You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by hg...@apache.org on 2001/09/27 12:42:26 UTC
cvs commit: jakarta-tomcat-connectors/jk/native/common jk_uri_worker_map.c
hgomez 01/09/27 03:42:26
Modified: jk/native/common jk_uri_worker_map.c
Log:
BackPort security fix from TC 3.3 to J-T-C
Revision Changes Path
1.8 +5 -3 jakarta-tomcat-connectors/jk/native/common/jk_uri_worker_map.c
Index: jk_uri_worker_map.c
===================================================================
RCS file: /home/cvs/jakarta-tomcat-connectors/jk/native/common/jk_uri_worker_map.c,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- jk_uri_worker_map.c 2001/08/06 17:31:45 1.7
+++ jk_uri_worker_map.c 2001/09/27 10:42:26 1.8
@@ -67,7 +67,7 @@
* servlet container. *
* *
* Author: Gal Shachor <sh...@il.ibm.com> *
- * Version: $Revision: 1.7 $ *
+ * Version: $Revision: 1.8 $ *
***************************************************************************/
#include "jk_pool.h"
@@ -413,11 +413,11 @@
unsigned i;
unsigned best_match = -1;
unsigned longest_match = 0;
- char clean_uri[4096];
+ char clean_uri = NULL;
char *url_rewrite = strstr(uri, JK_PATH_SESSION_IDENTIFIER);
if(url_rewrite) {
- strcpy(clean_uri, uri);
+ clean_uri = strdup(uri);
url_rewrite = strstr(clean_uri, JK_PATH_SESSION_IDENTIFIER);
*url_rewrite = '\0';
uri = clean_uri;
@@ -485,6 +485,7 @@
}
if(-1 != best_match) {
+ free(clean_uri);
return uw_map->maps[best_match]->worker_name;
} else {
/*
@@ -501,6 +502,7 @@
jk_log(l, JK_LOG_EMERG,
"In jk_uri_worker_map_t::map_uri_to_worker, found a security fraud in '%s'\n",
uri);
+ free(clean_uri);
return uw_map->maps[fraud]->worker_name;
}
}