Bug report #746 has just been filed. You can view the report at the following URL: <http://znutar.cortexity.com/BugRatViewer/ShowReport/746> REPORT #746 Details. Project: Tomcat Category: Feature Requests SubCategory: Enhancement Class: suggest State: received Priority: medium Severity: cosmetic Confidence: public Environment: Release: 3.2.1 JVM Release: any Operating System: any OS Release: any Platform: any Synopsis: Additional logging in jk_uri_worker_map.c, function map_uri_to_worker Description: I suggest that additional logging be added that specifically describes the mapping taking place within the Apache or IIS plugins by modifying the function map_uri_to_worker in jk_uri_worker_map.c. My version of the function is given below and differs only in the addition of 4 jk_log statements and the removal of one jk_log statement which was made redundant. char *map_uri_to_worker(jk_uri_worker_map_t *uw_map, const char *uri, jk_logger_t *l) { jk_log(l, JK_LOG_DEBUG, "Into jk_uri_worker_map_t::map_uri_to_worker\n"); if(uw_map && uri && '/' == uri[0]) { unsigned i; unsigned best_match = -1; unsigned longest_match = 0; char clean_uri[4096]; char *url_rewrite = strstr(uri, JK_PATH_SESSION_IDENTIFIER); if(url_rewrite) { strcpy(clean_uri, uri); url_rewrite = strstr(clean_uri, JK_PATH_SESSION_IDENTIFIER); *url_rewrite = '\0'; uri = clean_uri; } jk_log(l, JK_LOG_DEBUG, "Attempting to map URI %s\n", uri); for(i = 0 ; i < uw_map->size ; i++) { if(uw_map->maps[i].ctxt_len < longest_match) { continue; /* can not be a best match anyway */ } if(0 == strncmp(uw_map->maps[i].context, uri, uw_map->maps[i].ctxt_len)) { if(MATCH_TYPE_EXACT == uw_map->maps[i].match_type) { if(strlen(uri) == uw_map->maps[i].ctxt_len) { jk_log( l, JK_LOG_DEBUG, "jk_uri_worker_map_t::map_uri_to_worker, Found an exact match %s -> %s\n", uw_map->maps[i].worker_name, uw_map->maps[i].context ); return uw_map->maps[i].worker_name; } } else if(MATCH_TYPE_CONTEXT == uw_map->maps[i].match_type) { if(uw_map->maps[i].ctxt_len > longest_match) { jk_log( l, JK_LOG_DEBUG, "jk_uri_worker_map_t::map_uri_to_worker, Found a context match %s -> %s\n", uw_map->maps[i].worker_name, uw_map->maps[i].context ); longest_match = uw_map->maps[i].ctxt_len; best_match = i; } } else /* suffix match */ { int suffix_start; for(suffix_start = strlen(uri) - 1 ; suffix_start > 0 && '.' != uri[suffix_start]; suffix_start--) ; if('.' == uri[suffix_start]) { const char *suffix = uri + suffix_start + 1; /* for WinXX, fix the JsP != jsp problems */ #ifdef WIN32 if(0 == strcasecmp(suffix, uw_map->maps[i].suffix)) { #else if(0 == strcmp(suffix, uw_map->maps[i].suffix)) { #endif if(uw_map->maps[i].ctxt_len >= longest_match) { jk_log( l, JK_LOG_DEBUG, "jk_uri_worker_map_t::map_uri_to_worker, Found a suffix match %s -> *.%s\n", uw_map->maps[i].worker_name, uw_map->maps[i].suffix ); longest_match = uw_map->maps[i].ctxt_len; best_match = i; } } } } } } if(-1 != best_match) { return uw_map->maps[best_match].worker_name; } else { /* * We are now in a security nightmare, it maybe that somebody sent * us a uri that looks like /top-secret.jsp. and the web server will * fumble and return the jsp content. * * To solve that we will check for path info following the suffix, we * will also check that the end of the uri is not .suffix. */ int fraud = check_security_fraud(uw_map, uri, l); if(fraud >= 0) { jk_log(l, JK_LOG_EMERG, "In jk_uri_worker_map_t::map_uri_to_worker, found a security fraud in [%s]\n", uri); return uw_map->maps[fraud].worker_name; } } } else { jk_log(l, JK_LOG_ERROR, "In jk_uri_worker_map_t::map_uri_to_worker, wrong parameters\n"); } jk_log(l, JK_LOG_DEBUG, "jk_uri_worker_map_t::map_uri_to_worker, done without a match\n"); return NULL; }Title: BugRat Report # 746
BugRat Report # 746
| Project: Tomcat | Release: 3.2.1 |
