Download
Getting Started
Members
Projects
Community
Marketplace
Events
Planet Eclipse
Newsletter
Videos
Participate
Report a Bug
Forums
Mailing Lists
Wiki
IRC
How to Contribute
Working Groups
Automotive
Internet of Things
LocationTech
Long-Term Support
PolarSys
Science
OpenMDM
More
Community
Marketplace
Events
Planet Eclipse
Newsletter
Videos
Participate
Report a Bug
Forums
Mailing Lists
Wiki
IRC
How to Contribute
Working Groups
Automotive
Internet of Things
LocationTech
Long-Term Support
PolarSys
Science
OpenMDM
Toggle navigation
Bugzilla – Attachment 182140 Details for
Bug 328795
[Webapp] Possible security issue with JSP code exposure.
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
Log In
[x]
|
Terms of Use
|
Copyright Agent
[patch]
Proposed jsp and http registry fix
328795.txt (text/plain), 4.32 KB, created by
Simon Kaegi
on 2010-11-01 10:23:50 EDT
(
hide
)
Description:
Proposed jsp and http registry fix
Filename:
MIME Type:
Creator:
Simon Kaegi
Created:
2010-11-01 10:23:50 EDT
Size:
4.32 KB
patch
obsolete
>### Eclipse Workspace Patch 1.0 >#P org.eclipse.equinox.http.registry >Index: META-INF/MANIFEST.MF >=================================================================== >RCS file: /cvsroot/rt/org.eclipse.equinox/server-side/bundles/org.eclipse.equinox.http.registry/META-INF/MANIFEST.MF,v >retrieving revision 1.11 >diff -u -r1.11 MANIFEST.MF >--- META-INF/MANIFEST.MF 7 Jan 2010 17:41:03 -0000 1.11 >+++ META-INF/MANIFEST.MF 1 Nov 2010 14:16:39 -0000 >@@ -2,7 +2,7 @@ > Bundle-ManifestVersion: 2 > Bundle-Name: %bundleName > Bundle-SymbolicName: org.eclipse.equinox.http.registry;singleton:=true >-Bundle-Version: 1.1.0.qualifier >+Bundle-Version: 1.1.100.qualifier > Bundle-Activator: org.eclipse.equinox.http.registry.internal.Activator > Bundle-Localization: plugin > Require-Bundle: org.eclipse.equinox.common, >Index: src/org/eclipse/equinox/http/registry/internal/DefaultRegistryHttpContext.java >=================================================================== >RCS file: /cvsroot/rt/org.eclipse.equinox/server-side/bundles/org.eclipse.equinox.http.registry/src/org/eclipse/equinox/http/registry/internal/DefaultRegistryHttpContext.java,v >retrieving revision 1.2 >diff -u -r1.2 DefaultRegistryHttpContext.java >--- src/org/eclipse/equinox/http/registry/internal/DefaultRegistryHttpContext.java 23 May 2007 21:09:58 -0000 1.2 >+++ src/org/eclipse/equinox/http/registry/internal/DefaultRegistryHttpContext.java 1 Nov 2010 14:16:39 -0000 >@@ -115,7 +115,7 @@ > String path = resourceName.substring(0, lastSlash); > if (path.length() == 0) > path = "/"; //$NON-NLS-1$ >- String file = resourceName.substring(lastSlash + 1); >+ String file = sanitizeEntryName(resourceName.substring(lastSlash + 1)); > Enumeration entryPaths = bundle.findEntries(path, file, false); > > if (entryPaths != null && entryPaths.hasMoreElements()) >@@ -124,6 +124,29 @@ > return null; > } > >+ private String sanitizeEntryName(String name) { >+ StringBuffer buffer = null; >+ for (int i = 0; i < name.length(); i++) { >+ char c = name.charAt(i); >+ switch (c) { >+ case '*' : >+ case '\\' : >+ // we need to escape '*' and '\' >+ if (buffer == null) { >+ buffer = new StringBuffer(name.length() + 16); >+ buffer.append(name.substring(0, i)); >+ } >+ buffer.append('\\').append(c); >+ break; >+ default : >+ if (buffer != null) >+ buffer.append(c); >+ break; >+ } >+ } >+ return (buffer == null) ? name : buffer.toString(); >+ } >+ > public Set getResourcePaths(String path) { > if (bundlePath != null) > path = bundlePath + path; >#P org.eclipse.equinox.jsp.jasper >Index: src/org/eclipse/equinox/jsp/jasper/JspServlet.java >=================================================================== >RCS file: /cvsroot/rt/org.eclipse.equinox/server-side/bundles/org.eclipse.equinox.jsp.jasper/src/org/eclipse/equinox/jsp/jasper/JspServlet.java,v >retrieving revision 1.6 >diff -u -r1.6 JspServlet.java >--- src/org/eclipse/equinox/jsp/jasper/JspServlet.java 30 Oct 2010 20:09:16 -0000 1.6 >+++ src/org/eclipse/equinox/jsp/jasper/JspServlet.java 1 Nov 2010 14:16:39 -0000 >@@ -213,7 +213,7 @@ > String path = resourceName.substring(0, lastSlash); > if (path.length() == 0) > path = "/"; //$NON-NLS-1$ >- String file = resourceName.substring(lastSlash + 1); >+ String file = sanitizeEntryName(resourceName.substring(lastSlash + 1)); > Enumeration entryPaths = bundle.findEntries(path, file, false); > if (entryPaths != null && entryPaths.hasMoreElements()) > return (URL) entryPaths.nextElement(); >@@ -221,6 +221,29 @@ > return delegate.getResource(name); > } > >+ private String sanitizeEntryName(String name) { >+ StringBuffer buffer = null; >+ for (int i = 0; i < name.length(); i++) { >+ char c = name.charAt(i); >+ switch (c) { >+ case '*' : >+ case '\\' : >+ // we need to escape '*' and '\' >+ if (buffer == null) { >+ buffer = new StringBuffer(name.length() + 16); >+ buffer.append(name.substring(0, i)); >+ } >+ buffer.append('\\').append(c); >+ break; >+ default : >+ if (buffer != null) >+ buffer.append(c); >+ break; >+ } >+ } >+ return (buffer == null) ? name : buffer.toString(); >+ } >+ > public InputStream getResourceAsStream(String name) { > try { > URL resourceURL = getResource(name);
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=182140">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 328795
:
181993
|
182067
|
182068
|
182069
|
182070
| 182140 |
182148
