(tomcat) branch 9.0.x updated: Code clean-up - formatting. No functional change.
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new 2b0508581a Code clean-up - formatting. No functional change. 2b0508581a is described below commit 2b0508581aaa6413a83dc1a334b3cc8a17661bca Author: Mark Thomas AuthorDate: Fri May 17 19:35:25 2024 +0100 Code clean-up - formatting. No functional change. --- java/org/apache/catalina/util/CharsetMapper.java | 37 ++-- .../apache/catalina/util/ConcurrentDateFormat.java | 11 +- java/org/apache/catalina/util/ContextName.java | 32 ++- .../catalina/util/CustomObjectInputStream.java | 59 +++--- java/org/apache/catalina/util/DOMWriter.java | 5 +- .../org/apache/catalina/util/ErrorPageSupport.java | 10 +- java/org/apache/catalina/util/Extension.java | 72 +++ .../apache/catalina/util/ExtensionValidator.java | 147 + java/org/apache/catalina/util/IOTools.java | 36 ++-- java/org/apache/catalina/util/Introspection.java | 66 +++--- java/org/apache/catalina/util/LifecycleBase.java | 85 +++- .../apache/catalina/util/LifecycleMBeanBase.java | 65 +++--- .../org/apache/catalina/util/ManifestResource.java | 67 +++--- java/org/apache/catalina/util/ParameterMap.java| 33 ++- java/org/apache/catalina/util/RequestUtil.java | 9 +- java/org/apache/catalina/util/ResourceSet.java | 31 +-- java/org/apache/catalina/util/ServerInfo.java | 21 +- java/org/apache/catalina/util/SessionConfig.java | 14 +- .../catalina/util/SessionIdGeneratorBase.java | 97 - .../catalina/util/StandardSessionIdGenerator.java | 4 +- java/org/apache/catalina/util/Strftime.java| 232 ++--- java/org/apache/catalina/util/StringUtil.java | 10 +- java/org/apache/catalina/util/TLSUtil.java | 10 +- .../apache/catalina/util/TimeBucketCounter.java| 8 +- java/org/apache/catalina/util/ToStringUtil.java| 6 +- java/org/apache/catalina/util/TomcatCSS.java | 13 +- java/org/apache/catalina/util/URLEncoder.java | 30 ++- java/org/apache/catalina/util/XMLWriter.java | 122 ++- 28 files changed, 568 insertions(+), 764 deletions(-) diff --git a/java/org/apache/catalina/util/CharsetMapper.java b/java/org/apache/catalina/util/CharsetMapper.java index c04d1c5e4e..5bb215e62f 100644 --- a/java/org/apache/catalina/util/CharsetMapper.java +++ b/java/org/apache/catalina/util/CharsetMapper.java @@ -25,14 +25,11 @@ import org.apache.tomcat.util.ExceptionUtils; import org.apache.tomcat.util.compat.JreCompat; - /** - * Utility class that attempts to map from a Locale to the corresponding - * character set to be used for interpreting input text (or generating - * output text) when the Content-Type header does not include one. You - * can customize the behavior of this class by modifying the mapping data - * it loads, or by subclassing it (to change the algorithm) and then using - * your own version for a particular web application. + * Utility class that attempts to map from a Locale to the corresponding character set to be used for interpreting input + * text (or generating output text) when the Content-Type header does not include one. You can customize the behavior of + * this class by modifying the mapping data it loads, or by subclassing it (to change the algorithm) and then using your + * own version for a particular web application. * * @author Craig R. McClanahan */ @@ -45,8 +42,7 @@ public class CharsetMapper { /** * Default properties resource name. */ -public static final String DEFAULT_RESOURCE = - "/org/apache/catalina/util/CharsetMapperDefault.properties"; +public static final String DEFAULT_RESOURCE = "/org/apache/catalina/util/CharsetMapperDefault.properties"; // -- Constructors @@ -65,8 +61,7 @@ public class CharsetMapper { * * @param name Name of a properties resource to be loaded * - * @exception IllegalArgumentException if the specified properties - * resource could not be loaded for any reason. + * @exception IllegalArgumentException if the specified properties resource could not be loaded for any reason. */ public CharsetMapper(String name) { if (JreCompat.isGraalAvailable()) { @@ -86,8 +81,7 @@ public class CharsetMapper { /** - * The mapping properties that have been initialized from the specified or - * default properties resource. + * The mapping properties that have been initialized from the specified or default properties resource. */ private Properties map = new Properties(); @@ -96,11 +90,11 @@ public class CharsetMapper { /** - * Calculate the name of a character set to be assumed, given the
[Bug 69016] HttpURLConnection getOutputStream createCapacityException
https://bz.apache.org/bugzilla/show_bug.cgi?id=69016 --- Comment #3 from Christopher Schultz --- Also, an example of the full HTTP request including headers and body would be very helpful, here. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: (tomcat-native) branch main updated: Ensure local reference capacity is available for array allocations.
