You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by re...@apache.org on 2001/01/04 21:00:36 UTC
cvs commit: jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/servlets DefaultServlet.java
remm 01/01/04 12:00:36
Modified: catalina/src/share/org/apache/catalina/resources
ResourcesBase.java
catalina/src/share/org/apache/catalina/servlets
DefaultServlet.java
Log:
- Enhanced path normalization (before, only %20 was supported), with
Unicode decoding of "escaped" characters in the URL (%xx char codes).
Path submitted by David Weinrich.
Revision Changes Path
1.4 +34 -14 jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/resources/ResourcesBase.java
Index: ResourcesBase.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/resources/ResourcesBase.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- ResourcesBase.java 2000/10/17 19:45:25 1.3
+++ ResourcesBase.java 2001/01/04 20:00:32 1.4
@@ -1,7 +1,7 @@
/*
- * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/resources/ResourcesBase.java,v 1.3 2000/10/17 19:45:25 craigmcc Exp $
- * $Revision: 1.3 $
- * $Date: 2000/10/17 19:45:25 $
+ * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/resources/ResourcesBase.java,v 1.4 2001/01/04 20:00:32 remm Exp $
+ * $Revision: 1.4 $
+ * $Date: 2001/01/04 20:00:32 $
*
* ====================================================================
*
@@ -101,7 +101,7 @@
* (such as a local or remote JAR file).
*
* @author Craig R. McClanahan
- * @version $Revision: 1.3 $ $Date: 2000/10/17 19:45:25 $
+ * @version $Revision: 1.4 $ $Date: 2001/01/04 20:00:32 $
*/
public abstract class ResourcesBase
@@ -962,8 +962,37 @@
*/
protected String normalize(String path) {
- // Normalize the slashes and add leading slash if necessary
String normalized = path;
+
+ // Resolve encoded characters in the normalized path,
+ // which also handles encoded spaces so we can skip that later.
+ // Placed at the beginning of the chain so that encoded
+ // bad stuff(tm) can be caught by the later checks
+ while (true) {
+ int index = normalized.indexOf("%");
+ if (index < 0)
+ break;
+ char replaceChar;
+ try {
+ replaceChar =
+ (char) (Short.parseShort
+ (normalized.substring(index + 1, index + 3), 16));
+ } catch ( NumberFormatException nfe ) {
+ return (null); // bad encoded characters in url
+ }
+ // check for control characters ( values 00-1f and 7f-9f),
+ // return null if present. See:
+ // http://www.unicode.org/charts/PDF/U0000.pdf
+ // http://www.unicode.org/charts/PDF/U0080.pdf
+ if ( Character.isISOControl( replaceChar ) ) {
+ return (null);
+ }
+ normalized = normalized.substring(0, index) +
+ replaceChar +
+ normalized.substring(index + 3);
+ }
+
+ // Normalize the slashes and add leading slash if necessary
if (normalized.indexOf('\\') >= 0)
normalized = normalized.replace('\\', '/');
if (!normalized.startsWith("/"))
@@ -977,15 +1006,6 @@
normalized = normalized.substring(0, index) +
normalized.substring(index + 1);
}
-
- // Resolve occurrences of "%20" in the normalized path
- while (true) {
- int index = normalized.indexOf("%20");
- if (index < 0)
- break;
- normalized = normalized.substring(0, index) + " " +
- normalized.substring(index + 3);
- }
// Resolve occurrences of "/./" in the normalized path
while (true) {
1.17 +36 -14 jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/servlets/DefaultServlet.java
Index: DefaultServlet.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/servlets/DefaultServlet.java,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- DefaultServlet.java 2000/12/11 17:07:25 1.16
+++ DefaultServlet.java 2001/01/04 20:00:35 1.17
@@ -1,7 +1,7 @@
/*
- * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/servlets/DefaultServlet.java,v 1.16 2000/12/11 17:07:25 remm Exp $
- * $Revision: 1.16 $
- * $Date: 2000/12/11 17:07:25 $
+ * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/servlets/DefaultServlet.java,v 1.17 2001/01/04 20:00:35 remm Exp $
+ * $Revision: 1.17 $
+ * $Date: 2001/01/04 20:00:35 $
*
* ====================================================================
*
@@ -112,7 +112,7 @@
*
* @author Craig R. McClanahan
* @author Remy Maucherat
- * @version $Revision: 1.16 $ $Date: 2000/12/11 17:07:25 $
+ * @version $Revision: 1.17 $ $Date: 2001/01/04 20:00:35 $
*/
public class DefaultServlet
@@ -730,8 +730,39 @@
*/
protected String normalize(String path) {
- // Normalize the slashes and add leading slash if necessary
String normalized = path;
+
+ // Resolve encoded characters in the normalized path,
+ // which also handles encoded spaces so we can skip that later.
+ // Placed at the beginning of the chain so that encoded
+ // bad stuff(tm) can be caught by the later checks
+ while (true) {
+ int index = normalized.indexOf("%");
+ if (index < 0)
+ break;
+ char replaceChar;
+ try {
+ replaceChar = (char) (
+ Short.parseShort(
+ normalized.substring( index + 1, index + 3 ), 16
+ )
+ );
+ } catch ( NumberFormatException nfe ) {
+ return (null); // bad encoded characters in url
+ }
+ // check for control characters ( values 00-1f and 7f-9f),
+ // return null if present. See:
+ // http://www.unicode.org/charts/PDF/U0000.pdf
+ // http://www.unicode.org/charts/PDF/U0080.pdf
+ if ( Character.isISOControl( replaceChar ) ) {
+ return (null);
+ }
+ normalized = normalized.substring(0, index) +
+ replaceChar +
+ normalized.substring(index + 3);
+ }
+
+ // Normalize the slashes and add leading slash if necessary
if (normalized.indexOf('\\') >= 0)
normalized = normalized.replace('\\', '/');
if (!normalized.startsWith("/"))
@@ -745,15 +776,6 @@
normalized = normalized.substring(0, index) +
normalized.substring(index + 1);
}
-
- // Resolve occurrences of "%20" in the normalized path
- while (true) {
- int index = normalized.indexOf("%20");
- if (index < 0)
- break;
- normalized = normalized.substring(0, index) + " " +
- normalized.substring(index + 3);
- }
// Resolve occurrences of "/./" in the normalized path
while (true) {