Fixing DefaultServlet Alias Checking

+ Fixing DefaultServletTest.testSymLinks
This commit is contained in:
Joakim Erdfelt 2022-07-14 16:17:12 -05:00
parent da2af1141a
commit 0dc65e5588
No known key found for this signature in database
GPG Key ID: 2D0E1FB8FE4B68B4
4 changed files with 19 additions and 10 deletions

View File

@ -43,7 +43,7 @@ public class SymlinkAllowedResourceAliasChecker extends AllowedResourceAliasChec
if (_base == null)
return false;
// do not allow any file separation characters in the URI, as we need to know exactly what are the segments
// do not allow any non-URI file separation characters in the URI (such as Windows), as we need to know exactly what are the segments
if (File.separatorChar != '/' && pathInContext.indexOf(File.separatorChar) >= 0)
return false;

View File

@ -44,11 +44,9 @@ public class AllowSymLinkAliasChecker implements AliasCheck
public boolean check(String pathInContext, Resource resource)
{
// Only support PathResource alias checking
if (!(resource instanceof PathResource))
if (!(resource instanceof PathResource pathResource))
return false;
PathResource pathResource = (PathResource)resource;
try
{
Path path = pathResource.getPath();

View File

@ -32,7 +32,6 @@ import java.util.function.Function;
import java.util.function.Predicate;
import java.util.stream.Collectors;
import jakarta.servlet.DispatcherType;
import jakarta.servlet.RequestDispatcher;
import jakarta.servlet.ServletContext;
import jakarta.servlet.ServletException;
@ -340,6 +339,8 @@ public class DefaultServlet extends HttpServlet
}
else
{
// serve content
try (Blocker.Callback callback = Blocker.callback())
{
@ -810,6 +811,17 @@ public class DefaultServlet extends HttpServlet
_servletContextHandler = servletContextHandler;
}
@Override
public HttpContent getContent(String path, int outputBufferSize) throws IOException
{
HttpContent httpContent = super.getContent(path, outputBufferSize);
if (!_servletContextHandler.checkAlias(path, httpContent.getResource()))
return null;
return httpContent;
}
@Override
public String getWelcomeTarget(Request coreRequest) throws IOException
{
@ -820,7 +832,9 @@ public class DefaultServlet extends HttpServlet
HttpServletRequest request = getServletRequest(coreRequest);
if (request.getDispatcherType() == DispatcherType.INCLUDE)
boolean included = request.getAttribute(RequestDispatcher.INCLUDE_REQUEST_URI) != null;
if (included)
{
// Servlet 9.3 - don't process welcome target from INCLUDE dispatch
return null;

View File

@ -1100,7 +1100,6 @@ public class DefaultServletTest
defholder.setInitParameter("redirectWelcome", "true");
defholder.setInitParameter("welcomeServlets", "false");
defholder.setInitParameter("gzip", "false");
defholder.setInitParameter("maxCacheSize", "1024000");
defholder.setInitParameter("maxCachedFileSize", "512000");
defholder.setInitParameter("maxCachedFiles", "100");
@ -1288,7 +1287,6 @@ public class DefaultServletTest
* Ensure that oddball directory names are served with proper escaping
*/
@Test
@Disabled
public void testWelcomeRedirectDirWithSemicolon() throws Exception
{
FS.ensureDirExists(docRoot);
@ -1405,7 +1403,6 @@ public class DefaultServletTest
}
@Test
@Disabled
public void testSymLinks() throws Exception
{
FS.ensureDirExists(docRoot);
@ -1417,8 +1414,8 @@ public class DefaultServletTest
Path link = dir.resolve("link.txt");
Path rLink = dir.resolve("rlink.txt");
Files.writeString(foobar, "Foo Bar", UTF_8);
ServletHolder defholder = context.addServlet(DefaultServlet.class, "/");
ServletHolder defholder = context.addServlet(DefaultServlet.class, "/");
defholder.setInitParameter("gzip", "false");
String rawResponse;