You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by cr...@locus.apache.org on 2000/05/08 21:16:31 UTC
cvs commit: jakarta-tomcat/proposals/catalina/src/share/org/apache/tomcat/resources StandardResources.java
craigmcc 00/05/08 12:16:27
Modified: proposals/catalina/src/share/org/apache/tomcat/resources
StandardResources.java
Log:
Avoid potential security problem (trying to use ../../.. to go outside of your
context's document root) by refusing to return resources for paths that
include "/.." in them. A better solution would be to canonicalize the
resulting path and validate that it's still within the context's document
space.
Revision Changes Path
1.6 +8 -4 jakarta-tomcat/proposals/catalina/src/share/org/apache/tomcat/resources/StandardResources.java
Index: StandardResources.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat/proposals/catalina/src/share/org/apache/tomcat/resources/StandardResources.java,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- StandardResources.java 2000/05/05 22:45:38 1.5
+++ StandardResources.java 2000/05/08 19:16:25 1.6
@@ -1,7 +1,7 @@
/*
- * $Header: /home/cvs/jakarta-tomcat/proposals/catalina/src/share/org/apache/tomcat/resources/StandardResources.java,v 1.5 2000/05/05 22:45:38 craigmcc Exp $
- * $Revision: 1.5 $
- * $Date: 2000/05/05 22:45:38 $
+ * $Header: /home/cvs/jakarta-tomcat/proposals/catalina/src/share/org/apache/tomcat/resources/StandardResources.java,v 1.6 2000/05/08 19:16:25 craigmcc Exp $
+ * $Revision: 1.6 $
+ * $Date: 2000/05/08 19:16:25 $
*
* ====================================================================
*
@@ -101,7 +101,7 @@
* </ul>
*
* @author Craig R. McClanahan
- * @version $Revision: 1.5 $ $Date: 2000/05/05 22:45:38 $
+ * @version $Revision: 1.6 $ $Date: 2000/05/08 19:16:25 $
*/
public final class StandardResources
@@ -430,6 +430,8 @@
if (path == null)
return (null);
+ if (path.indexOf("/..") >= 0)
+ return (null); // Refuse to interpret relative paths
// Deal with URL-based document root
if (fileBase == null) {
@@ -481,6 +483,8 @@
if (path == null)
return (null);
+ if (path.indexOf("/..") >= 0)
+ return (null); // Refuse to interpret relative paths
// Deal with URL-based document root
if (fileBase == null) {