Author: markt
Date: Wed Jan 21 10:12:27 2015
New Revision: 1653472
URL: http://svn.apache.org/r1653472
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=57455
Add a note that " may not appear in a path value and throw an IAE if once does.
Modified:
tomcat/tc8.0.x/trunk/ (props changed)
tomcat/tc8.0.x/trunk/conf/catalina.properties
tomcat/tc8.0.x/trunk/java/org/apache/catalina/startup/Bootstrap.java
tomcat/tc8.0.x/trunk/test/org/apache/catalina/startup/TestBootstrap.java
tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml
Propchange: tomcat/tc8.0.x/trunk/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Wed Jan 21 10:12:27 2015
@@ -1 +1 @@
-/tomcat/trunk:1636524,1637156,1637176,1637188,1637331,1637684,1637695,1638720-1638725,1639653,1640010,1640083-1640084,1640088,1640275,1640322,1640347,1640361,1640365,1640403,1640410,1640652,1640655-1640658,1640688,1640700-1640883,1640903,1640976,1640978,1641000,1641026,1641038-1641039,1641051-1641052,1641058,1641064,1641300,1641369,1641374,1641380,1641486,1641634,1641656-1641692,1641704,1641707-1641718,1641720-1641722,1641735,1641981,1642233,1642280,1642554,1642564,1642595,1642606,1642668,1642679,1642697,1642699,1642766,1643002,1643045,1643054-1643055,1643066,1643121,1643128,1643206,1643209-1643210,1643216,1643249,1643270,1643283,1643309-1643310,1643323,1643365-1643366,1643370-1643371,1643465,1643474,1643536,1643570,1643634,1643649,1643651,1643654,1643675,1643731,1643733-1643734,1643761,1643766,1643814,1643937,1643963,1644017,1644169,1644201-1644203,1644321,1644323,1644516,1644523,1644529,1644535,1644730,1644768,1644784-1644785,1644790,1644793,1644815,1644884,1644886,1644890,1644892
,1644910,1644924,1644929-1644930,1644935,1644989,1645011,1645247,1645355,1645357-1645358,1645455,1645465,1645469,1645471,1645473,1645475,1645486-1645488,1645626,1645641,1645685,1645743,1645763,1645951-1645953,1645955,1645993,1646098-1646106,1646178,1646220,1646302,1646304,1646420,1646470-1646471,1646476,1646559,1646717-1646723,1646773,1647026,1647042,1647530,1647655,1648304,1648815,1648907,1650081,1650365,1651116,1651120,1651280,1651470,1652938,1652970,1653041
+/tomcat/trunk:1636524,1637156,1637176,1637188,1637331,1637684,1637695,1638720-1638725,1639653,1640010,1640083-1640084,1640088,1640275,1640322,1640347,1640361,1640365,1640403,1640410,1640652,1640655-1640658,1640688,1640700-1640883,1640903,1640976,1640978,1641000,1641026,1641038-1641039,1641051-1641052,1641058,1641064,1641300,1641369,1641374,1641380,1641486,1641634,1641656-1641692,1641704,1641707-1641718,1641720-1641722,1641735,1641981,1642233,1642280,1642554,1642564,1642595,1642606,1642668,1642679,1642697,1642699,1642766,1643002,1643045,1643054-1643055,1643066,1643121,1643128,1643206,1643209-1643210,1643216,1643249,1643270,1643283,1643309-1643310,1643323,1643365-1643366,1643370-1643371,1643465,1643474,1643536,1643570,1643634,1643649,1643651,1643654,1643675,1643731,1643733-1643734,1643761,1643766,1643814,1643937,1643963,1644017,1644169,1644201-1644203,1644321,1644323,1644516,1644523,1644529,1644535,1644730,1644768,1644784-1644785,1644790,1644793,1644815,1644884,1644886,1644890,1644892
,1644910,1644924,1644929-1644930,1644935,1644989,1645011,1645247,1645355,1645357-1645358,1645455,1645465,1645469,1645471,1645473,1645475,1645486-1645488,1645626,1645641,1645685,1645743,1645763,1645951-1645953,1645955,1645993,1646098-1646106,1646178,1646220,1646302,1646304,1646420,1646470-1646471,1646476,1646559,1646717-1646723,1646773,1647026,1647042,1647530,1647655,1648304,1648815,1648907,1650081,1650365,1651116,1651120,1651280,1651470,1652938,1652970,1653041,1653471
Modified: tomcat/tc8.0.x/trunk/conf/catalina.properties
URL:
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/conf/catalina.properties?rev=1653472&r1=1653471&r2=1653472&view=diff
==============================================================================
--- tomcat/tc8.0.x/trunk/conf/catalina.properties (original)
+++ tomcat/tc8.0.x/trunk/conf/catalina.properties Wed Jan 21 10:12:27 2015
@@ -48,6 +48,8 @@ org.apache.jasper.,org.apache.naming.,or
#
# Note: Values are enclosed in double quotes ("...") in case either the
# ${catalina.base} path or the ${catalina.home} path contains a comma.
+# Because double quotes are used for quoting, the double quote character
+# may not appear in a path.
common.loader="${catalina.base}/lib","${catalina.base}/lib/*.jar","${catalina.home}/lib","${catalina.home}/lib/*.jar"
#
@@ -61,6 +63,11 @@ common.loader="${catalina.base}/lib","${
# "foo/*.jar": Add all the JARs of the specified folder as class
# repositories
# "foo/bar.jar": Add bar.jar as a class repository
+#
+# Note: Values may be enclosed in double quotes ("...") in case either the
+# ${catalina.base} path or the ${catalina.home} path contains a comma.
