You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2011/06/27 11:28:45 UTC
svn commit: r1140072 - in /tomcat/tc5.5.x/trunk/container:
catalina/src/share/org/apache/catalina/mbeans/
catalina/src/share/org/apache/catalina/users/ webapps/docs/
Author: markt
Date: Mon Jun 27 09:28:44 2011
New Revision: 1140072
URL: http://svn.apache.org/viewvc?rev=1140072&view=rev
Log:
Fix CVE-2011-2204.
Prevent user passwords appearing in log files if a runtime exception (e.g. OOME) occurs while creating a new user for a MemoryUserDatabase via JMX.
Modified:
tomcat/tc5.5.x/trunk/container/catalina/src/share/org/apache/catalina/mbeans/MemoryUserDatabaseMBean.java
tomcat/tc5.5.x/trunk/container/catalina/src/share/org/apache/catalina/users/MemoryUser.java
tomcat/tc5.5.x/trunk/container/catalina/src/share/org/apache/catalina/users/MemoryUserDatabase.java
tomcat/tc5.5.x/trunk/container/webapps/docs/changelog.xml
Modified: tomcat/tc5.5.x/trunk/container/catalina/src/share/org/apache/catalina/mbeans/MemoryUserDatabaseMBean.java
URL: http://svn.apache.org/viewvc/tomcat/tc5.5.x/trunk/container/catalina/src/share/org/apache/catalina/mbeans/MemoryUserDatabaseMBean.java?rev=1140072&r1=1140071&r2=1140072&view=diff
==============================================================================
--- tomcat/tc5.5.x/trunk/container/catalina/src/share/org/apache/catalina/mbeans/MemoryUserDatabaseMBean.java (original)
+++ tomcat/tc5.5.x/trunk/container/catalina/src/share/org/apache/catalina/mbeans/MemoryUserDatabaseMBean.java Mon Jun 27 09:28:44 2011
@@ -188,7 +188,7 @@ public class MemoryUserDatabaseMBean ext
MBeanUtils.createMBean(group);
} catch (Exception e) {
IllegalArgumentException iae = new IllegalArgumentException
- ("Exception creating group " + group + " MBean");
+ ("Exception creating group [" + groupname + "] MBean");
jdkCompat.chainException(iae, e);
throw iae;
}
@@ -211,7 +211,7 @@ public class MemoryUserDatabaseMBean ext
MBeanUtils.createMBean(role);
} catch (Exception e) {
IllegalArgumentException iae = new IllegalArgumentException
- ("Exception creating role " + role + " MBean");
+ ("Exception creating role [" + rolename + "] MBean");
jdkCompat.chainException(iae, e);
throw iae;
}
@@ -236,7 +236,7 @@ public class MemoryUserDatabaseMBean ext
MBeanUtils.createMBean(user);
} catch (Exception e) {
IllegalArgumentException iae = new IllegalArgumentException
- ("Exception creating user " + user + " MBean");
+ ("Exception creating user [" + username + "] MBean");
jdkCompat.chainException(iae, e);
throw iae;
}
@@ -264,7 +264,7 @@ public class MemoryUserDatabaseMBean ext
return (oname.toString());
} catch (MalformedObjectNameException e) {
IllegalArgumentException iae = new IllegalArgumentException
- ("Cannot create object name for group " + group);
+ ("Cannot create object name for group [" + groupname + "]");
jdkCompat.chainException(iae, e);
throw iae;
}
@@ -291,7 +291,7 @@ public class MemoryUserDatabaseMBean ext
return (oname.toString());
} catch (MalformedObjectNameException e) {
IllegalArgumentException iae = new IllegalArgumentException
- ("Cannot create object name for role " + role);
+ ("Cannot create object name for role [" + rolename + "]");
jdkCompat.chainException(iae, e);
throw iae;
}
@@ -318,7 +318,7 @@ public class MemoryUserDatabaseMBean ext
return (oname.toString());
} catch (MalformedObjectNameException e) {
IllegalArgumentException iae = new IllegalArgumentException
- ("Cannot create object name for user " + user);
+ ("Cannot create object name for user [" + username + "]");
jdkCompat.chainException(iae, e);
throw iae;
}
@@ -343,7 +343,7 @@ public class MemoryUserDatabaseMBean ext
database.removeGroup(group);
} catch (Exception e) {
IllegalArgumentException iae = new IllegalArgumentException
- ("Exception destroying group " + group + " MBean");
+ ("Exception destroying group [" + groupname + "] MBean");
jdkCompat.chainException(iae, e);
throw iae;
}
@@ -368,7 +368,7 @@ public class MemoryUserDatabaseMBean ext
database.removeRole(role);
} catch (Exception e) {
IllegalArgumentException iae = new IllegalArgumentException
- ("Exception destroying role " + role + " MBean");
