On 22/10/2024 09:22, ma...@apache.org wrote:
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new f634384a20 Return immediately if the request is invalid
f634384a20 is described below
commit f634384a206773d4899a92fc9bf27045f1952987
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Tue Oct 22 09:22:36 2024 +0100
Return immediately if the request is invalid
Fixes possible NPEs
Rémy,
I think these changes are OK but you have spent more time in this code
than I have recently so you are probably more familiar with it than I
am. I'd appreciate a double check here (from you or anyone else).
Mark
---
java/org/apache/catalina/servlets/WebdavServlet.java | 18 ++++++++++++------
1 file changed, 12 insertions(+), 6 deletions(-)
diff --git a/java/org/apache/catalina/servlets/WebdavServlet.java
b/java/org/apache/catalina/servlets/WebdavServlet.java
index 02cf7c5391..dca17bfe15 100644
--- a/java/org/apache/catalina/servlets/WebdavServlet.java
+++ b/java/org/apache/catalina/servlets/WebdavServlet.java
@@ -1313,12 +1313,14 @@ public class WebdavServlet extends DefaultServlet
implements PeriodicEventListen
if (lock.scope == null) {
// Bad request
- resp.setStatus(WebdavStatus.SC_BAD_REQUEST);
+ resp.sendError(WebdavStatus.SC_BAD_REQUEST);
+ return;
}
} else {
// Bad request
- resp.setStatus(WebdavStatus.SC_BAD_REQUEST);
+ resp.sendError(WebdavStatus.SC_BAD_REQUEST);
+ return;
}
if (lockTypeNode != null) {
@@ -1337,12 +1339,14 @@ public class WebdavServlet extends DefaultServlet
implements PeriodicEventListen
if (lock.type == null) {
// Bad request
- resp.setStatus(WebdavStatus.SC_BAD_REQUEST);
+ resp.sendError(WebdavStatus.SC_BAD_REQUEST);
+ return;
}
} else {
// Bad request
- resp.setStatus(WebdavStatus.SC_BAD_REQUEST);
+ resp.sendError(WebdavStatus.SC_BAD_REQUEST);
+ return;
}
if (lockOwnerNode != null) {
@@ -1365,7 +1369,8 @@ public class WebdavServlet extends DefaultServlet
implements PeriodicEventListen
if (lock.owner == null) {
// Bad request
- resp.setStatus(WebdavStatus.SC_BAD_REQUEST);
+ resp.sendError(WebdavStatus.SC_BAD_REQUEST);
+ return;
}
} else {
@@ -1509,7 +1514,8 @@ public class WebdavServlet extends DefaultServlet
implements PeriodicEventListen
String ifHeader = req.getHeader("If");
if (ifHeader == null) {
// Bad request
- resp.setStatus(WebdavStatus.SC_BAD_REQUEST);
+ resp.sendError(WebdavStatus.SC_BAD_REQUEST);
+ return;
}
LockInfo toRenew = null;
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
