[tomcat] branch 9.0.x updated: Fix BZ 65433 - avoid StringIndexOutOfBoundsException for some symlinks

Tue, 06 Jul 2021 02:11:10 -0700 

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
     new 08431bc  Fix BZ 65433 - avoid StringIndexOutOfBoundsException for some 
symlinks
08431bc is described below

commit 08431bc0b895aa80e78e993a006cabb73aaa6490
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Tue Jul 6 10:09:16 2021 +0100

    Fix BZ 65433 - avoid StringIndexOutOfBoundsException for some symlinks
    
    Regression in fix for BZ 65397
    https://bz.apache.org/bugzilla/show_bug.cgi?id=65433
---
 java/org/apache/catalina/webresources/DirResourceSet.java | 8 +++++---
 webapps/docs/changelog.xml                                | 7 +++++++
 2 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/java/org/apache/catalina/webresources/DirResourceSet.java 
b/java/org/apache/catalina/webresources/DirResourceSet.java
index 6bb0b25..eed886a 100644
--- a/java/org/apache/catalina/webresources/DirResourceSet.java
+++ b/java/org/apache/catalina/webresources/DirResourceSet.java
@@ -172,9 +172,11 @@ public class DirResourceSet extends 
AbstractFileResourceSet {
                                 // path that was contributed by 'f' and check
                                 // that what is left does not contain a 
symlink.
                                 absPath = 
entry.getAbsolutePath().substring(f.getAbsolutePath().length());
-                                canPath = 
entry.getCanonicalPath().substring(f.getCanonicalPath().length());
-                                if (absPath.equals(canPath)) {
-                                    symlink = false;
+                                if (entry.getCanonicalPath().length() >= 
f.getCanonicalPath().length()) {
+                                    canPath = 
entry.getCanonicalPath().substring(f.getCanonicalPath().length());
+                                    if (absPath.equals(canPath)) {
+                                        symlink = false;
+                                    }
                                 }
                             } catch (IOException ioe) {
                                 // Ignore the exception. Assume we have a 
symlink.
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 6567735..8e28ef8 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -112,6 +112,13 @@
         <code>NamingException</code> occurs to avoid connection locking.
         Submitted by Ole Ostergaard. (remm)
       </fix>
+      <fix>
+        <bug>65433</bug>: Correct a regression in the fix for <bug>65397</bug>
+        where a <code>StringIndexOutOfBoundsException</code> could be triggered
+        if the canonical path of the target of a symlink was shorter than the
+        canonical path of the directory in which the symlink had been created.
+        Patch provided by Cedomir Igaly. (markt)
+      </fix>
     </changelog>
   </subsection>
   <subsection name="Coyote">

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to