File apache-tomcat-CVE-2011-3375.patch of Package tomcat6.import5765
Index: apache-tomcat-6.0.32-src/java/org/apache/coyote/http11/Http11Processor.java
===================================================================
--- apache-tomcat-6.0.32-src.orig/java/org/apache/coyote/http11/Http11Processor.java 2011-02-02 20:07:32.000000000 +0100
+++ apache-tomcat-6.0.32-src/java/org/apache/coyote/http11/Http11Processor.java 2012-02-06 13:47:41.970650802 +0100
@@ -893,7 +893,7 @@
log.error(sm.getString("http11processor.request.finish"), t);
// 500 - Internal Server Error
response.setStatus(500);
- adapter.log(request, response, 0);
+ // No access logging since after service method
error = true;
}
try {
@@ -1201,7 +1201,6 @@
" Unsupported HTTP version \""+protocolMB+"\"");
}
response.setStatus(505);
- adapter.log(request, response, 0);
}
MessageBytes methodMB = request.method();
@@ -1299,7 +1298,6 @@
error = true;
// 501 - Unimplemented
response.setStatus(501);
- adapter.log(request, response, 0);
}
startPos = commaPos + 1;
commaPos = transferEncodingValue.indexOf(',', startPos);
@@ -1315,7 +1313,6 @@
" Unsupported transfer encoding \""+encodingName+"\"");
}
response.setStatus(501);
- adapter.log(request, response, 0);
}
}
@@ -1338,7 +1335,6 @@
" host header missing");
}
response.setStatus(400);
- adapter.log(request, response, 0);
}
parseHost(valueMB);
@@ -1352,6 +1348,9 @@
contentDelimitation = true;
}
+ if (error) {
+ adapter.log(request, response, 0);
+ }
}
@@ -1418,7 +1417,6 @@
error = true;
// 400 - Bad request
response.setStatus(400);
- adapter.log(request, response, 0);
break;
}
port = port + (charValue * mult);
Index: apache-tomcat-6.0.32-src/java/org/apache/coyote/http11/Http11AprProcessor.java
===================================================================
--- apache-tomcat-6.0.32-src.orig/java/org/apache/coyote/http11/Http11AprProcessor.java 2012-02-06 13:44:33.000000000 +0100
+++ apache-tomcat-6.0.32-src/java/org/apache/coyote/http11/Http11AprProcessor.java 2012-02-06 13:47:41.974650937 +0100
@@ -959,8 +959,9 @@
} catch (Throwable t) {
log.error(sm.getString("http11processor.request.finish"), t);
// 500 - Internal Server Error
+ // Can't add a 500 to the access log since that has already been
+ // written in the Adapter.service method.
response.setStatus(500);
- adapter.log(request, response, 0);
error = true;
}
try {
@@ -1308,7 +1309,6 @@
error = true;
// Send 505; Unsupported HTTP version
response.setStatus(505);
- adapter.log(request, response, 0);
}
MessageBytes methodMB = request.method();
@@ -1406,7 +1406,6 @@
error = true;
// 501 - Unimplemented
response.setStatus(501);
- adapter.log(request, response, 0);
}
startPos = commaPos + 1;
commaPos = transferEncodingValue.indexOf(',', startPos);
@@ -1418,7 +1417,6 @@
error = true;
// 501 - Unimplemented
response.setStatus(501);
- adapter.log(request, response, 0);
}
}
@@ -1437,7 +1435,6 @@
error = true;
// 400 - Bad request
response.setStatus(400);
- adapter.log(request, response, 0);
}
parseHost(valueMB);
@@ -1457,7 +1454,10 @@
}
// Advertise comet support through a request attribute
request.setAttribute("org.apache.tomcat.comet.support", Boolean.TRUE);
-
+
+ if (error) {
+ adapter.log(request, response, 0);
+ }
}
@@ -1520,7 +1520,6 @@
error = true;
// 400 - Bad request
response.setStatus(400);
- adapter.log(request, response, 0);
break;
}
port = port + (charValue * mult);
Index: apache-tomcat-6.0.32-src/java/org/apache/coyote/http11/Http11NioProcessor.java
===================================================================
--- apache-tomcat-6.0.32-src.orig/java/org/apache/coyote/http11/Http11NioProcessor.java 2011-02-02 20:07:32.000000000 +0100
+++ apache-tomcat-6.0.32-src/java/org/apache/coyote/http11/Http11NioProcessor.java 2012-02-06 13:47:41.975650971 +0100
@@ -986,8 +986,9 @@
} catch (Throwable t) {
log.error(sm.getString("http11processor.request.finish"), t);
// 500 - Internal Server Error
+ // Can't add a 500 to the access log since that has already been
+ // written in the Adapter.service method.
