https://bz.apache.org/bugzilla/show_bug.cgi?id=65433
Bug ID: 65433
Summary: Possible StringIndexOutOfBoundsException for symlinks
in DirResourceSet.listWebAppPaths
Product: Tomcat 9
Version: 9.0.50
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Catalina
Assignee: dev@tomcat.apache.org
Reporter: c_ig...@yahoo.co.uk
Target Milestone: -----
Created attachment 37944
--> https://bz.apache.org/bugzilla/attachment.cgi?id=37944&action=edit
Patch to fix bug
When entry is symbolic link outside of parent directory, it is possible that
its cannonical path will be shorter than parent's cannonical path. In that case
attempt to evaluate expression
canPath = entry.getCanonicalPath().substring(f.getCanonicalPath().length());
will end in throwing java.lang.StringIndexOutOfBoundsException.
Suggested solution is to compare lengths begore evaluation.
It is possible that this problem is also present elsewhere.
Same problem will affect 10.0.x and 8.5.x branches as well.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
