File jakarta-commons-fileupload-CVE-2013-2186.patch of Package jakarta-commons-fileupload.28093

Index: src/java/org/apache/commons/fileupload/disk/DiskFileItem.java
===================================================================
--- src/java/org/apache/commons/fileupload/disk/DiskFileItem.java.orig
+++ src/java/org/apache/commons/fileupload/disk/DiskFileItem.java
@@ -674,6 +674,26 @@ public class DiskFileItem
         // read values
         in.defaultReadObject();
 
+        /* One expected use of serialization is to migrate HTTP sessions
+         * containing a DiskFileItem between JVMs. Particularly if the JVMs are
+         * on different machines It is possible that the repository location is
+         * not valid so validate it.
+         */
+        if (repository != null) {
+            if (repository.isDirectory()) {
+                // Check path for nulls
+                if (repository.getPath().contains("\0")) {
+                    throw new IOException(java.lang.String.format(
+                            "The repository [%s] contains a null character",
+                            repository.getPath()));
+                }
+            } else {
+                throw new IOException(java.lang.String.format(
+                        "The repository [%s] is not a directory",
+                        repository.getAbsolutePath()));
+            }
+        }
+
         OutputStream output = getOutputStream();
         if (cachedContent != null) {
             output.write(cachedContent);
Index: src/java/org/apache/commons/fileupload/DiskFileUpload.java
===================================================================
--- src/java/org/apache/commons/fileupload/DiskFileUpload.java.orig
+++ src/java/org/apache/commons/fileupload/DiskFileUpload.java
@@ -19,6 +19,8 @@ import java.io.File;
 import java.util.List;
 import javax.servlet.http.HttpServletRequest;
 
+import static java.lang.String.format;
+
 /**
  * <p>High level API for processing file uploads.</p>
  *
openSUSE Build Service is sponsored by