inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-31 17:39:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

MNT-22316 - Added pathInfo length validation before attempting substring (#487) (#490)

Browse Source 
(cherry picked from commit e4cdae71e1)
This commit is contained in:
evasques
2021-05-25 09:44:53 +01:00
committed by GitHub
parent 9e66a533e2
commit c0ba50d6f2
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
remote-api/src/main/java/org/alfresco/repo/webdav/auth/BaseSSOAuthenticationFilter.java
View File

@@ -716,7 +716,7 @@ public abstract class BaseSSOAuthenticationFilter extends BaseAuthenticationFilt
} }
else else
{ {
if(!pathInfo.substring(0, 6).toLowerCase().equals("/cmis/") && !pathInfo.equals("/discovery")) if((pathInfo.length() > 5 && !pathInfo.substring(0, 6).toLowerCase().equals("/cmis/")) && !pathInfo.equals("/discovery"))
{ {
// remove tenant // remove tenant
int idx = pathInfo.indexOf('/', 1); int idx = pathInfo.indexOf('/', 1);