| Category: Feature Requests | SubCategory: Enhancement |
| Class: suggest | State: received |
| Priority: medium | Severity: cosmetic |
|
Confidence:
public
|
Submitter:
James Courtney ( [EMAIL PROTECTED] )
Date Submitted:
Jan 11 2001, 02:09:21 CST
Responsible:
Z_Tomcat Alias ( [EMAIL PROTECTED] )
- Synopsis:
- Additional logging in jk_uri_worker_map.c, function map_uri_to_worker
- Environment: (jvm, os, osrel, platform)
- any, any, any, any
- Additional Environment Description:
- Report Description:
- I suggest that additional logging be added that specifically describes the mapping taking place within the Apache or IIS plugins by modifying the function map_uri_to_worker in jk_uri_worker_map.c. My version of the function is given below and differs only in the addition of 4 jk_log statements and the removal of one jk_log statement which was made redundant. char *map_uri_to_worker(jk_uri_worker_map_t *uw_map, const char *uri, jk_logger_t *l) { jk_log(l, JK_LOG_DEBUG, "Into jk_uri_worker_map_t::map_uri_to_worker\n"); if(uw_map && uri && '/' == uri[0]) { unsigned i; unsigned best_match = -1; unsigned longest_match = 0; char clean_uri[4096]; char *url_rewrite = strstr(uri, JK_PATH_SESSION_IDENTIFIER); if(url_rewrite) { strcpy(clean_uri, uri); url_rewrite = strstr(clean_uri, JK_PATH_SESSION_IDENTIFIER); *url_rewrite = '\0'; uri = clean_uri; } jk_log(l, JK_LOG_DEBUG, "Attempting to map URI %s\n", uri); for(i = 0 ; i < uw_map->size ; i++) { if(uw_map->maps[i].ctxt_len < longest_match) { continue; /* can not be a best match anyway */ } if(0 == strncmp(uw_map->maps[i].context, uri, uw_map->maps[i].ctxt_len)) { if(MATCH_TYPE_EXACT == uw_map->maps[i].match_type) { if(strlen(uri) == uw_map->maps[i].ctxt_len) { jk_log( l, JK_LOG_DEBUG, "jk_uri_worker_map_t::map_uri_to_worker, Found an exact match %s -> %s\n", uw_map->maps[i].worker_name, uw_map->maps[i].context ); return uw_map->maps[i].worker_name; } } else if(MATCH_TYPE_CONTEXT == uw_map->maps[i].match_type) { if(uw_map->maps[i].ctxt_len > longest_match) { jk_log( l, JK_LOG_DEBUG, "jk_uri_worker_map_t::map_uri_to_worker, Found a context match %s -> %s\n", uw_map->maps[i].worker_name, uw_map->maps[i].context ); longest_match = uw_map->maps[i].ctxt_len; best_match = i; } } else /* suffix match */ { int suffix_start; for(suffix_start = strlen(uri) - 1 ; suffix_start > 0 && '.' != uri[suffix_start]; suffix_start--) ; if('.' == uri[suffix_start]) { const char *suffix = uri + suffix_start + 1; /* for WinXX, fix the JsP != jsp problems */ #ifdef WIN32 if(0 == strcasecmp(suffix, uw_map->maps[i].suffix)) { #else if(0 == strcmp(suffix, uw_map->maps[i].suffix)) { #endif if(uw_map->maps[i].ctxt_len >= longest_match) { jk_log( l, JK_LOG_DEBUG, "jk_uri_worker_map_t::map_uri_to_worker, Found a suffix match %s -> *.%s\n", uw_map->maps[i].worker_name, uw_map->maps[i].suffix ); longest_match = uw_map->maps[i].ctxt_len; best_match = i; } } } } } } if(-1 != best_match) { return uw_map->maps[best_match].worker_name; } else { /* * We are now in a security nightmare, it maybe that somebody sent * us a uri that looks like /top-secret.jsp. and the web server will * fumble and return the jsp content. * * To solve that we will check for path info following the suffix, we * will also check that the end of the uri is not .suffix. */ int fraud = check_security_fraud(uw_map, uri, l); if(fraud >= 0) { jk_log(l, JK_LOG_EMERG, "In jk_uri_worker_map_t::map_uri_to_worker, found a security fraud in [%s]\n", uri); return uw_map->maps[fraud].worker_name; } } } else { jk_log(l, JK_LOG_ERROR, "In jk_uri_worker_map_t::map_uri_to_worker, wrong parameters\n"); } jk_log(l, JK_LOG_DEBUG, "jk_uri_worker_map_t::map_uri_to_worker, done without a match\n"); return NULL; }
- How To Reproduce:
- null
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, email: [EMAIL PROTECTED]
