Markus Koschany pushed to branch master at Debian Java Maintainers / tomcat9
Commits: 78576fd0 by Markus Koschany at 2021-08-10T17:15:47+02:00 CVE-2021-30640: Fix NullPointerException If no userRoleAttribute is specified in the user's Realm configuration its default value will be null. This will cause a NPE in the methods doFilterEscaping and doAttributeValueEscaping. This is upstream bug https://bz.apache.org/bugzilla/show_bug.cgi?id=65308 - - - - - d9ccdf7c by Markus Koschany at 2021-08-10T17:18:34+02:00 Update changelog - - - - - 2 changed files: - debian/changelog - debian/patches/CVE-2021-30640.patch Changes: ===================================== debian/changelog ===================================== @@ -1,3 +1,14 @@ +tomcat9 (9.0.43-3) unstable; urgency=medium + + * Team upload. + * CVE-2021-30640: Fix NullPointerException. + If no userRoleAttribute is specified in the user's Realm configuration its + default value will be null. This will cause a NPE in the methods + doFilterEscaping and doAttributeValueEscaping. This is upstream bug + https://bz.apache.org/bugzilla/show_bug.cgi?id=65308 + + -- Markus Koschany <[email protected]> Tue, 10 Aug 2021 17:17:56 +0200 + tomcat9 (9.0.43-2) unstable; urgency=medium * Team upload. ===================================== debian/patches/CVE-2021-30640.patch ===================================== @@ -12,13 +12,13 @@ Origin: https://github.com/apache/tomcat/commit/b5585a9e5d4fec020cc5ebadb82f899f Origin: https://github.com/apache/tomcat/commit/329932012d3a9b95fde0b18618416e659ecffdc0 Origin: https://github.com/apache/tomcat/commit/3ce84512ed8783577d9945df28da5a033465b945 --- - java/org/apache/catalina/realm/JNDIRealm.java | 137 +++++++++++++++++++-- + java/org/apache/catalina/realm/JNDIRealm.java | 143 +++++++++++++++++++-- .../realm/TestJNDIRealmAttributeValueEscape.java | 86 +++++++++++++ - 2 files changed, 213 insertions(+), 10 deletions(-) + 2 files changed, 219 insertions(+), 10 deletions(-) create mode 100644 test/org/apache/catalina/realm/TestJNDIRealmAttributeValueEscape.java diff --git a/java/org/apache/catalina/realm/JNDIRealm.java b/java/org/apache/catalina/realm/JNDIRealm.java -index 7e2d578..358d008 100644 +index 7e2d578..2a03307 100644 --- a/java/org/apache/catalina/realm/JNDIRealm.java +++ b/java/org/apache/catalina/realm/JNDIRealm.java @@ -1633,8 +1633,11 @@ public class JNDIRealm extends RealmBase { @@ -114,7 +114,7 @@ index 7e2d578..358d008 100644 isRoleSearchAsUser()); try { -@@ -2823,10 +2842,36 @@ public class JNDIRealm extends RealmBase { +@@ -2823,10 +2842,39 @@ public class JNDIRealm extends RealmBase { * ) -> \29 * \ -> \5c * \0 -> \00 @@ -148,10 +148,13 @@ index 7e2d578..358d008 100644 + * @return String the escaped/encoded result + */ + protected String doFilterEscaping(String inString) { ++ if (inString == null) { ++ return null; ++ } StringBuilder buf = new StringBuilder(inString.length()); for (int i = 0; i < inString.length(); i++) { char c = inString.charAt(i); -@@ -2916,6 +2961,78 @@ public class JNDIRealm extends RealmBase { +@@ -2916,6 +2964,81 @@ public class JNDIRealm extends RealmBase { } @@ -163,6 +166,9 @@ index 7e2d578..358d008 100644 + * @return The string representation of the attribute value + */ + protected String doAttributeValueEscaping(String input) { ++ if (input == null) { ++ return null; ++ } + int len = input.length(); + StringBuilder result = new StringBuilder(); + View it on GitLab: https://salsa.debian.org/java-team/tomcat9/-/compare/ef61f7e33475016fdd160a9aa865bb4c84593f58...d9ccdf7ccf6e386b1c7166eb776ff254718073f2 -- View it on GitLab: https://salsa.debian.org/java-team/tomcat9/-/compare/ef61f7e33475016fdd160a9aa865bb4c84593f58...d9ccdf7ccf6e386b1c7166eb776ff254718073f2 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ pkg-java-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-java-commits
