Hello community, here is the log from the commit of package tomcat.1890 for openSUSE:12.2:Update checked in at 2013-08-22 14:14:29 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:12.2:Update/tomcat.1890 (Old) and /work/SRC/openSUSE:12.2:Update/.tomcat.1890.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "tomcat.1890" Changes: -------- --- /work/SRC/openSUSE:12.2:Update/tomcat.1890/tomcat.changes 2013-08-07 09:34:40.000000000 +0200 +++ /work/SRC/openSUSE:12.2:Update/.tomcat.1890.new/tomcat.changes 2013-08-22 14:14:31.000000000 +0200 @@ -5,2 +5,2 @@ -- tomcat-CVE-2013-3544-1.patch (bnc#831119) -- tomcat-CVE-2013-3544-2.patch (bnc#831119) +- tomcat-CVE-2012-3544-1.patch (bnc#831119) +- tomcat-CVE-2012-3544-2.patch (bnc#831119) Old: ---- tomcat-CVE-2013-3544-1.patch tomcat-CVE-2013-3544-2.patch New: ---- tomcat-CVE-2012-3544-1.patch tomcat-CVE-2012-3544-2.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ tomcat.spec ++++++ --- /var/tmp/diff_new_pack.tqxxsT/_old 2013-08-22 14:14:31.000000000 +0200 +++ /var/tmp/diff_new_pack.tqxxsT/_new 2013-08-22 14:14:31.000000000 +0200 @@ -97,9 +97,9 @@ #PATCH-FIX-UPSTREAM: http://svn.apache.org/viewvc?view=revision&revision=1408044 Patch10: tomcat-CVE-2013-2067.patch #PATCH-FIX-UPSTREAM: http://svn.apache.org/viewvc?view=revision&revision=1378702 -Patch11: tomcat-CVE-2013-3544-1.patch +Patch11: tomcat-CVE-2012-3544-1.patch #PATCH-FIX-UPSTREAM: http://svn.apache.org/viewvc?view=revision&revision=1378921 -Patch12: tomcat-CVE-2013-3544-2.patch +Patch12: tomcat-CVE-2012-3544-2.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildArch: noarch ++++++ tomcat-CVE-2013-3544-1.patch -> tomcat-CVE-2012-3544-1.patch ++++++ ++++++ tomcat-CVE-2013-3544-1.patch -> tomcat-CVE-2012-3544-2.patch ++++++ --- /work/SRC/openSUSE:12.2:Update/tomcat.1890/tomcat-CVE-2013-3544-1.patch 2013-08-07 09:34:40.000000000 +0200 +++ /work/SRC/openSUSE:12.2:Update/.tomcat.1890.new/tomcat-CVE-2012-3544-2.patch 2013-08-22 14:14:31.000000000 +0200 @@ -1,157 +1,85 @@ -commit 9bd782371a653fee34e8aa582be7b9411cf98805 +commit e519f4e86bf3447934f1c399ecaff8a222e38241 Author: Mark Emlyn David Thomas <[email protected]> -Date: Wed Aug 29 20:26:30 2012 +0000 +Date: Thu Aug 30 13:12:13 2012 +0000 - Resolve a FIXME and expand unit tests to cover CRLF vs LF checking. + More chunked encoding improvements + - Expand unit tests for chunked encoding + - Fix a parsing error at eol when multiple headers are present (regression in r1378702) + - Make parsing of terminating CRLF non-tolerant (RFC2616 only suggests to be tolerant of LF at the end of headers) + - Revert previous unnecessary change to SimpleHttpClient - git-svn-id: https://svn.apache.org/repos/asf/tomcat/tc7.0.x/trunk@1378702 13f79535-47bb-0310-9956-ffa450edef68 + git-svn-id: https://svn.apache.org/repos/asf/tomcat/tc7.0.x/trunk@1378921 13f79535-47bb-0310-9956-ffa450edef68 Index: apache-tomcat-7.0.27-src/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java =================================================================== --- apache-tomcat-7.0.27-src.orig/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java +++ apache-tomcat-7.0.27-src/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java -@@ -144,7 +144,7 @@ public class ChunkedInputFilter implemen - - if(needCRLFParse) { - needCRLFParse = false; -- parseCRLF(); -+ parseCRLF(false); - } - - if (remaining <= 0) { -@@ -179,7 +179,7 @@ public class ChunkedInputFilter implemen - //so we defer it to the next call BZ 11117 - needCRLFParse = true; - } else { -- parseCRLF(); //parse the CRLF immediately -+ parseCRLF(false); //parse the CRLF immediately - } - } - -@@ -302,9 +302,8 @@ public class ChunkedInputFilter implemen - return false; - } - -- if (buf[pos] == Constants.CR) { -- // FIXME: Improve parsing to check for CRLF -- } else if (buf[pos] == Constants.LF) { -+ if (buf[pos] == Constants.CR || buf[pos] == Constants.LF) { -+ parseCRLF(false); - eol = true; - } else if (buf[pos] == Constants.SEMI_COLON) { - trailer = true; -@@ -321,7 +320,10 @@ public class ChunkedInputFilter implemen - } - } - -- pos++; -+ // Parsing the CRLF increments pos -+ if (!eol) { -+ pos++; -+ } - - } - -@@ -342,9 +344,21 @@ public class ChunkedInputFilter implemen +@@ -348,7 +348,8 @@ public class ChunkedInputFilter implemen + */ + @Deprecated + protected boolean parseCRLF() throws IOException { +- return parseCRLF(false); ++ parseCRLF(false); ++ return true; + } /** - * Parse CRLF at end of chunk. -+ * @deprecated Use {@link #parseCRLF(boolean)} +@@ -358,7 +359,7 @@ public class ChunkedInputFilter implemen + * is recommended (RFC2616, section 19.3) for message + * headers. */ -- protected boolean parseCRLF() -- throws IOException { -+ @Deprecated -+ protected boolean parseCRLF() throws IOException { -+ return parseCRLF(false); -+ } -+ -+ /** -+ * Parse CRLF at end of chunk. -+ * -+ * @param tolerant Should tolerant parsing (LF and CRLF) be used? This -+ * is recommended (RFC2616, section 19.3) for message -+ * headers. -+ */ -+ protected boolean parseCRLF(boolean tolerant) throws IOException { +- protected boolean parseCRLF(boolean tolerant) throws IOException { ++ protected void parseCRLF(boolean tolerant) throws IOException { boolean eol = false; boolean crfound = false; -@@ -360,7 +374,9 @@ public class ChunkedInputFilter implemen - if (crfound) throw new IOException("Invalid CRLF, two CR characters encountered."); - crfound = true; - } else if (buf[pos] == Constants.LF) { -- if (!crfound) throw new IOException("Invalid CRLF, no CR character encountered."); -+ if (!tolerant && !crfound) { -+ throw new IOException("Invalid CRLF, no CR character encountered."); -+ } - eol = true; - } else { - throw new IOException("Invalid CRLF"); -@@ -392,26 +408,19 @@ public class ChunkedInputFilter implemen - MimeHeaders headers = request.getMimeHeaders(); - - byte chr = 0; -- while (true) { -- // Read new bytes if needed -- if (pos >= lastValid) { -- if (readBytes() <0) -- throw new EOFException("Unexpected end of stream whilst reading trailer headers for chunked request"); -- } +@@ -385,9 +386,6 @@ public class ChunkedInputFilter implemen + pos++; -- chr = buf[pos]; -- -- if ((chr == Constants.CR) || (chr == Constants.LF)) { -- if (chr == Constants.LF) { -- pos++; -- return false; -- } -- } else { -- break; -- } -+ // Read new bytes if needed -+ if (pos >= lastValid) { -+ if (readBytes() <0) -+ throw new EOFException("Unexpected end of stream whilst reading trailer headers for chunked request"); -+ } - -- pos++; -+ chr = buf[pos]; + } +- +- return true; +- + } + + +@@ -419,7 +417,7 @@ public class ChunkedInputFilter implemen -+ // CRLF terminates the request -+ if (chr == Constants.CR || chr == Constants.LF) { -+ parseCRLF(true); -+ return false; + // CRLF terminates the request + if (chr == Constants.CR || chr == Constants.LF) { +- parseCRLF(true); ++ parseCRLF(false); + return false; } - // Mark the current buffer position -@@ -491,9 +500,8 @@ public class ChunkedInputFilter implemen +@@ -510,8 +508,9 @@ public class ChunkedInputFilter implemen + lastSignificantChar = trailingHeaders.getEnd(); } - chr = buf[pos]; -- if (chr == Constants.CR) { -- // Skip -- } else if (chr == Constants.LF) { -+ if (chr == Constants.CR || chr == Constants.LF) { -+ parseCRLF(true); - eol = true; - } else if (chr == Constants.SP) { - trailingHeaders.append(chr); +- pos++; +- ++ if (!eol) { ++ pos++; ++ } + } + + // Checking the first character of the new line. If the character Index: apache-tomcat-7.0.27-src/test/org/apache/catalina/startup/SimpleHttpClient.java =================================================================== --- apache-tomcat-7.0.27-src.orig/test/org/apache/catalina/startup/SimpleHttpClient.java +++ apache-tomcat-7.0.27-src/test/org/apache/catalina/startup/SimpleHttpClient.java -@@ -201,7 +201,13 @@ public abstract class