--- a/components/tomcat/patches/CVE-2011-3190.patch Thu Jan 19 01:59:17 2012 -0800
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,81 +0,0 @@
---- trunk/java/org/apache/coyote/ajp/AjpAprProcessor.java 2011/08/29 19:45:13 1162958
-+++ trunk/java/org/apache/coyote/ajp/AjpAprProcessor.java 2011/08/29 19:45:42 1162959
-@@ -405,11 +405,13 @@
- }
- continue;
- } else if(type != Constants.JK_AJP13_FORWARD_REQUEST) {
-- // Usually the servlet didn't read the previous request body
-- if(log.isDebugEnabled()) {
-- log.debug("Unexpected message: "+type);
-+ // Unexpected packet type. Unread body packets should have
-+ // been swallowed in finish().
-+ if (log.isDebugEnabled()) {
-+ log.debug("Unexpected message: " + type);
- }
-- continue;
-+ error = true;
-+ break;
- }
-
- keptAlive = true;
-@@ -1056,6 +1058,11 @@
-
- finished = true;
-
-+ // Swallow the unread body packet if present
-+ if (first && request.getContentLengthLong() > 0) {
-+ receive();
-+ }
-+
- // Add the end message
- if (outputBuffer.position() + endMessageArray.length > outputBuffer.capacity()) {
- flush();
---- trunk/java/org/apache/coyote/ajp/AjpProcessor.java 2011/08/29 19:45:13 1162958
-+++ trunk/java/org/apache/coyote/ajp/AjpProcessor.java 2011/08/29 19:45:42 1162959
-@@ -423,11 +423,13 @@
- }
- continue;
- } else if(type != Constants.JK_AJP13_FORWARD_REQUEST) {
-- // Usually the servlet didn't read the previous request body
-- if(log.isDebugEnabled()) {
-- log.debug("Unexpected message: "+type);
-+ // Unexpected packet type. Unread body packets should have
-+ // been swallowed in finish().
-+ if (log.isDebugEnabled()) {
-+ log.debug("Unexpected message: " + type);
- }
-- continue;
-+ error = true;
-+ break;
- }
-
- request.setStartTime(System.currentTimeMillis());
-@@ -1061,6 +1063,11 @@
-
- finished = true;
-
-+ // Swallow the unread body packet if present
-+ if (first && request.getContentLengthLong() > 0) {
-+ receive();
-+ }
-+
- // Add the end message
- output.write(endMessageArray);
-
---- trunk/webapps/docs/changelog.xml 2011/08/29 19:45:13 1162958
-+++ trunk/webapps/docs/changelog.xml 2011/08/29 19:45:42 1162959
-@@ -52,6 +52,14 @@
- </fix>
- </changelog>
- </subsection>
-+ <subsection name="Coyote">
-+ <changelog>
-+ <fix>
-+ <bug>51698</bug>: Fix CVE-2011-3190. Prevent AJP message injection.
-+ (markt)
-+ </fix>
-+ </changelog>
-+ </subsection>
- </section>
- <section name="Tomcat 6.0.33 (jfclere)" rtext="released 2011-08-18">
- <subsection name="Catalina">