https://issues.apache.org/bugzilla/show_bug.cgi?id=45933
Summary: Error processing TLD file in webapp with XML parser
Product: Tomcat 5
Version: 5.5.27
Platform: PC
OS/Version: All
Status: NEW
Severity: normal
Priority: P3
Component: Catalina
AssignedTo: [email protected]
ReportedBy: [EMAIL PROTECTED]
CC: [EMAIL PROTECTED]
Along the same lines with CR 29936,
com.apache.catalina.startup.TldConfig.tldDigester has an issue with
initialization. Basically, the TldConfig's parser can be initialized with the
webapp's XML parser, which causes a security problem, since it has permission
issues with reading files. This is caused by a similar scenario to CR 29936:
1) Remove all stock webapps that come with the standard installation. This
includes the ones in server/webapps. Remember to remove the configurations in
conf/Catalina.
2) Add a webapp that has a XML parser located in WEB-INF/lib. For instance,
one from sourceforge or Apache Xerces.
3) Add a library containing a .tld file in META-INF like Spring.
4) In order to actually have a log containing the error, you need to enable
logging. For example, by following the instructions laid out in
http://tomcat.apache.org/tomcat-5.5-doc/logging.html. I used log4j.
5) Start the appserver in secure mode.
You should see an error in the log similar to the following:
ERROR main org.apache.catalina.startup.TldConfig - Exception processing TLD
META-INF/spring-form.tld in JAR at resource path
TOMCAT_PATH/webapps/MY_WAR/WEB-INF/lib/spring.jar in context /MY_WAR
java.security.AccessControlException: access denied (java.io.FilePermission
TOMCAT_PATH/common/lib/jsp-api.jar read)
at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
at
java.security.AccessController.checkPermission(AccessController.java:546)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
at java.util.zip.ZipFile.<init>(ZipFile.java:109)
at java.util.jar.JarFile.<init>(JarFile.java:133)
at java.util.jar.JarFile.<init>(JarFile.java:70)
at sun.net.www.protocol.jar.URLJarFile.<init>(URLJarFile.java:72)
at sun.net.www.protocol.jar.URLJarFile.getJarFile(URLJarFile.java:48)
at sun.net.www.protocol.jar.JarFileFactory.get(JarFileFactory.java:53)
at
sun.net.www.protocol.jar.JarURLConnection.connect(JarURLConnection.java:104)
at
sun.net.www.protocol.jar.JarURLConnection.getInputStream(JarURLConnection.java:132)
at java.net.URL.openStream(URL.java:1009)
at org.apache.xerces.impl.XMLEntityManager.setupCurrentEntity(Unknown
Source)
at org.apache.xerces.impl.XMLEntityManager.startEntity(Unknown Source)
at org.apache.xerces.impl.XMLEntityManager.startDTDEntity(Unknown
Source)
at org.apache.xerces.impl.XMLDTDScannerImpl.setInputSource(Unknown
Source)
at
org.apache.xerces.impl.XMLDocumentScannerImpl$DTDDispatcher.dispatch(Unknown
Source)
at
org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(Unknown
Source)
at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
at org.apache.xerces.parsers.DTDConfiguration.parse(Unknown Source)
at org.apache.xerces.parsers.XMLParser.parse(Unknown Source)
at org.apache.xerces.parsers.AbstractSAXParser.parse(Unknown Source)
at org.apache.tomcat.util.digester.Digester.parse(Digester.java:1562)
at
org.apache.catalina.startup.TldConfig.tldScanStream(TldConfig.java:514)
at org.apache.catalina.startup.TldConfig.tldScanJar(TldConfig.java:472)
at org.apache.catalina.startup.TldConfig.execute(TldConfig.java:307)
at
org.apache.catalina.core.StandardContext.processTlds(StandardContext.java:4307)
at
org.apache.catalina.core.StandardContext.start(StandardContext.java:4144)
at
org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:760)
at
org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:122)
at
org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:144)
at java.security.AccessController.doPrivileged(Native Method)
at
org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:738)
at
org.apache.catalina.core.StandardHost.addChild(StandardHost.java:544)
at
org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:831)
at
org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:720)
at
org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:490)
at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1150)
at
org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311)
at
org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:120)
at
org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1022)
at org.apache.catalina.core.StandardHost.start(StandardHost.java:736)
at
org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1014)
at
org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
at
org.apache.catalina.core.StandardService.start(StandardService.java:448)
at
org.apache.catalina.core.StandardServer.start(StandardServer.java:700)
at org.apache.catalina.startup.Catalina.start(Catalina.java:552)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:295)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:433)
Note that if you restart the appserver, you will need to remove the webapp's
TLD cache located at "TOMCAT_PATH/work/Catalina/localhost/MY_WAR/tldCache.ser"
to reproduce the error again.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
