[Bug 62498] FileDirContext validate not working properly for directories
https://bz.apache.org/bugzilla/show_bug.cgi?id=62498 Mark Thomas changed: What|Removed |Added Resolution|--- |FIXED Status|NEEDINFO|RESOLVED --- Comment #6 from Mark Thomas --- Fixed in 7.0.x for 7.0.90 onwards. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 62498] FileDirContext validate not working properly for directories
https://bz.apache.org/bugzilla/show_bug.cgi?id=62498 --- Comment #5 from Martin Drößler --- > Note: testValidateFailure() only passes because it calls > testValidateInternal(dummyFile, null) but it should be > testValidateInternal(dummyFile, dummyFile) which currently fails. Well, thats the whole point. It shouldn't pass. I didn't know that you prefer a failing test for the correct behaviour instead of a working test to demonstrate the wrong behaviour. > I can't see a way to trigger this with VirtualDirContext either. Well, I do! So let me show you: Compare the following lines of VirtualDirContext: 215 and 305 In the second one (part of the method "doLookup") the path variable is extended to have a trailing slash - as is should be! But in the other (part of method "file") it's not! You check for > name.startsWith(path + "/") but then do a > String res = name.substring(path.length()) which of course will result in "/" - which is then passed to > file = new File(resourcesDir, res); and this results in exactly the described behaviour! Do you really want me to implement a whole webapp to further demonstrate this obvious bug? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 62498] FileDirContext validate not working properly for directories
https://bz.apache.org/bugzilla/show_bug.cgi?id=62498 --- Comment #4 from Mark Thomas --- I can't see a way to trigger this with VirtualDirContext either. Awaiting reproduction steps from a clean Tomcat install. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 62498] FileDirContext validate not working properly for directories
https://bz.apache.org/bugzilla/show_bug.cgi?id=62498 --- Comment #3 from Mark Thomas --- Note: The provided test cases will fail on Windows. Note: testValidateFailure() only passes because it calls testValidateInternal(dummyFile, null) but it should be testValidateInternal(dummyFile, dummyFile) which currently fails. I don't see a way for this failure to occur in a standard directory deployment. There is code in FileDirContext that explicitly prevents this problem from occurring. It may be possible to trigger the issue with VirtualDirContext. I'll take a look. What are the steps to trigger this issue starting from a clean install of the latest Tomcat 7.0.x release? I suspect a fix, if required, is required somewhere other than where proposed but to be able be sure we need to be able to reproduce it. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 62498] FileDirContext validate not working properly for directories
https://bz.apache.org/bugzilla/show_bug.cgi?id=62498 --- Comment #2 from Martin Drößler --- Created attachment 35994 --> https://bz.apache.org/bugzilla/attachment.cgi?id=35994=edit TestCase I attached a TestCase to demonstrate the behaviour. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 62498] FileDirContext validate not working properly for directories
https://bz.apache.org/bugzilla/show_bug.cgi?id=62498 Mark Thomas changed: What|Removed |Added Status|NEW |NEEDINFO --- Comment #1 from Mark Thomas --- That patch, and the related patches, are part of the fix for security vulnerability CVE-2017-12617. You are going to need to provide a test case that demonstrates an incorrect behaviour before we are going to consider making any changes along the lines you request. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org