File tomcat-8.0.53-CVE-2023-41080.patch of Package tomcat.31353

Overview Repositories Revisions Requests Users Attributes Meta

File tomcat-8.0.53-CVE-2023-41080.patch of Package tomcat.31353

From 77c0ce2d169efa248b64b992e547aad549ec906b Mon Sep 17 00:00:00 2001
From: Mark Thomas <markt@apache.org>
Date: Tue, 22 Aug 2023 11:31:23 -0700
Subject: [PATCH] Avoid protocol relative redirects

---

Index: apache-tomcat-8.0.53-src/java/org/apache/catalina/authenticator/FormAuthenticator.java
===================================================================
--- apache-tomcat-8.0.53-src.orig/java/org/apache/catalina/authenticator/FormAuthenticator.java
+++ apache-tomcat-8.0.53-src/java/org/apache/catalina/authenticator/FormAuthenticator.java
@@ -664,6 +664,12 @@ public class FormAuthenticator
             sb.append('?');
             sb.append(saved.getQueryString());
         }
+
+        // Avoid protocol relative redirects
+        while (sb.length() > 1 && sb.charAt(1) == '/') {
+            sb.deleteCharAt(0);
+        }
+
         return (sb.toString());
 
     }
Index: apache-tomcat-8.0.53-src/webapps/docs/changelog.xml
===================================================================
--- apache-tomcat-8.0.53-src.orig/webapps/docs/changelog.xml
+++ apache-tomcat-8.0.53-src/webapps/docs/changelog.xml
@@ -156,6 +156,9 @@
          used and if something accidently exposes the class loader this method
          can be used to gain access to Tomcat internals. (markt)
       </add>
+      <fix>
+        Avoid protocol relative redirects in FORM authentication. (markt)
+      </fix>
     </changelog>
   </subsection>
   <subsection name="Coyote">

Places

File tomcat-8.0.53-CVE-2023-41080.patch of Package tomcat.31353

Places