On Tue, 5 Feb 2002, Larry Isaacs wrote: > This looks good to me. Also, CharChunk looks like it has > the same problem. Could you go ahead and fix that > on as well. Thanks.
And please, update j-t-c/util package as well :-) Costin > > -----Original Message----- > > From: Keith Wannamaker [mailto:[EMAIL PROTECTED]] > > Sent: Tuesday, February 05, 2002 12:45 PM > > To: Tomcat Developers List > > Cc: [EMAIL PROTECTED] > > Subject: Bug in safe url parsing > > > > > > Greetings, > > > > There is a bug in ByteChunk.indexOf which manifests itself > > in the safe url parsing. That is, BC.indexOf returns an > > offset relative to the start of the byte buffer, rather > > than the internal starting point. > > > > So, when safe url checks for indexOf('%'), depending on the > > length of the method name, a number of %'s at the beginning > > of the URL may be missed. > > > > So, the following URLs would be tagged as safe (currently): > > GET /wannamak/%25%5C > > > > A quick fix is to use indexOf("%"), which converts the > > relevant part of the byte array to a string, so the offset > > is correct. > > > > However, I think that it would be better to correct BC.indexOf > > in the following manner: > > > > Index: ByteChunk.java > > =================================================================== > > RCS file: > > /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/util/buf/ByteChun > > k.java,v > > retrieving revision 1.8 > > diff -u -r1.8 ByteChunk.java > > --- ByteChunk.java 19 Jul 2001 05:49:02 -0000 1.8 > > +++ ByteChunk.java 5 Feb 2002 17:36:42 -0000 > > @@ -626,7 +626,8 @@ > > * @param s the string > > */ > > public int indexOf(char c, int starting) { > > - return indexOf( buff, start+starting, end, c); > > + int ret = indexOf( buff, start+starting, end, c); > > + return (ret >= start) ? ret - start : -1; > > } > > > > public static int indexOf( byte bytes[], int off, int > > end, char qq ) > > > > I will commit this later today if I hear no objection. > > > > Regards, > > Keith > > > > > > -- > > To unsubscribe, e-mail: > > <mailto:[EMAIL PROTECTED]> > > For additional commands, e-mail: > > <mailto:[EMAIL PROTECTED]> > > > > -- > To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> > -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>