From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 7673E138262 for ; Thu, 19 May 2016 19:58:41 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id A70BD21C051; Thu, 19 May 2016 19:58:39 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 36EF921C051 for ; Thu, 19 May 2016 19:58:39 +0000 (UTC) Received: from oystercatcher.gentoo.org (unknown [IPv6:2a01:4f8:202:4333:225:90ff:fed9:fc84]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 9B541340B4D for ; Thu, 19 May 2016 19:58:37 +0000 (UTC) Received: from localhost.localdomain (localhost [127.0.0.1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 226C133E for ; Thu, 19 May 2016 19:58:34 +0000 (UTC) From: "Miroslav Šulc" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Miroslav Šulc" Message-ID: <1463687915.a7b38fffb499e7639620acd866ba5a249a3c6497.fordfrog@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: www-servers/tomcat/, www-servers/tomcat/files/ X-VCS-Repository: repo/gentoo X-VCS-Files: www-servers/tomcat/files/tomcat-9.0.0_alpha6-processmanifest.patch www-servers/tomcat/tomcat-9.0.0_alpha6-r1.ebuild www-servers/tomcat/tomcat-9.0.0_alpha6.ebuild X-VCS-Directories: www-servers/tomcat/ www-servers/tomcat/files/ X-VCS-Committer: fordfrog X-VCS-Committer-Name: Miroslav Šulc X-VCS-Revision: a7b38fffb499e7639620acd866ba5a249a3c6497 X-VCS-Branch: master Date: Thu, 19 May 2016 19:58:34 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: 7fe101a7-0d3c-4c85-83da-7680773ffe3b X-Archives-Hash: b99f65aff0cd29a06f7125ec04a8d594 commit: a7b38fffb499e7639620acd866ba5a249a3c6497 Author: Miroslav Šulc gentoo org> AuthorDate: Thu May 19 19:58:16 2016 +0000 Commit: Miroslav Šulc gentoo org> CommitDate: Thu May 19 19:58:35 2016 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a7b38fff www-servers/tomcat: backported patch from M7 which fixes NPE in StandardJarScanner.processManifest() Package-Manager: portage-2.3.0_rc1 .../tomcat-9.0.0_alpha6-processmanifest.patch | 76 ++++++++++++++++++++++ ...alpha6.ebuild => tomcat-9.0.0_alpha6-r1.ebuild} | 2 +- 2 files changed, 77 insertions(+), 1 deletion(-) diff --git a/www-servers/tomcat/files/tomcat-9.0.0_alpha6-processmanifest.patch b/www-servers/tomcat/files/tomcat-9.0.0_alpha6-processmanifest.patch new file mode 100644 index 0000000..fa38d5d --- /dev/null +++ b/www-servers/tomcat/files/tomcat-9.0.0_alpha6-processmanifest.patch @@ -0,0 +1,76 @@ +--- tomcat/trunk/java/org/apache/tomcat/util/scan/StandardJarScanner.java 2016/05/04 11:07:55 1742251 ++++ tomcat/trunk/java/org/apache/tomcat/util/scan/StandardJarScanner.java 2016/05/17 07:18:38 1744194 +@@ -370,40 +370,42 @@ + } + + Manifest manifest = jar.getManifest(); +- Attributes attributes = manifest.getMainAttributes(); +- String classPathAttribute = attributes.getValue("Class-Path"); +- if (classPathAttribute == null) { +- return; +- } +- String[] classPathEntries = classPathAttribute.split(" "); +- for (String classPathEntry : classPathEntries) { +- classPathEntry = classPathEntry.trim(); +- if (classPathEntry.length() == 0) { +- continue; ++ if (manifest != null) { ++ Attributes attributes = manifest.getMainAttributes(); ++ String classPathAttribute = attributes.getValue("Class-Path"); ++ if (classPathAttribute == null) { ++ return; + } +- URL jarURL = jar.getJarFileURL(); +- URI jarURI; +- try { +- jarURI = jarURL.toURI(); +- } catch (URISyntaxException e) { +- if (log.isDebugEnabled()) { +- log.debug(sm.getString("jarScan.invalidUri", jarURL)); ++ String[] classPathEntries = classPathAttribute.split(" "); ++ for (String classPathEntry : classPathEntries) { ++ classPathEntry = classPathEntry.trim(); ++ if (classPathEntry.length() == 0) { ++ continue; ++ } ++ URL jarURL = jar.getJarFileURL(); ++ URI jarURI; ++ try { ++ jarURI = jarURL.toURI(); ++ } catch (URISyntaxException e) { ++ if (log.isDebugEnabled()) { ++ log.debug(sm.getString("jarScan.invalidUri", jarURL)); ++ } ++ continue; + } +- continue; ++ /* ++ * Note: Resolving the relative URLs from the manifest has the ++ * potential to introduce security concerns. However, since ++ * only JARs provided by the container and NOT those provided ++ * by web applications are processed, there should be no ++ * issues. ++ * If this feature is ever extended to include JARs provided ++ * by web applications, checks should be added to ensure that ++ * any relative URL does not step outside the web application. ++ */ ++ URI classPathEntryURI = jarURI.resolve(classPathEntry); ++ URL classPathEntryURL = classPathEntryURI.toURL(); ++ classPathUrlsToProcess.add(classPathEntryURL); + } +- /* +- * Note: Resolving the relative URLs from the manifest has the +- * potential to introduce security concerns. However, since +- * only JARs provided by the container and NOT those provided +- * by web applications are processed, there should be no +- * issues. +- * If this feature is ever extended to include JARs provided +- * by web applications, checks should be added to ensure that +- * any relative URL does not step outside the web application. +- */ +- URI classPathEntryURI = jarURI.resolve(classPathEntry); +- URL classPathEntryURL = classPathEntryURI.toURL(); +- classPathUrlsToProcess.add(classPathEntryURL); + } + } + diff --git a/www-servers/tomcat/tomcat-9.0.0_alpha6.ebuild b/www-servers/tomcat/tomcat-9.0.0_alpha6-r1.ebuild similarity index 98% rename from www-servers/tomcat/tomcat-9.0.0_alpha6.ebuild rename to www-servers/tomcat/tomcat-9.0.0_alpha6-r1.ebuild index 438086b..21e76fb 100644 --- a/www-servers/tomcat/tomcat-9.0.0_alpha6.ebuild +++ b/www-servers/tomcat/tomcat-9.0.0_alpha6-r1.ebuild @@ -52,7 +52,7 @@ java_prepare() { # Remove bundled servlet-api rm -rv java/javax/{el,servlet} || die - epatch "${FILESDIR}/${P}-build.xml.patch" + epatch "${FILESDIR}/${P}-build.xml.patch" "${FILESDIR}/${P}-processmanifest.patch" # For use of catalina.sh in netbeans sed -i -e "/^# ----- Execute The Requested Command/ a\