Ticket #3902 (closed Bug: fixed)

Opened 4 years ago

Last modified 4 years ago

Unsanitized request parameters may cause the request loop endlessly

Reported by: mosipov Owned by: mosipov
Priority: High Milestone: FCKeditor.Java 2.4.2
Component: Server : Java Version: FCKeditor.Java 2.4.1
Keywords: Cc:

Description (last modified by mosipov) (diff)

Specially forged params with ctrl chars may cause tomcat to respond to a request forever. Params have to be checked for (non)-validity.

Change History

comment:1 Changed 4 years ago by mosipov

  • Summary changed from Unsanizied request parameters may loop the request endlessly to Unsanitizied request parameters may loop the request endlessly

comment:2 Changed 4 years ago by mosipov

  • Description modified (diff)
  • Summary changed from Unsanitizied request parameters may loop the request endlessly to Unsanitized request parameters may cause the request loop endlessly

comment:3 Changed 4 years ago by mosipov

  • Status changed from new to assigned
  • Owner set to mosipov

comment:4 Changed 4 years ago by mosipov

  • Status changed from assigned to closed
  • Resolution set to fixed

Fixed with [3834] and [3835].

comment:5 Changed 4 years ago by mosipov

  • Status changed from closed to reopened
  • Resolution fixed deleted

Patch makes tests fail

comment:6 Changed 4 years ago by mosipov

  • Status changed from reopened to closed
  • Resolution set to fixed

Now really fixed with [3836], [3837], [3838], [3839].

Note: See TracTickets for help on using tickets.
© 2003 – 2012 CKSource – Frederico Knabben. All rights reserved. | Terms of use | Privacy policy