From d49340064124cf5e4170b8b26865d421b9e0af31 Mon Sep 17 00:00:00 2001 From: markt Date: Sun, 27 Sep 2009 16:48:23 +0000 Subject: [PATCH] Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=47320 Don't rely on the platform default encoding being suitable to parse the session ID git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@819339 13f79535-47bb-0310-9956-ffa450edef68 --- .../apache/catalina/connector/CoyoteAdapter.java | 48 ++++++++++++++-------- .../catalina/connector/LocalStrings.properties | 1 + 2 files changed, 32 insertions(+), 17 deletions(-) diff --git a/java/org/apache/catalina/connector/CoyoteAdapter.java b/java/org/apache/catalina/connector/CoyoteAdapter.java index 38bbf15fb..563aebb02 100644 --- a/java/org/apache/catalina/connector/CoyoteAdapter.java +++ b/java/org/apache/catalina/connector/CoyoteAdapter.java @@ -19,6 +19,7 @@ package org.apache.catalina.connector; import java.io.IOException; +import java.io.UnsupportedEncodingException; import java.util.EnumSet; import javax.servlet.SessionTrackingMode; @@ -640,6 +641,12 @@ public class CoyoteAdapter int semicolon = uriBC.indexOf(match, 0, match.length(), 0); if (semicolon > 0) { + // What encoding to use? Some platforms, eg z/os, use a default + // encoding that doesn't give the expected result so be explicit + String enc = connector.getURIEncoding(); + if (enc == null) { + enc = "ISO-8859-1"; + } // Parse session ID, and extract it from the decoded request URI int start = uriBC.getStart(); @@ -647,25 +654,32 @@ public class CoyoteAdapter int sessionIdStart = semicolon + match.length(); int semicolon2 = uriBC.indexOf(';', sessionIdStart); - if (semicolon2 >= 0) { - request.setRequestedSessionId - (new String(uriBC.getBuffer(), start + sessionIdStart, - semicolon2 - sessionIdStart)); - // Extract session ID from request URI - byte[] buf = uriBC.getBuffer(); - for (int i = 0; i < end - start - semicolon2; i++) { - buf[start + semicolon + i] - = buf[start + i + semicolon2]; + try { + if (semicolon2 >= 0) { + request.setRequestedSessionId + (new String(uriBC.getBuffer(), start + sessionIdStart, + semicolon2 - sessionIdStart, enc)); + // Extract session ID from request URI + byte[] buf = uriBC.getBuffer(); + for (int i = 0; i < end - start - semicolon2; i++) { + buf[start + semicolon + i] + = buf[start + i + semicolon2]; + } + uriBC.setBytes(buf, start, + end - start - semicolon2 + semicolon); + } else { + request.setRequestedSessionId + (new String(uriBC.getBuffer(), start + sessionIdStart, + (end - start) - sessionIdStart, enc)); + uriBC.setEnd(start + semicolon); } - uriBC.setBytes(buf, start, end - start - semicolon2 + semicolon); - } else { - request.setRequestedSessionId - (new String(uriBC.getBuffer(), start + sessionIdStart, - (end - start) - sessionIdStart)); - uriBC.setEnd(start + semicolon); + request.setRequestedSessionURL(true); + } catch (UnsupportedEncodingException uee) { + // Make sure no session ID is returned + request.setRequestedSessionId(null); + request.setRequestedSessionURL(false); + log.warn(sm.getString("coyoteAdapter.parseSession", enc), uee); } - request.setRequestedSessionURL(true); - } else { request.setRequestedSessionId(null); request.setRequestedSessionURL(false); diff --git a/java/org/apache/catalina/connector/LocalStrings.properties b/java/org/apache/catalina/connector/LocalStrings.properties index f9b79963a..50187cd44 100644 --- a/java/org/apache/catalina/connector/LocalStrings.properties +++ b/java/org/apache/catalina/connector/LocalStrings.properties @@ -36,6 +36,7 @@ coyoteConnector.protocolUnregistrationFailed=Protocol handler stop failed # coyoteAdapter.service=An exception or error occurred in the container during the request processing coyoteAdapter.read=The servlet did not read all available bytes during the processing of the read event +coyoteAdapter.parseSession=Unable to parse the session ID using encoding [{0}]. The session ID in the URL will be ignored. # # CoyoteResponse -- 2.11.0