Author: markt
Date: Mon Jun 27 09:27:20 2011
New Revision: 1140071
URL: http://svn.apache.org/viewvc?rev=1140071&view=rev
Log:
Fix CVE-2011-2204.
Prevent user passwords appearing in log files if a runtime exception (e.g.
OOME) occurs while creating a new user for a MemoryUserDatabase via JMX.
Modified:
tomcat/tc6.0.x/trunk/java/org/apache/catalina/mbeans/MemoryUserDatabaseMBean.java
tomcat/tc6.0.x/trunk/java/org/apache/catalina/users/MemoryUser.java
tomcat/tc6.0.x/trunk/java/org/apache/catalina/users/MemoryUserDatabase.java
tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
Modified:
tomcat/tc6.0.x/trunk/java/org/apache/catalina/mbeans/MemoryUserDatabaseMBean.java
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/mbeans/MemoryUserDatabaseMBean.java?rev=1140071&r1=1140070&r2=1140071&view=diff
==============================================================================
---
tomcat/tc6.0.x/trunk/java/org/apache/catalina/mbeans/MemoryUserDatabaseMBean.java
(original)
+++
tomcat/tc6.0.x/trunk/java/org/apache/catalina/mbeans/MemoryUserDatabaseMBean.java
Mon Jun 27 09:27:20 2011
@@ -180,7 +180,7 @@ public class MemoryUserDatabaseMBean ext
MBeanUtils.createMBean(group);
} catch (Exception e) {
IllegalArgumentException iae = new IllegalArgumentException
- ("Exception creating group " + group + " MBean");
+ ("Exception creating group [" + groupname + "] MBean");
iae.initCause(e);
throw iae;
}
@@ -203,7 +203,7 @@ public class MemoryUserDatabaseMBean ext
MBeanUtils.createMBean(role);
} catch (Exception e) {
IllegalArgumentException iae = new IllegalArgumentException
- ("Exception creating role " + role + " MBean");
+ ("Exception creating role [" + rolename + "] MBean");
iae.initCause(e);
throw iae;
}
@@ -228,7 +228,7 @@ public class MemoryUserDatabaseMBean ext
MBeanUtils.createMBean(user);
} catch (Exception e) {
IllegalArgumentException iae = new IllegalArgumentException
- ("Exception creating user " + user + " MBean");
+ ("Exception creating user [" + username + "] MBean");
iae.initCause(e);
throw iae;
}
@@ -256,7 +256,7 @@ public class MemoryUserDatabaseMBean ext
return (oname.toString());
} catch (MalformedObjectNameException e) {
IllegalArgumentException iae = new IllegalArgumentException
- ("Cannot create object name for group " + group);
+ ("Cannot create object name for group [" + groupname + "]");
iae.initCause(e);
throw iae;
}
@@ -283,7 +283,7 @@ public class MemoryUserDatabaseMBean ext
return (oname.toString());
} catch (MalformedObjectNameException e) {
IllegalArgumentException iae = new IllegalArgumentException
- ("Cannot create object name for role " + role);
+ ("Cannot create object name for role [" + rolename + "]");
iae.initCause(e);
throw iae;
}
@@ -310,7 +310,7 @@ public class MemoryUserDatabaseMBean ext
return (oname.toString());
} catch (MalformedObjectNameException e) {
IllegalArgumentException iae = new IllegalArgumentException
- ("Cannot create object name for user " + user);
+ ("Cannot create object name for user [" + username + "]");
iae.initCause(e);
throw iae;
}
@@ -335,7 +335,7 @@ public class MemoryUserDatabaseMBean ext
database.removeGroup(group);
} catch (Exception e) {
IllegalArgumentException iae = new IllegalArgumentException
- ("Exception destroying group " + group + " MBean");
+ ("Exception destroying group [" + groupname + "] MBean");
iae.initCause(e);
throw iae;
}
@@ -360,7 +360,7 @@ public class MemoryUserDatabaseMBean ext
database.removeRole(role);
} catch (Exception e) {
IllegalArgumentException iae = new IllegalArgumentException