SimpleHttpClient { +@@ -201,13 +201,7 @@ public abstract class SimpleHttpClient { line = readLine(); while (line != null) { builder.append(line); -- line = readLine(); -+ try { -+ line = readLine(); -+ } catch (IOException ioe) { -+ // The server probably closed the connection due to an -+ // error -+ line = null; -+ } +- try { +- line = readLine(); +- } catch (IOException ioe) { +- // The server probably closed the connection due to an +- // error +- line = null; +- } ++ line = readLine(); } } } @@ -159,91 +87,139 @@ =================================================================== --- apache-tomcat-7.0.27-src.orig/test/org/apache/coyote/http11/filters/TestChunkedInputFilter.java +++ apache-tomcat-7.0.27-src/test/org/apache/coyote/http11/filters/TestChunkedInputFilter.java -@@ -38,8 +38,52 @@ import org.apache.catalina.startup.Tomca +@@ -42,47 +42,58 @@ public class TestChunkedInputFilter exte - public class TestChunkedInputFilter extends TomcatBaseTest { + @Test + public void testChunkHeaderCRLF() throws Exception { +- doTestChunkingCRLF(true, true, true, true, true); ++ doTestChunkingCRLF(true, true, true, true, true, true); + } -+ private static final String LF = "\n"; -+ -+ @Test -+ public void testChunkHeaderCRLF() throws Exception { -+ doTestChunkingCRLF(true, true, true, true, true); -+ } -+ -+ @Test -+ public void testChunkHeaderLF() throws Exception { -+ doTestChunkingCRLF(false, true, true, true, false); -+ } -+ -+ @Test -+ public void testChunkCRLF() throws Exception { -+ doTestChunkingCRLF(true, true, true, true, true); -+ } -+ -+ @Test -+ public void testChunkLF() throws Exception { -+ doTestChunkingCRLF(true, false, true, true, false); -+ } -+ @Test -- public void testTrailingHeaders() throws Exception { -+ public void testTrailingHeadersCRLF() throws Exception { -+ doTestChunkingCRLF(true, true, true, true, true); -+ } -+ -+ @Test -+ public void testTrailingHeadersLF() throws Exception { -+ doTestChunkingCRLF(true, true, false, true, true); + public void testChunkHeaderLF() throws Exception { +- doTestChunkingCRLF(false, true, true, true, false); ++ doTestChunkingCRLF(false, true, true, true, true, false); + } + + @Test + public void testChunkCRLF() throws Exception { +- doTestChunkingCRLF(true, true, true, true, true); ++ doTestChunkingCRLF(true, true, true, true, true, true); + } + + @Test + public void testChunkLF() throws Exception { +- doTestChunkingCRLF(true, false, true, true, false); ++ doTestChunkingCRLF(true, false, true, true, true, false); + } + + @Test +- public void testTrailingHeadersCRLF() throws Exception { +- doTestChunkingCRLF(true, true, true, true, true); ++ public void testFirstTrailingHeadersCRLF() throws Exception { ++ doTestChunkingCRLF(true, true, true, true, true, true); + } + + @Test +- public void testTrailingHeadersLF() throws Exception { +- doTestChunkingCRLF(true, true, false, true, true); ++ public void testFirstTrailingHeadersLF() throws Exception { ++ doTestChunkingCRLF(true, true, false, true, true, true); + } + + @Test -+ public void testEndCRLF() throws Exception { -+ doTestChunkingCRLF(true, true, true, true, true); ++ public void testSecondTrailingHeadersCRLF() throws Exception { ++ doTestChunkingCRLF(true, true, true, true, true, true); + } + + @Test -+ public void testEndLF() throws Exception { -+ doTestChunkingCRLF(true, true, true, false, false); -+ } -+ -+ private void doTestChunkingCRLF(boolean chunkHeaderUsesCRLF, -+ boolean chunkUsesCRLF, boolean headerUsesCRLF, -+ boolean endUsesCRLF, boolean expectPass) throws Exception { -+ ++ public void testSecondTrailingHeadersLF() throws Exception { ++ doTestChunkingCRLF(true, true, true, false, true, true); + } + + @Test + public void testEndCRLF() throws Exception { +- doTestChunkingCRLF(true, true, true, true, true); ++ doTestChunkingCRLF(true, true, true, true, true, true); + } + + @Test + public void testEndLF() throws Exception { +- doTestChunkingCRLF(true, true, true, false, false); ++ doTestChunkingCRLF(true, true, true, true, false, false); + } + + private void doTestChunkingCRLF(boolean chunkHeaderUsesCRLF, +- boolean chunkUsesCRLF, boolean headerUsesCRLF, +- boolean endUsesCRLF, boolean expectPass) throws Exception { ++ boolean chunkUsesCRLF, boolean firstheaderUsesCRLF, ++ boolean secondheaderUsesCRLF, boolean endUsesCRLF, ++ boolean expectPass) throws Exception { + // Setup Tomcat instance Tomcat tomcat = getTomcatInstance(); - -@@ -60,13 +104,14 @@ public class TestChunkedInputFilter exte - SimpleHttpClient.CRLF + - "Connection: close" + SimpleHttpClient.CRLF + - SimpleHttpClient.CRLF + -- "3" + SimpleHttpClient.CRLF + -- "a=0" + SimpleHttpClient.CRLF + -+ "3" + (chunkHeaderUsesCRLF ? SimpleHttpClient.CRLF : LF) + -+ "a=0" + (chunkUsesCRLF ? SimpleHttpClient.CRLF : LF) + +@@ -109,8 +120,10 @@ public class TestChunkedInputFilter exte "4" + SimpleHttpClient.CRLF + "&b=1" + SimpleHttpClient.CRLF + "0" + SimpleHttpClient.CRLF + -- "x-trailer: Test", "TestTest0123456789abcdefghijABCDEFGHIJopqrstuvwxyz" + SimpleHttpClient.CRLF + -- SimpleHttpClient.CRLF }; -+ "x-trailer: Test", "TestTest0123456789abcdefghijABCDEFGHIJopqrstuvwxyz" + -+ (headerUsesCRLF ? SimpleHttpClient.CRLF : LF)+ -+ (endUsesCRLF ? SimpleHttpClient.CRLF : LF) }; +- "x-trailer: Test", "TestTest0123456789abcdefghijABCDEFGHIJopqrstuvwxyz" + +- (headerUsesCRLF ? SimpleHttpClient.CRLF : LF)+ ++ "x-trailer1: Test", "Value1" + ++ (firstheaderUsesCRLF ? SimpleHttpClient.CRLF : LF) + ++ "x-trailer2: TestValue2" + ++ (secondheaderUsesCRLF ? SimpleHttpClient.CRLF : LF) + + (endUsesCRLF ? SimpleHttpClient.CRLF : LF) }; TrailerClient client = - new TrailerClient(tomcat.getConnector().getLocalPort()); -@@ -74,7 +119,13 @@ public class TestChunkedInputFilter exte +@@ -122,7 +135,8 @@ public class TestChunkedInputFilter exte + + if (expectPass) { + assertTrue(client.isResponse200()); +- assertEquals("null7TestTestTest0123456789abcdefghijABCDEFGHIJopqrstuvwxyz", client.getResponseBody()); ++ assertEquals("nullnull7TestValue1TestValue2", ++ client.getResponseBody()); + } else { + assertTrue(client.getResponseLine(), client.isResponse500()); + } +@@ -206,7 +220,7 @@ public class TestChunkedInputFilter exte client.connect(); client.processRequest(); -- assertEquals("null7TestTestTest0123456789abcdefghijABCDEFGHIJopqrstuvwxyz", client.getResponseBody()); -+ -+ if (expectPass) { -+ assertTrue(client.isResponse200()); -+ assertEquals("null7TestTestTest0123456789abcdefghijABCDEFGHIJopqrstuvwxyz", client.getResponseBody()); -+ } else { -+ assertTrue(client.getResponseLine(), client.isResponse500()); -+ } +- assertEquals("null7null", client.getResponseBody()); ++ assertEquals("nullnull7nullnull", client.getResponseBody()); } - @Test + private static class EchoHeaderServlet extends HttpServlet { +@@ -217,12 +231,9 @@ public class TestChunkedInputFilter exte + throws ServletException, IOException { + resp.setContentType("text/plain"); + PrintWriter pw = resp.getWriter(); +- // Header not visible yet, body not processed +- String value = req.getHeader("x-trailer"); +- if (value == null) { +- value = "null"; +- } +- pw.write(value); ++ // Headers not visible yet, body not processed ++ dumpHeader("x-trailer1", req, pw); ++ dumpHeader("x-trailer2", req, pw); + + // Read the body - quick and dirty + InputStream is = req.getInputStream(); +@@ -233,8 +244,14 @@ public class TestChunkedInputFilter exte + + pw.write(Integer.valueOf(count).toString()); + +- // Header should be visible now +- value = req.getHeader("x-trailer"); ++ // Headers should be visible now ++ dumpHeader("x-trailer1", req, pw); ++ dumpHeader("x-trailer2", req, pw); ++ } ++ ++ private void dumpHeader(String headerName, HttpServletRequest req, ++ PrintWriter pw) { ++ String value = req.getHeader(headerName); + if (value == null) { + value = "null"; + } -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
