https://issues.apache.org/bugzilla/show_bug.cgi?id=45610
Summary: status-worker: Bug in request parameter parsing for
update action
Product: Tomcat 5
Version: 5.5.26
Platform: PC
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Native:JK
AssignedTo: [EMAIL PROTECTED]
ReportedBy: [EMAIL PROTECTED]
Hi,
using mod_jk 1.2.26, i noticed an serious error in parameter parsing of the
status worker using the update action:
In a service script i'm using an URL like
$STATUS_URL/jk-status?mime=txt&cmd=update&w=$CLUSTER&sw=$WORKER&wa=$STATE
to switch the workers of clustered tomcat setup. In principle, all things work
right. But if i (erroneously) set the empty value for the sub-worker tag
(...&sw=&...), something completely wrong will happen: You'll got an
"OK"-message and the sticky session attribute will be disabled!
Looks to me like a typical overwriting of a parameter block through a dangling
pointer.
There might be more of this kind of bugs, one may do a complete revision of the
parameter parsing.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