response.setStatus(500);
- adapter.log(request, response, 0);
error = true;
}
try {
@@ -1322,7 +1323,6 @@
error = true;
// Send 505; Unsupported HTTP version
response.setStatus(505);
- adapter.log(request, response, 0);
}
MessageBytes methodMB = request.method();
@@ -1420,7 +1420,6 @@
error = true;
// 501 - Unimplemented
response.setStatus(501);
- adapter.log(request, response, 0);
}
startPos = commaPos + 1;
commaPos = transferEncodingValue.indexOf(',', startPos);
@@ -1432,7 +1431,6 @@
error = true;
// 501 - Unimplemented
response.setStatus(501);
- adapter.log(request, response, 0);
}
}
@@ -1451,7 +1449,6 @@
error = true;
// 400 - Bad request
response.setStatus(400);
- adapter.log(request, response, 0);
}
parseHost(valueMB);
@@ -1473,6 +1470,9 @@
// Advertise comet timeout support
request.setAttribute("org.apache.tomcat.comet.timeout.support", Boolean.TRUE);
+ if (error) {
+ adapter.log(request, response, 0);
+ }
}
@@ -1535,7 +1535,6 @@
error = true;
// 400 - Bad request
response.setStatus(400);
- adapter.log(request, response, 0);
break;
}
port = port + (charValue * mult);
Index: apache-tomcat-6.0.32-src/java/org/apache/coyote/ajp/AjpProcessor.java
===================================================================
--- apache-tomcat-6.0.32-src.orig/java/org/apache/coyote/ajp/AjpProcessor.java 2012-02-06 13:44:33.000000000 +0100
+++ apache-tomcat-6.0.32-src/java/org/apache/coyote/ajp/AjpProcessor.java 2012-02-06 13:47:41.977651039 +0100
@@ -430,15 +430,17 @@
}
// Setting up filters, and parse some request headers
- rp.setStage(org.apache.coyote.Constants.STAGE_PREPARE);
- try {
- prepareRequest();
- } catch (Throwable t) {
- log.debug(sm.getString("ajpprocessor.request.prepare"), t);
- // 400 - Internal Server Error
- response.setStatus(400);
- adapter.log(request, response, 0);
- error = true;
+ if (!error) {
+ rp.setStage(org.apache.coyote.Constants.STAGE_PREPARE);
+ try {
+ prepareRequest();
+ } catch (Throwable t) {
+ log.debug(sm.getString("ajpprocessor.request.prepare"), t);
+ // 400 - Internal Server Error
+ response.setStatus(400);
+ adapter.log(request, response, 0);
+ error = true;
+ }
}
// Process the request in the adapter
@@ -821,7 +823,6 @@
secret = true;
if (!tmpMB.equals(requiredSecret)) {
response.setStatus(403);
- adapter.log(request, response, 0);
error = true;
}
}
@@ -838,7 +839,6 @@
// Check if secret was submitted if required
if ((requiredSecret != null) && !secret) {
response.setStatus(403);
- adapter.log(request, response, 0);
error = true;
}
@@ -872,6 +872,9 @@
MessageBytes valueMB = request.getMimeHeaders().getValue("host");
parseHost(valueMB);
+ if (error) {
+ adapter.log(request, response, 0);
+ }
}
@@ -887,7 +890,6 @@
request.serverName().duplicate(request.localName());
} catch (IOException e) {
response.setStatus(400);
- adapter.log(request, response, 0);
error = true;
}
return;
@@ -939,7 +941,6 @@
error = true;
// 400 - Bad request
response.setStatus(400);
- adapter.log(request, response, 0);
break;
}
port = port + (charValue * mult);
Index: apache-tomcat-6.0.32-src/java/org/apache/coyote/ajp/AjpAprProcessor.java
===================================================================
--- apache-tomcat-6.0.32-src.orig/java/org/apache/coyote/ajp/AjpAprProcessor.java 2012-02-06 13:44:33.000000000 +0100
+++ apache-tomcat-6.0.32-src/java/org/apache/coyote/ajp/AjpAprProcessor.java 2012-02-06 13:47:41.977651039 +0100
@@ -413,15 +413,17 @@
}
// Setting up filters, and parse some request headers
- rp.setStage(org.apache.coyote.Constants.STAGE_PREPARE);
- try {
- prepareRequest();
- } catch (Throwable t) {
- log.debug(sm.getString("ajpprocessor.request.prepare"), t);
- // 400 - Internal Server Error
- response.setStatus(400);
- adapter.log(request, response, 0);
- error = true;
+ if (!error) {
+ rp.setStage(org.apache.coyote.Constants.STAGE_PREPARE);
+ try {
+ prepareRequest();
+ } catch (Throwable t) {
+ log.debug(sm.getString("ajpprocessor.request.prepare"), t);
+ // 400 - Internal Server Error
