marcsaeg 01/03/04 20:02:50
Modified: src/share/org/apache/tomcat/util Tag: tomcat_32
FileUtil.java
Log:
Removed trim() from patch() method to avoide security hole. This patch was applied
to Tomcat 3.3 a couple months ago, but never got ported to the tomcat_32 branch.
Submitted by Kazuhiro Kazama.
Revision Changes Path
No revision
No revision
1.9.2.6 +4 -4
jakarta-tomcat/src/share/org/apache/tomcat/util/Attic/FileUtil.java
Index: FileUtil.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/util/Attic/FileUtil.java,v
retrieving revision 1.9.2.5
retrieving revision 1.9.2.6
diff -u -r1.9.2.5 -r1.9.2.6
--- FileUtil.java 2000/11/05 05:28:53 1.9.2.5
+++ FileUtil.java 2001/03/05 04:02:49 1.9.2.6
@@ -1,7 +1,7 @@
/*
- * $Header:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/util/Attic/FileUtil.java,v
1.9.2.5 2000/11/05 05:28:53 craigmcc Exp $
- * $Revision: 1.9.2.5 $
- * $Date: 2000/11/05 05:28:53 $
+ * $Header:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/util/Attic/FileUtil.java,v
1.9.2.6 2001/03/05 04:02:49 marcsaeg Exp $
+ * $Revision: 1.9.2.6 $
+ * $Date: 2001/03/05 04:02:49 $
*
* ====================================================================
*
@@ -228,7 +228,7 @@
}
public static String patch(String path) {
- String patchPath = path.trim();
+ String patchPath = path;
// Move drive spec to the front of the path
if (patchPath.length() >= 3 &&
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
