Fix Security Exploit

Changed version to 0.18.1.
2026-03-30 11:08:39 -07:00 · 2011-06-27 18:30:45 +02:00 · 2011-06-27 18:30:45 +02:00
3 changed files with 16 additions and 11 deletions
@@ -2,7 +2,7 @@
  <modelVersion>4.0.0</modelVersion>
  <groupId>org.dynmap</groupId>
  <artifactId>dynmap</artifactId>
-  <version>0.18</version>
+  <version>0.18.1</version>
  <name>dynmap</name>
    <properties>
       <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
@@ -6,6 +6,7 @@ import java.io.FileNotFoundException;
 import java.io.IOException;
 import java.io.InputStream;

+import org.dynmap.Log;
 import org.dynmap.utils.FileLockManager;
 import org.dynmap.web.HttpField;
 import org.dynmap.web.HttpRequest;
@@ -23,16 +24,20 @@ public class FilesystemHandler extends FileHandler {
    protected InputStream getFileInput(String path, HttpRequest request, HttpResponse response) {
        File file = new File(root, path);
        FileLockManager.getReadLock(file);
-        if (file.getAbsolutePath().startsWith(root.getAbsolutePath()) && file.isFile()) {
-            FileInputStream result;
-            try {
-                result = new FileInputStream(file);
-            } catch (FileNotFoundException e) {
-                FileLockManager.releaseReadLock(file);
-                return null;
+        try {
+            if (file.getCanonicalPath().startsWith(root.getAbsolutePath()) && file.isFile()) {
+                FileInputStream result;
+                try {
+                    result = new FileInputStream(file);
+                } catch (FileNotFoundException e) {
+                    FileLockManager.releaseReadLock(file);
+                    return null;
+                }
+                response.fields.put(HttpField.ContentLength, Long.toString(file.length()));
+                return result;
            }
-            response.fields.put(HttpField.ContentLength, Long.toString(file.length()));
-            return result;
+        } catch(IOException ex) {
+            Log.severe("Unable to get canoical path of requested file.", ex);
        }
        FileLockManager.releaseReadLock(file);
        return null;
@@ -1,6 +1,6 @@
 name: dynmap
 main: org.dynmap.DynmapPlugin
-version: 0.18
+version: 0.18.1
 commands:
  dynmap:
    description: Controls Dynmap.
Author	SHA1	Message	Date
Jason Booth	008052179f	Fix Security Exploit	2011-06-27 18:30:45 +02:00
FrozenCow	4b3d8a7c6b	Changed version to 0.18.1.	2011-06-27 18:30:45 +02:00