This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push: new 9390a1e936 Fix symlink edge case 9390a1e936 is described below commit 9390a1e936dad4b4c29946e808fc9e9b7c53d1f7 Author: Mark Thomas <ma...@apache.org> AuthorDate: Wed Jun 7 09:49:49 2023 +0100 Fix symlink edge case --- .../apache/catalina/webresources/AbstractFileResourceSet.java | 5 +++++ webapps/docs/changelog.xml | 9 +++++++++ 2 files changed, 14 insertions(+) diff --git a/java/org/apache/catalina/webresources/AbstractFileResourceSet.java b/java/org/apache/catalina/webresources/AbstractFileResourceSet.java index e910e65118..019bb908f4 100644 --- a/java/org/apache/catalina/webresources/AbstractFileResourceSet.java +++ b/java/org/apache/catalina/webresources/AbstractFileResourceSet.java @@ -117,6 +117,11 @@ public abstract class AbstractFileResourceSet extends AbstractResourceSet { absPath = absPath.substring(absoluteBase.length()); canPath = canPath.substring(canonicalBase.length()); + // The remaining request path must start with '/' if it has non-zero length + if (canPath.length() > 0 && canPath.charAt(0) != '/') { + return null; + } + // Case sensitivity check // The normalized requested path should be an exact match the equivalent // canonical path. If it is not, possible reasons include: diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 13aa77effd..4e55d004f0 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -105,6 +105,15 @@ issues do not "pop up" wrt. others). --> <section name="Tomcat 11.0.0-M8 (markt)" rtext="in development"> + <subsection name="Catalina"> + <changelog> + <fix> + Fix an edge case where intra-web application symlinks would be followed + if the web applications were deliberately crafted to allow it even when + <code>allowLinking</code> was set to <code>false</code>. (markt) + </fix> + </changelog> + </subsection> </section> <section name="Tomcat 11.0.0-M7 (markt)" rtext="release in progress"> <subsection name="General"> --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org