Projects
Mega:23.03
tomcat
_service:tar_scm:CVE-2021-30640-7.patch
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm:CVE-2021-30640-7.patch of Package tomcat
From 3383668c05becf01fe175aba928177b648f327ec Mon Sep 17 00:00:00 2001 From: Mark Thomas <markt@apache.org> Date: Tue, 13 Apr 2021 14:47:07 +0100 Subject: [PATCH] Expand testing to cover substitution in roleBase. Fix bugs. The code incorrectly referred to the original roleBase rather than the local version that includes the substituted value(s). --- java/org/apache/catalina/realm/JNDIRealm.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/java/org/apache/catalina/realm/JNDIRealm.java b/java/org/apache/catalina/realm/JNDIRealm.java index cfe1c15..c78068b 100644 --- a/java/org/apache/catalina/realm/JNDIRealm.java +++ b/java/org/apache/catalina/realm/JNDIRealm.java @@ -1988,7 +1988,7 @@ System.out.println("userRoleName " + userRoleName + " " + attrs.get(userRoleName Attributes attrs = result.getAttributes(); if (attrs == null) continue; - String dname = getDistinguishedName(connection.context, roleBase, result); + String dname = getDistinguishedName(connection.context, base, result); String name = getAttributeValue(roleName, attrs); if (name != null && dname != null) { groupMap.put(dname, name); @@ -2033,7 +2033,7 @@ System.out.println("userRoleName " + userRoleName + " " + attrs.get(userRoleName containerLog.trace("Perform a nested group search with base "+ roleBase + " and filter " + filter); } - results = searchAsUser(connection.context, user, roleBase, filter, controls, + results = searchAsUser(connection.context, user, base, filter, controls, isRoleSearchAsUser()); try { -- 2.23.0
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2