+ response.setStatus(400);
+ adapter.log(request, response, 0);
+ error = true;
+ }
}
// Process the request in the adapter
@@ -816,7 +818,6 @@
secret = true;
if (!tmpMB.equals(requiredSecret)) {
response.setStatus(403);
- adapter.log(request, response, 0);
error = true;
}
}
@@ -833,7 +834,6 @@
// Check if secret was submitted if required
if ((requiredSecret != null) && !secret) {
response.setStatus(403);
- adapter.log(request, response, 0);
error = true;
}
@@ -867,6 +867,9 @@
MessageBytes valueMB = request.getMimeHeaders().getValue("host");
parseHost(valueMB);
+ if (error) {
+ adapter.log(request, response, 0);
+ }
}
@@ -882,7 +885,6 @@
request.serverName().duplicate(request.localName());
} catch (IOException e) {
response.setStatus(400);
- adapter.log(request, response, 0);
error = true;
}
return;
@@ -934,7 +936,6 @@
error = true;
// 400 - Bad request
response.setStatus(400);
- adapter.log(request, response, 0);
break;
}
port = port + (charValue * mult);
Index: apache-tomcat-6.0.32-src/java/org/apache/catalina/connector/CoyoteAdapter.java
===================================================================
--- apache-tomcat-6.0.32-src.orig/java/org/apache/catalina/connector/CoyoteAdapter.java 2011-02-02 20:07:31.000000000 +0100
+++ apache-tomcat-6.0.32-src/java/org/apache/catalina/connector/CoyoteAdapter.java 2012-02-06 13:47:41.978651073 +0100
@@ -24,6 +24,7 @@
import org.apache.catalina.CometEvent;
import org.apache.catalina.Context;
import org.apache.catalina.Globals;
+import org.apache.catalina.Host;
import org.apache.catalina.Wrapper;
import org.apache.catalina.util.StringManager;
import org.apache.catalina.util.ServerInfo;
@@ -32,6 +33,7 @@
import org.apache.coyote.Adapter;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
+import org.apache.tomcat.util.ExceptionUtils;
import org.apache.tomcat.util.buf.B2CConverter;
import org.apache.tomcat.util.buf.ByteChunk;
import org.apache.tomcat.util.buf.CharChunk;
@@ -349,10 +351,8 @@
Request request = (Request) req.getNote(ADAPTER_NOTES);
Response response = (Response) res.getNote(ADAPTER_NOTES);
- boolean create = false;
if (request == null) {
- create = true;
// Create objects
request = connector.createRequest();
request.setCoyoteRequest(req);
@@ -372,10 +372,29 @@
(connector.getURIEncoding());
}
- connector.getService().getContainer().logAccess(
- request, response, time, true);
-
- if (create) {
+ try {
+ // Log at the lowest level available. logAccess() will be
+ // automatically called on parent containers.
+ boolean logged = false;
+ if (request.mappingData != null) {
+ if (request.mappingData.context != null) {
+ logged = true;
+ ((Context) request.mappingData.context).logAccess(
+ request, response, time, true);
+ } else if (request.mappingData.host != null) {
+ logged = true;
+ ((Host) request.mappingData.host).logAccess(
+ request, response, time, true);
+ }
+ }
+ if (!logged) {
+ connector.getService().getContainer().logAccess(
+ request, response, time, true);
+ }
+ } catch (Throwable t) {
+ ExceptionUtils.handleThrowable(t);
+ log.warn(sm.getString("coyoteAdapter.accesslogFail"), t);
+ } finally {
request.recycle();
response.recycle();
}
Index: apache-tomcat-6.0.32-src/webapps/docs/changelog.xml
===================================================================
--- apache-tomcat-6.0.32-src.orig/webapps/docs/changelog.xml 2012-02-06 13:44:34.000000000 +0100
+++ apache-tomcat-6.0.32-src/webapps/docs/changelog.xml 2012-02-06 13:47:41.980651139 +0100
@@ -216,6 +216,12 @@
application's class loader such as the Jasper class loader.
Patch provided by Sylvain Laurent. (kkolinko)
</add>
+ <fix>
+ <bug>51872</bug>: Ensure that the access log always uses the correct
+ value for the remote IP address associated with the request and that
+ requests with multiple errors do not result in multiple entries in
+ the access log. (markt)
+ </fix>
<add>
<bug>48973</bug>: Avoid creating a SESSIONS.ser file when stopping an
application if there's no session. Patch provided by Marc Guillemot.
