Opened 8 years ago

Closed 8 years ago

#3902 closed Bug (fixed)

Unsanitized request parameters may cause the request loop endlessly

Reported by: Michael Osipov Owned by: Michael Osipov
Priority: Must have (possibly next milestone) Milestone: FCKeditor.Java 2.4.2
Component: Server : Java Version: FCKeditor.Java 2.4.1
Keywords: Cc:

Description (last modified by Michael Osipov)

Specially forged params with ctrl chars may cause tomcat to respond to a request forever. Params have to be checked for (non)-validity.

Change History (6)

comment:1 Changed 8 years ago by Michael Osipov

Summary: Unsanizied request parameters may loop the request endlesslyUnsanitizied request parameters may loop the request endlessly

comment:2 Changed 8 years ago by Michael Osipov

Description: modified (diff)
Summary: Unsanitizied request parameters may loop the request endlesslyUnsanitized request parameters may cause the request loop endlessly

comment:3 Changed 8 years ago by Michael Osipov

Owner: set to Michael Osipov
Status: newassigned

comment:4 Changed 8 years ago by Michael Osipov

Resolution: fixed
Status: assignedclosed

Fixed with [3834] and [3835].

comment:5 Changed 8 years ago by Michael Osipov

Resolution: fixed
Status: closedreopened

Patch makes tests fail

comment:6 Changed 8 years ago by Michael Osipov

Resolution: fixed
Status: reopenedclosed

Now really fixed with [3836], [3837], [3838], [3839].

Note: See TracTickets for help on using tickets.
© 2003 – 2017 CKSource – Frederico Knabben. All rights reserved. | Terms of use | Privacy policy