You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2001/03/05 05:02:50 UTC
cvs commit: jakarta-tomcat/src/share/org/apache/tomcat/util FileUtil.java
marcsaeg 01/03/04 20:02:50
Modified: src/share/org/apache/tomcat/util Tag: tomcat_32
FileUtil.java
Log:
Removed trim() from patch() method to avoide security hole. This patch was applied to Tomcat 3.3 a couple months ago, but never got ported to the tomcat_32 branch. Submitted by Kazuhiro Kazama.
Revision Changes Path
No revision
No revision
1.9.2.6 +4 -4 jakarta-tomcat/src/share/org/apache/tomcat/util/Attic/FileUtil.java
Index: FileUtil.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/util/Attic/FileUtil.java,v
retrieving revision 1.9.2.5
retrieving revision 1.9.2.6
diff -u -r1.9.2.5 -r1.9.2.6
--- FileUtil.java 2000/11/05 05:28:53 1.9.2.5
+++ FileUtil.java 2001/03/05 04:02:49 1.9.2.6
@@ -1,7 +1,7 @@
/*
- * $Header: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/util/Attic/FileUtil.java,v 1.9.2.5 2000/11/05 05:28:53 craigmcc Exp $
- * $Revision: 1.9.2.5 $
- * $Date: 2000/11/05 05:28:53 $
+ * $Header: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/util/Attic/FileUtil.java,v 1.9.2.6 2001/03/05 04:02:49 marcsaeg Exp $
+ * $Revision: 1.9.2.6 $
+ * $Date: 2001/03/05 04:02:49 $
*
* ====================================================================
*
@@ -228,7 +228,7 @@
}
public static String patch(String path) {
- String patchPath = path.trim();
+ String patchPath = path;
// Move drive spec to the front of the path
if (patchPath.length() >= 3 &&