Michael, On 5/16/24 10:39, Michael Osipov wrote: Not for 1.3.x? Good question. I wasn't sure how much energy we are expecting to put into tcnative 1.3.x. I have no problem back-porting this if its what the team wants. -chris On 2024/05/16 13:52:45 schu...@apache.org wrote: This is an automated email from the ASF dual-hosted git repository. schultz pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat-native.git The following commit(s) were added to refs/heads/main by this push: new e49f0fe5c Ensure local reference capacity is available for array allocations. e49f0fe5c is described below commit e49f0fe5c26612df01c636e7019cd70d78948976 Author: Christopher Schultz AuthorDate: Thu May 16 09:51:45 2024 -0400 Ensure local reference capacity is available for array allocations. --- native/src/jnilib.c | 14 -- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/native/src/jnilib.c b/native/src/jnilib.c index 342df3b9c..836502c52 100644 --- a/native/src/jnilib.c +++ b/native/src/jnilib.c @@ -133,6 +133,9 @@ jstring tcn_new_stringn(JNIEnv *env, const char *str, size_t l) jbyteArray tcn_new_arrayb(JNIEnv *env, const unsigned char *data, size_t len) { +if ((*env)->EnsureLocalCapacity(env, 1) < 0) { +return NULL; /* out of memory error */ +} jbyteArray bytes = (*env)->NewByteArray(env, (jsize)len); if (bytes != NULL) { (*env)->SetByteArrayRegion(env, bytes, 0, (jint)len, (jbyte *)data); @@ -142,15 +145,22 @@ jbyteArray tcn_new_arrayb(JNIEnv *env, const unsigned char *data, size_t len) jobjectArray tcn_new_arrays(JNIEnv *env, size_t len) { +if ((*env)->EnsureLocalCapacity(env, 1) < 0) { +return NULL; /* out of memory error */ +} return (*env)->NewObjectArray(env, (jsize)len, jString_class, NULL); } jstring tcn_new_string(JNIEnv *env, const char *str) { -if (!str) +if (!str) { return NULL; -else +} else { +if ((*env)->EnsureLocalCapacity(env, 1) < 0) { +return NULL; /* out of memory error */ +} return (*env)->NewStringUTF(env, str); +} } char *tcn_get_string(JNIEnv *env, jstring jstr) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat) branch 10.1.x updated: OpenSSL might crash here when passing null on some platforms
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch 10.1.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/10.1.x by this push: new 6435647905 OpenSSL might crash here when passing null on some platforms 6435647905 is described below commit 64356479050872916ca43a0cb73dfd413667106e Author: remm AuthorDate: Fri May 17 10:51:46 2024 +0200 OpenSSL might crash here when passing null on some platforms Also simplify code, it is best to set MemorySegment.NULL rather than null and then check again to pass MemorySegment.NULL later. Port from tomcat-native --- .../tomcat/util/net/openssl/panama/OpenSSLContext.java | 14 +++--- webapps/docs/changelog.xml | 4 2 files changed, 11 insertions(+), 7 deletions(-) diff --git a/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java b/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java index b483506d19..84b75a086b 100644 --- a/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java +++ b/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java @@ -560,24 +560,24 @@ public class OpenSSLContext implements org.apache.tomcat.util.net.SSLContext { } else { // Client certificate verification based on trusted CA files and dirs MemorySegment caCertificateFileNative = sslHostConfig.getCaCertificateFile() != null -? localArena.allocateFrom(SSLHostConfig.adjustRelativePath(sslHostConfig.getCaCertificateFile())) : null; +? localArena.allocateFrom(SSLHostConfig.adjustRelativePath(sslHostConfig.getCaCertificateFile())) : MemorySegment.NULL; MemorySegment caCertificatePathNative = sslHostConfig.getCaCertificatePath() != null -? localArena.allocateFrom(SSLHostConfig.adjustRelativePath(sslHostConfig.getCaCertificatePath())) : null; +? localArena.allocateFrom(SSLHostConfig.adjustRelativePath(sslHostConfig.getCaCertificatePath())) : MemorySegment.NULL; if ((sslHostConfig.getCaCertificateFile() != null || sslHostConfig.getCaCertificatePath() != null) && SSL_CTX_load_verify_locations(state.sslCtx, -caCertificateFileNative == null ? MemorySegment.NULL : caCertificateFileNative, -caCertificatePathNative == null ? MemorySegment.NULL : caCertificatePathNative) <= 0) { +caCertificateFileNative, caCertificatePathNative) <= 0) { logLastError("openssl.errorConfiguringLocations"); } else { var caCerts = SSL_CTX_get_client_CA_list(state.sslCtx); if (MemorySegment.NULL.equals(caCerts)) { -caCerts = SSL_load_client_CA_file(caCertificateFileNative == null ? MemorySegment.NULL : caCertificateFileNative); +caCerts = SSL_load_client_CA_file(caCertificateFileNative); if (!MemorySegment.NULL.equals(caCerts)) { SSL_CTX_set_client_CA_list(state.sslCtx, caCerts); } } else { -if (SSL_add_file_cert_subjects_to_stack(caCerts, -caCertificateFileNative == null ? MemorySegment.NULL : caCertificateFileNative) <= 0) { +// OpenSSL might crash here when passing null on some platforms +if (MemorySegment.NULL.equals(caCertificateFileNative) +|| (SSL_add_file_cert_subjects_to_stack(caCerts, caCertificateFileNative) <= 0)) { caCerts = MemorySegment.NULL; } } diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 959d0824f4..9b8066ddd3 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -111,6 +111,10 @@ Fix OpenSSL FFM use of ERR_error_string with a 128 byte buffer, and use ERR_error_string_n instead. (remm) + +Fix a crash on Windows setting CA certificate on null path. +(remm) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
(tomcat) branch main updated: OpenSSL might crash here when passing null on some platforms
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/main by this push: new c8b460dd41 OpenSSL might crash here when passing null on some platforms c8b460dd41 is described below commit c8b460dd41545aad0994457abe18fabf856b5968 Author: remm AuthorDate: Fri May 17 10:51:46 2024 +0200 OpenSSL might crash here when passing null on some platforms Also simplify code, it is best to set MemorySegment.NULL rather than null and then check again to pass MemorySegment.NULL later. Port from tomcat-native --- .../tomcat/util/net/openssl/panama/OpenSSLContext.java | 14 +++--- webapps/docs/changelog.xml | 4 2 files changed, 11 insertions(+), 7 deletions(-) diff --git a/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java b/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java index b483506d19..84b75a086b 100644 --- a/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java +++ b/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java @@ -560,24 +560,24 @@ public class OpenSSLContext implements org.apache.tomcat.util.net.SSLContext { } else { // Client certificate verification based on trusted CA files and dirs MemorySegment caCertificateFileNative = sslHostConfig.getCaCertificateFile() != null -? localArena.allocateFrom(SSLHostConfig.adjustRelativePath(sslHostConfig.getCaCertificateFile())) : null; +? localArena.allocateFrom(SSLHostConfig.adjustRelativePath(sslHostConfig.getCaCertificateFile())) : MemorySegment.NULL; MemorySegment caCertificatePathNative = sslHostConfig.getCaCertificatePath() != null -? localArena.allocateFrom(SSLHostConfig.adjustRelativePath(sslHostConfig.getCaCertificatePath())) : null; +? localArena.allocateFrom(SSLHostConfig.adjustRelativePath(sslHostConfig.getCaCertificatePath())) : MemorySegment.NULL; if ((sslHostConfig.getCaCertificateFile() != null || sslHostConfig.getCaCertificatePath() != null) && SSL_CTX_load_verify_locations(state.sslCtx, -caCertificateFileNative == null ? MemorySegment.NULL : caCertificateFileNative, -caCertificatePathNative == null ? MemorySegment.NULL : caCertificatePathNative) <= 0) { +caCertificateFileNative, caCertificatePathNative) <= 0) { logLastError("openssl.errorConfiguringLocations"); } else { var caCerts = SSL_CTX_get_client_CA_list(state.sslCtx); if (MemorySegment.NULL.equals(caCerts)) { -caCerts = SSL_load_client_CA_file(caCertificateFileNative == null ? MemorySegment.NULL : caCertificateFileNative); +caCerts = SSL_load_client_CA_file(caCertificateFileNative); if (!MemorySegment.NULL.equals(caCerts)) { SSL_CTX_set_client_CA_list(state.sslCtx, caCerts); } } else { -if (SSL_add_file_cert_subjects_to_stack(caCerts, -caCertificateFileNative == null ? MemorySegment.NULL : caCertificateFileNative) <= 0) { +// OpenSSL might crash here when passing null on some platforms +if (MemorySegment.NULL.equals(caCertificateFileNative) +|| (SSL_add_file_cert_subjects_to_stack(caCerts, caCertificateFileNative) <= 0)) { caCerts = MemorySegment.NULL; } } diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 9385c86de5..777667c181 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -111,6 +111,10 @@ Fix OpenSSL FFM use of ERR_error_string with a 128 byte buffer, and use ERR_error_string_n instead. (remm) + +Fix a crash on Windows setting CA certificate on null path. +(remm) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org