Skip to content
This repository was archived by the owner on Aug 17, 2018. It is now read-only.

Commit 2df82bb

Browse files
amyrohamyroh
committed
Fix CR 6991896 FORG server.log and other logging is vulnerable to log forgery. Encode characters and limit user input when logging into log file.
svn path=/trunk/; revision=1278
1 parent fb97952 commit 2df82bb

1 file changed

Lines changed: 8 additions & 1 deletion

File tree

impl/src/main/java/org/apache/jasper/servlet/JspServlet.java

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -66,6 +66,7 @@
6666
import java.util.Enumeration;
6767
// START GlassFish 750
6868
import java.net.URL;
69+
import java.net.URLEncoder;
6970
import java.util.concurrent.ConcurrentHashMap;
7071
// END GlassFish 750
7172
import java.util.concurrent.atomic.*;
@@ -120,6 +121,8 @@ public class JspServlet extends HttpServlet {
120121
// Logger
121122
private static Logger log = Logger.getLogger(JspServlet.class.getName());
122123

124+
private static final int CHAR_LIMIT = 256;
125+
123126
private ServletContext context;
124127
private ServletConfig config;
125128
private Options options;
@@ -468,9 +471,13 @@ private void serviceJspFile(HttpServletRequest request,
468471
*/
469472
// START PWC 6282167, 4878272
470473
response.sendError(HttpServletResponse.SC_NOT_FOUND);
474+
String realPath = URLEncoder.encode(context.getRealPath(jspUri));
475+
if (realPath.length() > CHAR_LIMIT) {
476+
realPath = realPath.substring(0, CHAR_LIMIT);
477+
}
471478
log.severe(Localizer.getMessage(
472479
"jsp.error.file.not.found",
473-
context.getRealPath(jspUri)));
480+
realPath));
474481
// END PWC 6282167, 4878272
475482
return;
476483
}

0 commit comments

Comments
 (0)