You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2016/09/26 18:46:15 UTC
svn commit: r1762353 - in /tomcat/trunk:
java/org/apache/catalina/startup/PasswdUserDatabase.java
webapps/docs/changelog.xml
Author: markt
Date: Mon Sep 26 18:46:15 2016
New Revision: 1762353
URL: http://svn.apache.org/viewvc?rev=1762353&view=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=60167
Ignore empty lines in /etc/passwd files when using the PasswdUserDatabase.
Modified:
tomcat/trunk/java/org/apache/catalina/startup/PasswdUserDatabase.java
tomcat/trunk/webapps/docs/changelog.xml
Modified: tomcat/trunk/java/org/apache/catalina/startup/PasswdUserDatabase.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/startup/PasswdUserDatabase.java?rev=1762353&r1=1762352&r2=1762353&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/startup/PasswdUserDatabase.java (original)
+++ tomcat/trunk/java/org/apache/catalina/startup/PasswdUserDatabase.java Mon Sep 26 18:46:15 2016
@@ -99,46 +99,16 @@ public final class PasswdUserDatabase im
* Initialize our set of users and home directories.
*/
private void init() {
-
try (BufferedReader reader = new BufferedReader(new FileReader(PASSWORD_FILE))) {
- while (true) {
- // Accumulate the next line
- StringBuilder buffer = new StringBuilder();
- while (true) {
- int ch = reader.read();
- if ((ch < 0) || (ch == '\n')) {
- break;
- }
- buffer.append((char) ch);
- }
- String line = buffer.toString();
- if (line.length() < 1) {
- break;
- }
-
- // Parse the line into constituent elements
- int n = 0;
- String tokens[] = new String[7];
- for (int i = 0; i < tokens.length; i++) {
- tokens[i] = null;
- }
- while (n < tokens.length) {
- String token = null;
- int colon = line.indexOf(':');
- if (colon >= 0) {
- token = line.substring(0, colon);
- line = line.substring(colon + 1);
- } else {
- token = line;
- line = "";
- }
- tokens[n++] = token;
- }
-
- // Add this user and corresponding directory
- if ((tokens[0] != null) && (tokens[5] != null)) {
+ String line = reader.readLine();
+ while (line != null) {
+ String tokens[] = line.split(":");
+ // Need non-zero 1st and 6th tokens
+ if (tokens.length > 5 && tokens[0].length() > 0 && tokens[5].length() > 0) {
+ // Add this user and corresponding directory
homes.put(tokens[0], tokens[5]);
}
+ line = reader.readLine();
}
} catch (Exception e) {
log.warn(sm.getString("passwdUserDatabase.readFail"), e);
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1762353&r1=1762352&r2=1762353&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Mon Sep 26 18:46:15 2016
@@ -90,6 +90,10 @@
unknown type or specifies the wrong type. (markt)
</add>
<fix>
+ <bug>60167</bug>: Ignore empty lines in <code>/etc/passwd</code> files
+ when using the <code>PasswdUserDatabase</code>. (markt)
+ </fix>
+ <fix>
<bug>60170</bug>: Exclude the compressed test file
<code>index.html.br</code> from RAT analysis. Patch provided by Gavin
McDonald. (markt)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org