(tomcat) branch 10.1.x updated: Return immediately if the request is invalid

Tue, 22 Oct 2024 01:37:22 -0700 

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.1.x by this push:
     new 1a87a2bb08 Return immediately if the request is invalid
1a87a2bb08 is described below

commit 1a87a2bb0851258edc50cee36fa9239b02d8e38b
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Tue Oct 22 09:22:36 2024 +0100

    Return immediately if the request is invalid
    
    Fixes possible NPEs
---
 java/org/apache/catalina/servlets/WebdavServlet.java | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/java/org/apache/catalina/servlets/WebdavServlet.java 
b/java/org/apache/catalina/servlets/WebdavServlet.java
index 43c84f6770..4831358a7f 100644
--- a/java/org/apache/catalina/servlets/WebdavServlet.java
+++ b/java/org/apache/catalina/servlets/WebdavServlet.java
@@ -982,12 +982,14 @@ public class WebdavServlet extends DefaultServlet 
implements PeriodicEventListen
 
                 if (lock.scope == null) {
                     // Bad request
-                    resp.setStatus(WebdavStatus.SC_BAD_REQUEST);
+                    resp.sendError(WebdavStatus.SC_BAD_REQUEST);
+                    return;
                 }
 
             } else {
                 // Bad request
-                resp.setStatus(WebdavStatus.SC_BAD_REQUEST);
+                resp.sendError(WebdavStatus.SC_BAD_REQUEST);
+                return;
             }
 
             if (lockTypeNode != null) {
@@ -1006,12 +1008,14 @@ public class WebdavServlet extends DefaultServlet 
implements PeriodicEventListen
 
                 if (lock.type == null) {
                     // Bad request
-                    resp.setStatus(WebdavStatus.SC_BAD_REQUEST);
+                    resp.sendError(WebdavStatus.SC_BAD_REQUEST);
+                    return;
                 }
 
             } else {
                 // Bad request
-                resp.setStatus(WebdavStatus.SC_BAD_REQUEST);
+                resp.sendError(WebdavStatus.SC_BAD_REQUEST);
+                return;
             }
 
             if (lockOwnerNode != null) {
@@ -1034,7 +1038,8 @@ public class WebdavServlet extends DefaultServlet 
implements PeriodicEventListen
 
                 if (lock.owner == null) {
                     // Bad request
-                    resp.setStatus(WebdavStatus.SC_BAD_REQUEST);
+                    resp.sendError(WebdavStatus.SC_BAD_REQUEST);
+                    return;
                 }
 
             } else {
@@ -1205,7 +1210,8 @@ public class WebdavServlet extends DefaultServlet 
implements PeriodicEventListen
             String ifHeader = req.getHeader("If");
             if (ifHeader == null) {
                 // Bad request
-                resp.setStatus(WebdavStatus.SC_BAD_REQUEST);
+                resp.sendError(WebdavStatus.SC_BAD_REQUEST);
+                return;
             }
 
             // Checking resource locks


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to