- ("Exception destroying role " + role + " MBean");
+ ("Exception destroying role [" + rolename + "] MBean");
iae.initCause(e);
throw iae;
}
@@ -385,7 +385,7 @@ public class MemoryUserDatabaseMBean ext
database.removeUser(user);
} catch (Exception e) {
IllegalArgumentException iae = new IllegalArgumentException
- ("Exception destroying user " + user + " MBean");
+ ("Exception destroying user [" + username + "] MBean");
iae.initCause(e);
throw iae;
}
Modified: tomcat/tc6.0.x/trunk/java/org/apache/catalina/users/MemoryUser.java
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/users/MemoryUser.java?rev=1140071&r1=1140070&r2=1140071&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/java/org/apache/catalina/users/MemoryUser.java
(original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/users/MemoryUser.java Mon Jun
27 09:27:20 2011
@@ -246,7 +246,7 @@ public class MemoryUser extends Abstract
* <code>username</code> or </code>name</code> for the username
* property.</p>
*/
- public String toString() {
+ public String toXml() {
StringBuffer sb = new StringBuffer("<user username=\"");
sb.append(RequestUtil.filter(username));
@@ -293,5 +293,52 @@ public class MemoryUser extends Abstract
}
+ /**
+ * <p>Return a String representation of this user.</p>
+ */
+ @Override
+ public String toString() {
+
+ StringBuilder sb = new StringBuilder("User username=\"");
+ sb.append(RequestUtil.filter(username));
+ sb.append("\"");
+ if (fullName != null) {
+ sb.append(", fullName=\"");
+ sb.append(RequestUtil.filter(fullName));
+ sb.append("\"");
+ }
+ synchronized (groups) {
+ if (groups.size() > 0) {
+ sb.append(", groups=\"");
+ int n = 0;
+ Iterator<Group> values = groups.iterator();
+ while (values.hasNext()) {
+ if (n > 0) {
+ sb.append(',');
+ }
+ n++;
+
sb.append(RequestUtil.filter(values.next().getGroupname()));
+ }
+ sb.append("\"");
+ }
+ }
+ synchronized (roles) {
+ if (roles.size() > 0) {
+ sb.append(", roles=\"");
+ int n = 0;
+ Iterator<Role> values = roles.iterator();
+ while (values.hasNext()) {
+ if (n > 0) {
+ sb.append(',');
+ }
+ n++;
+ sb.append(RequestUtil.filter(values.next().getRolename()));
+ }
+ sb.append("\"");
+ }
+ }
+ return (sb.toString());
+ }
+
}
Modified:
tomcat/tc6.0.x/trunk/java/org/apache/catalina/users/MemoryUserDatabase.java
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/users/MemoryUserDatabase.java?rev=1140071&r1=1140070&r2=1140071&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/java/org/apache/catalina/users/MemoryUserDatabase.java
(original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/users/MemoryUserDatabase.java
Mon Jun 27 09:27:20 2011
@@ -549,7 +549,7 @@ public class MemoryUserDatabase implemen
values = getUsers();
while (values.hasNext()) {
writer.print(" ");
- writer.println(values.next());
+ writer.println(((MemoryUser) values.next()).toXml());
}
// Print the file epilog
Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=1140071&r1=1140070&r2=1140071&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Mon Jun 27 09:27:20 2011
@@ -130,6 +130,11 @@
Add a container event that is fired when a session's ID is
changed,
e.g. on authentication. (markt)
</add>
+ <fix>
+ Fix CVE-2011-2204. Prevent user passwords appearing in log files if a
+ runtime exception (e.g. OOME) occurs while creating a new user for a
+ MemoryUserDatabase via JMX. (markt)
+ </fix>
</changelog>
</subsection>
<subsection name="Coyote">
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
