractResource {
public URL getCodeBase() {
try {
return new URI(codeBaseUrl).toURL();
- } catch (MalformedURLException | URISyntaxException e) {
+ } catch (MalformedURLException | URISyntaxException |
NullPointerException e) {
if (getLog().isDebugEnabled()) {
getLog().debug(sm.getString("fileResource.getUrlFail",
codeBaseUrl), e);
}
@@ -248,8 +248,7 @@ public abstract class AbstractArchiveResource extends
AbstractResource {
@Override
public Certificate[] getCertificates() {
if (!readCerts) {
- // TODO - get content first
- throw new IllegalStateException();
+ throw new
IllegalStateException(sm.getString("abstractResource.getContentFirst"));
}
return certificates;
}
diff --git
a/java/org/apache/catalina/webresources/AbstractSingleArchiveResource.java
b/java/org/apache/catalina/webresources/AbstractSingleArchiveResource.java
index 38d625119a..202c8406cd 100644
--- a/java/org/apache/catalina/webresources/AbstractSingleArchiveResource.java
+++ b/java/org/apache/catalina/webresources/AbstractSingleArchiveResource.java
@@ -52,6 +52,9 @@ public abstract class AbstractSingleArchiveResource extends
AbstractArchiveResou
jarFile = getArchiveResourceSet().openJarFile();
// Need to create a new JarEntry so the certificates can be read
JarEntry jarEntry = jarFile.getJarEntry(getResource().getName());
+ if (jarEntry == null) {
+ return null;
+ }
InputStream is = jarFile.getInputStream(jarEntry);
return new JarInputStreamWrapper(jarEntry, is);
} catch (IOException ioe) {
diff --git a/java/org/apache/catalina/webresources/DirResourceSet.java
b/java/org/apache/catalina/webresources/DirResourceSet.java
index 6f937e5265..a5c5403c90 100644
--- a/java/org/apache/catalina/webresources/DirResourceSet.java
+++ b/java/org/apache/catalina/webresources/DirResourceSet.java
@@ -372,7 +372,12 @@ public class DirResourceSet extends
AbstractFileResourceSet implements WebResour
* particular, Windows can make individual directories case sensitive
and File.getCanonicalPath() doesn't return
* the canonical file name on Linux for some case insensitive file
systems (such as mounted Windows shares).
*/
- return RequestUtil.normalize(path).toLowerCase(Locale.ENGLISH);
+ String key = RequestUtil.normalize(path).toLowerCase(Locale.ENGLISH);
+ // Avoid bad locking for directory when getResource might lock without
the / but then access the path after adding /
+ if (key.endsWith("/")) {
+ key = key.substring(0, key.length() - 1);
+ }
+ return key;
}
diff --git a/java/org/apache/catalina/webresources/JarWarResource.java
b/java/org/apache/catalina/webresources/JarWarResource.java
index 495762e822..fcd76a68f5 100644
--- a/java/org/apache/catalina/webresources/JarWarResource.java
+++ b/java/org/apache/catalina/webresources/JarWarResource.java
@@ -60,6 +60,9 @@ public class JarWarResource extends AbstractArchiveResource {
try {
warFile = getArchiveResourceSet().openJarFile();
JarEntry jarFileInWar = warFile.getJarEntry(archivePath);
+ if (jarFileInWar == null) {
+ return null;
+ }
InputStream isInWar = warFile.getInputStream(jarFileInWar);
jarIs = new JarInputStream(isInWar);
diff --git a/java/org/apache/catalina/webresources/LocalStrings.properties
b/java/org/apache/catalina/webresources/LocalStrings.properties
index 61ddd56043..4afbc2a210 100644
--- a/java/org/apache/catalina/webresources/LocalStrings.properties
+++ b/java/org/apache/catalina/webresources/LocalStrings.properties
@@ -22,6 +22,7 @@ abstractArchiveResourceSet.setReadOnlyFalse=Archive based
WebResourceSets such a
abstractFileResourceSet.canonicalfileCheckFailed=Resource for web application
[{0}] at path [{1}] was not loaded as the canonical path [{2}] did not match.
Use of symlinks is one possible cause.
abstractResource.getContentFail=Unable to return [{0}] as a byte array
+abstractResource.getContentFirst=getContent must be called before
getCertificates
abstractResource.getContentTooLarge=Unable to return [{0}] as a byte array
since the resource is [{1}] bytes in size which is larger than the maximum size
of a byte array
abstractResourceSet.checkPath=The requested path [{0}] is not valid. It must
begin with "/".
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
