DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=7364>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=7364 compiler creates empty .java files for invalid URLs Summary: compiler creates empty .java files for invalid URLs Product: Tomcat 4 Version: 4.0.2 Final Platform: Sun OS/Version: Solaris Status: NEW Severity: Minor Priority: Other Component: Jasper AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] If you enter an invalid URL that ends with .jsp, Tomcat creates zero length files in the work directory that never get cleaned up. We see these a lot in development, but not too many with operational systems. Someone could use this to be mallicious and get the server into a state where you could not create new work files for valid URLs, so it should probably be fixed as a potential denial of service. Ie if the URL is invalid and the JSP file does not exist don't create the .java file in the work directory. Currently I have 11 of those zero length files due to type-o's on my part when entering the URL in the browser. -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
