Author: schultz
Date: Thu Aug 9 18:14:14 2012
New Revision: 1371355
URL: http://svn.apache.org/viewvc?rev=1371355&view=rev
Log:
https://issues.apache.org/bugzilla/show_bug.cgi?id=53531
Fix ExpandWar.expand to check the return value of File.mkdir and File.mkdirs
Added:
tomcat/tc6.0.x/trunk/53531.diff
tomcat/tc6.0.x/trunk/src/
Modified:
tomcat/tc6.0.x/trunk/ (props changed)
tomcat/tc6.0.x/trunk/STATUS.txt
tomcat/tc6.0.x/trunk/java/org/apache/catalina/startup/ExpandWar.java
tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
Propchange: tomcat/tc6.0.x/trunk/
------------------------------------------------------------------------------
Merged /tomcat/trunk:r1359981
Added: tomcat/tc6.0.x/trunk/53531.diff
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/53531.diff?rev=1371355&view=auto
==============================================================================
--- tomcat/tc6.0.x/trunk/53531.diff (added)
+++ tomcat/tc6.0.x/trunk/53531.diff Thu Aug 9 18:14:14 2012
@@ -0,0 +1,37 @@
+Index: java/org/apache/catalina/startup/ExpandWar.java
+===================================================================
+--- java/org/apache/catalina/startup/ExpandWar.java (revision 1360366)
++++ java/org/apache/catalina/startup/ExpandWar.java (working copy)
+@@ -132,7 +132,8 @@
+ }
+
+ // Create the new document base directory
+- docBase.mkdir();
++ if(!docBase.mkdir() && !docBase.isDirectory())
++ throw new IOException(sm.getString("expandWar.createFailed",
docBase));
+
+ // Expand the WAR into the new document base directory
+ String canonicalDocBasePrefix = docBase.getCanonicalPath();
+@@ -162,7 +163,9 @@
+ if (last >= 0) {
+ File parent = new File(docBase,
+ name.substring(0, last));
+- parent.mkdirs();
++
++ if(!parent.mkdirs() && !parent.isDirectory())
++ throw new
IOException(sm.getString("expandWar.createFailed", parent));
+ }
+ if (name.endsWith("/")) {
+ continue;
+Index: java/org/apache/catalina/startup/LocalStrings.properties
+===================================================================
+--- java/org/apache/catalina/startup/LocalStrings.properties (revision
1360366)
++++ java/org/apache/catalina/startup/LocalStrings.properties (working copy)
+@@ -61,6 +61,7 @@
+ expandWar.copy=Error copying {0} to {1}
+ expandWar.deleteFailed=[{0}] could not be completely deleted. The presence of
the remaining files may cause problems
+ expandWar.illegalPath=The archive [{0}] is malformed and will be ignored: an
entry contains an illegal path [{1}]
++expandWar.createFailed=Unable to create the directory [{0}]
+ hostConfig.appBase=Application base directory {0} does not exist
+ hostConfig.canonicalizing=Error delete redeploy resources from context [{0}]
+ hostConfig.cce=Lifecycle event data object {0} is not a Host
Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1371355&r1=1371354&r2=1371355&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Thu Aug 9 18:14:14 2012
@@ -28,14 +28,6 @@ RELEASE SHOWSTOPPERS:
PATCHES ACCEPTED TO BACKPORT:
[ start all new proposals below, under PATCHES PROPOSED. ]
-* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=53531
- ExpandWar.expand does not check the return value of File.mkdirs
- Patch here: https://issues.apache.org/bugzilla/attachment.cgi?id=29050
- This is a similar fix to trunk
(http://svn.apache.org/viewvc?view=revision&revision=1359981)
- and also includes checking of File.mkdirs() as mentioned in the bug.
- +1: schultz, kkolinko, rjung
- -1:
-
* Fix conflict with CSRF protection filter and clustering
Cache needs to be serializable
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java?r1=1083987&r2=1083986&pathrev=1083987
Modified: tomcat/tc6.0.x/trunk/java/org/apache/catalina/startup/ExpandWar.java
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/startup/ExpandWar.java?rev=1371355&r1=1371354&r2=1371355&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/java/org/apache/catalina/startup/ExpandWar.java
(original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/startup/ExpandWar.java Thu
Aug 9 18:14:14 2012
@@ -132,7 +132,8 @@ public class ExpandWar {
}
// Create the new document base directory
- docBase.mkdir();
+ if(!docBase.mkdir() && !docBase.isDirectory())
+ throw new IOException(sm.getString("expandWar.createFailed",
docBase));
// Expand the WAR into the new document base directory
String canonicalDocBasePrefix = docBase.getCanonicalPath();
@@ -162,7 +163,9 @@ public class ExpandWar {
if (last >= 0) {
File parent = new File(docBase,
name.substring(0, last));
- parent.mkdirs();
+
+ if(!parent.mkdirs() && !parent.isDirectory())
+ throw new
IOException(sm.getString("expandWar.createFailed", parent));
}
if (name.endsWith("/")) {
continue;
Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=1371355&r1=1371354&r2=1371355&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Thu Aug 9 18:14:14 2012
@@ -170,6 +170,10 @@
the <code>JreMemoryLeakPreventionListener</code> does not trigger a
full GC every hour. (markt/kkolinko)
</fix>
+ <fix>
+ <bug>53531</bug>: Fix ExpandWar.expand to check the return value of
+ File.mkdir and File.mkdirs. (schultz)
+ </fix>
</changelog>
</subsection>
<subsection name="Coyote">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
