File tomcat-9.0-CVE-2022-23181.patch of Package tomcat.28063

Overview Repositories Revisions Requests Users Attributes Meta

File tomcat-9.0-CVE-2022-23181.patch of Package tomcat.28063

From 1385c624b4a1e994426e810075c850edc38a700e Mon Sep 17 00:00:00 2001
From: Mark Thomas <markt@apache.org>
Date: Wed, 12 Jan 2022 11:11:29 +0000
Subject: [PATCH] Make calculation of session storage location more robust

---
 java/org/apache/catalina/session/FileStore.java | 5 +++--
 webapps/docs/changelog.xml                      | 4 ++++
 2 files changed, 7 insertions(+), 2 deletions(-)

Index: apache-tomcat-9.0.36-src/java/org/apache/catalina/session/FileStore.java
===================================================================
--- apache-tomcat-9.0.36-src.orig/java/org/apache/catalina/session/FileStore.java
+++ apache-tomcat-9.0.36-src/java/org/apache/catalina/session/FileStore.java
@@ -349,13 +349,14 @@ public final class FileStore extends Sto
 
         String filename = id + FILE_EXT;
         File file = new File(storageDir, filename);
+        File canonicalFile = file.getCanonicalFile();
 
         // Check the file is within the storage directory
-        if (!file.getCanonicalFile().toPath().startsWith(storageDir.getCanonicalFile().toPath())) {
+        if (!canonicalFile.toPath().startsWith(storageDir.getCanonicalFile().toPath())) {
             log.warn(sm.getString("fileStore.invalid", file.getPath(), id));
             return null;
         }
 
-        return file;
+        return canonicalFile;
     }
 }
Index: apache-tomcat-9.0.36-src/webapps/docs/changelog.xml
===================================================================
--- apache-tomcat-9.0.36-src.orig/webapps/docs/changelog.xml
+++ apache-tomcat-9.0.36-src/webapps/docs/changelog.xml
@@ -93,6 +93,10 @@
         Expand coverage of unit tests for JNDIRealm using the UnboundID LDAP SDK
         for Java. (markt)
       </scode>
+      <fix>
+        Make the calculation of the session storage location more robust when
+        using file based persistent storage. (markt)
+      </fix>
     </changelog>
   </subsection>
   <subsection name="Coyote">

Places

File tomcat-9.0-CVE-2022-23181.patch of Package tomcat.28063

Places