[tomcat] branch 9.0.x updated: Fix BZ 64871. Log if file access is blocked due to symlinks

Fri, 06 Nov 2020 11:06:47 -0800 

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
     new 935fc55  Fix BZ 64871. Log if file access is blocked due to symlinks
935fc55 is described below

commit 935fc5582dc25ae10bab6f9d5629ff8d996cb533
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Fri Nov 6 19:03:57 2020 +0000

    Fix BZ 64871. Log if file access is blocked due to symlinks
    
    https://bz.apache.org/bugzilla/show_bug.cgi?id=64871
---
 .../webresources/AbstractFileResourceSet.java         | 19 ++++++++++++++++++-
 .../catalina/webresources/LocalStrings.properties     |  2 ++
 webapps/docs/changelog.xml                            |  4 ++++
 3 files changed, 24 insertions(+), 1 deletion(-)

diff --git a/java/org/apache/catalina/webresources/AbstractFileResourceSet.java 
b/java/org/apache/catalina/webresources/AbstractFileResourceSet.java
index c799341..59fc771 100644
--- a/java/org/apache/catalina/webresources/AbstractFileResourceSet.java
+++ b/java/org/apache/catalina/webresources/AbstractFileResourceSet.java
@@ -22,11 +22,15 @@ import java.net.MalformedURLException;
 import java.net.URL;
 
 import org.apache.catalina.LifecycleException;
+import org.apache.juli.logging.Log;
+import org.apache.juli.logging.LogFactory;
 import org.apache.tomcat.util.compat.JrePlatform;
 import org.apache.tomcat.util.http.RequestUtil;
 
 public abstract class AbstractFileResourceSet extends AbstractResourceSet {
 
+    private static final Log log = 
LogFactory.getLog(AbstractFileResourceSet.class);
+
     protected static final String[] EMPTY_STRING_ARRAY = new String[0];
 
     private File fileBase;
@@ -128,6 +132,19 @@ public abstract class AbstractFileResourceSet extends 
AbstractResourceSet {
             canPath = normalize(canPath);
         }
         if (!canPath.equals(absPath)) {
+            if (!canPath.equalsIgnoreCase(absPath)) {
+                // Typically means symlinks are in use but being ignored. Given
+                // the symlink was likely created for a reason, log a warning
+                // that it was ignored.
+                String msg = 
sm.getString("abstractFileResourceSet.canonicalfileCheckFailed",
+                        getRoot().getContext().getName(), absPath, canPath);
+                // Log issues with configuration files at a higher level
+                if(absPath.startsWith("/META-INF/") || 
absPath.startsWith("/WEB-INF/")) {
+                    log.error(msg);
+                } else {
+                    log.warn(msg);
+                }
+            }
             return null;
         }
 
@@ -144,7 +161,7 @@ public abstract class AbstractFileResourceSet extends 
AbstractResourceSet {
         // expression irrespective of input length.
         for (int i = 0; i < len; i++) {
             char c = name.charAt(i);
-            if (c == '\"' || c == '<' || c == '>') {
+            if (c == '\"' || c == '<' || c == '>' || c == ':') {
                 // These characters are disallowed in Windows file names and
                 // there are known problems for file names with these 
characters
                 // when using File#getCanonicalPath().
diff --git a/java/org/apache/catalina/webresources/LocalStrings.properties 
b/java/org/apache/catalina/webresources/LocalStrings.properties
index fb9badc..af9f9fe 100644
--- a/java/org/apache/catalina/webresources/LocalStrings.properties
+++ b/java/org/apache/catalina/webresources/LocalStrings.properties
@@ -15,6 +15,8 @@
 
 abstractArchiveResourceSet.setReadOnlyFalse=Archive based WebResourceSets such 
as those based on JARs are hard-coded to be read-only and may not be configured 
to be read-write
 
+abstractFileResourceSet.canonicalfileCheckFailed=Resource for web application 
[{0}] at path [{1}] was not loaded as the canonical path [{2}] did not match. 
Use of symlinks is one possible cause.
+
 abstractResource.getContentFail=Unable to return [{0}] as a byte array
 abstractResource.getContentTooLarge=Unable to return [{0}] as a byte array 
since the resource is [{1}] bytes in size which is larger than the maximum size 
of a byte array
 
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index f82492b..8dedaa2 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -88,6 +88,10 @@
         classloader as the thread context classloader, just like for the JAAS
         realm. (remm)
       </fix>
+      <add>
+        <bug>64871</bug>: Log a warning if Tomcat blocks access to a file
+        because it uses symlinks. (markt)
+      </add>
     </changelog>
   </subsection>
   <subsection name="Coyote">


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to