tomcat/CVE-2021-30640-8.patch

From c703ec491aca94cb17853808c7ce0c4fd99992bb Mon Sep 17 00:00:00 2001
From: Mark Thomas <markt@apache.org>
Date: Tue, 13 Apr 2021 15:19:31 +0100
Subject: [PATCH] Expand tests to cover escaping of substituted roleBaes values

While the UnboundedID LDAP SDK doesn't appear to have a preference some servers (Windows AD, OpenLDAP) do appear to.
---
 java/org/apache/catalina/realm/JNDIRealm.java | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/java/org/apache/catalina/realm/JNDIRealm.java b/java/org/apache/catalina/realm/JNDIRealm.java
index c78068b..7a8c5f6 100644
--- a/java/org/apache/catalina/realm/JNDIRealm.java
+++ b/java/org/apache/catalina/realm/JNDIRealm.java
@@ -1967,7 +1967,9 @@ System.out.println("userRoleName " + userRoleName + " " + attrs.get(userRoleName
             Name name = np.parse(dn);
             String nameParts[] = new String[name.size()];
             for (int i = 0; i < name.size(); i++) {
-                nameParts[i] = name.get(i);
+                // May have been returned with \<char> escaping rather than
+                // \<hex><hex>. Make sure it is \<hex><hex>.
+                nameParts[i] =  convertToHexEscape(name.get(i));
             }
             base = connection.roleBaseFormat.format(nameParts);
         } else {
-- 
2.23.0
Fix CVE-2021-30640 (cherry picked from commit ad3e1f9e6fe4ebfbfc6ee3b0922b0c39a936d543) 2021-07-29 16:54:15 +08:00			`From c703ec491aca94cb17853808c7ce0c4fd99992bb Mon Sep 17 00:00:00 2001`
			`From: Mark Thomas <markt@apache.org>`
			`Date: Tue, 13 Apr 2021 15:19:31 +0100`
			`Subject: [PATCH] Expand tests to cover escaping of substituted roleBaes values`

			`While the UnboundedID LDAP SDK doesn't appear to have a preference some servers (Windows AD, OpenLDAP) do appear to.`
			`---`
			`java/org/apache/catalina/realm/JNDIRealm.java \| 4 +++-`
			`1 file changed, 3 insertions(+), 1 deletion(-)`

			`diff --git a/java/org/apache/catalina/realm/JNDIRealm.java b/java/org/apache/catalina/realm/JNDIRealm.java`
			`index c78068b..7a8c5f6 100644`
			`--- a/java/org/apache/catalina/realm/JNDIRealm.java`
			`+++ b/java/org/apache/catalina/realm/JNDIRealm.java`
			`@@ -1967,7 +1967,9 @@ System.out.println("userRoleName " + userRoleName + " " + attrs.get(userRoleName`
			`Name name = np.parse(dn);`
			`String nameParts[] = new String[name.size()];`
			`for (int i = 0; i < name.size(); i++) {`
			`- nameParts[i] = name.get(i);`
			`+ // May have been returned with \<char> escaping rather than`
			`+ // \<hex><hex>. Make sure it is \<hex><hex>.`
			`+ nameParts[i] = convertToHexEscape(name.get(i));`
			`}`
			`base = connection.roleBaseFormat.format(nameParts);`
			`} else {`
			`--`
			`2.23.0`