+# Because double quotes are used for quoting, the double quote character
+# may not appear in a path.
server.loader=
#
@@ -75,6 +82,11 @@ server.loader=
# "foo/bar.jar": Add bar.jar as a class repository
# Please note that for single jars, e.g. bar.jar, you need the URL form
# starting with file:.
+#
+# Note: Values may be enclosed in double quotes ("...") in case either the
+# ${catalina.base} path or the ${catalina.home} path contains a comma.
+# Because double quotes are used for quoting, the double quote character
+# may not appear in a path.
shared.loader=
# Default list of JAR files that should not be scanned using the JarScanner
Modified: tomcat/tc8.0.x/trunk/java/org/apache/catalina/startup/Bootstrap.java
URL:
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/java/org/apache/catalina/startup/Bootstrap.java?rev=1653472&r1=1653471&r2=1653472&view=diff
==============================================================================
--- tomcat/tc8.0.x/trunk/java/org/apache/catalina/startup/Bootstrap.java
(original)
+++ tomcat/tc8.0.x/trunk/java/org/apache/catalina/startup/Bootstrap.java Wed
Jan 21 10:12:27 2015
@@ -568,14 +568,28 @@ public final class Bootstrap {
String path = value.substring(matcher.start(), matcher.end());
path = path.trim();
+ if (path.length() == 0) {
+ continue;
+ }
+
+ char first = path.charAt(0);
+ char last = path.charAt(path.length() - 1);
- if (path.startsWith("\"") && path.length() > 1) {
+ if (first == '"' && last == '"' && path.length() > 1) {
path = path.substring(1, path.length() - 1);
path = path.trim();
- }
-
- if (path.length() == 0) {
- continue;
+ if (path.length() == 0) {
+ continue;
+ }
+ } else if (path.contains("\"")) {
+ // Unbalanced quotes
+ // Too early to use standard i18n support. The class path
hasn't
+ // been configured.
+ throw new IllegalArgumentException(
+ "The double quote [\"] character only be used to quote
paths. It must " +
+ "not appear in a path. This loader path is not valid:
[" + value + "]");
+ } else {
+ // Not quoted - NO-OP
}
result.add(path);
Modified:
tomcat/tc8.0.x/trunk/test/org/apache/catalina/startup/TestBootstrap.java
URL:
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/test/org/apache/catalina/startup/TestBootstrap.java?rev=1653472&r1=1653471&r2=1653472&view=diff
==============================================================================
--- tomcat/tc8.0.x/trunk/test/org/apache/catalina/startup/TestBootstrap.java
(original)
+++ tomcat/tc8.0.x/trunk/test/org/apache/catalina/startup/TestBootstrap.java
Wed Jan 21 10:12:27 2015
@@ -113,6 +113,66 @@ public class TestBootstrap {
doTest("aaa,\"bbb,\"", "aaa", "bbb,");
}
+ @Test(expected=IllegalArgumentException.class)
+ public void testUnbalancedQuotes01() {
+ doTest("\"", "ignored");
+ }
+
+ @Test(expected=IllegalArgumentException.class)
+ public void testUnbalancedQuotes02() {
+ doTest("\"aaa", "ignored");
+ }
+
+ @Test(expected=IllegalArgumentException.class)
+ public void testUnbalancedQuotes03() {
+ doTest("aaa\"", "ignored");
+ }
+
+ @Test(expected=IllegalArgumentException.class)
+ public void testUnbalancedQuotes04() {
+ doTest("a\"a", "ignored");
+ }
+
+ @Test(expected=IllegalArgumentException.class)
+ public void testUnbalancedQuotes05() {
+ doTest("b,\"", "ignored");
+ }
+
+ @Test(expected=IllegalArgumentException.class)
+ public void testUnbalancedQuotes06() {
+ doTest("b,\"aaa", "ignored");
+ }
+
+ @Test(expected=IllegalArgumentException.class)
+ public void testUnbalancedQuotes07() {
+ doTest("b,aaa\"", "ignored");
+ }
+
+ @Test(expected=IllegalArgumentException.class)
+ public void testUnbalancedQuotes08() {
+ doTest("b,a\"a", "ignored");
+ }
+
+ @Test(expected=IllegalArgumentException.class)
+ public void testUnbalancedQuotes09() {
+ doTest("\",b", "ignored");
+ }
+
+ @Test(expected=IllegalArgumentException.class)
+ public void testUnbalancedQuotes10() {
+ doTest("\"aaa,b", "ignored");
+ }
+
+ @Test(expected=IllegalArgumentException.class)
+ public void testUnbalancedQuotes11() {
+ doTest("aaa\",b", "ignored");
+ }
+
+ @Test(expected=IllegalArgumentException.class)
+ public void testUnbalancedQuotes12() {
+ doTest("a\"a,b", "ignored");
+ }
+
private void doTest(String input, String... expected) {
String[] result = Bootstrap.getPaths(input);
Modified: tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml?rev=1653472&r1=1653471&r2=1653472&view=diff
==============================================================================
--- tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml Wed Jan 21 10:12:27 2015
@@ -63,6 +63,11 @@
(markt)
</fix>
<fix>
+ <bug>57455</bug>: Explicitly block the use of the double-quote
character
+ when configuring the common, server and shared class loaders since
+ double-quote is used to quote values that contain commas. (markt)
+ </fix>
+ <fix>
<bug>57461</bug>: When an instance of
<code>org.apache.catalina.startup.VersionLoggerListener</code> logs the
result of <code>System.getProperty("java.home")</code> don't report it
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
