File tomcat-9.0.36-CVE-2025-61795.patch of Package tomcat.43093

Index: apache-tomcat-9.0.36-src/java/org/apache/catalina/connector/LocalStrings.properties
===================================================================
--- apache-tomcat-9.0.36-src.orig/java/org/apache/catalina/connector/LocalStrings.properties
+++ apache-tomcat-9.0.36-src/java/org/apache/catalina/connector/LocalStrings.properties
@@ -84,6 +84,7 @@ request.asyncNotSupported=A filter or se
 request.fragmentInDispatchPath=The fragment in dispatch path [{0}] has been removed
 request.illegalWrap=The request wrapper must wrap the request obtained from getRequest()
 request.notAsync=It is illegal to call this method if the current request is not in asynchronous mode (i.e. isAsyncStarted() returns false)
+request.partCleanup.failed=Unable to delete temporary file for uploaded part after multi-part processing failed
 request.session.failed=Failed to load session [{0}] due to [{1}]
 
 requestFacade.nullRequest=The request object has been recycled and is no longer associated with this facade
Index: apache-tomcat-9.0.36-src/java/org/apache/catalina/connector/Request.java
===================================================================
--- apache-tomcat-9.0.36-src.orig/java/org/apache/catalina/connector/Request.java
+++ apache-tomcat-9.0.36-src/java/org/apache/catalina/connector/Request.java
@@ -2889,9 +2889,9 @@ public class Request implements HttpServ
             upload.setFileCountMax(partLimit);
 
             parts = new ArrayList<>();
+            List<FileItem> items = null;
             try {
-                List<FileItem> items =
-                        upload.parseRequest(new ServletRequestContext(this));
+                items = upload.parseRequest(new ServletRequestContext(this));
                 int maxPostSize = getConnector().getMaxPostSize();
                 long postSize = 0;
                 Charset charset = getCharset();
@@ -2944,6 +2944,24 @@ public class Request implements HttpServ
                 // addParameters() will set parseFailedReason
                 checkSwallowInput();
                 partsParseException = e;
+            } finally {
+                /*
+                 * GC will delete any temporary copies of uploaded files left in the work directory but if we know that the
+                 * upload has failed then explicitly clean up now.
+                 */
+                if (!success) {
+                    parts.clear();
+                    if (items != null) {
+                        for (FileItem item : items) {
+                            try {
+                                item.delete();
+                            } catch (Throwable t) {
+                                ExceptionUtils.handleThrowable(t);
+                                log.warn(sm.getString("request.partCleanup.failed"), t);
+                            }
+                        }
+                    }
+                }
             }
         } finally {
             // This might look odd but is correct. setParseFailedReason() only