This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push: new 935fc55 Fix BZ 64871. Log if file access is blocked due to symlinks 935fc55 is described below commit 935fc5582dc25ae10bab6f9d5629ff8d996cb533 Author: Mark Thomas <ma...@apache.org> AuthorDate: Fri Nov 6 19:03:57 2020 +0000 Fix BZ 64871. Log if file access is blocked due to symlinks https://bz.apache.org/bugzilla/show_bug.cgi?id=64871 --- .../webresources/AbstractFileResourceSet.java | 19 ++++++++++++++++++- .../catalina/webresources/LocalStrings.properties | 2 ++ webapps/docs/changelog.xml | 4 ++++ 3 files changed, 24 insertions(+), 1 deletion(-) diff --git a/java/org/apache/catalina/webresources/AbstractFileResourceSet.java b/java/org/apache/catalina/webresources/AbstractFileResourceSet.java index c799341..59fc771 100644 --- a/java/org/apache/catalina/webresources/AbstractFileResourceSet.java +++ b/java/org/apache/catalina/webresources/AbstractFileResourceSet.java @@ -22,11 +22,15 @@ import java.net.MalformedURLException; import java.net.URL; import org.apache.catalina.LifecycleException; +import org.apache.juli.logging.Log; +import org.apache.juli.logging.LogFactory; import org.apache.tomcat.util.compat.JrePlatform; import org.apache.tomcat.util.http.RequestUtil; public abstract class AbstractFileResourceSet extends AbstractResourceSet { + private static final Log log = LogFactory.getLog(AbstractFileResourceSet.class); + protected static final String[] EMPTY_STRING_ARRAY = new String[0]; private File fileBase; @@ -128,6 +132,19 @@ public abstract class AbstractFileResourceSet extends AbstractResourceSet { canPath = normalize(canPath); } if (!canPath.equals(absPath)) { + if (!canPath.equalsIgnoreCase(absPath)) { + // Typically means symlinks are in use but being ignored. Given + // the symlink was likely created for a reason, log a warning + // that it was ignored. + String msg = sm.getString("abstractFileResourceSet.canonicalfileCheckFailed", + getRoot().getContext().getName(), absPath, canPath); + // Log issues with configuration files at a higher level + if(absPath.startsWith("/META-INF/") || absPath.startsWith("/WEB-INF/")) { + log.error(msg); + } else { + log.warn(msg); + } + } return null; } @@ -144,7 +161,7 @@ public abstract class AbstractFileResourceSet extends AbstractResourceSet { // expression irrespective of input length. for (int i = 0; i < len; i++) { char c = name.charAt(i); - if (c == '\"' || c == '<' || c == '>') { + if (c == '\"' || c == '<' || c == '>' || c == ':') { // These characters are disallowed in Windows file names and // there are known problems for file names with these characters // when using File#getCanonicalPath(). diff --git a/java/org/apache/catalina/webresources/LocalStrings.properties b/java/org/apache/catalina/webresources/LocalStrings.properties index fb9badc..af9f9fe 100644 --- a/java/org/apache/catalina/webresources/LocalStrings.properties +++ b/java/org/apache/catalina/webresources/LocalStrings.properties @@ -15,6 +15,8 @@ abstractArchiveResourceSet.setReadOnlyFalse=Archive based WebResourceSets such as those based on JARs are hard-coded to be read-only and may not be configured to be read-write +abstractFileResourceSet.canonicalfileCheckFailed=Resource for web application [{0}] at path [{1}] was not loaded as the canonical path [{2}] did not match. Use of symlinks is one possible cause. + abstractResource.getContentFail=Unable to return [{0}] as a byte array abstractResource.getContentTooLarge=Unable to return [{0}] as a byte array since the resource is [{1}] bytes in size which is larger than the maximum size of a byte array diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index f82492b..8dedaa2 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -88,6 +88,10 @@ classloader as the thread context classloader, just like for the JAAS realm. (remm) </fix> + <add> + <bug>64871</bug>: Log a warning if Tomcat blocks access to a file + because it uses symlinks. (markt) + </add> </changelog> </subsection> <subsection name="Coyote"> --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org