Opened 6 years ago

Closed 6 years ago

#3902 closed Bug (fixed)

Unsanitized request parameters may cause the request loop endlessly

Reported by: mosipov Owned by: mosipov
Priority: High Milestone: FCKeditor.Java 2.4.2
Component: Server : Java Version: FCKeditor.Java 2.4.1
Keywords: Cc:

Description (last modified by mosipov)

Specially forged params with ctrl chars may cause tomcat to respond to a request forever. Params have to be checked for (non)-validity.

Change History (6)

comment:1 Changed 6 years ago by mosipov

  • Summary changed from Unsanizied request parameters may loop the request endlessly to Unsanitizied request parameters may loop the request endlessly

comment:2 Changed 6 years ago by mosipov

  • Description modified (diff)
  • Summary changed from Unsanitizied request parameters may loop the request endlessly to Unsanitized request parameters may cause the request loop endlessly

comment:3 Changed 6 years ago by mosipov

  • Owner set to mosipov
  • Status changed from new to assigned

comment:4 Changed 6 years ago by mosipov

  • Resolution set to fixed
  • Status changed from assigned to closed

Fixed with [3834] and [3835].

comment:5 Changed 6 years ago by mosipov

  • Resolution fixed deleted
  • Status changed from closed to reopened

Patch makes tests fail

comment:6 Changed 6 years ago by mosipov

  • Resolution set to fixed
  • Status changed from reopened to closed

Now really fixed with [3836], [3837], [3838], [3839].

Note: See TracTickets for help on using tickets.
© 2003 – 2012 CKSource – Frederico Knabben. All rights reserved. | Terms of use | Privacy policy