Overview

File apache-tomcat-CVE-2009-0033.patch of Package tomcat6

Index: apache-tomcat-6.0.18-src/java/org/apache/jk/common/ChannelSocket.java
===================================================================
--- apache-tomcat-6.0.18-src/java/org/apache/jk/common/ChannelSocket.java.orig	2008-01-28 23:41:14.000000000 +0100
+++ apache-tomcat-6.0.18-src/java/org/apache/jk/common/ChannelSocket.java	2009-06-08 11:39:57.544345069 +0200
@@ -45,6 +45,7 @@
 import org.apache.coyote.Request;
 import org.apache.coyote.RequestGroupInfo;
 import org.apache.coyote.RequestInfo;
+import org.apache.coyote.ActionCode;
 import org.apache.tomcat.util.modeler.Registry;
 import org.apache.tomcat.util.threads.ThreadPool;
 import org.apache.tomcat.util.threads.ThreadPoolRunnable;
@@ -697,6 +698,7 @@
                 status= this.invoke( recv, ep );
                 if( status!= JkHandler.OK ) {
                     log.warn("processCallbacks status " + status );
+                    ep.action(ActionCode.ACTION_CLOSE, ep.getRequest().getResponse());
                     break;
                 }
             }
Index: apache-tomcat-6.0.18-src/java/org/apache/jk/common/HandlerRequest.java
===================================================================
--- apache-tomcat-6.0.18-src/java/org/apache/jk/common/HandlerRequest.java.orig	2008-01-28 23:41:14.000000000 +0100
+++ apache-tomcat-6.0.18-src/java/org/apache/jk/common/HandlerRequest.java	2009-06-08 11:39:57.544345069 +0200
@@ -265,8 +265,16 @@
                                  ((Request)ep.getRequest()).unparsedURI());
                 }
             } catch( Exception ex ) {
+                /* If we are here it is because we have a bad header or something like that */
                 log.error( "Error decoding request ", ex );
                 msg.dump( "Incomming message");
+                Response res=ep.getRequest().getResponse();
+                if ( res==null ) {
+                    res=new Response();
+                    ep.getRequest().setResponse(res);
+                }
+                res.setMessage("Bad Request");
+                res.setStatus(400);
                 return ERROR;
             }
 
Index: apache-tomcat-6.0.18-src/java/org/apache/jk/common/ChannelNioSocket.java
===================================================================
--- apache-tomcat-6.0.18-src/java/org/apache/jk/common/ChannelNioSocket.java.orig	2008-01-28 23:41:14.000000000 +0100
+++ apache-tomcat-6.0.18-src/java/org/apache/jk/common/ChannelNioSocket.java	2009-06-08 11:39:57.584824119 +0200
@@ -56,6 +56,7 @@
 import org.apache.coyote.Request;
 import org.apache.coyote.RequestGroupInfo;
 import org.apache.coyote.RequestInfo;
+import org.apache.coyote.ActionCode;
 import org.apache.tomcat.util.threads.ThreadPool;
 import org.apache.tomcat.util.threads.ThreadPoolRunnable;
 
@@ -854,6 +855,7 @@
                     status= invoke( recv, ep );
                     if( status != JkHandler.OK ) {
                         log.warn("processCallbacks status " + status );
+                        ep.action(ActionCode.ACTION_CLOSE, ep.getRequest().getResponse());
                         return false;
                     }
                     synchronized(this) {
openSUSE Build Service is sponsored by
Places