+ ("Exception destroying role [" + rolename + "] MBean");
jdkCompat.chainException(iae, e);
throw iae;
}
@@ -393,7 +393,7 @@ public class MemoryUserDatabaseMBean ext
database.removeUser(user);
} catch (Exception e) {
IllegalArgumentException iae = new IllegalArgumentException
- ("Exception destroying user " + user + " MBean");
+ ("Exception destroying user [" + username + "] MBean");
jdkCompat.chainException(iae, e);
throw iae;
}
Modified: tomcat/tc5.5.x/trunk/container/catalina/src/share/org/apache/catalina/users/MemoryUser.java
URL: http://svn.apache.org/viewvc/tomcat/tc5.5.x/trunk/container/catalina/src/share/org/apache/catalina/users/MemoryUser.java?rev=1140072&r1=1140071&r2=1140072&view=diff
==============================================================================
--- tomcat/tc5.5.x/trunk/container/catalina/src/share/org/apache/catalina/users/MemoryUser.java (original)
+++ tomcat/tc5.5.x/trunk/container/catalina/src/share/org/apache/catalina/users/MemoryUser.java Mon Jun 27 09:28:44 2011
@@ -246,7 +246,7 @@ public class MemoryUser extends Abstract
* <code>username</code> or </code>name</code> for the username
* property.</p>
*/
- public String toString() {
+ public String toXml() {
StringBuffer sb = new StringBuffer("<user username=\"");
sb.append(RequestUtil.filter(username));
@@ -293,5 +293,53 @@ public class MemoryUser extends Abstract
}
+ /**
+ * <p>Return a String representation of this user.</p>
+ */
+ public String toString() {
+
+ StringBuffer sb = new StringBuffer("User username=\"");
+ sb.append(RequestUtil.filter(username));
+ sb.append("\"");
+ if (fullName != null) {
+ sb.append(", fullName=\"");
+ sb.append(RequestUtil.filter(fullName));
+ sb.append("\"");
+ }
+ synchronized (groups) {
+ if (groups.size() > 0) {
+ sb.append(", groups=\"");
+ int n = 0;
+ Iterator values = groups.iterator();
+ while (values.hasNext()) {
+ if (n > 0) {
+ sb.append(',');
+ }
+ n++;
+ sb.append(RequestUtil.filter(
+ ((Group)values.next()).getGroupname()));
+ }
+ sb.append("\"");
+ }
+ }
+ synchronized (roles) {
+ if (roles.size() > 0) {
+ sb.append(", roles=\"");
+ int n = 0;
+ Iterator values = roles.iterator();
+ while (values.hasNext()) {
+ if (n > 0) {
+ sb.append(',');
+ }
+ n++;
+ sb.append(RequestUtil.filter(
+ ((Role)values.next()).getRolename()));
+ }
+ sb.append("\"");
+ }
+ }
+ return (sb.toString());
+ }
+
}
Modified: tomcat/tc5.5.x/trunk/container/catalina/src/share/org/apache/catalina/users/MemoryUserDatabase.java
URL: http://svn.apache.org/viewvc/tomcat/tc5.5.x/trunk/container/catalina/src/share/org/apache/catalina/users/MemoryUserDatabase.java?rev=1140072&r1=1140071&r2=1140072&view=diff
==============================================================================
--- tomcat/tc5.5.x/trunk/container/catalina/src/share/org/apache/catalina/users/MemoryUserDatabase.java (original)
+++ tomcat/tc5.5.x/trunk/container/catalina/src/share/org/apache/catalina/users/MemoryUserDatabase.java Mon Jun 27 09:28:44 2011
@@ -541,7 +541,7 @@ public class MemoryUserDatabase implemen
values = getUsers();
while (values.hasNext()) {
writer.print(" ");
- writer.println(values.next());
+ writer.println(((MemoryUser) values.next()).toXml());
}
// Print the file epilog
Modified: tomcat/tc5.5.x/trunk/container/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/tc5.5.x/trunk/container/webapps/docs/changelog.xml?rev=1140072&r1=1140071&r2=1140072&view=diff
==============================================================================
--- tomcat/tc5.5.x/trunk/container/webapps/docs/changelog.xml (original)
+++ tomcat/tc5.5.x/trunk/container/webapps/docs/changelog.xml Mon Jun 27 09:28:44 2011
@@ -55,7 +55,11 @@
response, prevent further reads from the request since this causes
various problems in the connectors which do not expect this. (markt)
</fix>
- </changelog>
+ <fix>
+ Fix CVE-2011-2204. Prevent user passwords appearing in log files if a
+ runtime exception (e.g. OOME) occurs while creating a new user for a
+ MemoryUserDatabase via JMX. (markt)
+ </fix> </changelog>
</subsection>
<subsection name="Webapps">
<changelog>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org