From 1594395df534d60133d98884c9d9f5eb92d0652e Mon Sep 17 00:00:00 2001
From: Mat Booth <mat.booth@redhat.com>
Date: Wed, 1 Apr 2020 10:21:03 +0100
Subject: [PATCH 6/6] Fix for CVE-2019-17570
Deserialization of server-side exception from faultCause in XMLRPC error response
---
.../xmlrpc/parser/XmlRpcResponseParser.java | 28 ++++++++++---------
1 file changed, 15 insertions(+), 13 deletions(-)
diff --git a/common/src/main/java/org/apache/xmlrpc/parser/XmlRpcResponseParser.java b/common/src/main/java/org/apache/xmlrpc/parser/XmlRpcResponseParser.java
index 087572b..f1b2427 100644
--- a/common/src/main/java/org/apache/xmlrpc/parser/XmlRpcResponseParser.java
+++ b/common/src/main/java/org/apache/xmlrpc/parser/XmlRpcResponseParser.java
@@ -69,19 +69,21 @@ public class XmlRpcResponseParser extends RecursiveTypeParserImpl {
getDocumentLocator());
}
errorMessage = (String) map.get("faultString");
- Object exception = map.get("faultCause");
- if (exception != null) {
- try {
- byte[] bytes = (byte[]) exception;
- ByteArrayInputStream bais = new ByteArrayInputStream(bytes);
- ObjectInputStream ois = new ObjectInputStream(bais);
- errorCause = (Throwable) ois.readObject();
- ois.close();
- bais.close();
- } catch (Throwable t) {
- // Ignore me
- }
- }
+ if (((XmlRpcStreamRequestConfig)cfg).isEnabledForExceptions()) {
+ Object exception = map.get("faultCause");
+ if (exception != null) {
+ try {
+ byte[] bytes = (byte[]) exception;
+ ByteArrayInputStream bais = new ByteArrayInputStream(bytes);
+ ObjectInputStream ois = new ObjectInputStream(bais);
+ errorCause = (Throwable) ois.readObject();
+ ois.close();
+ bais.close();
+ } catch (Throwable t) {
+ // Ignore me
+ }
+ }
+ }
}
}
--
2.26.0.rc2
distrib
>
Mageia
>
9
>
aarch64
>
media
>
core-release-src
>
by-pkgid
>
79dbf3404cfa2718a311ccf0c2b1314d
>
files
>
6
